Posted in July 2013

Opinion

Parallel Privacy Universes and PRISM

The U.S. and Europe seem locked in their own separate, parallel universes in the way they view PRISM and other recent revelations concerning law enforcement data access, as demonstrated by differences in transatlantic media coverage.

Here in Europe, discussion of law enforcement surveillance of electronic communications has dominated the major news media for the last few weeks. By contrast,...

More from Christopher Kuner

Trending

The Internet of Things: The Good, the Bad and the Ugly

By Jedidiah Bracy, CIPP/US, CIPP/E

A few months back, the Federal Trade Commission called for public commentary on the nascent phenomenon otherwise known as the Internet of Things (IoT). The inevitable move toward a vast set of sensors, RFID chips, machine to machine communications (M2M), near field communication that are connected to the Internet—made possible, in part, by opening up IPv6—is fully underway and the FTC wants to know what, if anything, to do about it.

Last week, in anticipation of a roundtable discussion on IoT, the FTC released 27 comments, ranging from industry associations to government regulators to privacy advocacy groups to academics. Set with the knowledge that I’ll be attending said roundtable this November, I perused these comments to get a better understanding of the many benefits, concerns and possible outcomes of IoT.

Here’s some of what I found.

More from Jedidiah Bracy

Opinion

European Cloud Providers Cloud the Truth After PRISM—What Should U.S. Providers, and the U.S. Government, Do About It?

European cloud providers have tried for years to gain a competitive advantage in the European market over U.S.-based counterparts by claiming that content stored with European providers is more protected from government access than data stored with U.S. companies. These European providers have tried to instill fear in potential customers, claiming that the USA PATRIOT Act gives the U.S. government essentially unfettered access to content stored with U.S. companies.

As has been well-documented here and elsewhere, the truth is that the U.S. imposes tighter restrictions on the ability of its law enforcement and security agencies to get data stored in the U.S. than many EU governments face in accessing data stored in their home countries. Moreover, unlike in the U.S., providers in the EU can voluntarily provide content and customer data to the government, and EU providers are required to retain data for up to two years, helping ensure the data is there when the government comes looking for it.

More from Jason Weinstein

Privacy Engineering

Brick-and-Mortar Retail: The Design Challenges of Communicating Consumer Data Collection

Increasingly, retailers are gathering data—such as location—from consumers’ devices when they are in a store. This data can be used by retailers to optimize merchandise layout and for other purposes. However, a recent survey we conducted shows that only 33 percent believe that this is happening.

Research confirms that consumers want transparency around data collection. If they don’t expect that data is being collected and find it out after the fact, trust in a brand can erode. Even if the consumer gets a benefit from the data collection, this negative ‘surprise factor’ is still there—and the negative reaction is even stronger when there is no clear benefit to them.

The resulting design challenge is to communicate to consumers that data is being collected, provide controls if consumers care to opt out and showcase how data collection can create value for the consumer.

More from Ilana Westerman

Navigate

Changing the Conversation: Why Thinking “Data is the New Oil” May Not Be Such a Good Thing

By Jedidiah Bracy, CIPP/US, CIPP/E

Information is power and Big Data is fueling our economy, prompting many to consider data the new oil. Clearly the value of data—particularly personal data—has never been as dynamic, exciting and potentially dangerous as it is now.

But is thinking of data as the new oil really such a good thing?

For data artist Jer Thorpe, the answer is no.

More from Jedidiah Bracy

Opinion

Privacy and the City

By David Hoffman, CIPP/US

I have written on the need for adequate privacy protections to allow individuals to exercise their Right to Fail. For people to come together to collaborate and innovate, we need to make certain individuals can try new ideas. We need people to take risks and often fail, without running the risk that every failure will be catalogued forever in a virtual permanent record and those failures will be retrievable with a simple Internet search or report from a data aggregator/broker. People are inherently social and want to collaborate and innovate, but we need to create the right privacy policy environment to both foster that innate desire and protect individuals from counterproductive consequences from our social nature.

Edward Glaeser wrote on just this topic in his excellent book, Triumph of the City: How our Greatest Invention Makes Us Richer, Smarter, Greener, Healthier and Happier . The book describes how cities have historically been the engines of innovation as they bring people together to collaborate and create.

More from David Hoffman

From the Tool Belt

Policing Your Own People

By Kirk J. Nahra, CIPP/US

The recent reports of terminations at Cedars-Sinai Medical Center following inappropriate review of celebrity medical records should serve as a reminder to every healthcare entity—and any company with sensitive information. You must police your own people. They need access to information to do their own job, but history has shown that they can’t be trusted entirely. You need a plan to make sure...

More from Kirk J. Nahra