Posted in September 2013

Do Not Track

IAPP Westin Research Center

DNT 2.0: What Next for Policymakers?

Could the appointment of Justin Brookman of the Center for Democracy and Technology (CDT) and Carl Cargill of Adobe salvage the World Web Consortium (W3C) Do Not Track (DNT) process? Hopefully, all sides will work together to pursue an agreed-upon solution, since an implosion of the process, which seemed inevitable on Tuesday as the Digital Advertising Alliance (DAA) announced its departure from the group, would cast a long shadow over the prospects for multi-stakeholder resolutions to the burning privacy problems of our time.

More from Omer Tene

Privacy Technology

Why Privacy Pros Need To Look Beyond “Detective” Practices and Embrace Technology

By Nick Crown, CIPP/IT

As privacy professionals, we have the opportunity to help companies restore balance in the personal data ecosystem by considering the business needs of our employers as well as those of the individual. Many companies are reluctant to institute transformative changes, yet these changes could create an environment in which individuals feel good about sharing more data. Reluctance may stem from the belief that if you give consumers more choice and control, you risk losing the data you have already collected. However, numerous research studies continue to prove this is wrong. In fact, history will show that those who hoard data will eventually lose the data.

To give the individual control over the use of their data, our industry needs to look beyond static, “detective” approaches to privacy practices. Privacy Impact Assessments, privacy awareness training, and compliance auditing will always have a place, but we should embrace technology as an enabler of preventative privacy controls. And while technology cannot solve every privacy issue, it can get us closer to “walking the walk” of the “talk we talk” in privacy notices.

Posted in Data Protection
More from Nick Crown

Healthcare Privacy

On Where Health IT and Privacy Meet


The Eighth Annual National Health IT Week kicks off today with the slogan, “One Voice. One Vision: Transforming Health and Care.” This honorary week has been created by the Healthcare Information and Management Systems Society (HIMSS). HIMSS seems to lead efforts similar to the IAPP, even if the mission is different, and there is no doubt that our membership overlaps. HIMSS states that last year, more than 250 organizations participated in the week’s activities while also being recognized by President Obama and the U.S. Senate.

More from K Royal


Reelection Statistics, Predictability, Big Data Drinking Games and Other Things I Learned This Week

By Jedidiah Bracy, CIPP/US, CIPP/E

Today, Forbes’ Kashmir Hill reported on the work of a man going by the name of “Puking Monkey.” This creative electronics tinkerer hacked into his RFID-enabled toll booth pass—a great feature for travelers, especially for us up here in the Northeast who regularly must pass through countless toll booths—and configured it to alert him whenever it was being read. What he discovered was that all over New York City, his E-Z Pass was being tracked—and not just by toll booths.

Of course, the surveillance capabilities are concerning, but this also stuck out to me:

More from Jedidiah Bracy

Privacy Engineering

Is 2013 the Year of the Privacy Engineer?

By Robert Jason Cronk, CIPP/US
Image .(JavaScript must be enabled to view this email address)

Nascent is a term I often use to describe the field of privacy engineering. Not until this fall have the first students of Carnegie Mellon’s Masters of Science in Information Technology—Privacy Engineering started in the newly formed one-year program. And only in the past year or so have Google, Microsoft and other techno-centric firms been advertising openings with variations of privacy engineer in the title. Though the term privacy engineering has been around since at least 2001, only recently has the computer science community tried to use it in a concrete and systematic way.

So what is privacy engineering?

More from Robert Jason Cronk


A Ray of Hope to Eliminate False Light

By Jeff Kosseff, CIPP/US

In the past half-century, First Amendment lawyers have successfully convinced courts and state legislatures to make it more difficult for plaintiffs to bring defamation lawsuits. These changes have helped preserve the public debate that is vital to our democracy, particularly as the Internet has expanded platforms for free speech and enabled every individual to publish their opinions and stories.

Unfortunately, privacy law has long provided plaintiffs with an end-run around the First Amendment.  Rather than filing a defamation lawsuit, plaintiffs bring claims under a privacy tort known as “false light.”  In some states, it is easier to bring claims under false light than under defamation law. 

More from Jeff Kosseff

Privacy Law

IAPP Westin Research Center

The OECD Heralds the Arrival of the Privacy Profession

For anyone following the field of privacy policymaking, the past two years have seen a flurry of activity unsurpassed in any other legal arena. Fittingly, the first reform process to come to fruition is that of the OECD Privacy Guidelines, which date back to 1980 and contain the first internationally agreed upon iteration of the now ubiquitous Fair Information Privacy Principles (FIPPs). Together with the expected result of the major reform processes in the U.S. and EU, the revised guidelines, which will be launched on the OECD website today, are set to become the second generation of information privacy laws. As such, it is important to assess what has changed since their inception more than 30 years ago.

More from Omer Tene