Posted in September 2013

Trending

Reelection Statistics, Predictability, Big Data Drinking Games and Other Things I Learned This Week

By Jedidiah Bracy, CIPP/US, CIPP/E

Today, Forbes’ Kashmir Hill reported on the work of a man going by the name of “Puking Monkey.” This creative electronics tinkerer hacked into his RFID-enabled toll booth pass—a great feature for travelers, especially for us up here in the Northeast who regularly must pass through countless toll booths—and configured it to alert him whenever it was being read. What he discovered was that all over New York City, his E-Z Pass was being tracked—and not just by toll booths.

Of course, the surveillance capabilities are concerning, but this also stuck out to me:

More from Jedidiah Bracy

Privacy Engineering

Is 2013 the Year of the Privacy Engineer?

By Robert Jason Cronk, CIPP/US
Image .(JavaScript must be enabled to view this email address)

Nascent is a term I often use to describe the field of privacy engineering. Not until this fall have the first students of Carnegie Mellon’s Masters of Science in Information Technology—Privacy Engineering started in the newly formed one-year program. And only in the past year or so have Google, Microsoft and other techno-centric firms been advertising openings with variations of privacy engineer in the title. Though the term privacy engineering has been around since at least 2001, only recently has the computer science community tried to use it in a concrete and systematic way.

So what is privacy engineering?

More from Robert Jason Cronk

Opinion

A Ray of Hope to Eliminate False Light

By Jeff Kosseff, CIPP/US

In the past half-century, First Amendment lawyers have successfully convinced courts and state legislatures to make it more difficult for plaintiffs to bring defamation lawsuits. These changes have helped preserve the public debate that is vital to our democracy, particularly as the Internet has expanded platforms for free speech and enabled every individual to publish their opinions and stories.

Unfortunately, privacy law has long provided plaintiffs with an end-run around the First Amendment.  Rather than filing a defamation lawsuit, plaintiffs bring claims under a privacy tort known as “false light.”  In some states, it is easier to bring claims under false light than under defamation law. 

More from Jeff Kosseff

Privacy Law

IAPP Westin Research Center

The OECD Heralds the Arrival of the Privacy Profession

For anyone following the field of privacy policymaking, the past two years have seen a flurry of activity unsurpassed in any other legal arena. Fittingly, the first reform process to come to fruition is that of the OECD Privacy Guidelines, which date back to 1980 and contain the first internationally agreed upon iteration of the now ubiquitous Fair Information Privacy Principles (FIPPs). Together with the expected result of the major reform processes in the U.S. and EU, the revised guidelines, which will be launched on the OECD website today, are set to become the second generation of information privacy laws. As such, it is important to assess what has changed since their inception more than 30 years ago.

More from Omer Tene

Big Data

When “All About You” Isn’t Much About You at All

By Jedidiah Bracy, CIPP/US, CIPP/E

After much rumination, I “took the plunge” today and signed in to Acxiom’s new “About The Data” portal. For those who are not familiar, Acxiom is one of the world’s largest data aggregators. They create digital dossiers of people based on publicly available data, survey data and other “general data from other commercial entities,” and sell it to marketers trying to sell us stuff. They were also, not coincidentally, arguably the first company to have a CPO —I detailed their efforts here.

And this week, they became the first so-called data broker to offer consumers a portal into what they’ve collected.

More from Jedidiah Bracy

Accountability

Accountability Is About Values

Over the past year, I reflected on why I have been doing privacy for nearly a quarter of a century. As privacy professionals, you and I do privacy because we believe people shouldn’t be afraid of being harmed by the digitization of their pathways through life. We do privacy so young adults may evolve into the people they will be, rather than be predestined by mathematics. We do privacy so individuals may think new thoughts, explore new concepts and converse with others without painting a black-and-white picture of themselves rather than one that reflects a thousand shades of grey or a rainbow of color. We do privacy because we believe privacy is fundamental to human dignity and freedom. After reflection, I decided it is time for me to focus on the role of values in privacy. So today I begin a new journey leading the Information Accountability Foundation.

Posted in Accountability
More from Martin Abrams

Data Breach

Why You Need to Treat a Breach as a Customer—Not a Compliance—Issue

By Michael Bruemmer, CIPP/US

A breach happens. In my experience dealing with breach resolution, this means companies run to call forensic investigators, legal counsel, law enforcement and others. Then the breach notices arrive. Without the proper channels in place for a smooth and quick resolution, unfortunately I’ve seen consumers rush to call the media, litigators and the competition.

When all runs smoothly, you know you’re handling the technical and regulatory sides of breach response with aplomb. However, as I’ve seen time and time again, what you might be falling behind on is the consumer engagement side of breach response, and that’s when your customers start making calls.

More from Michael Bruemmer