Posted in November 2013


Eroding Trust: How New Smart TV Lacks Privacy by Design and Transparency

A year ago I got a new Samsung DVD player for Christmas. It’s a lovely device that I use most every day—mostly for streaming video from Netflix and Amazon. I apparently can also make Skype calls from it, though I haven’t tried — I’m told there are hundreds of other applications out there, so I’m probably underutilizing the device. But I’ve recently wondered—does Samsung log what I do on the player? Does it send information about my viewing back to Samsung. I . . . I guess I have no idea.

More from Justin Brookman


The NSA, Tor, Vodafone and LIBE Committee Meet To Chat

(From left): Former cyber advisor to Pres. Obama Howard Schmidt and former NSA General Counsel Steward Baker at this year’s IAPP Privacy Academy.

Imagine the NSA, European Parliament, Tor and Vodafone having a civilized conversation about privacy. Considering that the ricochets from the Snowden affair are still reverberating on both sides of the Atlantic, this may seem implausible. But you better believe it: the IAPP Europe Data Protection Congress 2013 is featuring a panel discussion among representatives of all of the above, which I look forward to moderating.

More from Omer Tene


When What You Had for Lunch Comes Back To Bite You: A Social Media Experiment

By Jedidiah Bracy, CIPP/US, CIPP/E
Image from Jack Vale’s “Social Media Experiment”

This week here in the office, a number of folks sent us a link to a video-gone-viral of a social media experiment. Maybe you’ve seen it. The host, Jack Vale, wanted to know “how easy it would be to get personal information from complete strangers.” He did so by searching for public social media posts by using his own location, then identifying the posters in real life.

Pretty simple stuff. And, it turns out, getting their personal information was very easy … in a creepy way.

More from Jedidiah Bracy


Vint Cerf is Wrong. Privacy Is Not An Anomaly

Google Chief Internet Evangelist Vint Cerf

“Privacy may actually be an anomaly,” said Vint Cerf, one of the architects of the Internet, at an FTC workshop on the Internet of Things on Tuesday. Cerf, who’s currently Google’s Chief Internet Evangelist, argued that privacy is a construct of the modern industrial age. In the past, his thinking goes, people lived in small self-contained villages, where pretty much everyone knew who was dating the baker’s daughter and what the sheriff had for lunch. It is only when populations started migrating en masse to cities that anonymity emerged as a byproduct of urbanization.

The view of privacy as an anomaly is not new, particularly among Silicon Valley entrepreneurs, who time and again express a cavalier approach to what is a fundamental, deep-rooted social, moral and legal value. It is however wrong, and may lead businesses and governments astray in making weighty policy choices.

More from Omer Tene

Cyber Insurance

Cyber Insurance: Three Common Myths Debunked

By Michael Bruemmer, CIPP/US

In the past, cyber insurance was a polarizing issue in my discussions with privacy and risk professionals. Some professionals where adamant about the benefits of cyber insurance, while others worried that the policies currently on the market didn’t meet its needs or were too costly.  However, I believe the industry is maturing and the coverage options today are much better than just a few years ago.

More from Michael Bruemmer

Practical Privacy

IAPP Westin Research Center

Six Practical Tips for the Private Sector from the DHS Annual Privacy Report

By Dennis Holmes, IAPP Westin Research Fellow

Successfully managing a privacy program can be challenging, especially when faced with a limited staff, budget or both. For simple, effective ways to help you improve your organization’s privacy program, you may want to pick up a copy of the recently released Department of Homeland Security Privacy Office’s 2013 Annual Report to Congress. The report highlights the achievements of the DHS Privacy Office over the past year with respect to its five strategic goals: privacy and disclosure policy, advocacy, compliance oversight and workforce excellence.

The DHS privacy office is the first statutorily created and, arguably, the premier privacy office in the federal government. Accordingly, much can be learned about managing a privacy program by analyzing the accumulated achievements of the Privacy Office over the last year. While a public-sector report may seem to be low-priority reading for private-sector privacy professionals, you may be surprised to learn that the report contains plenty of relevant and useful information to help you manage your organization’s privacy program.

This article identifies six practical tips from the DHS Privacy Office’s 2013 Annual Report to Congress that could give your privacy program a boost.

More from Dennis Holmes


The Secret Life of Webcams

By Jedidiah Bracy, CIPP/US, CIPP/E

They’re easy to miss but almost ubiquitous. They’re convenient for video chatting and, most importantly, they’re great for selfies.

But webcams allow for some pretty nefarious things to happen, too.

Take, for example, the case of Jared James Abrahams. For more than two years, the now 19-year-old Abrams hacked into at least two dozen computers belonging to young women.

More from Jedidiah Bracy