Posted in Accountability

Opinion

More Privacy Paternalism: “We Know What’s Best for You”

Note from the Editor:

Re: "The Evolving Pursuit of Privacy," by Scott Charney, included in this week's Daily Dashboard.

Scott Charney failed to mention that many of his arguments, which would result in weakening privacy protections, have already been addressed and do not enjoy widespread support. While he indicates that his suggestions will “enhance” data protection for consumers, the opposite will most likely occur. They reflect a paternalistic approach to data protection that, if implemented, will weaken rather than strengthen privacy in the 21st century. The notion that privacy can only pose a negative challenge to new technological trends reflects a dated, zero-sum perspective that has been proven wrong on countless occasions.

More from Ann Cavoukian

Opinion

The Risk of the “Risk-Based Approach”

By Stuart S. Shapiro, CIPP/US, CIPP/G

At this year’s IAPP Global Privacy Summit, I repeatedly encountered references to and quasi-explanations of the “risk-based approach” to privacy. The risk-based approach is, apparently, the new black now that accountability is no longer quite so chic. With its focus on the privacy risks incurred by individuals, the risk-based approach is, I was informed, a bold new direction for the privacy profession.

Taken at face value, it’s rather difficult to imagine a more damning indictment of the privacy profession. It’s 2014 and we’ve only just started worrying about risks to individuals?

More from Stuart S. Shapiro

Practical Privacy

Automating Privacy Impact Assessments with the IAPP and AvePoint

By Dana Simberkoff, CIPP/US

Working for a global software company, the compliance team at AvePoint has an opportunity to work with privacy officers, CISOs and CIOs around the world and across many industries. Many of our customers believe that their compliance challenges are specific to their company, and subsequently have very little opportunity to collaborate with peers within their own companies—much less opportunities to collaborate with peers within or across industries.

Posted in Accountability
More from Dana Simberkoff

Privacy Profession

Which Drives Leadership: Compliance or Strategy?

Leadership is crucial to a successful privacy program. It is leadership that engages senior executives, inspires an extended team and provides hope to advocates and confidence to regulators.

But what drives leadership in 2014? Is it the need to have a highly compliant organization in an era where compliance is very complex? Or is a strategic approach to information governance when data moves from being a business facilitator to the driver of innovation?

More from Martin Abrams

Big Data

How To Solve the President’s Big Data Challenge

In his recent remarks on the NSA and surveillance, President Barack Obama grabbed the Big Data bull by the horns. We commend the president’s decision to task the Council of Advisors on Science and Technology (PCAST) to reach out to privacy experts, technologists and business leaders to examine the challenges inherent in Big Data. Government surveillance raises distinct civil liberties concerns that commercial and scientific use of Big Data does not; still, it is appropriate to address the profound impact of new technologies on Big Data business opportunities.

Big Data was all the rage in privacy circles in 2013, and now it is achieving appropriate broad policy attention. It implicates modern day dilemmas, which transcend privacy and impact a variety of delicate balancing acts at the core of free market democracy. The examination requires engagement not only by privacy professionals but also by ethicists, scientists and philosophers to address what may very well be the biggest public policy challenge of our time.

More from Jules Polonetsky

Trending

Was This a Week of “Tangible” Privacy Harm?

By Jedidiah Bracy, CIPP/US, CIPP/E
Photo taken from Ukranian protests in Kiev

Two events this week got me thinking of privacy harms. Now, I know the mere mention of “privacy harms” brings with it a lot of baggage and a ton of research, legal uncertainty, opinion and, well…ambiguity. I couldn’t possibly link to all the countless scholars, lawyers and activists who have tackled the question of what does, or does not, count as a harm, but I couldn’t help think that we may have seen some tangible harms we can all agree on this week.

More from Jedidiah Bracy

Practical Privacy

Privacy 101 for SMEs: The Best Defense is a Good Offense

By Omer Tene
and Marc Groman, CIPP/US

Imagine you are a major retailer and have to disclose a few days before Christmas that hackers stole credit card details and personal data on about –oh, 110 million shoppers –from your secure safe. Or that just as your app is experiencing hockey stick growth, leading tech blogs and media blast you for uploading users’ contact lists to your servers without permission.

Hearing news like this, you probably cringe at the thought that this might happen to you. But, of course, you are not a major retailer or global corporation, or even an app with tens of millions of users commanding media attention; you are a small or medium enterprise (SME), so you don’t have to worry, right? Wrong! Privacy and data security must be strategic considerations for every business, including garage entrepreneurs developing cool apps or analytics companies with half a dozen employees.

More from Omer Tene

Point-Counterpoint

So Glad You Didn’t Say That! A Response to Viktor Mayer-Schönberger

In response to my comments on an IAPP story, “Forget Notice and Choice, Let’s Regulate Use,” Viktor Mayer-Schönberger distances himself from views attributed to him by the IAPP, and positions taken in an earlier whitepaper.

My first thought when reading Mayer-Schönberger’s response was, “I’m so glad he didn’t mean that!” In sum, Mayer-Schönberger assures me that our views are aligned as follows: The belief that individuals have an interest in privacy protection; privacy should be anchored in the OECD Fair Information Practice Principles; the public should have control over their personal information, and privacy does not impede innovation. Allow me to assure all of you that in addition to the IAPP story, I have indeed viewed the video of Mayer-Schönberger’s Brussels keynote and have read the two papers he referenced.

More from Ann Cavoukian