Posted in Privacy by Design

Privacy Dispatches

How Do You Engineer Privacy? NIST Seeks Answers

Last week, the National Institute of Standards and Technology (NIST) hosted a workshop to discuss and develop the concept of privacy engineering. Although a great deal was covered, three topics recurred throughout the workshop and appeared to be of special interest to NIST, most notably the lack of technical standards concerning privacy,the role engineers can play in protecting privacy and the role NIST should play in the privacy field going forward.

Trending

The Supreme Court Is Scared of Technology. This Is How Privacy Pros Can Help

By Jedidiah Bracy, CIPP/US, CIPP/E

This was a big week for emerging technology—particularly the Internet of Things (IoT)—as was showcased during the annual Consumer Electronics Show in Las Vegas, NV. Cisco’s CEO made headlines after saying the IoT has the potential to become a $19 trillion market and much of mainstream media reported on all the emerging technology: smart cars, wearable sensors and digestible computers—stuff we’ve been reporting on pretty regularly in the past year.

So it seemed fitting—and concerning—that the Associated Press reported on the wariness felt by Supreme Court justices on judges weighing in on technology and privacy issues. As Justice Elena Kagan said last summer, “The justices are not necessarily the most technologically sophisticated people.”  And the court may face it’s biggest challenge yet, if, as many suspect, it eventually weighs in on the NSA’s metadata collection programs. Justice Antonin Scalia told a group of technology experts last July that elected branches of government are better equipped to grapple with security requirements and privacy protections.

More from Jedidiah Bracy

Opinion

Consent and Personal Control Are Not Things of the Past

We will be releasing a white paper, early in the new year, challenging the view that consent and personal control of one’s data by data subjects is a thing of the past – it is not. In fact, in the wake of Edward Snowden’s revelations, we are witnessing the opposite: a resurgence of interest in strengthening personal privacy.

Big Data

Data-Driven Dating: How Data Are Shaping Our Most Intimate Personal Relationships

When we talk about Big Data, we mostly refer to large-scale conglomerations of information about our collective behavior, aggregated by governments and big corporations. But there’s another way data have become big: Our interpersonal connections are being infiltrated by data to an unprecedented degree, changing how we relate to one another. A focus on everyday data-collection practices reveals that we are active participants in gathering, interpreting and deploying data—not just passive data points about whom data is collected and aggregated.

Nothing makes the rise of the data mentality clearer than the proliferation of tools for creating and using data in budding romantic relationships.

More from Karen Levy

Opinion

Eroding Trust: How New Smart TV Lacks Privacy by Design and Transparency

A year ago I got a new Samsung DVD player for Christmas. It’s a lovely device that I use most every day—mostly for streaming video from Netflix and Amazon. I apparently can also make Skype calls from it, though I haven’t tried — I’m told there are hundreds of other applications out there, so I’m probably underutilizing the device. But I’ve recently wondered—does Samsung log what I do on the player? Does it send information about my viewing back to Samsung. I . . . I guess I have no idea.

More from Justin Brookman

Privacy Engineering

Is 2013 the Year of the Privacy Engineer?

By Robert Jason Cronk, CIPP/US
Image .(JavaScript must be enabled to view this email address)

Nascent is a term I often use to describe the field of privacy engineering. Not until this fall have the first students of Carnegie Mellon’s Masters of Science in Information Technology—Privacy Engineering started in the newly formed one-year program. And only in the past year or so have Google, Microsoft and other techno-centric firms been advertising openings with variations of privacy engineer in the title. Though the term privacy engineering has been around since at least 2001, only recently has the computer science community tried to use it in a concrete and systematic way.

So what is privacy engineering?

More from Robert Jason Cronk

Privacy Engineering

Brick-and-Mortar Retail: The Design Challenges of Communicating Consumer Data Collection

Increasingly, retailers are gathering data—such as location—from consumers’ devices when they are in a store. This data can be used by retailers to optimize merchandise layout and for other purposes. However, a recent survey we conducted shows that only 33 percent believe that this is happening.

Research confirms that consumers want transparency around data collection. If they don’t expect that data is being collected and find it out after the fact, trust in a brand can erode. Even if the consumer gets a benefit from the data collection, this negative ‘surprise factor’ is still there—and the negative reaction is even stronger when there is no clear benefit to them.

The resulting design challenge is to communicate to consumers that data is being collected, provide controls if consumers care to opt out and showcase how data collection can create value for the consumer.

More from Ilana Westerman

Privacy Engineering

What Misconceptions Do Consumers Have About Privacy?

Control of personal information in the digital space, and particularly on mobile devices, presents a unique design challenge. Most people aren’t aware that their personal data is being collected and shared. Many users don’t take the time to validate their expectations and most never read privacy policies, only becoming aware of such concerns when something happens that doesn’t meet their expectations—such as seeing their friend’s picture in a Facebook ad, or seeing banner ads that match their most recent purchase.

More from Ilana Westerman