Canada Dashboard Digest

Are you sick of hearing about Heartbleed? If you are, you may want to skip some of the stories profiled in this week’s Dashboard Digest. If, however, you are like me, you might still be confused by the array of stories about the technical vulnerability, how it works and what damage it might have caused. I had to do a fair amount of self-study this week to prepare for an on-air interview with the CBC, and I must admit that the more I read about it, the more questions I had.

One thing is for sure: We work in an increasingly dynamic industry where things change faster than ever. What was once considered secure is actually not. Safeguards that you thought were good enough, aren't. I suppose that’s all the more reason the privacy professional needs tools like the Dashboard Digest—to try and stay on top of what’s going on.

With respect to the Heartbleed saga, we felt that you deserved even more opportunity to learn about it, so we have added a session to this year’s Symposium that promises to educate privacy professionals on exactly what they need to know about the vulnerability. I hope you can make it to Toronto if you're keen to learn more.

Somewhat overshadowed by Heartbleed were two rather significant decisions from Commissioners Denham and Cavoukian. Read on to learn more because these, too, are important events. 

Have a great weekend, and happy (Easter egg) hunting!

Kris Klein
Managing Director
IAPP Canada

Top Canadian Privacy News

PRIVACY LAW—U.S.

Experts Weigh In on Buzz Settlement (March 31, 2011)
Privacy experts, industry advocates and Federal Trade Commission (FTC) officials are offering different insights on the implications of Wednesday's announcement of the FTC and Google's proposed Buzz settlement. In this Daily Dashboard exclusive, experts weigh in on how the settlement could impact regulations, industry and personal privacy going forward. As Katie Ratte of the FTC's Bureau of Consumer Protection put it, the settlement "is groundbreaking for us because it's the first time we've required a company to implement a privacy program to protect consumer data...It's something we called for in the FTC staff report, and we think it's important for all businesses to incorporate into their business operations today."

ONLINE PRIVACY

Expert: The Re-identification Devil Is in the Details (March 30, 2011)

When it comes to protecting privacy online, the biggest threat lies in the everyday details Internet users share without realizing that even anonymous postings can be correlated to expose their identities. That's according to University of Colorado Law School Prof. Paul Ohm, who spoke recently on the process of "re-identification." Deleting information is not enough, Thinq.co.uk reports, as companies can identify users by drawing inferences from the bits of data left behind. "We have to get used to talking about the price of privacy," Ohm notes, adding, "Maybe we should give up some of the efficiency and convenience of the Internet if we can protect privacy."
Full Story

EMPLOYEE PRIVACY—CANADA

BC Privacy Commissioner To Examine Database (March 28, 2011)

BC Privacy Commissioner Elizabeth Denham has announced that her office is examining the use of a police database for background checks on job applicants, Vancouver Sun reports. In the wake of concerns by the BC Civil Liberties Association, Denham's office is reviewing the use of the BC Police Records Information Management Environment--which contains at least the names of 85 percent of the province's residents--to check criminal records for employment purposes. "This is a very complex issue involving multiple jurisdictions, multiple data linkages, competing interests and the overlap of at least five different laws," Denham said, adding, "we need to be sure that the process is fair and justifiable, both ethically and legally."
Full Story

PRIVACY LAW

Passenger Data Bill Passes Senate Third Reading (March 25, 2011)

The senate has passed the third reading of a bill that seeks to require airlines to provide information on passengers passing through U.S. airspace to U.S. authorities, The Vancouver Sun reports. Bill C-42, "an Act To Amend the Aeronautics Act," will allow such passenger information as name, gender and birthdate to be shared with the U.S. Department of Homeland Security. The bill has evoked concerns from advocates such as the Canadian Civil Liberties Association over privacy concerns. But one senator said that several amendments to the bill have strengthened it after an "effort was made to strike that balance between privacy and security."
Full Story

PRIVACY

Telecom To Pay $275,000 After CRTC Investigation (March 25, 2011)

Rogers Communications has agreed to pay $275,000 to education institutions after a Canadian Radio-Television and Telecommunication Commission (CRTC) investigation, reports The Globe and Mail. Rogers, a Toronto-based wireless, cable, Internet and media company, was making automated calls to its subscribers, which violates CRTC regulations. Telecommunications companies must get prior consent to make such calls. Rogers has not admitted fault but has agreed to give $175,000 to the École polytechnique de Montréal and $100,000 to the British Columbia Institute of Technology as well as to stop making the automated calls and review its policies on the practice.
Full Story

DATA LOSS

Dumpster Breach Has Officials Considering Law Changes (March 25, 2011)

Saskatchewan's health minister is willing to consider changes to privacy laws after thousands of patient files were found in a Regina recycling bin, CBC reports. Information and Privacy Commissioner Gary Dickson is investigating the breach after he and two assistants sifted through about 1,000 files found in a dumpster behind a shopping centre in Regina that "should have been shredded," Dickson said. An individual violating privacy law faces a fine of up to $50,000; a corporation could face a $500,000 fine. "The message we want to send to everybody who handles confidential information is that they are at risk of being prosecuted," said Saskatchewan's minister of justice.
Full Story

PRIVACY

Stoddart Stops By “Strombo” (March 25, 2011)

Privacy Commissioner Jennifer Stoddart recently made an appearance on the George Stroumboulopoulos show to discuss the latest hot topics in privacy. Stoddart discussed the "scary" and increasing trend of tracking users in real time for marketing purposes. "It doesn't matter who you are...they can track every single purchase and can also track physically now where you are." Asked whether this is an egregious intrusion on privacy, Stoddart said she's been consulting with Canadians on that issue. "This tracking in real time has to be the ultimate loss of privacy," she said, adding other countries are addressing such issues. The U.S. has started to explore do-not-track guidelines, and the EU has the cookie directive.
Full Story

FINANCIAL PRIVACY

Consumer Agency Warns Against Aggregator Disclosures (March 25, 2011)

The Financial Consumer Agency of Canada (FCAC) is warning consumers about providing passwords to financial aggregators, The Montreal Gazette reports. Doing so may violate your agreement with your primary financial institution, says FCAC Commissioner Ursula Menke, and fraud protection may depend on refraining from such disclosures. Such aggregators, based mainly in the U.S. but moving towards Canada, Menke said, allow consumers to track all of their financial information at one source, the report states, and use one password to gain access to all sources. "Before using an account aggregation service, consumers should find out what the consequences might be if they provide another party with access to their online banking information," she said.
Full Story

PRIVACY

Scientist: “Surveillance Society Inevitable, Irresistible” (March 24, 2011)

There's enough data floating around about any given person to predict where they'll be next Thursday around 5:53 p.m., says Jeff Jonas, chief scientist of IBM's Entity Analytics group. The question is how privacy models will change as a result of the amount of data collected via cell phones, transactions and social media sites, among others, ZDNet reports. "The surveillance society is inevitable and irresistible," Jonas said at a recent conference in New York, adding that he's working on an "analytic sensemaking" machine that will incorporate privacy features into it from its construction that cannot be turned off. The system, called G2, aims to "explore new physics of big data," the report states.
Full Story

BEHAVIORAL TARGETING

Social Network Turns User “Likes” Into Ads (March 24, 2011)

PCWorld reports that Facebook's "sponsored stories" ad plan, which has raised concerns among privacy advocates, is now being rolled out across the social network. For those who don't like the plan, Dan Tynan suggests in his report, "don't 'Like' it--or anything else. Because once you do...There is no opting out. Facebook can use your name and profile image alongside any product you endorse, per its privacy policy." A forthcoming plan to allow third-party advertisers to put users' images and names in a similar way will have an opt-out, the report states.
Full Story

PRIVACY LAW—CANADA

Court: Personal Items on Work Computer Are Private (March 23, 2011)
The Globe and Mail reports on a judgment this week by the Ontario Court of Appeal related to questionable files a teacher had on his school-issued computer. "I conclude that the appellant had a reasonable expectation of privacy from state intrusion in the personal use of his work computer and in the contents of his personal files on its hard drive," Justice Andromache Karakatsanis wrote in the 30-page ruling.The court found it was permissible for school officials to search the computer but not to provide police access. "This case comes down firmly on the side of privacy and holds that employers cannot give police investigators access to a workplace computer," said privacy expert Scott Hutchison, adding, "the employer may own the computer, but that doesn't give them the power to waive the employee's privacy rights."

ONLINE PRIVACY—CANADA

OPC: Tracking Raises Concerns (March 23, 2011)

A CBC News report explores whether Canada may begin pursuing do-not-track legislation. "Almost everywhere you go online, you're being watched," Dan Misener writes, listing off the online tracking options--from news sites to social networks to health sites--where personal information can be gathered to profile users. In response to a question about do not track, the Office of the Privacy Commissioner has stated, "We are following with interest the U.S. Federal Trade Commission's proposal for a do-not-track mechanism. Our office has concerns about the lack of visibility with respect to online tracking, profiling and targeting. If people don't know about such practices, they can't take steps to limit tracking."
Full Story

BEHAVIORAL TARGETING

Advocates: Device Fingerprinting Easier To Track Than Cookies (March 22, 2011)
Device fingerprinting technology now allows advertisers to specifically identify connected devices such as computers and smart phones. When devices send or receive data, they transmit pieces of information about their properties and settings that can be pieced together to form a unique "fingerprint" for that device, ClickZ reports. This concerns privacy advocates, as a device's fingerprint is more persistent than a Web-tracking tool such as a cookie. "You don't have any control over them, or at least not the same kind of control you do over cookies...That makes fingerprinting a serious privacy threat," said Peter Eckersley of the Electronic Frontier Foundation.

ONLINE PRIVACY

RIM Faces Gov’t Challenge on Corporate E-Mail (March 18, 2011)

An ongoing struggle between Research In Motion (RIM) and the Indian government over access to communications on RIM's BlackBerry service may come to a head this month. India has given RIM a March 31 deadline to hand over encryption keys to its corporate BlackBerry e-mail service, reports Digital Trends. Last year, RIM provided the government real-time access to its instant messenger service but has maintained that there is no back door into the corporate e-mail service. India is not satisfied with that response and says it will ban BlackBerry services in the country if it cannot monitor user communications. The government is concerned that terrorists could use the network to plan attacks, while privacy advocates say allowing government access could amount to stifling free speech and more.
Full Story

DATA LOSS

Lost Hard Drive, Work Responds (March 18, 2011)

The recent loss of a hard drive at Covenant Health has triggered Alberta Information and Privacy Commissioner Frank Work to voice his frustration with personal data losses, saying, "I'm perplexed as to how we motivate people to obey and follow all these security rules and policies we have in place." The hard drive, which contained images, names and hospital ID numbers of 233 patients, went missing during a move on January 17, reports the Edmonton Sun. President and CEO of Covenant Health Patrick Dumelie said that the files were not stored according to policy. He believes there is little risk of identity theft due to the loss.
Full Story

DATA LOSS

Medical Marijuana Users Outed in Breach (March 18, 2011)

A Toronto man who received in the mail two pages of personal information about patients who had been in contact with Health Canada's Marihuana Medical Access Division will submit a complaint to the privacy commissioner, National Post reports. A Health Canada spokesperson indicated that they were "aware of an incident involving the potential disclosure of personal information" and that they "have taken immediate steps to investigate this occurrence." The man who received the information, which included full names, addresses, phone numbers and condition details, described the breach as "unprofessional."
Full Story

PERSONAL PRIVACY

Opinion: VA Breach Reveals Sloppiness (March 18, 2011)

An editorial in the Winnipeg Free Press says the Department of Veterans Affairs' (VA) mishandling of Canadian Forces veteran Sean Bruyea's medical information and the subsequent investigation "reveals an astonishing degree of sloppiness and ignorance, particularly with regard to senior officials who should have known better." The author describes the VA's explanations for the abuse--which included a lack of emphasis on the importance of data privacy within the department--as "lame and inadequate." VA employees are now being trained on privacy rules, and the author encourages all branches of government to follow its lead. "Fortunately," says the author, "the case was so serious that the privacy commissioner has decided to conduct a more thorough investigation."
Full Story

PRIVACY

Cavoukian Partners with Arizona State on Whitepaper (March 18, 2011)

Ontario's Information and Privacy Commissioner and Arizona State University's Privacy by Design Research Lab have released a new whitepaper on privacy protection for mobile technologies. Commissioner Ann Cavoukian highlighted the paper during the IAPP's Global Privacy Summit in Washington, DC, last week. The Roadmap for Privacy by Design in Mobile Communications lays out privacy responsibilities and practical measures for devices manufacturers, platform developers, network providers and application developers, among others. "This paper clearly demonstrates that Privacy by Design is not a conceptual abstraction or theoretical formulation," Cavoukian said. "Rather, Privacy by Design is an on-the-ground reality based on practical tools and viable solutions."
Full Story

ONLINE PRIVACY

E-Commerce Site Makes Changes After Users Complain (March 16, 2011)

As a result of privacy concerns voiced by a number of users, an e-commerce Web site has decided to stop publishing customers' purchase histories within user feedback posts. Etsy recently activated a "people search" tool allowing users to search for other users' names as a way to view purchases and recommendations. However, some users claimed they were not notified that their information would become public when they initially entered their full names on the Web site. Etsy has now disabled the feature and says it is considering further changes to protect buyer privacy, Ars Technica reports. In the future, the site may allow users to post purchases, but it would be "completely opt-in," executives said.
Full Story

PERSONAL PRIVACY

The Changing Meaning of “Personal Data” (March 16, 2011)

William Baker and Anthony Matyjaszewski explore the changing meaning of "personal data" in this preview article for the upcoming April edition of the IAPP member newsletter, the Privacy Advisor. The article includes a compendium of definitions outlining how the term is defined within data protection laws worldwide.
Full Story

SOCIAL NETWORKING

Study: Attitudes on Privacy Becoming Polarized (March 16, 2011)

According to a Ponemon Institute study, 58 percent of social network users feel their privacy is less important to them than it was five years ago, while 53 percent of non-users said it is more important, msnbc.com reports. Ponemon Institute Founder Larry Ponemon, CIPP, called the findings surprising, adding, "The fact is there's not a lot of complacency about privacy now. People are thinking about this." Privacy expert Alessandro Aquisti says one reason for the polarization may be that the more people use social networks, "the more costly it becomes for others (who aren't members) to be loyal to their views...That means some people's right to privacy is being rendered more difficult to protect precisely by the right of other people not to care about privacy."
Full Story

ONLINE PRIVACY

Microsoft Do-Not-Track Tool To Debut Tuesday (March 15, 2011)

Microsoft's newest version of Internet Explorer is set to release on Tuesday with a do-not-track tool to help Internet users "keep their online habits from being monitored." However, concerns persist as to whether self-regulatory approaches will work. The Wall Street Journal reports that Microsoft and Mozilla have adopted do not track in the wake of the Federal Trade Commission's recommendation for such tools, highlighting "the pressure the industry faces to provide people with a way to control how they are tracked and targeted online" with legislation being contemplated at the federal level. However, the report goes on to state, industry-based systems "will only work if tracking companies agree to respect visitors' requests," and to date, none have publicly agreed. (Registration may be required to access this story.)
Full Story

ONLINE PRIVACY

Working On-The-Go Could Pose Privacy Threats (March 15, 2011)

The ability to take work on the road via laptops, tablets and smartphones enabled for WiFi access is convenient, but these mobile offices are vulnerable to data breaches, The New York Times reports. According to a report by Symantec and the Ponemon Institute, such breaches are becoming more expensive. From leaving laptops in hotel rooms to using public WiFi to sharing information on social networks, experts detail the myriad risks to personal and business data. Prof. Betsy Page Sigman of Georgetown's McDonough School of Business suggests, "You want to be overly cautious, especially if you are around a lot of competitors." (Registration may be required to access this story.)
Full Story

ONLINE PRIVACY

A Look at the “Right To Be Forgotten” (March 15, 2011)

The ramifications of a "right to be forgotten" online are explored in an internet evolution feature that looks at the call on both sides of the Atlantic for online privacy protection and, more specifically, the push in the EU for a right to "erase your Internet tracks forever." The report references a recent post by Peter Fleischer, noting that "anyone who has considered codifying such a right into law hasn't thought through the implications." The report goes on to consider the historical and legal implications of removing, for example, the online footprints of criminals. Ron Miller writes that "whether you can delete the content is not really the point. The real question is: Should you? And if you do, does this amount to censorship?"
Full Story

PERSONAL PRIVACY

Consumer Attitudes Explored (March 15, 2011)

In the first of a three-part series, msnbc.com technology correspondent Bob Sullivan talks to Larry Ponemon, CIPP, and Alessandro Acquisti about the large part of the population that claims to care about personal privacy but yet does not make efforts to preserve it. Ponemon says people, as "part of a large herd...take a 'the lion is not going to attack antelope' mentality," while Acquisti says between attitude and behavior there are many steps, and "it's not obvious what you should do to protect your privacy." Both experts also point to a sense of helplessness, a belief that privacy is lost anyway, and if you want to function in society--get on a plane, use a social network--you have to surrender to it.
Full Story

SOCIAL NETWORKING

Simons, NDP Resolve Access Debate (March 11, 2011)

A standoff between possible NDP leadership candidate Nicholas Simons and the NDP over whether the party has a right to his social networking passwords has come to an end. After a debate that drew the attention of BC Privacy Commissioner, Elizabeth Denham, Simons revealed that all his online networks are open and always have been, reports The Globe and Mail. Simons said he withheld this information because, "It's going to be an interesting public debate in terms of future requests." The NDP holds that its request is reasonable, but Commissioner Denham, speaking from the IAPP Global Privacy Summit, said though she's happy to see a resolution, she will continue to investigate, adding, "I wouldn't want this to be setting a precedent."
Full Story

PERSONAL PRIVACY

VA Gives Reprimands in Bruyea Case (March 11, 2011)

Veterans Affairs (VA) bureaucrats who inappropriately accessed the files of veterans' rights activist Sean Bruyea have been given written reprimands and three-day suspensions for their actions, reports The Globe and Mail. "It doesn't even come close to making government wrongdoing accountable," Bruyea said of the punishment. VA Minister Jean-Pierre Blackburn says mitigating circumstances make the punishments appropriate and that privacy wasn't a focus of the organization prior to the Bruyea incident. "I don't want to excuse what has happened, but it was part of the reality of the department at the time," Blackburn said. "We went as far as possible for the sanctions."
Full Story

PERSONAL PRIVACY

Statistician Discusses Household Survey (March 11, 2011)

While some legislators are pushing for a return to a mandatory long-form census, Chief Statistician Wayne Smith spoke before the Canada House of Commons this week, stating he will not know whether the new voluntary national household survey is an effective replacement until the results are reviewed later in the year, the Toronto Sun reports. The federal government made the long form voluntary after noting that such questions as "religion and the size of a person's home were invasive and should be optional." MP Carolyn Bennett, who introduced the proposal to return to the long-form census, has said that filling out the questionnaire does not mean such specific information as religious affiliation is linked back to individuals.
Full Story

RFID

Opinion: New Program is “Big Brother in a Licence Plate Renewal Sticker” (March 11, 2011)

An opinion piece in The Telegram explores a plan in St. John's for tracking devices used to monitor traffic as well as parking and speeding infractions. The committee considering putting the technology to use notes, "The information collected from the RFID tag is sent wirelessly to a data server and then forwarded to the appropriate agency. For example, if a car runs a red light at an intersection where there is an RFID reader, the car's information is collected, via the RFID tag, and forwarded to the local police department so that a ticket can be issued." The opinion piece references privacy concerns and the need for "changes to existing legislation to accommodate the technology."
Full Story

 

HEALTHCARE PRIVACY

Opinion: Cloud Improves Patient Privacy (March 11, 2011)

There is little doubt that patient care will improve as hospitals gradually move electronic medical records (EMRs) to the cloud, opines Anthony Wright in itbusiness.ca. Wright says the cloud offers lifesaving benefits because the EMRs it stores allow for physician and hospital patient information sharing and improves privacy and security by preventing files from being stolen, misplaced or accessed in the way that paper files could be. But Wright cautions that privacy protection protocols must be addressed. "There will be information from the public cloud that people will want in EMRs. The question yet to be answered is who will manage and govern data privacy, and how?
Full Story

STUDENT PRIVACY

ICO Says School Board Survey OK (March 11, 2011)

The Office of the Information and Privacy Commissioner of Ontario says an Ottawa-Carleton District School Board survey is "necessary to the proper administration of a lawfully authorized activity," and the board gave parents and students adequate notice, reports the Ottawa Citizen. The OIPC investigated the survey--which asks questions ranging from academic abilities to cultural backgrounds--after receiving complaints about the lack of anonymity and potential use of the information, among others. Board executive officer Michele Giroux said the information will not be accessible by staff members. "We're never using the survey to react to individual student situations; we're collecting the information from individual students so that we understand our student population as a whole."
Full Story

DATA LOSS

Employee Terminated for Accessing Files (March 11, 2011)

Central Health has announced that it has terminated an employee for inappropriately accessing patient files. The Telegram reports that the employee accessed at least 80 reports on at least 19 people over a two-and-a-half year period. The health authority is in the process of notifying affected individuals, and Central Health's CEO said of the firing, "If we are going to be successful in protecting the private and confidential information of our client, we must enforce our policies." In 2010, Central Health made privacy training mandatory for every employee and recently hired a privacy manager and privacy analyst in order to better protect patient information.
Full Story

ONLINE PRIVACY—U.S.

Web Data Miners Strike it Rich (March 11, 2011)

In a feature for TIME Magazine, Joel Stein writes of the ways data-mining companies are able to amass rich stores of information about Web users. "I've gathered a bit of the vast amount of data that's being collected both online and off by companies in stealth--taken from the Web sites I look at, the stuff I buy, my Facebook photos, my warranty cards, my customer-reward cards, the songs I listen to online, surveys I was guilted into filling out and magazines I subscribe to," he writes. Stein details what he describes as a multibillion-dollar industry based on consumers' personal information and examines the push at the federal level for regulating the collection, storage and use of such data.
Full Story

ONLINE PRIVACY

DPAs, Others Weigh “Right To Be Forgotten” (March 11, 2011)

Across borders, discussions are in full swing over the dichotomy between the Internet's inability to forget and the call for a "right to be forgotten." In a Forbes report, Kashmir Hill notes, for example, that just such a right "has been affirmed by the Spanish DPA," which recently called for Web sites to delete "inaccurate or out-of-date links" from searches. Meanwhile, Google Global Privacy Counsel Peter Fleischer writes, "More and more, privacy is being used to justify censorship. In a sense, privacy depends on keeping some things private, in other words, hidden, restricted or deleted. And in a world where ever more content is coming online, and where ever more content is findable and shareable, it's also natural that the privacy countermovement is gathering strength."
Full Story

PRIVACY

CDT Receives 2011 IAPP Privacy Leadership Award (March 10, 2011)

The Center for Democracy and Technology has received the 2011 IAPP Privacy Leadership Award. The annual award recognizes a global leader in the field of privacy and data protection. Presenting the honor this morning at the IAPP Global Privacy Summit in Washington, DC, IAPP Board of Directors Treasurer Brendon Lynch, CIPP, said the CDT "is at the forefront of efforts to keep the Internet open, innovative and free. They have consistently been a leading voice for free expression and privacy in communications and have fostered practical and innovative solutions to public policy and civil liberties." CDT President Leslie Harris accepted the award on stage with CDT staff members Justin Brookman, Jim Dempsey and Erica Newland and CDT Board Chairman Deidre Mulligan.
Full Story

Tracking Users’ Web Footprints (March 7, 2011)

A feature in The New York Times explores Web sites that track users' browser history for public viewing, questioning whether individuals will choose to share such information, which can range from visits to online dating and banking sites to exploring medical conditions, and pointing to the assurances site developers are making about privacy. "At all of these tracking sites, developers say they take privacy very seriously," Austin Considine writes in the report, adding, "their success will ultimately be predicated on trust." The developers point to such safeguards as not sharing secure links and providing options for disabling tracking. The founder of one such site suggests they make users more aware of online privacy, noting, "If we're not following you, no matter what, somebody else is." (Registration may be required to access this story.)
Full Story

BEHAVIORAL TARGETING

Fingerprinting To Supplant Cookies? (March 4, 2011)

Several startups are experimenting with tracking technologies that could supplant cookies as behavioral targeting mechanisms, ClickZ reports. Device fingerprinting operates by tracking mobile phones, PCs, TVs and cars using unique identifiers. Based on the device's properties and settings, fingerprinting allows advertisers to link to and track the device and transmit messages based on activity. It's easier to opt out of fingerprint tracking than cookies, developers say; because the device's fingerprint lasts as long as the device itself, opting-out must only happen once. In addition, the developers say, the new technology already complies with do-not-track principles because users can "opt out of both tracking and targeting independently."
Full Story

BEHAVIORAL TARGETING

Study: Data Anonymity Changes Internet Users Minds (March 3, 2011)

MediaPost reports on a PubMatic study that asked about 500 Internet users how they feel about advertisers tracking their online activities. The study found that the anonymity of the data and how the data is used matters to respondents. Once respondents understood that only anonymous data was used for ad targeting, 40 percent changed their response from disapproving of the practice to approving of it. PubMatic's vice president of marketing said, "Everyone knows the user's privacy is paramount and that we provide a service to them. Understanding the how and the why changes everything."
Full Story

DATA PROTECTION—CANADA

Government Orders Grinding Machine for Data Purge (March 1, 2011)

The Canadian Press reports on the federal government's order for a large-scale grinding machine that will destroy data that's been stored on discarded media to be sure that it's "reliably overwritten." Privacy Commissioner Jennifer Stoddart reported last year that three government agencies had been discarding old cell phones at the Public Works Department without purging the data first. The Royal Canadian Mounted Police and Communications Security Establishment both issue guidelines on destruction of government data, however. A public works spokesman said that besides ensuring the data will be permanently destroyed, the onsite grinder will keep data from being "transported off-premises, which also reduces the risks of unauthorized disclosure."
Full Story