Daily Dashboard

A note to our readers: The IAPP has ceased publication of Inside 1to1: PRIVACY. The December 2012 issue is the final edition. We hope you continue to enjoy our daily newsletter, the Daily Dashboard, and our monthly newsletter, The Privacy Advisor.

Privacy Law Fundamentals, Second Edition Read More
Greetings (April 15, 2011)
It seems that every month there are new enforcement actions to report in the privacy space. The past month has been a blockbuster, where varied enforcers have taken action against diverse players--with big results. This week we learned that social network Myspace is being sued for allegedly sharing its members' data with aggregators without first obtaining their consent. The complaint, filed in U.S. District Court on Wednesday, accuses Myspace of transmitting member data to aggregators who then package and sell it to advertisers.
Across jurisdictions and Web domains, questions of privacy and online anonymity persist (April 15, 2011)
There is a tug-of-war going on right now on the Internet and in the courts between protecting online anonymity and the equally privacy-related question of accountability when one individual's postings defame or expose personal information about another. Add to this issues of truth in reporting for journalists and the questions of how private and anonymous what we post online--and apply the laws and mores that vary from jurisdiction to jurisdiction--and the result appears to be the onslaught of legal actions, pending cases and unanswered questions that surround the term "online anonymity."
Breach highlights need for privacy professionals’ elevated role (April 15, 2011)
Data breaches should serve as a wake-up call to companies' top-level management. That's according to New York University Professors Arun Sundararajan and Vasant Dhar, who say companies that share data with third-party service providers must more seriously consider the risks of using such services and weigh them against the benefits. Dhar, director for the Center for Digital Economy Research at the NYU Stern School of Business, and Sundararajan, associate professor of information, operations and management sciences, say that the recent Epsilon breach is an example of failure in management--not security technology. They say the breach calls into question the management choices the affected companies made when they shared customer data for marketing purposes.
AdChoices adoption uneven (April 15, 2011)

A Carnegie Mellon University study explores the adoption of the Network Advertising Initiative's (NAI) behavioral targeting opt-out program, AdChoices, finding inconsistencies in adoption, presentation and compliance. The study analyzed the "policies and practices" of 66 NAI members and "how they presented their policies and opt-out options across advertisements on the 100 most popular U.S. Web sites," reports Internet Retailer, finding that

  • 35% of NAI members provide a "clear, meaningful and prominent link" on pages with behaviorally targeted ads    

  • 83% of NAI members fulfill the Digital Advertising Alliance's privacy notice requirement, i.e., a privacy policy that describes its action

  • 88% of NAI members provide a definition of opt out, but definitions vary

The Digital Advertising Alliance (DAA), whose rules NAI members are required to follow, launched AdChoices last fall, the report states. "Although we have observed an increasing rate of compliance, overall compliance has been slow," says the DAA. The program was developed to stave off federal regulation of online behavioral advertising.