Privacy Research    Education

Against Notice Skepticism

This article by M. Ryan Calo of the Center for Internet and Society, Stanford Law School, aims to undermine the case for notice skepticism by exposing two erroneous assumptions critics of notice commonly make: that notice is monolithic and that notice must consist of language or its symbolic equivalent.

Accountability as the Basis for Regulating Privacy

This paper by Mary Culnan of Bentley University argues that the current approach to regulating privacy based on “notice and choice” or “harm” is not effective and needs to be revisited. The paper proposes augmenting the current approach with new regulations based on accountability where firms are delegated responsibility to develop risk management programs for privacy tailored to their individual circumstances.

Privacy Enabled Communities

Privacy and Identity Management in Europe for Life presents an analysis of the ways in which individuals use two types of web 2.0 environments; collaborative workspaces and social network sites, to construct and express identities, manage relationships and cooperate in the creation and dissemination of content. The group looks into privacy issues that may arise in relation to these activities and provide possible solutions; presenting three demonstrators built to contribute to solving some of the issues with regard to privacy and identity management in collaborative workspaces and social networking sites.

OECD Privacy Guidelines: Thirty Years in the Public Sector

This report from The Privacy Projects presents a comparative study of how the OECD guidelines have influenced the development of laws, regulations and public policy in five representative OECD member states—Australia, Canada, Japan, Spain and the United States.

Not All Breaches Are Created Equal Whitepaper

Created by Nicholas Cramer of AllClear ID, this whitepaper takes a close look at key considerations involved in responding to data breaches of all sizes to help privacy, risk, legal and compliance professionals understand some of the nuances involved in a data breach response.

U.S. Cost of a Data Breach Study Summary

The results of this fifth annual survey by the Ponemon Institute outlines the cost of data breaches in the U.S., showing an increase in spending on breach incidents from 2008 to 2009.

Dutch Treat?  Collaborative Dutch Privacy Regulation and the Lessons it Holds for U.S. Privacy Law

Dennis Hirsch describes the recent Congressional bills and White House policy papers that propose using a collaborative, safe harbor approach to regulate commercial privacy and synthesizes the literature on collaborative governance against the backdrop of the Dutch “code of conduct” approach to privacy regulation.

Differential Privacy as a Response to the Re-identification Threat: Case Study

This article by Andrew Chin and Anne Klinefelter infers that Facebook appears to be using differential privacy-supporting technologies in its targeted advertising system without apparent loss of utility and highlights opportunities for recognition of the differential privacy standard as a best practice or a presumption of compliance for privacy, while acknowledging certain limitations on the transferability of the Facebook example.

The ‘Re-Identification’ of Governor William Weld’s Medical Information: A Critical Re-Examination of

This paper by Daniel C. Barth-Jones of Columbia University critically examines the historic Weld re-identification and the dramatic reductions of re-identification risks for de-identified health data as they have been protected by the HIPAA Privacy Rule provisions for de-identification since 2003. The paper also provides recommendations for enhancements to existing HIPAA de-identification policy; discusses critical advances routinely made in medical science and improvement of our healthcare system using de-identified data, and provides commentary on the vital importance of properly balancing the competing goals of protecting patient privacy and preserving the accuracy of scientific research and statistical analyses conducted with de-identified data.

Mobile Payments: Consumer Benefits & New Privacy Concerns

This article by Chris Jay Hoofnagle, Jennifer M. Urban and Su Li explains some advantages of mobile payment systems, some challenges to their adoption in the United States and concludes with a main finding: Americans overwhelming reject mobile payment systems that track their movements or share identification information with retailers. The authors then suggest a possible remedy for such information sharing: adapting provisions of California’s Song-Beverly Credit Card Act.

Encryption and Globalization

This article by Peter Swire and Kenesa Ahmad offers a short history of wiretaps for phone and Internet data; highlights key lessons learned from the U.S. crypto wars of the 1990s; proposes reasons why effective encryption becomes even more important when the debate shifts from one country to a globalized setting, and synthesizes the key reasons supporting effective encryption in today’s globalized world.

Bridging the Gap Between Privacy and Design

This article by Deirdre Mulligan and Jennifer King of the University of California, Berkeley, School of Information explores the gap between privacy and design in the context of “lateral privacy”—privacy issues arising among users of a service rather than from the service provider—on social networking sites (SNSs) and other platforms by analyzing the privacy concerns lodged against the introduction of Facebook’s News Feed in 2006.

Privacy in India: Attitudes and Awareness V 2.0

Written by Ponnurangam (PK) Kumaraguru and Niharika Sachdeva of the research group PreCog, this study aims to better understand how Indians’ view their own privacy, particularly given advances in technology and government projects such as Unique ID. The survey involved interviews with 20 participants, four focus group discussions of 31 participants and a survey that elicited responses from 10,427 individuals.

The PII Problem: Privacy and a New Concept of Personally Identifiable Information

Written by Paul Schwartz and Daniel Solove, this article explores the importance of personally identifiable information (PII) in privacy law and the challenges stemming from the lack of a uniform definition for the term. The authors outline a new approach to PII and show how existing approaches impede effective regulation of behavioral marketing.

What Google Knows: Privacy and Internet Search Engines

In this article, Omer Tene explores Google’s evolution from “a benevolent giant seeking to do no evil” into “an informational gatekeeper harboring previously unimaginable riches of personal data.” Tene writes, “Google's access to and storage of vast amounts of personal data create a serious
privacy problem,” and goes on to explore whether those privacy fears are valid, what rules should govern access to Google's database and what are the legal protections currently in place.

Page 4 of 7 pages ‹ First  < 2 3 4 5 6 >  Last ›