In this paper, Ira S. Rubinstein of the Information Law Institute and New York University School of Law seeks to clarify the meaning of privacy by design and thereby suggest how privacy regulators might develop appropriate incentives to offset the certain economic costs and uncertain privacy benefits of this new approach.
This article by M. Ryan Calo of the Center for Internet and Society, Stanford Law School, aims to undermine the case for notice skepticism by exposing two erroneous assumptions critics of notice commonly make: that notice is monolithic and that notice must consist of language or its symbolic equivalent.
This paper by Mary Culnan of Bentley University argues that the current approach to regulating privacy based on “notice and choice” or “harm” is not effective and needs to be revisited. The paper proposes augmenting the current approach with new regulations based on accountability where firms are delegated responsibility to develop risk management programs for privacy tailored to their individual circumstances.
Privacy and Identity Management in Europe for Life presents an analysis of the ways in which individuals use two types of web 2.0 environments; collaborative workspaces and social network sites, to construct and express identities, manage relationships and cooperate in the creation and dissemination of content. The group looks into privacy issues that may arise in relation to these activities and provide possible solutions; presenting three demonstrators built to contribute to solving some of the issues with regard to privacy and identity management in collaborative workspaces and social networking sites.
This report from The Privacy Projects presents a comparative study of how the OECD guidelines have influenced the development of laws, regulations and public policy in five representative OECD member states—Australia, Canada, Japan, Spain and the United States.
A series of short articles by Khaled El Emam on the HIPAA Privacy Rule Safe Harbor de-identification standard, the difference between masking and de-identification, and how to protect data in the era of big data.
Created by Nicholas Cramer of AllClear ID, this whitepaper takes a close look at key considerations involved in responding to data breaches of all sizes to help privacy, risk, legal and compliance professionals understand some of the nuances involved in a data breach response.
The results of this fifth annual survey by the Ponemon Institute outlines the cost of data breaches in the U.S., showing an increase in spending on breach incidents from 2008 to 2009.
This article by Agatha Cole examines the scope of Sorrell v. IMS Health, its potential impact on legislative efforts to enact comprehensive consumer privacy legislation and its implications for targeted Internet advertising.
Dennis Hirsch describes the recent Congressional bills and White House policy papers that propose using a collaborative, safe harbor approach to regulate commercial privacy and synthesizes the literature on collaborative governance against the backdrop of the Dutch “code of conduct” approach to privacy regulation.
This article by Andrew Chin and Anne Klinefelter infers that Facebook appears to be using differential privacy-supporting technologies in its targeted advertising system without apparent loss of utility and highlights opportunities for recognition of the differential privacy standard as a best practice or a presumption of compliance for privacy, while acknowledging certain limitations on the transferability of the Facebook example.
This paper by Daniel C. Barth-Jones of Columbia University critically examines the historic Weld re-identification and the dramatic reductions of re-identification risks for de-identified health data as they have been protected by the HIPAA Privacy Rule provisions for de-identification since 2003. The paper also provides recommendations for enhancements to existing HIPAA de-identification policy; discusses critical advances routinely made in medical science and improvement of our healthcare system using de-identified data, and provides commentary on the vital importance of properly balancing the competing goals of protecting patient privacy and preserving the accuracy of scientific research and statistical analyses conducted with de-identified data.
This article by Chris Jay Hoofnagle, Jennifer M. Urban and Su Li explains some advantages of mobile payment systems, some challenges to their adoption in the United States and concludes with a main finding: Americans overwhelming reject mobile payment systems that track their movements or share identification information with retailers. The authors then suggest a possible remedy for such information sharing: adapting provisions of California’s Song-Beverly Credit Card Act.
This article by Peter Swire and Kenesa Ahmad offers a short history of wiretaps for phone and Internet data; highlights key lessons learned from the U.S. crypto wars of the 1990s; proposes reasons why effective encryption becomes even more important when the debate shifts from one country to a globalized setting, and synthesizes the key reasons supporting effective encryption in today’s globalized world.
This article by Deirdre Mulligan and Jennifer King of the University of California, Berkeley, School of Information explores the gap between privacy and design in the context of “lateral privacy”—privacy issues arising among users of a service rather than from the service provider—on social networking sites (SNSs) and other platforms by analyzing the privacy concerns lodged against the introduction of Facebook’s News Feed in 2006.
Page 4 of 7 pages ‹ First < 2 3 4 5 6 > Last ›