Privacy Research    IT/Data Brokerage

Unique in the Crowd: The Privacy Bounds of Human Mobility

Yves-Alexandre de Montjoye, César A. Hidalgo, Michel Verleysen and Vincent D. Blondel of MIT study fifteen months of human mobility data for one and a half million individuals and find that human mobility traces are highly unique. In fact, in a dataset where the location of an individual is specified hourly, and with a spatial resolution equal to that given by the carrier’s antennas, four spatio-temporal points are enough to uniquely identify 95% of the individuals.

A Model Regime of Privacy Protection

In this article, Daniel Solove and Chris Jay Hoofnagle propose a model privacy regime to address privacy protection challenges in the United States, with a particular focus on commercial data brokers. Their proposed regime aims to build upon the existing foundation of U.S. privacy law by applying the Fair Information Practices Principles and demonstrating specific ways that they can be incorporated into current regulations.

2013 Verizon Data Breach Investigation Report

The 2013 Data Breach Investigations Report analyzes more than 47,000 reported security incidents and 621 confirmed data breaches from 2012 and brings to bear the perspective of 19 global organizations on studying and combating data breaches in the modern world.

The Right To Be Forgotten—Between Expectations and Practice

This paper complements two other recent ENISA publications in this area and focuses on the technical means to enforce or support the right to be forgotten in information systems; “there are technical limitations and there is a further need for clear definitions and legal clarifications.” In this paper ENISA reviews relevant existing technology and identifies the technical limitations and challenges to enforcement as well as the need for additional definitions and legal clarifications.

The Pursuit of Privacy in a World Where Information Control is Failing

This article by Adam Thierer and originally published in the Harvard Journal of Law and Public Policy focuses on privacy rights in relation to private enterprise and suggests that expanded regulation is not the most constructive way to ensure greater online privacy. The article introduces the notion that “Legislative and regulatory efforts aimed at protecting privacy must now be seen as an increasingly intractable information control problem.”

The economic cost of publicly announced information security breaches

This 2003 study by Katherine Campbell, Lawrence Gordon, Martin Loeb and Lei Zhou of the University of Maryland examines the economic effect of information security breaches reported in newspapers on publicly traded U.S. corporations.

What Place Do Search Engines Have Between Personal Data Law and Freedom of Speech?

The question raised in the title of this article is the complex and long-debated one that the Court of Justice of the European Union (the “CJEU”) will have to answer, following an application made by the Spanish High Court. The case leading to this question is between Mr. X, a Spanish national, and Google. Mr. X noticed that when he typed his name into the Google search engine, two of the results redirected the user to pages of a newspaper that included details of the auctioning of a property seized due to a failure by Mr. X to pay social contributions. Mr. X brought a claim against the newspaper and Google before the Spanish Personal Data Protection Authority.

Privacy Risk Management: Building privacy protection into a Risk Management Framework

This paper from the Information & Privacy Commissioner of Ontario and co-authored by Dan Ruch, Monica Merrifield, Fariba Anderson and Jeff Kirke introduces the concept of Privacy Risk Management. It begins by examining characteristics indicative of an organization’s privacy and risk management maturity. Identifying the growing significance of privacy risk, it describes the manner in which Privacy by Design may be integrated within an organization’s existing risk management process.

Privacy by Design at Population Data BC: A case study

This case study focuses on how implementing the Privacy by Design model protects privacy while supporting access to individual-level data for research in the public interest. It explores challenges presented by legislation, stewardship and public perception and demonstrates how PopData achieves both operational efficiencies and due diligence.

Whitepaper series on the proposed EU Data Protection Regulation

This series of three whitepapers by the Future of Privacy Forum addresses some key components of the proposed EU data protection Regulation, namely the costs and paradoxes of explicit consent; the definition of personal data, and jurisdiction and applicable law under the EU general data protection regulation.

Privacy trends 2013: The uphill climb continues

This report by Ernst & Young details privacy’s increasing effect on businesses in the new year and highlights three primary categories that the firm predicts will shape the new privacy era: governance, technology and regulation. It also calls on organizations and regulators to work together to shape privacy within the digital landscape and to “appreciate the governance role they must play in safeguarding personal information.”

Regulating Privacy by Design

In this paper, Ira S. Rubinstein of the Information Law Institute and New York University School of Law seeks to clarify the meaning of privacy by design and thereby suggest how privacy regulators might develop appropriate incentives to offset the certain economic costs and uncertain privacy benefits of this new approach.

Flash Cookies and Privacy II: Now with HTML5 and ETag Respawning

Chris Hoofnagle, Mika Ayenson, Deitrich James Wambach, Ashkan Soltani and Nathan Good provide a follow-up to their 2009 study revealing the use of “Flash cookies” to track users. The authors reassess the flash cookies landscape and examine a new tracking vector, html5 local storage and cache-cookies via etags.

Against Notice Skepticism

This article by M. Ryan Calo of the Center for Internet and Society, Stanford Law School, aims to undermine the case for notice skepticism by exposing two erroneous assumptions critics of notice commonly make: that notice is monolithic and that notice must consist of language or its symbolic equivalent.

Accountability as the Basis for Regulating Privacy

This paper by Mary Culnan of Bentley University argues that the current approach to regulating privacy based on “notice and choice” or “harm” is not effective and needs to be revisited. The paper proposes augmenting the current approach with new regulations based on accountability where firms are delegated responsibility to develop risk management programs for privacy tailored to their individual circumstances.

Page 4 of 8 pages ‹ First  < 2 3 4 5 6 >  Last ›