This paper from the Information & Privacy Commissioner of Ontario and co-authored by Dan Ruch, Monica Merrifield, Fariba Anderson and Jeff Kirke introduces the concept of Privacy Risk Management. It begins by examining characteristics indicative of an organization’s privacy and risk management maturity. Identifying the growing significance of privacy risk, it describes the manner in which Privacy by Design may be integrated within an organization’s existing risk management process.
This case study focuses on how implementing the Privacy by Design model protects privacy while supporting access to individual-level data for research in the public interest. It explores challenges presented by legislation, stewardship and public perception and demonstrates how PopData achieves both operational efficiencies and due diligence.
This series of three whitepapers by the Future of Privacy Forum addresses some key components of the proposed EU data protection Regulation, namely the costs and paradoxes of explicit consent; the definition of personal data, and jurisdiction and applicable law under the EU general data protection regulation.
This report by Ernst & Young details privacy’s increasing effect on businesses in the new year and highlights three primary categories that the firm predicts will shape the new privacy era: governance, technology and regulation. It also calls on organizations and regulators to work together to shape privacy within the digital landscape and to “appreciate the governance role they must play in safeguarding personal information.”
In this paper, Ira S. Rubinstein of the Information Law Institute and New York University School of Law seeks to clarify the meaning of privacy by design and thereby suggest how privacy regulators might develop appropriate incentives to offset the certain economic costs and uncertain privacy benefits of this new approach.
Chris Hoofnagle, Mika Ayenson, Deitrich James Wambach, Ashkan Soltani and Nathan Good provide a follow-up to their 2009 study revealing the use of “Flash cookies” to track users. The authors reassess the flash cookies landscape and examine a new tracking vector, html5 local storage and cache-cookies via etags.
This article by M. Ryan Calo of the Center for Internet and Society, Stanford Law School, aims to undermine the case for notice skepticism by exposing two erroneous assumptions critics of notice commonly make: that notice is monolithic and that notice must consist of language or its symbolic equivalent.
This paper by Mary Culnan of Bentley University argues that the current approach to regulating privacy based on “notice and choice” or “harm” is not effective and needs to be revisited. The paper proposes augmenting the current approach with new regulations based on accountability where firms are delegated responsibility to develop risk management programs for privacy tailored to their individual circumstances.
Privacy and Identity Management in Europe for Life presents an analysis of the ways in which individuals use two types of web 2.0 environments; collaborative workspaces and social network sites, to construct and express identities, manage relationships and cooperate in the creation and dissemination of content. The group looks into privacy issues that may arise in relation to these activities and provide possible solutions; presenting three demonstrators built to contribute to solving some of the issues with regard to privacy and identity management in collaborative workspaces and social networking sites.
This report from The Privacy Projects presents a comparative study of how the OECD guidelines have influenced the development of laws, regulations and public policy in five representative OECD member states—Australia, Canada, Japan, Spain and the United States.
Michelle Madejski, Maritza Johnson and Steven M. Bellovin of Columbia University present the results of a study measuring the sharing intentions of social networking users to identify potential violations in users’ privacy settings. The results revealed a mismatch between intentions and reality, indicating that users are unable to correctly manage their privacy settings.
Created by Nicholas Cramer of AllClear ID, this whitepaper takes a close look at key considerations involved in responding to data breaches of all sizes to help privacy, risk, legal and compliance professionals understand some of the nuances involved in a data breach response.
In this summary, we will discuss Do Not Track, what it is trying to solve, what it does, who is involved and where regulators, browsers and advertising initiatives stand.
The results of this fifth annual survey by the Ponemon Institute outlines the cost of data breaches in the U.S., showing an increase in spending on breach incidents from 2008 to 2009.
Pedro G. Leon, Blase Ur, Rebecca Balebako, Lorrie Faith Cranor, Richard Shay and Yang Wang present the results of a study investigating the usability of tools to limit online behavioral advertising. The researchers observed participants’ behavior as they installed and used a privacy tool and recorded their perceptions and attitudes about that tool, finding serious usability flaws in all nine tools examined.
Page 4 of 8 pages ‹ First < 2 3 4 5 6 > Last ›