Today's Info Policy News
Protecting your children's privacy: The Facts
WHO'S WATCHING YOUR CHILDREN?
With the exact phrase
With all of the words
With at least one of the words
Without these words
Within these fields
Date range limit
No limit: Show me all items regardless of date captured.
Limit the search to items added since this date.
Item(s) found: 40
The PII Problem: Privacy and a New Concept of Personally Identifiable Information
Friday November 14 2014, 6:32 AM
Paul M. Schwartz University of California, Berkeley - School of Law; Daniel J. Solove George Washington University Law School; December 5, 2011; New York University Law Review, Vol. 86, p. 1814, 2011; UC Berkeley Public Law Research Paper No. 1909366; GWU Legal Studies Research Paper No. 584; GWU Law School Public Law Research Paper No. 584; We show how existing approaches to PII impede the effective regulation of behavioral marketing, and how PII 2.0 would resolve these problems.
Monday January 03 2011, 9:11 PM
“Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers.”
Thursday December 09 2010, 4:45 PM
FTC: To reduce the burden on consumers and ensure basic privacy protections, the report first recommends that “companies should adopt a ‘privacy by design’ approach by building privacy protections into their everyday business practices.” Second, the report states, consumers should be presented with choice about collection and sharing of their data at the time and in the context in which they are making decisions – not after having to read long, complicated disclosures that they often cannot find. One method of simplified choice the FTC staff recommends is a “Do Not Track” mechanism governing the collection of information about consumer’s Internet activity to deliver targeted advertisements and for other purposes. The report also recommends other measures to improve the transparency of information practices, including consideration of standardized notices that allow the public to compare information practices of competing companies. The report recommends allowing consumers “reasonable access” to the data that companies maintain about them, particularly for non-consumer facing entities such as data brokers. Finally, FTC staff proposes that stakeholders undertake a broad effort to educate consumers about commercial data practices and the choices available to them.
Wednesday October 20 2010, 7:42 PM
HTML5 is a new version of HTML and XHTML. The HTML5 draft specification defines a single language that can be written in HTML and XML. It attempts to solve issues found in previous iterations of HTML and addresses the needs of Web Applications, an area previously not adequately covered by HTML.
Letter to: Chairman Boucher and Ranking Member Stearns
Monday June 07 2010, 6:26 PM
Mike Sachoff -- [In response to a discussion draft of a new privacy bill now under consideration by the House Subcommittee on Communications, Technology and the Internet, ten privacy and consumer groups today called for stronger measures to protect consumer privacy both online and off. The organizations including the Consumer Federation of America, Electronic Frontier Foundation, Consumer Watchdog, World Privacy Forum, Consumer Action, USPIRG, Privacy Rights Clearinghouse, Privacy Times, Privacy Lives, and the Center for Digital Democracy, raised their concerns in a letter to Subcommittee Chairman Rick Boucher and Ranking Member Cliff Stearns. The groups recommended the following: *The bill should incorporate the Fair Information Practice Principles that have long served as the bedrock of consumer privacy protection in the U.S., including the principle of not collecting more data than is necessary for the stated purposes, limits on how long data should be retained, and a right to access and correct one's data. *The bill's definitions of what constitutes "sensitive information" need to be expanded; for instance, to include health-related information beyond just "medical records." *The bill should require strict "opt-in" procedures for the collection and use of covered data and should prohibit the collection and use of any sensitive information except for the transactions for which consumers provided it.]
On the Leakage of Personally Identi?able Information Via Online Social Networks
Wednesday June 02 2010, 10:01 PM
Balachander Krishnamurthy and Craig E. Wills - [Abstract For purposes of this paper, we de?ne “Personally identi?- able information” (PII) as information which can be used to distinguish or trace an individual’s identity either alone or when combined with other information that is linkable to a speci?c individual. The popularity of Online Social Net- works (OSN) has accelerated the appearance of vast amounts of personal information on the Internet. Our research shows that it is possible for third-parties to link PII, which is leaked via OSNs, with user actions both within OSN sites and else- where on non-OSN sites. We refer to this ability to link PII and combine it with other information as “leakage”. We have identi?ed multiple ways by which such leakage occurs and discuss measures to prevent it.]
How Unique Is Your Web Browser?
Tuesday May 18 2010, 1:32 PM
DRAFT - Boucher bill
Thursday May 06 2010, 8:34 AM
A BILL : To require notice to and consent of an individual prior to the collection and disclosure of certain personal informa- tion relating to that individual.
Proposed Privacy Legislation Wins Few Fans
Thursday May 06 2010, 8:24 AM
WSJ : [ The goal for the legislation is to set a standard for consumer privacy protections and also provide consumers with more transparency and control regarding the collection, use and sharing of their information, said Rep. Rick Boucher (D., Va.). Mr. Boucher released a draft of the bill for discussion on Tuesday along with Rep. Cliff Stearns (R., Fla.). The bill stipulates that as a general rule companies can collect information about consumers unless a person opts out of that data collection — a point of contention among privacy advocates. The regulation also specifies standards for the collection and use of personally identifiable information. Companies must disclose to consumers if they are collecting personally identifiable information and how they are using that data. Consumers must give a company permission to share that personally identifiable information with outside companies. ]
Monday April 26 2010, 8:32 PM
Monday April 26 2010, 8:32 PM
How Different are Young Adults from Older Adults When it Comes to Information Privacy Attitudes and Policies?
Thursday April 15 2010, 6:12 PM
Chris Jay Hoofnagle - University of California, Berkeley - School of Law, Berkeley Center for Law & Technology; Jennifer King -UC Berkeley School of Information; Berkeley Center for Law & Technology; Su Li- University of California, Berkeley- School of Law, Center for the Study of Law and Society; Joseph Turow - University of Pennsylvania - Annenberg School for Communication: [Abstract: Media reports teem with stories of young people posting salacious photos online, writing about alcohol-fueled misdeeds on social networking sites, and publicizing other ill-considered escapades that may haunt them in the future. These anecdotes are interpreted as representing a generation-wide shift in attitude toward information privacy. Many commentators therefore claim that young people “are less concerned with maintaining privacy than older people are.” Surprisingly, though, few empirical investigations have explored the privacy attitudes of young adults. This report is among the first quantitative studies evaluating young adults’ attitudes. It demonstrates that the picture is more nuanced than portrayed in the popular media. ] [Among the findings: _ Eighty-eight percent of people of all ages said they have refused to give out information to a business because they thought it was too personal or unnecessary. Among young adults, 82 percent have refused, compared with 85 percent of those over 65. _ Most people — 86 percent — believe that anyone who posts a photo or video of them on the Internet should get their permission first, even if that photo was taken in public. Among young adults 18 to 24, 84 percent agreed — not far from the 90 percent among those 45 to 54. _ Forty percent of adults ages 18 to 24 believe executives should face jail time if their company uses someone's personal information illegally — the same as the response among those 35 to 44 years old.]
Updated and Corrected: E-Book Buyer's Guide to Privacy
Thursday December 31 2009, 3:20 PM
Electronic Frontier Foundation -- [A few weeks ago, EFF published its first draft of a Buyer's Guide to E-Book Privacy. In that first draft we incorporated the actual language of the privacy policies as much as possible, which unfortunately created some confusion since companies generally use different language to address similar issues. We also did a few other things clumsily. First, we've re-written many of the questions and answers to provide more clarity about the behavior of each e-reader. Second, we've tried point out where companies' privacy policies themselves are unclear on particular issues. And finally, we've made the whole thing easier to read by changing its visual layout. This guide continues to be a work in progress.
Refocusing the FTC’s Role in Privacy Protection
Monday December 14 2009, 5:31 PM
Comments of the Center for Democracy & Technology (CDT) in regards to the FTC Consumer Privacy Roundtable.
Ad Industry Works on Ads About Ads
Tuesday November 24 2009, 3:07 PM
Wall Street Journal Emily Steel writes -- [At issue is the practice of tracking consumers’ Web activities — from the searches they make to the sites they visit and the products they buy — for the purpose of targeting ads. The efforts follow calls from the FTC earlier this year for Web advertisers and Internet companies to do a better job explaining how they track and use information about consumers’ Web activities and creating a simple way consumers can opt out of being tracked.]
Target-Marketing Becomes More Communal
Thursday November 05 2009, 10:45 AM
WSJ Emily Steel writes [["The data is becoming the most important component for marketers and Web sites. It tells them who their audience is," says Omar Tawakol, chief executive at Blue Kai. Some lawmakers, concerned about Internet privacy, are preparing legislation to make more transparent Web sites' tactics for collecting information on their users. In an effort to fend off legislation, data brokers say, they abide by industry standards and do not collect any personally identifiable information and sensitive data, such as health information. They also tout efforts to make their business practices more transparent to consumers.]
Americans Reject Tailored Advertising and Three Activities that Enable It
Monday October 05 2009, 7:01 PM
[First, federal legislation ought to require all websites to integrate the P3P protocols into their privacy policies. That will provide a web-wide computerreadable standard for websites to communicate their privacy policies automatically to people’s computers. Visitors can know immediately when they get to a site whether they feel comfortable with its information policy. An added advantage of mandating P3P is that the propositional logic that makes it work will force companies to be straightforward in presenting their positions about using data. It will greatly reduce ambiguities and obfuscations about whether and where personal information is taken. · Second, federal legislation ought to mandate data-flow disclosure for any entity that represents an organization online. The law would work this way: When an internet user begins an online encounter with a website or commercial email, that site or email should prominently notify the person of an immediately accessible place that will straightforwardly present (1) exactly what information the organization collected about that specific individual during their last encounter, if there was one; (2) whether and how that information was linked to other information; (3) specifically what other organizations, if any, received the information; and (4) what the entity expects will happen to the specific individual’s data during this new (or first) encounter. Some organizations may then choose to allow the individuals to negotiate which of forthcoming data-extraction, manipulation and sharing activities they will or won’t allow for that visit. · Third, the government should assign auditing organizations to verify through random tests that both forms of disclosure are correct—and to reveal the results at the start of each encounter. The organizations that collect the data should bear the expense of the audits. Inaccuracies should be considered deceptive practices by the Federal Trade Commission. The three proposals follow the widely recognized Federal Trade Commission goals of providing users with access, notice, choice, and security over their information. Companies will undoubtedly protest that these activities might scare people from allowing them to track information and raise the cost of maintaining databases about people online. One response is that people, not the companies, own their personal information. Another response is that perhaps consumers’ new analyses of the situation will lead them to conclude that such sharing is not often in their benefit. If that happens, it might lead companies that want to retain customers to change their information tracking-and-sharing approaches. The issues raised here about citizen understanding of privacy policies and data flow are already reaching beyond the web to the larger digital interactive world of personal video recorders (such as TiVo), cell phones, and personal digital assistants. At a time when technologies to extract and manipulate consumer information are becoming ever-more complex, citizens’ ability to control their personal information must be both more straightforward and yet more wide-ranging than previously contemplated.]Turow, Joseph, King, Jennifer, Hoofnagle, Chris Jay, Bleakley, Amy and Hennessy, Michael, Americans Reject Tailored Advertising and Three Activities that Enable It (September 29, 2009). Available at SSRN: http://ssrn.com/abstract=1478214
Americans Don't Like Being Tracked on Web
Monday October 05 2009, 6:21 PM
[The Times notes that Representative Rick Boucher, Democrat from Virginia, is planning to introduce privacy legislation that will address on-line tracking, while David Vladeck, head of consumer protection for the The Federal Trade Commission (FTC), is indicating that he is keeping a close watch on consumer privacy protection as well.]
In the garden of Google and evil
Monday May 11 2009, 5:55 PM
Computer World - Robert L. Mitchell -- [As the focus by regulators and privacy advocates intensifies, Google should take a leadership role in developing pro-consumer privacy laws and best practices. If it doesn't, Google could eventually lose the good will it has with its users, and regulators could make it the poster boy for privacy on the Web. Google need look no further than Microsoft to see how quickly public opinion can change for a defacto monopoly. ]
Thursday April 30 2009, 10:12 PM
Wiki - [A location-based service (LBS) is an information and entertainment service, accessible with mobile devices through the mobile network and utilizing the ability to make use of the geographical position of the mobile device]
Google Becomes Default Location Provider For Firefox
Thursday April 30 2009, 6:47 PM
TechCrunch.com -- Jason Kincaid -- [Google says that the data isn't currently being used for advertising purposes (at least for now), and that this is really about getting location-based functionality deployed to the web. But even without the advertising dollars, there is one very major upside: Google is going to be able to perfect its location database, with millions of users tapping into it on a daily basis. And that database is going to be extremely valuable going forward. ]
IE8's Cumbersome Privacy Controls May Discourage Use
Monday March 23 2009, 4:06 PM
Patricia Resende writes [Microsoft's new IE8 features follow a warning to Internet browser makers from the Federal Trade Commission to self-regulate privacy issues or face regulation. Microsoft came under fire for its Passport feature as the Electronic Privacy Information Center and 14 other groups asked the FTC in 2001 to force a revision of the security Relevant Products/Services standard on Passport. The groups alleged Microsoft violated the law by linking Windows XP with requests to sign up for Passport and misleading users to believe that Passport protected privacy when it instead tracked, profiled and monitored users.]
An Icon That Says They’re Watching You
Thursday March 19 2009, 6:20 PM
NY Times Saul Hansell writes [Mr. Turow has developed a plan that is simpler and more comprehensive: Put an icon on each ad that signifies that the ad collects or uses information about users. If you click the icon, you will go to what he calls a “privacy dashboard” that will let you understand exactly what information was used to choose that ad for you. And you’ll have the opportunity to edit the information or opt out of having any targeting done at all. “I don’t think ‘Ads by Google’ is enough,’” he said. “The problem with the whole rhetoric Google is using is that it is designed to stop you from wanting to learn more and do something.” ]
A Call to Legislate Internet Privacy
Monday March 16 2009, 10:31 AM
NY Times Saul Hansell writes [“Internet users should be able to know what information is collected about them and have the opportunity to opt out,” he said. While he hasn’t written the bill yet, Mr. Boucher said that he, working with Representative Cliff Stearns, the Florida Republican who is the ranking minority member on the subcommittee, wants to require Web sites to disclose how they collect and use data, and give users the option to opt out of any data collection. That’s not a big change from what happens now, at least on most big sites. But in what could be a big change from current practice, Mr. Boucher wants sites to get explicit permission from users — an “opt in” — if they are going to share information with other companies.]
Advertisers Get a Trove of Clues in Smartphones
Wednesday March 11 2009, 3:05 PM
NY Times STEPHANIE CLIFFORD writes [The capability for collecting information has alarmed privacy advocates. “It’s potentially a portable, personal spy,” said Jeff Chester, the executive director of the Center for Digital Democracy, who will appear before Federal Trade Commission staff members this month to brief them on privacy and mobile marketing. He is particularly concerned about data breaches, advertisers’ access to sensitive health or financial information, and a lack of transparency about how advertisers are collecting data. “Users are going to be inclined to say, sure, what’s harmful about a click, not realizing that they’ve consented to give up their information.”]
Google to Offer Ads Based on Interests
Wednesday March 11 2009, 3:00 PM
NY Times MIGUEL HELFT writes [Google will use a cookie, a small piece of text that resides inside a Web browser, to track users as they visit one of the hundreds of thousands of sites that show ads through its AdSense program. Google will assign those users to categories based on the content of the pages they visit. For example, a user may be pegged as a potential car buyer, sports enthusiast or expectant mother. Google will then use that information to show people ads that are relevant to their interests, regardless of what sites they are visiting. An expectant mother may see an ad about baby products not only on a parenting site but also, for example, on a sports or fashion site that uses AdSense or on YouTube, which is owned by Google.]
PRIVACY AND DATA PROTECTION
Wednesday March 11 2009, 2:42 PM
The Business Forum for Consumer Privacy (BFCP)--a coalition of companies including Microsoft, Google and HP released a whitepaper intended to start a discussion about governing information collection and use. The BFCP says the current U.S. approach, which holds consumers responsible for how their private information is used, is not sufficient in the information economy. In the whitepaper, the forum proposes an alternative approach toward securing private data: a "use-and-obligations" model. This model, the authors say, draws upon the OECD Guidelines and the APEC Privacy Framework, and outlines five categories of data use: fulfillment, marketing, internal business operations, antifraud and authentication, and external legal and public good. Forum members say a use-and-obligations model will better address ways in which information is collected and used in the twenty-first century.
ONLINE BEHAVIORAL ADVERTISING: A CHECKLIST OF PRACTICES THAT IMPACT CONSUMER TRUST
Wednesday March 04 2009, 3:09 PM
Behavioral Targeting: Not that Bad?! TRUSTe Survey Shows Decline in Concern for Behavioral Targeting
Wednesday March 04 2009, 3:05 PM
Behavioral advertising still represents un-charted territory, without clearly applicable laws or regulations. In February, the Federal Trade Commission (FTC) published a set of guidelines (titled “Self-Regulatory Principles for Online Behavioral Advertising”) for companies collecting information on the actions of Internet users for the purpose of providing targeted advertising to them. The principles encourage self-regulatory action on the part of the companies themselves, specifically encouraging transparency and customer control, reasonable security and limited data retention for customer data. These principles have been criticized by privacy advocates, who assert that government should impose stricter laws rather than relying on companies to self regulate.
Cable Companies Target Commercials to Audience
Wednesday March 04 2009, 2:53 PM
NY Times STEPHANIE CLIFFORD [Cablevision matches households to demographic data to divide its customers, using the data-collection company Experian. Experian has data on individuals that it collects through public records, registries and other sources. It matches the name and address of the subscriber to what it knows about them, and assigns demographic characteristics to households. (The match is a blind one: advertisers do not know what name and address they are advertising to, Cablevision executives said.) Advertisers can also give their existing customer lists to Experian, and Experian can make matches — so G.M., for example, could direct an ad based on who already owns a G.M. car. Advertisers are willing to pay premiums for ads that go only to audiences they have selected.]
White House Responds to Privacy Complaints?
Tuesday March 03 2009, 3:29 PM
EFF -- Hugh D'Andrade [YouTube cookies are not the only third-party web tracking technology in use on government websites, as we pointed out in our letter. There is still the issue of "invisible pixel" style webbug/tracker on every page on the site, hosted by WebTrends.com, which raises equally important concerns. Also, if the government continues to use edge-caching technology such as that provided by Akamai, Inc. or Amazon S3, the government should require those providers to destroy any IP address or other information that they obtain about visitors to the websites as part of providing the service as soon as reasonably possible.]
YouTube's new 'nocookie' feature continues to serve cookies
Tuesday March 03 2009, 3:20 PM
CNET -- Chris Soghoian says [ Those in the privacy community will likely pounce on this as evidence of Google's hypocrisy, while Google will likely respond by carefully parsing the definition of the phrase "non-session cookie" to not include Flash-cookie objects. Google might even even argue that its Flash-based cookies do not contain unique tracking information (something this blogger is unable to verify, since the Adobe Flash Manager only allows you to delete, but not view the contents of a Flash cookie). One thing is clear. YouTube has advertised a new delayed cookie feature, and stated that it "does not send a cookie until the visitor plays the video." That message is further reinforced by the fact that the new cookie-lite embedded video players are served from a different domain name, youtube-nocookie.com. Yet a user visiting a page that includes one of these "delayed cookie" videos still ends up with a long term, non-session Flash cookie hidden away in the depths of their browser. Technical definitions of "cookie" versus "Flash cookie" aside, YouTube's "delayed cookie" feature simply fails to deliver on the company's promises.] ]
Behavioral Advertising and Privacy
Friday February 13 2009, 1:31 PM
World Privacy Forum - About Behaviorally targeted advertising, World Privacy Forum testimony and Comments, resources.
Response to the 2008 NAI Principles: The Network Advertising Initiative’s Self-Regulatory Code of Conduct for Online Behavioral Advertising
Thursday February 12 2009, 6:43 PM
[CDT believes the 2008 NAI Principles, while late in addressing new trends in the industry, demonstrate clear progress over the original code of conduct adopted in 2000. The transparency of the NAI’s revision and compliance process, the approach to sensitive information, and the coverage of advertising practices beyond behavioral advertising all represent important steps forward. While robust self-regulation in the behavioral advertising space does not obviate the need for a baseline federal privacy law covering data collection and usage of all kinds, the NAI has made advances in several areas, yielding what we hope will be better protections for consumer privacy. However, the 2008 NAI Principles still come up short in crucial respects including the opt-out choice requirement, the notice standard, the NAI member accountability model, the failure to address ISP behavioral advertising, the lack of a choice requirement for multi-site advertising, and the data retention principle. Some of these are outstanding issues that have existed within the NAI framework since its inception, while others are new concerns raised by the updates to the principles.]
FTC Staff Revises Online Behavioral Advertising Principles
Thursday February 12 2009, 6:19 PM
The report discusses the potential benefits of behavioral advertising to consumers, including the free online content that advertising generally supports and personalization that many consumers appear to value. It also discusses the privacy concerns that the practice raises, including the invisibility of the data collection to consumers and the risk that the information collected – including sensitive information regarding health, finances, or children – could fall into the wrong hands or be used for unanticipated purposes. Consistent with the FTC’s overall approach to consumer privacy, the report seeks to balance the potential benefits of behavioral advertising against the privacy concerns it raises, and to encourage privacy protections while maintaining a competitive marketplace.
Ad groups to develop voluntary marketing privacy guidelines
Wednesday January 14 2009, 7:46 PM
Daily News Alert - [The announcement of the joint effort took place on the same day that two consumer advocacy groups, the Center for Digital Democracy and the U.S. Public Interest Research Group, asked the FTC to investigate behavioral targeting practices aimed at users of mobile phones and requested regulations to make it easier for mobile phone users to control how information about them is used.]
"Cleaning Up After Cookies"
Tuesday January 06 2009, 3:26 PM
Kate McKinley, a researcher at iSec Partners writes [Modern web browsers and plugins are rapidly expanding web developers’ ability to store data on users’ systems, while simultaneously adding features which allow users the perception of more control over that data. Users need to be confident that their perceptions match reality. Unfortunately, the privacy modes offered by browsers are still evolving (several are only available as betas), and none remove all the tracking data users might expect them to block. A tool was created to set and report on different data stores. This paper presents the findings from running this tool using several major browsers with two plug-ins across three common operating systems. We find current browsers are unable to extend tracking protection to third party plug-ins such as Google Gears and Adobe Flash. Some of these require no user prompting under common configurations and even expose tracking data saved with one browser sites visited by a different browser. We also recommend approaches for solving these problems.]
Careful what you search for
Thursday January 01 2009, 5:15 PM
Fortune Jia Lynn Yang [So if you're a 33-year-old working female who lives in New York City and who likes to search for Jimmy Choo pumps, you might see ads for a local shoe store - thanks to the personal information the search engines have about you. "There are many free online tools, but they're not really free," explained Greg Conti, a professor of computer science at West Point and the author of Googling Security: How Much Does Google Know About You? "We end up paying for them with micro-payments of personal information which, in turn, are captured and used for data mining and targeted advertising."]
Why Obama should ditch YouTube
Sunday December 14 2008, 9:35 PM
Christopher Soghoian, a student fellow at Harvard University's Berkman Center for Internet and Society and PhD candidate at Indiana University's School of Informatics blogs [The privacy risks aren't just limited to YouTube. Just a week ago, Dan Goodin at The Register criticized the use of the Google Analytics Web-tracking code in the Change.gov site--which also sets a permanent tracking cookie. Although he mostly focused on security risks, and not privacy-related threats, he blasted Obama's Web design team, stating that: The failure of Obama's Webmasters to follow anything remotely like best practices is more than a little troubling because it suggests they don't fully grasp the security realities of living in a Web 2.0 world. Eight years ago, the issue of cookies tracking users on government sites was a fairly big issue in tech policy circles, drawing the attention of those in Congress. Eventually, the Office of Management and Budget issued a directive that forbid the use of persistent cookies on federal agency sites. The Obama team's use of both YouTube and Google Analytics raises serious privacy concerns and likely clashes with the OMB directive.]
Privacy: On Doing No Harm
Friday December 12 2008, 1:22 PM
Privacy: On Doing No Harm -- by Steve Smith -- [The launch of the AT&T-backed Future of Privacy Forum last month (see our own interview with principal Joel Polonetsky here ) sparked discussion about how digital media should best address the debate. Matthew Wise, CEO, Q Interactive and former senior vice president of account services at Draft, is a member of the Interactive Advertising Bureau board who takes issue with some of the early statement by FPF members. Rather than start the debate over whether data is or should be collected, Wise argues here that the argument really should surround data's proper use.]
Back to Top of Page