Craig Timberg, Tony Romm and Elizabeth Dwoskin, Washington Post; Zuckerberg tells Congress ‘we didn’t do enough’ to prevent privacy crises that rock Facebook
"Another pointed exchange took place when Sen. Richard Durbin (D-IL), asked Zuckerberg what hotel he stayed at Monday night and the names of anyone he messaged this week. Zuckerberg, appearing somewhat amused by the question, declined to answer.
Durbin shot back, “I think that may be what this is all about: your right to privacy, the limits of your right to privacy and how much you give away in modern America in the name of quote, 'connecting people around the world.' ”"
Showing posts with label data protection. Show all posts
Showing posts with label data protection. Show all posts
Tuesday, April 10, 2018
Privacy By Design Is Important For Every Area Of Your Business; Forbes, April 10, 2018
Heidi Maher, Forbes; Privacy By Design Is Important For Every Area Of Your Business
"The only solution -- the only way to change people’s behavior -- is to embed privacy in the very fabric of the organization. That’s why Privacy by Design, a decades-old application design and development strategy, is now being discussed as a foundational strategy for entire organizations...
Finally, the use of new technologies is evolving so fast it creates significant legal complexity. Who is at fault when an accident involves a self-driving car? Who can access the data collected by a fitness tracker or medical device implant?
While we may not be able to untangle all the legal and regulatory questions yet, we can do a better job of protecting the data. The seven original principles of Privacy by Design -- developed for software engineers by the Information and Privacy Commissioner of Ontario, Canada, the Dutch Data Protection Authority, and the Netherlands Organisation for Applied Scientific Research – suggest the path forward..."
"The only solution -- the only way to change people’s behavior -- is to embed privacy in the very fabric of the organization. That’s why Privacy by Design, a decades-old application design and development strategy, is now being discussed as a foundational strategy for entire organizations...
Finally, the use of new technologies is evolving so fast it creates significant legal complexity. Who is at fault when an accident involves a self-driving car? Who can access the data collected by a fitness tracker or medical device implant?
While we may not be able to untangle all the legal and regulatory questions yet, we can do a better job of protecting the data. The seven original principles of Privacy by Design -- developed for software engineers by the Information and Privacy Commissioner of Ontario, Canada, the Dutch Data Protection Authority, and the Netherlands Organisation for Applied Scientific Research – suggest the path forward..."
Wednesday, April 4, 2018
The Guardian view on Grindr and data protection: don’t trade our privacy; Guardian, April 3, 2018
Editorial, Guardian; The Guardian view on Grindr and data protection: don’t trade our privacy
"Whether the users were at fault for excessive trust, or lack of imagination, or even whether they were at fault at all for submitting information that would let their potential partners make a better informed choice, as liberal ethics would demand, the next thing to scrutinise is the role of the company itself. Grindr has now said that it will no longer hand over the information, which is an admission that it was wrong to do so in the first place. It also says that the information was always anonymised, and that its policy was perfectly standard practice among digital businesses. This last is perfectly true, and perhaps the most worrying part of the whole story.
We now live in a world where the valuations of giant companies are determined by the amount of personal data they hold on third parties, who frequently have no idea how much there is, nor how revealing it is. As well as the HIV status, and last test date, Grindr collected and passed on to third parties its users’ locations, their phone identification numbers, and emails. These went to two companies that promise to make it easier to deliver personalised advertisements to phones based on the users’ locations and to increase the amount of time they spend looking at apps on their phones. The data was in theory anonymised, although repeated experiments have shown that the anonymity of personal information on the internet is pretty easily cracked in most cases."
"Whether the users were at fault for excessive trust, or lack of imagination, or even whether they were at fault at all for submitting information that would let their potential partners make a better informed choice, as liberal ethics would demand, the next thing to scrutinise is the role of the company itself. Grindr has now said that it will no longer hand over the information, which is an admission that it was wrong to do so in the first place. It also says that the information was always anonymised, and that its policy was perfectly standard practice among digital businesses. This last is perfectly true, and perhaps the most worrying part of the whole story.
We now live in a world where the valuations of giant companies are determined by the amount of personal data they hold on third parties, who frequently have no idea how much there is, nor how revealing it is. As well as the HIV status, and last test date, Grindr collected and passed on to third parties its users’ locations, their phone identification numbers, and emails. These went to two companies that promise to make it easier to deliver personalised advertisements to phones based on the users’ locations and to increase the amount of time they spend looking at apps on their phones. The data was in theory anonymised, although repeated experiments have shown that the anonymity of personal information on the internet is pretty easily cracked in most cases."
After the Facebook scandal it’s time to base the digital economy on public v private ownership of data; Guardian, March 31, 2018
Evgeny Morozov, Guardian; After the Facebook scandal it’s time to base the digital economy on public v private ownership of data
"Finally, we can use the recent data controversies to articulate a truly decentralised, emancipatory politics, whereby the institutions of the state (from the national to the municipal level) will be deployed to recognise, create, and foster the creation of social rights to data. These institutions will organise various data sets into pools with differentiated access conditions. They will also ensure that those with good ideas that have little commercial viability but promise major social impact would receive venture funding and realise those ideas on top of those data pools.
Rethinking many of the existing institutions in which citizens seem to have lost trust along such lines would go a long way towards addressing the profound sense of alienation from public and political life felt across the globe. It won’t be easy but it can still be done. This, however, might not be the case 10 or even five years from now, as the long-term political and economic costs of data extractivism come to the surface. The data wells inside ourselves, like all those other drilling sites, won’t last for ever either."
"Finally, we can use the recent data controversies to articulate a truly decentralised, emancipatory politics, whereby the institutions of the state (from the national to the municipal level) will be deployed to recognise, create, and foster the creation of social rights to data. These institutions will organise various data sets into pools with differentiated access conditions. They will also ensure that those with good ideas that have little commercial viability but promise major social impact would receive venture funding and realise those ideas on top of those data pools.
Rethinking many of the existing institutions in which citizens seem to have lost trust along such lines would go a long way towards addressing the profound sense of alienation from public and political life felt across the globe. It won’t be easy but it can still be done. This, however, might not be the case 10 or even five years from now, as the long-term political and economic costs of data extractivism come to the surface. The data wells inside ourselves, like all those other drilling sites, won’t last for ever either."
Thursday, February 1, 2018
WTF is GDPR?; TechCrunch, January 20, 2018
Natasha Lomas, TechCrunch; WTF is GDPR?
"The EC’s theory is that consumer trust is essential to fostering growth in the digital economy. And it thinks trust can be won by giving users of digital services more information and greater control over how their data is used. Which is — frankly speaking — a pretty refreshing idea when you consider the clandestine data brokering that pervades the tech industry. Mass surveillance isn’t just something governments do.
The General Data Protection Regulation (aka GDPR) was agreed after more than three years of negotiations between the EU’s various institutions.
It’s set to apply across the 28-Member State bloc as of May 25, 2018. That means EU countries are busy transposing it into national law via their own legislative updates (such as the UK’s new Data Protection Bill — yes, despite the fact the country is currently in the process of (br)exiting the EU, the government has nonetheless committed to implementing the regulation because it needs to keep EU-UK data flowing freely in the post-brexit future. Which gives an early indication of the pulling power of GDPR.
Meanwhile businesses operating in the EU are being bombarded with ads from a freshly energized cottage industry of ‘privacy consultants’ offering to help them get ready for the new regs — in exchange for a service fee. It’s definitely a good time to be a law firm specializing in data protection."
"The EC’s theory is that consumer trust is essential to fostering growth in the digital economy. And it thinks trust can be won by giving users of digital services more information and greater control over how their data is used. Which is — frankly speaking — a pretty refreshing idea when you consider the clandestine data brokering that pervades the tech industry. Mass surveillance isn’t just something governments do.
The General Data Protection Regulation (aka GDPR) was agreed after more than three years of negotiations between the EU’s various institutions.
It’s set to apply across the 28-Member State bloc as of May 25, 2018. That means EU countries are busy transposing it into national law via their own legislative updates (such as the UK’s new Data Protection Bill — yes, despite the fact the country is currently in the process of (br)exiting the EU, the government has nonetheless committed to implementing the regulation because it needs to keep EU-UK data flowing freely in the post-brexit future. Which gives an early indication of the pulling power of GDPR.
Meanwhile businesses operating in the EU are being bombarded with ads from a freshly energized cottage industry of ‘privacy consultants’ offering to help them get ready for the new regs — in exchange for a service fee. It’s definitely a good time to be a law firm specializing in data protection."
Wednesday, June 7, 2017
GDPR: EU Goes Against The Global Grain To Protect Privacy; Forbes, June 7, 2017
Simon Crosby, Forbes; GDPR: EU Goes Against The Global Grain To Protect Privacy
"Could it be that the EU is about to save the internet? At a time when internet users worldwide are increasingly under surveillance by governments, service providers, advertising networks and social media websites, it seems that one of the internet’s greatest promises -- open communication for all -- has been lost. But the EU has an opportunity to sway the outcome with the recently adopted General Data Protection Regulation, which will become law next year.
The EU’s implementation of GDPR has an opportunity to become the most important globally recognized set of principles to protect online privacy. In recent developments, President Donald Trump and his administration promised to mandate rapid improvements in U.S. cybersecurity, but they quickly acquiesced to commercial interests by overriding regulations that the Federal Communications Commission had set up to legitimize the sale of subscriber information by ISPs.
What does GDPR mean for consumers? In short, it will strengthen the practice of fundamental privacy rights of individuals and put users back in control of their personal data. This level of regulation will apply to both corporations and governments and will have the potential to inherently disrupt the protocols for data protection on a global scale."
"Could it be that the EU is about to save the internet? At a time when internet users worldwide are increasingly under surveillance by governments, service providers, advertising networks and social media websites, it seems that one of the internet’s greatest promises -- open communication for all -- has been lost. But the EU has an opportunity to sway the outcome with the recently adopted General Data Protection Regulation, which will become law next year.
The EU’s implementation of GDPR has an opportunity to become the most important globally recognized set of principles to protect online privacy. In recent developments, President Donald Trump and his administration promised to mandate rapid improvements in U.S. cybersecurity, but they quickly acquiesced to commercial interests by overriding regulations that the Federal Communications Commission had set up to legitimize the sale of subscriber information by ISPs.
What does GDPR mean for consumers? In short, it will strengthen the practice of fundamental privacy rights of individuals and put users back in control of their personal data. This level of regulation will apply to both corporations and governments and will have the potential to inherently disrupt the protocols for data protection on a global scale."
Monday, May 15, 2017
Speaker's Corner: Privacy needs better protection; Law Times, May 15, 2017
Nathaniel Erskine-Smith, Law Times;
This is especially important as more devices collect more information about our lives. From smart meters that track our energy consumption to fridges that track what we eat, Cisco Systems estimates there will be 50 billion connected devices by 2020. As a consumer, I want convenience and will trade some of my privacy. As a citizen and as a lawyer, I want laws that substantively protect my privacy.
In general terms, we should mandate privacy by design. Governments and third parties ought to anonymize our personal information, and our government should follow Australia’s example and make it an offence to re-identify published government data sets. We should also look beyond the law to protect our data.
Take Estonia. On the one hand, it has embraced big data through maintaining a national register with a single unique identifier for all citizens and residents. Customer service is improved and information is exchanged more easily. On the other hand, the same system ensures that citizens can correct or remove data easily and can see which officials have viewed their data.
In summary, we need to embrace new laws and new technology. We need not sacrifice our privacy."
Speaker's Corner: Privacy needs better protection
"There are also concerns that our current model of informed consent needs updating. The majority of Canadians admit to not reading privacy policies for mobile apps, and a recent privacy sweep — in which 25 privacy enforcement authorities participated — found that privacy communications of Internet-connected devices are generally poor and fail to inform users about exactly what personal information is being collected and how it will be used. It is difficult to reconcile these facts with the goal of meaningful consent.
This is especially important as more devices collect more information about our lives. From smart meters that track our energy consumption to fridges that track what we eat, Cisco Systems estimates there will be 50 billion connected devices by 2020. As a consumer, I want convenience and will trade some of my privacy. As a citizen and as a lawyer, I want laws that substantively protect my privacy.
In general terms, we should mandate privacy by design. Governments and third parties ought to anonymize our personal information, and our government should follow Australia’s example and make it an offence to re-identify published government data sets. We should also look beyond the law to protect our data.
Take Estonia. On the one hand, it has embraced big data through maintaining a national register with a single unique identifier for all citizens and residents. Customer service is improved and information is exchanged more easily. On the other hand, the same system ensures that citizens can correct or remove data easily and can see which officials have viewed their data.
In summary, we need to embrace new laws and new technology. We need not sacrifice our privacy."
Wednesday, February 20, 2013
Q. and A. With Viviane Reding; New York Times, 2/2/13
New York Times; Q. and A. With Viviane Reding. "Viviane Reding, the vice president of the European Commission and the justice commissioner of the European Union, was asked to comment on trans-Atlantic data protection issues for the Slipstream column by Natasha Singer in the Sunday Business section. The following is Vice President Reding’s full statement, sent on Jan. 31, 2013.
Q. Why do Europeans feel so strongly about privacy and data rights? Why was it important for you to make data protection one of your signature issues?
A. Data protection legislation has a long history in Europe: the European Union has had common rules to protect personal data since 1995. Personal data protection is a fundamental right for all Europeans — this is inscribed in the E.U.’s Charter of Fundamental Rights.
The principles on which our laws are found are still valid. The main problem is that our rules predate the digital age and it became increasingly clear in recent years that they needed an update."
Subscribe to:
Posts (Atom)