Elizabeth Dwoskin, The Washington Post; New privacy rules could spell the end of legalese — or create a lot more fine print
"“The companies are realizing that it is not enough to get people to just click through,” said Lorrie Cranor, director of the CyLab Usable Privacy and Security Laboratory at Carnegie Mellon University and the U.S. Federal Trade Commission’s former chief technologist. “That they need to communicate so that people are not surprised when they find out what they consented to.”
That has become more apparent in the past two months since revelations that a Trump-connected consultancy, Cambridge Analytica, made off with the Facebook profiles of up to 87 million Americans. Cranor said that consumer outrage over Cambridge was directly related to concerns that companies were engaging in opaque practices behind the scenes, and that consumers had unknowingly allowed it to happen by signing away their rights.
Irrespective of simpler explanations, the impact and success of the GDPR will hinge upon whether companies will try to force users to consent to their tracking or targeting as condition for access to their services, said Alessandro Acquisti, a Carnegie Mellon computer science professor and privacy researcher. "This will tell us a lot regarding whether the recent flurry of privacy policy modifications demonstrates a sincere change in the privacy stance of those companies or is more about paying lip service to the new regulation. The early signs are not auspicious.""
Issues and developments related to ethics, information, and technologies, examined in the ethics and intellectual property graduate courses I teach at the University of Pittsburgh School of Computing and Information. My Bloomsbury book "Ethics, Information, and Technology" will be published in Summer 2025. Kip Currier, PhD, JD
Showing posts with label EU's General Data Protection Regulation (GDPR). Show all posts
Showing posts with label EU's General Data Protection Regulation (GDPR). Show all posts
Thursday, May 24, 2018
Why you’re getting so many emails about privacy policies; Vox, May 24, 2018
Emily Stewart, Vox; Why you’re getting so many emails about privacy policies
“People are concerned about privacy, hate speech, disinformation, and we aren’t leading on solutions to these concerns that would at the same time preserve the free flow of information,” Kornbluh said. “You don’t want some governments saying, ‘We’re combating fake news,’ and compromising human rights.”"
"The United States hasn’t given up its seat on the table,
but it could certainly take a bigger role than it has in order to ensure
that other countries, when they do implement regulations on tech and
information, aren’t going too far.
“People are concerned about privacy, hate speech, disinformation, and we aren’t leading on solutions to these concerns that would at the same time preserve the free flow of information,” Kornbluh said. “You don’t want some governments saying, ‘We’re combating fake news,’ and compromising human rights.”"
Monday, April 2, 2018
Add Data Privacy to List of Brexit Bumps for EU, UK; Bloomberg, April 2, 2018
Giles Turner, Bloomberg; Add Data Privacy to List of Brexit Bumps for EU, UK
"The smooth transfer of personal data between the European Union and the U.K. — from bank details to your Uber bill — is vital for almost every British business. The U.K. is intent on maintaining that relationship following Brexit. The EU isn’t making any promises."
"The smooth transfer of personal data between the European Union and the U.K. — from bank details to your Uber bill — is vital for almost every British business. The U.K. is intent on maintaining that relationship following Brexit. The EU isn’t making any promises."
Facebook Is Not the Problem. Lax Privacy Rules Are.; The New York Times, April 1, 2018
The Editorial Board, The New York Times; Facebook Is Not the Problem. Lax Privacy Rules Are.
"Many businesses will struggle to comply with the European Union’s new rules, and officials in member countries will have a hard time enforcing it consistently. “We will have a learning curve,” said Isabelle Falque-Pierrotin, who heads France’s privacy regulator, the Commission Nationale de l’Informatique et des Libertés. “We will have to adjust.”
But it is increasingly clear that businesses will figure out how to live with and make money under tougher privacy rules. Some companies are also planning to apply some or all of the data protection requirements to all of their customers, not just Europeans. And other countries have or are considering adopting similar rules. Throughout history, meatpackers, credit card companies, automakers and other businesses resisted regulations, arguing they would be ruined by them. Yet, regulations have actually benefited many industries by boosting demand for products that consumers know meet certain standards.
Facebook and other internet companies fear privacy regulations, but they ought not to. Strong rules could be good for them as well as for consumers."
"Many businesses will struggle to comply with the European Union’s new rules, and officials in member countries will have a hard time enforcing it consistently. “We will have a learning curve,” said Isabelle Falque-Pierrotin, who heads France’s privacy regulator, the Commission Nationale de l’Informatique et des Libertés. “We will have to adjust.”
But it is increasingly clear that businesses will figure out how to live with and make money under tougher privacy rules. Some companies are also planning to apply some or all of the data protection requirements to all of their customers, not just Europeans. And other countries have or are considering adopting similar rules. Throughout history, meatpackers, credit card companies, automakers and other businesses resisted regulations, arguing they would be ruined by them. Yet, regulations have actually benefited many industries by boosting demand for products that consumers know meet certain standards.
Facebook and other internet companies fear privacy regulations, but they ought not to. Strong rules could be good for them as well as for consumers."
Saturday, March 31, 2018
Everything you need to know about a new EU data law that could shake up big US tech; CNBC, March 30, 2018
Arjun Kharpal, CNBC; Everything you need to know about a new EU data law that could shake up big US tech
"You may have heard of the General Data Protection Regulation (GDPR). But most likely you haven't because it sounds boring, but it's really important and CNBC has a guide to help you understand it.
It's a piece of European Union (EU) legislation that could have a far-reaching impact on some of the biggest technology firms in the world including Facebook and Google.
So here's your guide to the GDPR."
"You may have heard of the General Data Protection Regulation (GDPR). But most likely you haven't because it sounds boring, but it's really important and CNBC has a guide to help you understand it.
It's a piece of European Union (EU) legislation that could have a far-reaching impact on some of the biggest technology firms in the world including Facebook and Google.
So here's your guide to the GDPR."
Friday, March 30, 2018
iPhone update adds privacy 'transparency'; BBC News, March 29, 2018
BBC News; iPhone update adds privacy 'transparency'
"Apple has updated its iOS, MacOS and tvOS operating systems to give people more information about how their personal data is collected and used.
"Apple has updated its iOS, MacOS and tvOS operating systems to give people more information about how their personal data is collected and used.
After updating, customers will see new information screens when they use Apple-made apps that collect personal data, such as App Store.
The change comes ahead of new EU data protection rules, which take effect on 25 May."
Wednesday, March 28, 2018
How Europe’s new privacy rule is reshaping the internet; The Verge, March 28, 2018
Russell Brandom, The Verge; How Europe’s new privacy rule is reshaping the internet
"The rule could also create a divide between the European Union and the rest of the internet. So far, most companies have aimed toward a single set of privacy rules for all users, which is why so many US users are noticing new privacy features and terms of service. But in many cases, it’s still easier to split off EU data, which could result in European users seeing a meaningfully different internet from the rest of the world.
On the other hand, it would be hard to make data collection more creepy at this point. So much of the internet is based on the free exchange of user data, especially the gnarly hairball that is the targeted advertising industry. That has real political consequences: the NSA can use the same system to track users across the web, and political firms like Cambridge Analytica can use it to quietly single out particular subgroups. We’ve spent the last 15 years thinking of lucrative things to do with that data, on the assumption that it would always be freely shareable. The GDPR is starting to roll it back, but the most profound changes will take years to play out, potentially reshaping the web as we know it."
"The rule could also create a divide between the European Union and the rest of the internet. So far, most companies have aimed toward a single set of privacy rules for all users, which is why so many US users are noticing new privacy features and terms of service. But in many cases, it’s still easier to split off EU data, which could result in European users seeing a meaningfully different internet from the rest of the world.
On the other hand, it would be hard to make data collection more creepy at this point. So much of the internet is based on the free exchange of user data, especially the gnarly hairball that is the targeted advertising industry. That has real political consequences: the NSA can use the same system to track users across the web, and political firms like Cambridge Analytica can use it to quietly single out particular subgroups. We’ve spent the last 15 years thinking of lucrative things to do with that data, on the assumption that it would always be freely shareable. The GDPR is starting to roll it back, but the most profound changes will take years to play out, potentially reshaping the web as we know it."
Tuesday, March 27, 2018
The Six Data Privacy Principles of the GDPR; Corporate Counsel, March 26, 2018
Amy Lewis, Corporate Counsel; The Six Data Privacy Principles of the GDPR
"Data privacy and personal data breaches have been in the news a lot recently. Over the past few years, companies have been collecting and processing ever-increasing amounts of data about their customers, employees, and users. As personal data becomes more valuable, governments around the world have begun the debate surrounding whether this data collection should be limited in favor of individuals’ fundamental right to privacy.
The Global Data Protection Regulation (GDPR) is the European Union’s answer to these debates. This new regulation strives to take the decisions regarding some uses of personal data out of the hands of companies and return control to the individuals that the data refer to—the data subjects. Any company that has a European presence or handles European residents’ personal data is subject to the GDPR. These companies will likely need to upgrade their data security and privacy procedures to meet the personal data handling requirements of the GDPR.
The GDPR’s data privacy goals can be summarized in six personal data processing principles: Lawfulness, Fairness and Transparency; Purpose Limitation; Data Minimization; Accuracy; Integrity and Confidentiality; and Storage Limitation."
"Data privacy and personal data breaches have been in the news a lot recently. Over the past few years, companies have been collecting and processing ever-increasing amounts of data about their customers, employees, and users. As personal data becomes more valuable, governments around the world have begun the debate surrounding whether this data collection should be limited in favor of individuals’ fundamental right to privacy.
The Global Data Protection Regulation (GDPR) is the European Union’s answer to these debates. This new regulation strives to take the decisions regarding some uses of personal data out of the hands of companies and return control to the individuals that the data refer to—the data subjects. Any company that has a European presence or handles European residents’ personal data is subject to the GDPR. These companies will likely need to upgrade their data security and privacy procedures to meet the personal data handling requirements of the GDPR.
The GDPR’s data privacy goals can be summarized in six personal data processing principles: Lawfulness, Fairness and Transparency; Purpose Limitation; Data Minimization; Accuracy; Integrity and Confidentiality; and Storage Limitation."
Wednesday, March 7, 2018
ABA Webinar: Thursday, March 8, 2018
|
Subscribe to:
Posts (Atom)