Facebook issue is a wake-up call

Today Facebook responded to users by announcing simpler and more powerful controls for sharing personal information. We’re glad they are listening, but more needs to be done, and other businesses need to take notice. Check out our response at CNN.com.

Jules Polonesky, director of Future Privacy Forum, also released the following statement:

The message that all companies should be taking away from this is that managing digital identity is critically important to internet users of all ages and backgrounds. Facebook is taking steps that are essential for user trust by providing users with additional control over the personal data they share. As sites, services and devices grow increasingly complex, the challenge for Facebook and for others going forward is to continue to seek innovations that ensure that privacy tools can be intuitive for users.

Future of Privacy Forum is a think tank seeking to improve the state of online privacy by advancing responsible data practices. For media inquiries, please contact [email protected]

May 26, 2010 – Facebook adjusts privacy control after complaints, BusinessWeek

 

 

May 26, 2010 – Millenials: Savvy on Privacy, BusinessWeek

 

 

Google: Delete Here, Not There!

Our “privacy community” readers are probably very well aware that Google has recently admitted that the company’s Street View cars had been collecting the contents of communications sent over unsecured WiFi networks.  The European authorities are incensed about this revelation and today we read reports that the FTC may be investigating.

We trust that regulators, advocates and privacy experts will be deeply focused on how this could have happened and whether any laws were broken. But we don’t understand Google’s rush to destroy this data immediately. How will any of the inquiries determine exactly what happened without having the time to review the records? If it is being kept securely and not being used for other purposes, what is the rush to delete the data?

If Google is interested in deleting sensitive data, it should reconsider its retention period for search and for ad-serving log file data. We have repeatedly urged search engines and ad networks to recognize that long term retention of such data creates a risk to users that it will be disclosed. Whether it is risk of hackers, accidents like the one above, or governments at home and abroad, keeping detailed user log data long term creates a disproportionate risk to any commercial benefit expected. In the past year, Yahoo has been able to implement a three month retention period for its search and adserving log data, without any impact on the quality of search results or adserving capabilities. Why can’t other companies step up and follow in Yahoo’s lead? The Article 29 Working Group of European regulators have advised that 6 months is the maximum time period for search data retention in their jurisdiction and Microsoft has already started deleting the full IP addresses from their search logs after 6 months. 

So if deletion of data is called for, now is the time to make progress on deleting long term records of the “database of intentions” stored in Google’s log files. Regulators should demand that Google hold off on destruction of the WiFi data that may be needed to reconstruct this incident, until it can be done in an orderly manner and when questions about how this happened can be put to rest.

California Law and Alternatives to "Privacy Policy"

A couple of weeks ago, on the FPF facebook page, we posted our thoughts about a comment Alexander Macgillivray, Twitter’s general counsel, made about the decision to name Twitter’s “privacy policy” as such and not as “public policy,” based upon the requirements of California law.

We finally had a chance to take a closer look at California’s online privacy law, comprised of CA BPC § 22575 and related statutes.  In actuality, there is no explicit requirement in the law to label a privacy policy as a “privacy policy.” Instead, the statute only requires that the policy, or the hyperlink to the policy, be conspicuous; the statute then sets out numerous ways in which the policy text can meet that requirement. Oddly, the only time the word “privacy” is required is if the hyperlink to the privacy policy is an icon instead of text.

Have some users been trained to look for the privacy link at the bottom of a Web page?  Perhaps, but we encourage an approach that seeks to be more engaging and meaningful.  Like the Buzz.com method mentioned in the quoted post below, users should be able to clearly see that use or sharing of their information is a feature of the service.  More transparency, user control, and increased trust will result from calling privacy policies what exactly what they are: policies about how information will be used and shared.

Our original Facebook post on the subject is below:

From the NY Times today: Alexander Macgillivray, Twitter’s general counsel, said, “From the beginning, Twitter has been a public and open service.” Twitter’s privacy policy states: “Our services are primarily designed to help you share information with the world. Most of the information you provide to us is information you are asking us to make public.” Mr. Macgillivray added, “That’s why, when we were revising our privacy policy, we toyed with the idea of calling it our ‘public policy.’ ” He said the company would have done so but California law required that it have a “privacy policy” labeled as such.

Although Twitter’s model of public sharing is different than many companies, Macgillivray touches on a key point. Should companies that use and share or make visible user data be promising users “privacy”? Or, should they be more straightforward and transparent in communicating to users in terms more relevant to reality? We use your information to tailor the ads you see and hope to sell you stuff. That’s how we make the money to pay for this site. Please tell us more so we can get it right, or lets us know that you prefer the generic experience here. Instead of privacy staff promising users privacy, let’s have the product folks explaining how they use the data for users. Consider the research by Prof Joseph Turow indicating that 75% per cent of users think a “privacy policy” means data will not be shared , when the reality is that at many companies it is used or shared.

As an example, we noted a few days ago the “how your information is shared on buzz.com policy that AT&T has used on www.buzz.com. On the same note, our intention in developing the “power i” icon that the IAB/DMA et al will use for behavioral advertising was not to create a privacy symbol, but rather a data-use symbol.

Maybe California should tweak its law to allow the use of a privacy link or “other express statement indicating that data is being used or shared”? Does it actually require the word ‘privacy’ as Twitter’s general counsel suggests? Shall we move from privacy policies to information use policies? Of course, more than semantics will be needed to advance the cause of responsible practices. But shifting the internal company mindset from a “privacy policy” notice as a way to make required disclosures and moving towards explaining data use as a feature or as a visible part of the primary purpose of the site or service could be a way forward.

The Future of Privacy Forum Announces New Publication: “Privacy Papers for Policy Makers: The Future of Privacy Forum Annual Review”

WASHINGTON, DC – Today, the Future of Privacy Forum (FPF) co-chairs announced a new competition-based project that is entitled: “Privacy Papers for Policy Makers.” This new publication is made possible in part by the generous support of LexisNexis, AT&T and others.

The goal of this endeavor is to highlight important research and analytical work on a variety of privacy topics, and to ensure that policymakers are informed of the most influential scholarship as they address privacy issues.  Academics, privacy advocates and Chief Privacy Officers on FPF’S Advisory Board will review the papers that are submitted.  A selection of papers deemed best suited and most useful for policy makers in Congress, the FTC, FCC and state leaders, will be summarized and a compilation will be bound and sent to policymakers in the US and abroad.

Papers that are submitted should clearly analyze current and emerging privacy issues, and either propose achievable short-term solutions or propose new means of analysis that could lead to solutions. Judging criteria will include clarity, practicality and overall utility.

Papers must be received by the Future of Privacy Forum by no later than July 15th, 2010.  Entries may be submitted via email to [email protected] with the subject line “Privacy Papers Project” or sent by mail to Future of Privacy Forum, 919 18th Street, NW, Suite 925 Washington, DC 20006.  Entries should include the author’s full name, phone number, current postal address, and email address. The entry can provide a link to a published paper or a draft paper that has a publication date.  FPF will work with the authors of selected papers to develop a policymaker appropriate summary that respects any relevant copyright concerns.

Winners will be notified in late August and the selected papers will be formally announced at The George Washington University Law School at a breakfast in early September, where we plan to have a public conference to discuss some of the ideas presented in the winning submissions.

The Future of Privacy Forum (FPF) is a Washington, DC based think tank that seeks to advance responsible data practices. The forum is led by Internet privacy experts Jules Polonetsky and Christopher Wolf and includes an advisory board comprised of leading figures from industry, academia, law and advocacy groups. FPF was launched in November 2008. 

 

More Data Use Icons on The Way

Yesterday, Firefox revealed that one of the new features that will appear in Firefox 4 will be an icon that displays when the browser passes a browser’s physical location to a Web site.

Firefox already has a feature that allows sites to ask users for permission to share location, which it derives by scanning local wireless access points. (A number of companies, such as Skyhook, drive the streets, logging the locations of access points they detect. Press coverage of Google’s logging of this data while driving and mapping streets kicked off privacy concerns recently in Germany). Your computer or cellphone can use this technique to supplement or in place of GPS capability. Firefox 4 will now display an icon in the browser address bar, to indicate to users that a website is accessing their geolocation data

fpf-pic

Note that this is unrelated to the ability of Web sites to estimate a users location based on the IP address transmitted in browser requests.

We like this feature, as it is a good transparency and control measure. We have promoted the use of the behavioral symbol we developed, and have applauded the use of location symbols by the ATT-Apple iPhone and by Verizon. Too many competing icons? Maybe, but the path to standardization takes some time. Right now, getting privacy information out of privacy policies and treating the data use as a feature that users can understand is major progress. Companies competing to communicate well to users about data leads to real progress on transparency and control!

Privacy Frameworks and Personal Information

Privacy Frameworks and Personal Information

C-SPAN

May 7, 2010

Panelists talked about innovative uses of information to personalize users’ online experience, make product recommendations, provide services, and connect people with similar personal, business or community service interests. Other topics included the privacy considerations these uses create. 11:45 AM – 12:45 PM Panel 2: Privacy Frameworks and Innovative Uses of Personal Information Moderator: Andrew McLaughlin, Deputy Chief Technology Officer, Internet Policy, OSTP Description: This panel will focus on innovative uses of information to personalize users’ online experience, make product recommendations, provide services, and connect people with similar personal, business or community service interests. Panelists will also discuss the privacy considerations these uses create. Panelists: Deborah Estrin, Professor, University of California – Opening Pam Dixon, Executive Director, World Privacy Forum Tim O’Shaughnessy, CEO, Living Social Ed Felten, Professor, Princeton University

Click here to view the full video.

2010 Gallery of Leading Practices

Today, the Future of Privacy will be at the NTIA Dialogue on Privacy and Innovation.  Jules Polonetsky will be participating on a panel regarding innovations in transparency and choice.

In order to recognize innovations in this area, the Future of Privacy Forum is launching its 2010 Gallery of Leading Practices.  We have listed companies and practices that are leading the way in providing users with control and transparency of their personal information.

At the NTIA panel, Jules will be discussing recent online privacy advance as well as areas where progress is essential for both consumers and businesses.

Noteworthy innovations include:

• Limiting the retention of search queries and deleting data used for targeted advertising after a defined period

• Efforts at minimizing IP address details logged by web analytics

• Giving users control and transparency right from the advertisements themselves by featuring a behavioral ad icon and giving “clear notice” about the origins of targeted ads

• The creation of a mobile profile viewer that gives mobile device users control over what cookies are allowed to be stored on their device

• Stronger browser privacy controls

• Plug-ins that ensure opt-out status even after clearing cookies

• Labeling privacy policies in a common-sense fashion by directing users to see “how your information is being used”

• Indicators showing when one is being geolocated via a mobile device

Issues that still needing to be addressed include:

• The need for a workable definition of “sensitive information”

• The fact that a plug-in must still be downloaded and installed to ensure a stable opt-out status

• Increased data collection by applications

• The useability challenge of social network privacy controls

• Caution over creating the “illusion of control” that may lead to greater information sharing than warranted

• Data appending

• Over reliance on weak anonymity

• The right to delete

• Smart Grid data use guidelines

2010 Leading Practices Gallery

NTIA's and the International Trade Administration's Federal Register Notice: Information Privacy and Innovation in the Internet Economy

NTIA and the International Trade Administration host “Federal Register Notice: Information Privacy and Innovation in the Internet Economy”

Polaris Room, Ronald Reagan International Trade Center, Washington, DC

Jules Polonetsky will speak from 2 p.m. until 3 p.m. in the “Innovations in Transparancy and Choice” panel.