Solving the Privacy Dilemma

As privacy enthusiasts eagerly await this afternoon’s Senate Commerce Committee hearing on consumer online privacy, FPF Co-Chairs Jules Polonetsky and Christopher Wolf, provided some thoughts to Huffington Post about how the business community can help address some of the concerns that have been escalating  in this arena.

Click this link to see their piece, “Solving the Privacy Dilemma.”

Congressman Rush Pushes Privacy Agenda With Introduction of Bill

Yesterday Illinois Congressman Bobby Rush, Chairman of the Committee on Energy and Commerce Subcommittee on Commerce, Trade, and Consumer Protection introduced H.R. 5777 the “Building Effective Strategies To Promote Responsibility Accountability Choice Transparency Innovation Consumer Expectations and Safeguards Act”, or BEST PRACTICES Act of 2010.  The bill adds to the contentious privacy debate that came with the much-anticipated Boucher-Stearns privacy legislation circulated in draft form earlier this year, and which is still in draft form.  

While the just-introduced bill shares similarities with the draft Boucher legislation, the 55-page bill proposes to levy fines of up to $5 million on businesses and individuals unless they abide by a  regulations to be administrated by the Federal Trade Commission. There is an exemption for small businesses, but entities (and even individuals) that hold 15,000 or more names, e-mail addresses, or other personal information in their records will be subject to the proposed law.  

Some additional points that differentiate it from the Boucher-Stearns draft bill also include:

– A broader safe-harbor rule, which is essentially tossed to the FTC to detail the rule-making;

– A broader definition of sensitive data;

– A broader definition of third parties (i.e. a company’s different brands could be third party if a consumer wouldn’t associate them together);

– IP addresses are not covered, unless linked to a profile used for analysis or tracking;

– A wider exemption for operational needs;

– A private right of action is included.

Congressman Rush has scheduled an initial hearing on the bill  for this Thursday at  2 PM EDT, which will be an important continuation of the ongoing discussion of what legal protections may be needed.  Our prediction is that the bill is not likely to near passage this year, given the limited legislative time available, but it serves to further the discussion about some very important issues in this space.  The Future of Privacy Forum looks forward to further analysis and discussion of the bill in the days ahead.

Leading Privacy Experts Join the FPF Advisory Board

FPF is fortunate and honored to have many of the leading minds from the business, academic and advocacy worlds among our Advisory Board members, and with the addition of the following six new members, our Board will become even more enriching.  We thank them for joining and look forward to their counsel:

James Byrne is Lockheed Martin’s Chief Privacy Officer. He is also responsible for company data and records management. Prior to his new position, Byrne served with the Ethics and Business Conduct organization. He joined Lockheed Martin in August 2008 from the Office of the United States Special Counsel (OSC), where he served as the Deputy Special Counsel, a career Senior Executive Service (SES) position. Prior to that assignment, Byrne was the General Counsel and Assistant Inspector General for Investigations with the Office of the Special Inspector General for Iraq Reconstruction (SIGIR), also an SES level position.  He has nearly 25 years of professional experience in the military and federal government including several years as a federal narcotics prosecutor and deployed Marine infantry officer.

Scott Goss is Senior Privacy Counsel for Qualcomm Incorporated, a global leader in wireless technologies and services.  As Qualcomm’s first attorney focusing exclusively on privacy issues, he is responsible for leading the company’s efforts to design, create, and execute a comprehensive and consistent global privacy program.  Goss received his J.D. from University of California, Davis in 1998 and became a Certified Information Privacy Professional in 2005.  He started his legal career as a patent litigator for an IP boutique firm in Silicon Valley.  After two years in a law firm, he went in-house – first to a map database company and then to an online advertising company.  Now at Qualcomm, Goss provides legal and policy advice on privacy matters to Qualcomm and its wholly owned subsidiaries.

Pamela Jones Harbour is a Former Federal Trade Commissioner and now a partner at the law firm Fulbright & Jaworski LLP, where she works in their antitrust and competition practice. Harbour served on the Federal Trade Commission from 2003 until 2010.  She previously spent a decade working in the New York Attorney General’s Office, including her role as Deputy Attorney General, where she investigated and prosecuted a variety of antitrust and consumer protection violations.

Ian Kerr holds the Canada Research Chair in Ethics, Law & Technology at the University of Ottawa, Faculty of Law, with cross appointments to the Faculty of Medicine, Department of Philosophy and School of Information Studies. Kerr has published numerous books and articles on topics that discuss the  intersection of ethics, law and technology. His more recent focus on robotics and implantable devices examines legal and ethical implications of emerging technologies in the health sector. Kerr holds several positions on editorial and advisory boards and is co-author of Managing the Law: The Legal Aspects of Doing Business, a business law text published by Prentice Hall, which is used by thousands of students each year at universities across Canada.

 

MeMe Jacobs Rasmussen is chief privacy officer, vice president, and associate general counsel at Adobe, where she oversees Adobe’s privacy strategy and policy, and leads a team of attorneys and paralegals with responsibility for the protection of Adobe’s intellectual property.  Prior to joining Adobe in 1997, Jacobs Rasmussen served as general counsel and later chief operating officer at Rocket Science Games. Previously, she practiced law at Gray Cary Ware & Freidenrichin Palo Alto, California, and at Foley, Hoag & Eliot in Boston. Jacobs Rasmussen started her career in the early 80s as a technical instructor at Prime Computer near Boston before joining the company’s in-house legal department.

Russell (Russ) Schrader is Chief Privacy Officer and Associate General Counsel – Global Enterprise Risk for Visa Inc, where he is responsible for privacy and payment systems risk policies and related subject matter.   Schrader is also a principal legal liaison for Visa financial institutions’ attorneys on regulatory issues.   He is a Fellow of the American College of Consumer Financial Services Attorneys, chairman of the ABA Consumer Financial Services Committee on electronic payments, a former member of the Federal Reserve Board’s Consumer Advisory Committee, and a former director at the Council of Better Business Bureaus.  Prior to Visa, Schrader headed the National Consumer group in the Legal Department of Chase in New York City.  He was responsible for legal services to the mortgage, auto, home equity and unsecured lending businesses.

The Future of Privacy Forum (FPF) is a Washington, DC based think tank that seeks to advance responsible data practices. The forum is led by Internet privacy experts Jules Polonetsky and Christopher Wolf and includes an advisory board comprised of leading figures from industry, academia, law and advocacy groups. FPF was launched in November 2008.

Privacy Papers for Policy Makers

The Future of Privacy Forum is calling on academics and thinkers with an interest in privacy issues for their involvement in “Privacy Papers for Policy Makers.”

PURPOSE

• To highlight important research and analytical work on a variety of privacy topics, and to ensure policy makers are informed of the most influential scholarship as they address privacy issues.

• Papers should clearly analyze current and emerging privacy issues and either propose achievable short-term solutions, or propose new means of analysis that could lead to solutions.

REVIEW PROCESS

• Academics, privacy advocates and Chief Privacy Officers on FPF’s Advisory Board will review the submitted papers to determine which papers are best suited and most useful for policy makers in Congress, the FTC, FCC, state and worldwide leaders.

• The Advisory Board will announce the selected papers at an event in September, and provide a bound compilation to policy makers in the United States and abroad.

SUBMISSION

Paper Submission Deadline: July 15

Please include: author’s full name, phone number, current postal address and e-mail address.

Send via e-mail to [email protected], or send by mail to:

Future of Privacy Forum

919 18th Street, NW, Suite 925

Washington, DC 20006

The entry can provide a link to a published paper or a draft paper that has a publication date. FPF will work with the authors of selected papers to develop a policy maker-appropriate summary that respects any relevant copyright concerns.

A special thanks to AT&T, LexisNexis, Microsoft and Procter & Gamble for support of the Privacy Papers for Policy Makers project.

Additional sponsors welcome. Please contact Andrew Kovalcin at [email protected]

"HTTP Everywhere" Browser Security – A Step In the Right Direction

goldstein2

The following piece is a guest blog from Mark Goldstein, CIPP. Goldstein is a privacy/security consultant and previously served as a senior director in AOL’s consumer advocacy and privacy department.

Most consumers are aware that they should look for the “padlock” icon on their browser when visiting their online bank. The “padlock” tells the consumer that there is an encrypted connection between their browser and their bank, which is known as an “HTTPS connection,” and it cannot be deciphered. Being encrypted prevents the hacker sitting across from you at Starbucks, who is also using their free wireless service, from viewing your bank information. The encrypted connection prevents anyone from snooping on your communications. (Believe it or not, up until the last couple of months most e-mail communications with AOL, Google, Yahoo, etc. was open and easily visible by hackers, with the exception of your login info which was usually encrypted). The point is that encryption is essential for strong privacy and security protections.

With that in mind, the Electronic Freedom Foundation recently developed a plug-in called “HTTPS Everywhere,” which allows for securing communications between your PC and a number of websites including Google search, Wikipedia, Facebook, and Twitter which don’t normally default to HTTPS. This is a step in the right direction, because ideally anytime there could be sensitive information being transferred between your browser and a website it should be encrypted…

To read Goldstein’s full blog click here!