Nov. 17, 2011 – BrightTag Allows You To Opt-Out Of Your Behavior, Adotas

This feature enables marketers and website owners to provide effective privacy regulations on a global basis. In conjunction with the BrightTag ONE platform, the new offering provides a privacy toolkit that enables brands to:

Nov. 16, 2011 – BrightTag Launches New Privacy Feature That Enables Brands to Honor & Comply With Online Customers' Opt-Out Requests, Market Watch

CHICAGO, IL, Nov 16, 2011 (MARKETWIRE via COMTEX) — BrightTag, a technology platform provider for the digital marketing industry, today announced the general availability of BrightTag ONE-Click Privacy, a new feature for brand marketers and website owners using the BrightTag ONE(TM) server-direct integration platform for data collection and distribution

W3C Work Group Releases “Do Not Track” Draft Documents

Yesterday, the World Wide Web Consortium’s (W3C) Tracking Protection Working Group released the first public working drafts of a proposed “Do Not Track” (DNT) standard. According to the W3C’s press release, the group seeks to find the appropriate balance to “address both the privacy concerns of users and regulators, and the business models of the Web, which today rely heavily on advertising revenue.”

The Working Group released two documents for related standards: The “Tracking Preference Expression” standard and The “Tracking Compliance and Scope Specification.” The Tracking Preferences Expression standards would enable users to verify whether or not the user has a preference to allow tracking of the user’s online activity, as well as a way to decipher whether the website will honor the user’s preferences. The Tracking Compliance and Scope Specification aims to provide websites with practices to comply with a DNT preference.

These documents are still in the very early stages of development and there are many issues that the group must work through before a consensus is reached, such as defining “tracking” for the purposes of the standards. Some early consensus agreements however, do seem to be emerging around the idea that the DNT focus is primarily on third party tracking. (Although the bounds of what it means to be a “first party” and whether a first party has any obligations are still being debated).

FPF is a member of the W3C multi-stakeholder group with a range of people from companies such as Adobe, Apple, Deutsche Telekom AG, Google, Facebook, IBM, Microsoft, Mozilla, Opera, Stanford University, The Center of Democracy and Technology, The Nielsen Company, TRUSTe, W3C, and Yahoo!. Also participating as invited experts, are representatives from the Electronic Frontier Foundation, the US Federal Trade Commission (FTC), Consumer Watchdog, the German Independent Center for Privacy Protection (ULD), and Leiden University. “We are confident that this multi-stakeholder group has gathered the key participants who can ensure that a DNT standard advances individual privacy in a technical and business practical manner,” said FPF’s Jules Polonetsky in support of the release. The final standards will be released in mid-2012.

Mozilla recently reported that over a two-month span (September and October 2011), 5.6% of users have turned on DNT on their Firefox web browsers while 17.1% of users have turned on DNT on their Firefox mobile browsers. Mozilla has also indicated that it will not enable DNT by default. For a list of companies that already respect the DNT header, see http://donottrack.us/implementations.

-Lia Sheena

Nov. 15, 2011 – Privacy Seems to Remain Facebook’s Biggest Problem, TechLeash

Being on Facebook always had its risks. You register, sign in and built yourself a pretty neat profile, but if you forget or are oblivious to making some adjustments to your privacy settings, you can be pretty sure that everybody might have access to your personal information and whatever you post on the site (ranging from pictures to the latest YouTube video).

Cross-Border Data Flows and the Impact of Privacy Rules

FPF co-chair Chris Wolf blogged yesterday about the recent industry Report on privacy rules as a potential impediment to trade, the APEC agreement on cross-border data flows and Obama Administration official Danny Weitzner’s warning against overly restrictive privacy rules and the benefits of enforceable industry codes of conduct. The blog post is available here.

Nov. 11, 2011 – Facebook-FTC Privacy Settlement Near, Leaks Say, Sci-Tech Today

It’s one of the drawbacks of being on Facebook: If you never make any adjustments to your privacy settings, you can assume everyone can see everything you post, or do, while using the giant social media network Relevant Products/Services. Facebook, founded by Mark Zuckerberg in 2004 and now claiming an astonishing 800 million users seems ready to give in to pressure for more built-in privacy, as it negotiates with the Federal Trade Commission to settle claims that it violates users’ rights.

 

 

FTC Is Not Surprised That A Lot Of Children Are On Facebook

A timely discussion on children’s online privacy took place yesterday at the Family Online Safety Institute (FOSI) Conference. Panelists reacted to the FTC’s proposed COPPA revisions, as well as recent studies documenting that many children under 13 are on social networking sites with their parents’ consent.

Despite COPPA’s restrictions, “we know that there are lots of kids registering for social networks and other services with their parents’ assistance,” said FPF’s Jules Polonetsky.

“We need to figure out a path to legitimacy for these ‘undocumented immigrants’ [children under 13] so that they can have the benefits of social networking, but with needed age-appropriate protections,” added Polonetsky.

Mamie Kresses, Senior Attorney for the FTC’s Division of Advertising Practices, said she thought the findings from the research “miss the mark in some places” and that it is no surprise that there are a lot of kids on Facebook. Kresses added that parents want to be involved in their kids’ online activity and “that is what COPPA is about.” She emphasized that social networks have the option of providing notice and consent to allow children under 13 to participate under COPPA, while also recognizing that COPPA has costs associated with it.

Kresses reminded the crowd that comments to the FTC’s COPPA Revisions must be received by November 28, 2011. Learn more about the proposed revisions here.

Other panelists included Justin Weiss, International Privacy Director at Yahoo!, Brendon Lynch, Chief Privacy Officer at Microsoft, and Dona Fraser, Director of Online Privacy at Entertainment Software Rating Board.

Lia Sheena

 

FPF Co-Chair to Moderate Complimentary Lunchtime Program on Cloud Computing Hosted by Microsoft

For those in Washington, DC, please consider attending this program on Tuesday, November 15th with government and industry leaders on cloud computing, hosted by Microsoft:

http://www.hldataprotection.com/2011/11/articles/news-events/complimentary-111511-lunchtime-event-on-cloud-computing-hosted-by-microsoft-moderated-by-hogan-lovells-privacy-leader/

French DPA Issues Guidance for Cookie Disclosures: Specific Consents Required for Specific Cookie Functions

In 2009, a French ordinance was put in place pursuant to the EU e-Privacy Directive (2009/136/EC), requiring online businesses and other websites to obtain prior user consent for the placement of cookies on users’ computers.   The prior consent issue has been a contentious one in Europe recently, with the Article 29 Working Party rejecting proposals from the IAB for streamlining the consent process.  On November 2, the CNIL (the French DPA) published a Guidance which spells out what it means to obtain prior consent for cookies under French law.  The CNIL observed that while web browser setting could be one way to obtain consent for the various uses of cookies, browsers have not yet evolved to provide sufficient granularity of choice.  Therefore, the CNIL has said that consent must be specific – must refer to specific processing for a defined purpose.

Notably, the CNIL Guidance says:

Violation of the French law on cookie consent can result in a fine of €300,000 but apparently the CNIL is willing to give some websites time to implement the requirements of the law as interpreted by the Guidance.

The Guidance is available here.

 

Nov. 8, 2011 – Privacy Regulators Disagree on Approach to Regulations, Huffington Post

Data and privacy regulators from governments around the world met in Mexico City last week for the 33rd International Conference of Data Protection and Privacy Commissioners. As you might expect, they were joined by companies anxious to be part of the conversation, along with people from nonprofits that focus on privacy issues.