NYC Taxi & Limousine Commission Proposal Requiring Drop-Off Location Data Raises Privacy Concerns

On Monday, the Future of Privacy Forum joined with the Center for Democracy & Technology, the Electronic Frontier FoundationThe Constitution Project, and Tech Freedom to write the NYC Taxi and Limousine Commission (TLC) about its proposed rules that add new trip reporting requirements for for-hire vehicle (FHV) bases.

The proposed rule would create significant privacy risks by mandating that FHV bases collect and transmit passenger drop-off time and location data, which can be highly sensitive information. The proposed rule poses particular risks in light of the TLC’s current data collection—FHV bases must already report the date, time, and location of passenger pick-ups—and the history of similar passenger data held by TLC becoming publicly available in response to Freedom of Information requests.  With the addition of drop-off data, the TLC’s data set would provide the TLC and the public with a comprehensive view of the movements of individual New Yorkers.

We understand that the Commission has proposed this rule change in order to reduce the risks associated with fatigued driving. However, it is unclear how the collection of precise location information—information that includes details of the day-to-day activities, lifestyles, and habits of millions of individuals—will achieve this end.  Driver fatigue results from long periods of time on the road, which is information the TLC could ascertain from collecting trip duration rather than pick-up and drop-off location information of individual passengers. At minimum, the TLC should explore ways to: 1) tailor the data collection more narrowly to the stated purpose by focusing on trip duration rather than the location of passengers’ trips; 2) collect less precise, more general geographic information; and 3) enact policies and procedures that detail the privacy and security protections for such sensitive data.

Read the letter.

FPF Statement on Privacy and Wearables

A new report released was today by the Center for Digital Democracy and the School of Communications at American University focuses on privacy and wearables. As a recent HHS report made clear, the data collected by most wearables is not regulated to the same degree as information you provide to your doctor.  But several mechanisms have ensured that many health and fitness apps respect users’ data – the leading app platforms impose strong privacy requirements, barring sale of sensitive data and requiring enhanced notice.  Companies can also look to the guidelines established by FPF in our Best Practices for Consumer Wearables and Wellness Apps and Devices.  And of course, the Federal Trade Commission has the authority to investigate and fine companies that do not keep their promises or act unfairly.

“Some data collected by wearables may be trivial, but other information can be highly sensitive,” said Kelsey Finch, FPF Policy Counsel.  “Companies must take affirmative steps to build consumer trust – especially when they are using intimate, identifiable data.”

Future of Privacy Forum Comment Regarding Senator Bill Nelson's Report, “Children's Connected Toys: Data Security and Privacy Concerns”

Today, Senator Nelson’s office released a report outlining several privacy and security implications of “connected toys” that the office identified based on conversations with six major toy manufacturers. The report emphasizes the unique sensitivity of children’s personal information; urges toymakers to build privacy and security into their toys from the inception; and suggests that the FTC has authority to monitor and bring enforcement actions under Section 5 and the Children’s Online Privacy Protection Act (COPPA).

“Connected toys can help entertain and educate kids,” said Stacey Gray, Policy Counsel at the Future of Privacy Forum. “But, as Senator Nelson makes clear, companies cannot play around with children’s data. If toymakers run afoul of the strong requirements of COPPA, the monetary penalties can be financially devastating. Leading companies are building trust by providing enhanced disclosures and implementing strong security standards – others should follow suit. I commend Senator Nelson for pressing this important issue.”

Two weeks ago, FPF released a white paperKids & the Connected Home: Privacy in the Age of Connected Dolls, Talking Dinosaurs, and Battling Robots, detailing the privacy and security implications of the diverse range of “smart toys” and “connected toys” available today. The paper provides a thorough legal analysis of how COPPA applies to connected toys. Further, FPF urges companies to provide enhanced disclosures regarding their toys. For example, although not required by COPPA, companies can provide notices on toy packaging that make it easy for parents to understand at the point of sale whether they will be asked to consent to the toy’s collection of their child’s information. Finally, the paper details a number of important security steps that leading toy manufacturers are taking; Senator Nelson’s report mentions several of these steps, for example, implementing strong security standards (HTTPS / SSL) to prevent toys from communicating with unauthorized devices or servers.

The future for connected toys is promising. Toymakers that follow leading privacy and security best practices, including those described in Kids & the Connected Home and Senator Nelson’s report, will mitigate financial risks under COPPA and support a thriving connected toy marketplace.

December 14: Lorrie Cranor with FPF Capital Area Academic Network and Consumer Business Dialogue

FPF’s Capital Area Academic Network and Consumer Business Dialogue invites you to join us for a discussion with:

FTC Chief Technologist Lorrie Faith Cranor

During this joint meeting of the FPF Capital Area Academic Network and Consumer Business Dialogue, Lorrie Faith Cranor will discuss her role as FTC Chief Technologist, and her academic research and policy development priorities.

REGISTER

Lorrie Faith Cranor

Lorrie Faith Cranor joined the US Federal Trade Commission as Chief Technologist in January 2016. She is on leave from Carnegie Mellon University where she is a Professor of Computer Science and of Engineering and Public Policy, Director of the CyLab Usable Privacy and Security Laboratory (CUPS), and Co-director of the MSIT-Privacy Engineering masters program. She also co-founded Wombat Security Technologies, an information security awareness training company. Cranor has authored over 150 research papers on online privacy and usable security, and has played a central role in establishing the usable privacy and security research community, including her founding of the Symposium on Usable Privacy and Security. She was previously a researcher at AT&T Labs-Research. Cranor holds a doctorate in Engineering and Policy from Washington University in St. Louis. She is a Fellow of the ACM and IEEE.

* * * *

Lunch will be served

* * * *

If you are unable to join us in person, you may join via dial-in. Please just select “RSVP-Dial-in” under the registration link.

New Survey Finds Parents Support School Tech and Data, But Want Privacy Assurances

FOR IMMEDIATE RELEASE             

December 8, 2016

Contact: Melanie Bates, Director of Communications, [email protected]

New Survey Finds Parents Support School Tech and Data, But Want Privacy Assurances

Washington, DC – Today, the Future of Privacy Forum (FPF) released a new survey, Beyond One Classroom: Parental Support for Technology and Data Use in Schools. The survey asked parents to comprehensively outline their goals and concerns about the use of technology and student data. Their answers, and the conclusions that can be drawn from them, should inform the debate regarding local, state, and national policies concerning K-12 education and data use.

Beyond One Classroom follows FPF’s 2015 survey, which showed that parents were generally aware of and understood the technology used in their children’s schools, but lacked knowledge of many of the specific laws and practices that provide guidelines and important protections for children’s information.

“Parents are the strongest advocates for their children’s educational success, and all other stakeholders in the educational system should embrace the opportunity to communicate and work with parents as partners in addressing these issues,” said Amelia Vance, FPF Policy Counsel.

The survey found the rates of technology use in schools – both by students and parents – went up by 20% since 2015 (see below graph). Not only are students using more technology provided by schools, but more parents are using school-related technology to supervise their child’s education process, and to communicate with the school.

graph-for-parent-survey-release

The key findings of Beyond One Classroom indicate that the closer the use of data is to individual classrooms and to the parent’s child, the more strongly parents support, and desire, the benefits of student data collection and use. According to most parents, the most convincing reasons to use individual student information are to:

The results point out that as data use becomes less directly tied to students, parents still want to comprehend the benefit to the classroom. Moreover, parents support research that can be used in a school or classroom to directly benefit students.

“Communicating and demonstrating these additional benefits to parents is key to establishing and maintaining trust in an ongoing relationship between parents, their communities, and the schools and vendors that serve them,” Vance said.

The findings also illustrated that parents may be seeing the value school districts gain from the use of traditionally “sensitive” information. Support for the collection and use of parents’ marital status, family income, and social security numbers all increased significantly:

Over half of parents of school age children now agree that race and ethnicity are data that is appropriate for collection and use by schools.

“The use of this type of data, appropriately controlled and protected, is critical for research that identifies potentially discriminatory policies and practices, and it is heartening to see that parents appreciate the value that this data can provide when it is used responsibly,” Vance said.

“Overall, 2016 showed the increasing prevalence of technology use by both parents and students, increasing levels of support by parents of the appropriate collection and use of data by schools, and continued strong belief in the possibilities of technology to improve their child’s educational opportunities,” said Brenda Leong, FPF’s Senior Counsel and Director of Operations. “The goals for educators, advocates, and policymakers remain to communicate policies clearly; establish transparent practices; and work with parents as key partners in the educational system to achieve the best learning outcomes for our children.”

Beyond One Classroom was produced with funding provided from the Bill & Melinda Gates Foundation.

###

The Future of Privacy Forum (FPF) is a non-profit organization that serves as a catalyst for privacy leadership and scholarship, advancing principled data practices in support of emerging technologies. Learn more about FPF by visiting www.fpf.org.

Parents Support School Tech and Data, But Want Privacy Assurances: FPF 2016 Parent Survey

In 2015, the Future of Privacy Forum (FPF) set out to gain a better understanding of what public school parents actually know and want concerning the use of technology and collection of data in their children’s schools, as well as their perspectives on the benefits and risks of student data use within the educational system. Media reports routinely quote parents who are afraid or reluctant to support the use of technology, electronic education records, and student data within their own schools or throughout the educational process. The original survey sought to understand the views of parents, the critical stakeholders in the education policy discussion. Results showed that parents were generally aware of and understood the technology used in their children’s schools, but lacked knowledge of many of the specific laws and practices that provide guidelines and important protections for children’s information.3

Since we reached those conclusions, the public conversation on this topic has barely slowed. Therefore, this year we returned to parents to find out – has their understanding grown? Have their concerns changed? And we had new questions to ask, as technology is used in ever-expanding ways, and the effects of those newly passed laws begin to be felt.

Today, we are releasing our 2016 survey, Beyond One Classroom: Parental Support for Technology and Data Use in Schools. Largely, our findings parallel those from last year. Unsurprisingly, it remains true that the closer the use of the data is to the individual classroom and to their own child, the more strongly parents support, and desire, the benefits of student data collection and use. As data use becomes less directly tied to students, parents still want to comprehend the benefit to the classroom.  Parents support research that can be used in a school or classroom to directly benefit students.

1

What changed from last year to now? Technology use is spreading, fast. Almost eighty percent of parents are now using school-related technology to keep up with their child’s educational progress, and ninety percent of children are using technology provided or recommended by their school.

In addition, parents increasingly see the value school districts gain from the use of a variety of personal data – with growing percentages saying that in addition to categories like grades and attendance, it is appropriate for schools to use data concerning disciplinary records and participation in school lunch programs. Even more noteworthy, parents may be seeing the value of broader research based on analysis that necessarily includes traditionally “sensitive” information. Support for the collection and use of parents’ marital status, family income, and social security numbers all increased significantly; perhaps most importantly, over half of parents of school age children now agree that race and ethnicity are data that is appropriate for collection and use by schools. The use of this type of data, appropriately controlled and protected, is critical for research that identifies potentially discriminatory policies and practices, and it is heartening to see that parents appreciate the value this data can provide when it is used responsibly.

One new finding was that nearly all parents of school age children believe they should be informed with whom and for what purpose their child’s record is being shared. In addition to schools telling parents when the record is shared for educational purposes, we also asked about an increasing trend from state laws that may be limiting the rights of parents: while schools have the ability to share the educational record with partner vendors for core educational functions, parents may want to protect their ability to authorize use of their child’s electronic record to external third parties – for example, for tutoring programs, non-school-sponsored educational clubs or activities, or financial aid and advance educational programs.

However, many state laws are being written that either prohibit this parental control altogether, or narrowly limit it to colleges and prospective employers only. Those leaving the school system for their next opportunity are not the only ones who may wish to use their own record for expanded purposes, and parents overall want this ability. Some want it via “opt-in,” others prefer “opt-out” or by direct request only, but less than half agree that it should be limited to colleges and employers only, or prohibited altogether. Policymakers should take note and instead of legislating this limitation, should leave it to schools and their communities to make this decision for themselves. As FPF’s Jules Polonetsky and Brenda Leong wrote in a recent article on this topic, “Parents, as those most in-tune with their individual child’s needs, have the right to be an active partner and make the final decision about additional sharing and use of their child’s information.”

7

An important area that remains a prime target for better communication and awareness is helping parents understand current laws and practices that protect student data. Slightly fewer parents than last year felt confident that they know what federal laws currently protect student data, or what those laws require. This is such a clear issue that advocates and educators at all levels should focus part of their future outreach on making parents aware of these existing requirements. The FPF Parent Guide To Student Privacy, written in cooperation with the National PTA and ConnectSafely, can be a great start in providing parents with that information. The Foundation for Excellence in Education recently released a “Student Data Privacy Communications Toolkit” that provides districts and states with templates for webpage content, letters to send home to parents, and many other key ways to communicate.

Overall, our 2016 survey showed the increasing prevalence of technology use by both parents and students, increasing levels of support by parents of the appropriate collection and use of data by schools, and continued strong belief in the possibilities of technology to improve their child’s educational opportunities. The goals for educators, advocates, and policymakers remain to communicate policies clearly; establish transparent practices; and work with parents as key partners in the educational system to achieve the best learning outcomes for our children.

Read the full survey report.

Read the press release.

Read the EdScoop Article.

Beyond One Classroom was produced with funding provided from the Bill & Melinda Gates Foundation.

Brenda Leong is senior counsel and director of operations at the Future of Privacy Forum. Amelia Vance is policy counsel for education privacy at the Future of Privacy Forum.

Uber and Location Permission

Uber recently announced that its iOS app will require access to location data either “Always” or “Never.” Given some of the confusion about the change, we are writing to help consumers better understand what Uber modified and why.

For context, it is important to understand how smartphone location permissions work. Until 2014, on the two major smartphone platforms—iOS and Android—granting the location permission to an app meant that app had access to that user’s location at all times, whether or not the app was open.

In 2014, with the rollout of iOS 8, Apple created new location permission options, which allowed iOS app developers to offer users the option to permit location access “While Using the App” in addition to the preexisting options of “Never” or “Always.”

Under iOS 8 and until recently, Uber provided users with all three options. When users selected the “While Using the App” option, Uber only received location data when the app was actually open and in the foreground of a user’s phone – i.e. when a user was actively calling an Uber or checking the location of the vehicle on the map.

As a result, key information about how far riders were from the vehicle they were seeking to meet was not available to the company. The only location information available was the pin denoting the location the rider chose originally when hailing the Uber. If the rider minimized the app or switched to a different app and then exited their building around the corner from the main door, or if they were down the block or across the street from the pin’s location, accurate location information was not available to help the Uber driver find them.

Similarly, at drop-off, for riders using the “While Using the App” option, Uber did not receive information about whether the user was dropped off at the intended location-any route information was garnered solely from the driver’s phone. For example, if the map led the driver to a location where users had to cross a dangerous street and walk around the building to actually get to the entrance, or need to wave down the driver to get picked up again because they were not taken to the intended location, that information is today usually not available to Uber; this lack of data limits Uber’s ability to correct the error for future passengers.

Because of these shortcomings, Uber is now asking users to allow the company to access location information when riders may not have the app in the foregrounds of their phone – specifically from the time of hailing the Uber to 5 minutes after drop off. Although doing so technically grants Uber access to location “Always”, the company has committed to access location only for specified purposes: to improve pickups, drop offs, customer service and to enhance safety.

Some critics have objected to Uber’s change, focusing on the fact that the company will be able to collect user location for 5 minutes after drop off. Some Uber users want to keep where they are heading after drop off confidential or don’t want that information stored in a database.  Perhaps so, but those users would be far wiser to turn off location settings for their phone entirely, given the number of apps that could be collecting their location information. Riders can still do so when exiting the car, or they can choose to “Never” share their location with Uber and instead type in their location and destination.

Location information is often sensitive and users should think carefully before allowing apps to access location data. Many apps don’t need location data and request it simply to share it with advertising companies or other third parties. But here, the convenience and service improvements intended by this change promise real value for riders.

What apps are getting your location and are they collecting it “Always” or only “When Using the App”? On iOS, checking Settings/Privacy/Location Services to find this information and to revoke permission from any app that doesn’t have a good reason to be collecting your location.

iOS popup announcing Uber’s new policy:

file-1

 

Location Settings Page in iOS 10:

file1

Protecting Privacy in the Age of Connected Toys

Today, at the 2016 Family Online Safety Institute (FOSI) Annual Conference, FPF and FOSI released  Kids & The Connected Home: Privacy in the Age of Connected Dolls, Talking Dinosaurs, and Battling Robots.

toys-paper

FPF and FOSI understand that connected toys are creating opportunities for interactive play and education, but also creating new privacy and security challenges. Toys that can become a child’s closest friend, play games, and provide advice through the use of sophisticated cloud-based computing and personal information are raising questions about how to ensure families can make appropriate choices about how data is collected and used. Learn more about Kids & The Connected home below.

FACEBOOK LIVE

OP-ED

PODCAST

PAPER

PRESS RELEASE

Kids & The Connected Home: Privacy in the Age of Connected Dolls, Talking Dinosaurs, and Battling Robots

FOR IMMEDIATE RELEASE             

December 1, 2016

Contact:

Melanie Bates, Future of Privacy Forum, 202-596-9837, [email protected]

Emma Morris, Family Online Safety Institute, 202-775-0158, [email protected]

Kids & The Connected Home: Privacy in the Age of

Connected Dolls, Talking Dinosaurs, and Battling Robots

Washington, DC – Today, at the 2016 Family Online Safety Institute (FOSI) Annual Conference,  the Future of Privacy Forum (FPF) and FOSI released a white paper, Kids & The Connected Home: Privacy in the Age of Connected Dolls, Talking Dinosaurs, and Battling Robots.

FPF and FOSI understand that connected toys are creating opportunities for interactive play and education, but also creating new privacy and security challenges. Toys that can become a child’s closest friend, play games, and provide advice through the use of sophisticated cloud-based computing and personal information are raising questions about how to ensure families can make appropriate choices about how data is collected and used.

“At FPF, we recognize the benefits that connected home technologies can provide to individuals, families, and kids,” said Jules Polonetsky, FPF’s CEO. “We also know that privacy issues can make or break adoption of connected home tech – particularly questions about whether kids’ privacy and security are sufficiently safeguarded. Children are playing with dolls that listen and talk, interactive animals, and apps that link toys to digital services. As connected toys become more popular, it is important for toymakers to be transparent about their data practices and to mitigate security risks.  Federal law provides key safeguards, but more can be done to build trust.”

“The new world of connected toys offers an extraordinary range of opportunities for learning, exploring and just plain fun,” said Stephen Balkam, FOSI’s Founder and CEO. “However, data is the difference between these ‘smart’ toys and traditional ones. Parents need to be aware of how a toy collects, shares, and stores their child’s information. Industry must ensure the safety and security of that data and find innovative and effective ways to inform parents of how their child’s information is being used.”

Kids & The Connected Home describes the current landscape of connected toys, identifying what distinguishes them from conventional toys and other smart toys. The white paper analyzes existing regulations under COPPA that have established important safeguards for information collected from children, and how those regulations apply. Stacey Gray, FPF Policy Counsel, points out that shopping for connected toys often happens in retail stores, where COPPA does not require a privacy disclosure.

pii

“Parents should be able to understand at the point of sale—before bringing it home to their child—whether or not they will later be asked to consent to the toy’s collection of their child’s personal information,” Stacey said. “A full privacy policy on the box is not likely to be helpful, but some sort of cue will help parents decide before purchasing whether they are comfortable with the toy or whether they would like to do more research.” As a prime example, Kids & The Connected Home cites a packaging label notice on Fischer-Price’s connected toy, Smart Toy.

The report also provides several leading privacy and security practices that can help companies build trust, such as: 1) Determine when local processing, remote processing, and third-party sharing is appropriate, and mitigate security risks for the selected approach to data processing; 2) Ensure that strong encryption standards prevent the toy from communicating with unauthorized devices or servers; and 3) Do not use passwords that cannot be changed by users, and do not share a single default password between toys.

On July 20, 2016, FPF, FOSI, and Christian Science Monitor Passcode hosted Kids & the Connected Home in Washington, DC. This event featured discussion by a diverse group of industry experts about kids, connected toys and devices, and privacy. In Kids & The Connected Home, FPF & FOSI discuss and expand upon the issues raised at that event, which concerned the emergence of connected toys and their social and legal implications. Throughout, the report addresses key questions that animate the discussion around children and the connected home:

“Trust is a crucial precondition for widespread adoption of connected toys,” said John Verdi, FPF’s VP of Policy. “Parents must be satisfied that the digital products they invite into their homes will safeguard children’s privacy and keep information secure.”

###

The Future of Privacy Forum (FPF) is a non-profit organization that serves as a catalyst for privacy leadership and scholarship, advancing principled data practices in support of emerging technologies. Learn more about FPF by visiting www.fpf.org.

The Family Online Safety Institute (FOSI) is an international, non-profit organization which works to make the online world safer for kids and their families. FOSI convenes leaders in industry, government and the non-profit sectors to collaborate and innovate new solutions and policies in the field of online safety.  Through research, resources, events and special projects, FOSI promotes a culture of responsibility online and encourages a sense of digital citizenship for all. Learn more about FOSI by visiting www.fosi.org.