FTC Privacy Veteran Molly Crawford Joins Future of Privacy Forum as Policy Director
Washington, DC, July 23, 2013 The Future of Privacy Forum (FPF), a Washington, DC-based think tank advancing responsible data use and consumer privacy, today announced that former Federal Trade Commission staffer Molly Crawford has joined FPF as its first Policy Director. In her new role, Ms. Crawford will be expanding and coordinating FPF’s focus on cutting-edge privacy issues. Ms. Crawford will report to FPF Executive Director Jules Polonetsky.
Ms. Crawford brings to FPF her eight years of experience as a senior attorney in the FTC Division of Privacy and Identity Protection within the Bureau of Consumer Protection. In that role, Ms. Crawford focused on privacy, data security, and technology matters, leading investigations into companies’ privacy and data security practices. She developed particular expertise in the areas of mobile privacy, data brokers, and online tracking. Ms. Crawford also was detailed by the FTC to the US Senate Committee on Commerce, Science, and Transportation, where she served as Counsel advising senators and their staff on privacy and privacy legislation.
FPF Founder and Co-Chair Christopher Wolf commented on Ms. Crawford’s arrival as the group’s first Policy Director by saying “I cannot imagine anyone better qualified than Molly Crawford to help lead the Future of Privacy Forum to the next level of constructive engagement on the knotty privacy issues facing consumers and businesses today. We are honored and delighted that she chose FPF as her new professional home.”
FPF’s Executive Director and Co-Chair, Jules Polonetsky said, “Molly is a terrific addition to the FPF team and her great depth in privacy law and best practices will help us advance responsible data use.”
Commenting on her new appointment, Molly Crawford said: “Having dealt with the Future of Privacy Forum during my years at the FTC, I know it to be the most effective group at bringing practical and reasonable solutions to the privacy challenges posed by new technologies. I am thrilled to join Jules and Chris, as well as Senior Fellows Mary Culnan, Peter Swire and Omer Tene, and the Junior Fellows, in working to advance FPF’s privacy-advancing mission.”
If you are interested in learning more about Future of Privacy Forum, please email [email protected] or call 202-642-9142.
The Future of Privacy Forum (FPF) is a Washington, DC based think tank that seeks to advance responsible data practices. The forum is led by Internet privacy experts Jules Polonetsky and Christopher Wolf and includes an advisory board comprised of leading figures from industry, academia, law and advocacy groups.
The Ethics of Student Privacy: Building Trust for Ed Tech
Read FPF’s paper on ethics and trust in the ed tech environment, but Jules Polonetsky and Omer Tene, as published in the International Review of Information Ethics, Vol. 21 (07/2014).
July 16, 2013 – Companies To Develop Privacy Standards For Tracking Brick-And-Mortar MediaPost News
FPF Announces New Group to Develop Best Practices for Retail Location Analytics Companies
The Future of Privacy Forum Announces New Group to Develop Best Practices for Retail Location Analytics Companies
First Step for Shaping Privacy Principles for Technologies Aiming to Improve the In-Store Shopping Experience
Date: July 16, 2013
WASHINGTON, D.C. – The Future of Privacy Forum (FPF) today announced that it is working with a group of leading technology companies to develop best practices for retail location analytics. The companies, including Euclid, WirelessWERX, Mexia Interactive and ShopperTrak, provide solutions to retailers to develop aggregate reports used to reduce waiting times at check-out, to optimize store layouts and to understand consumer shopping patterns. The reports are generated by recognizing the Wi-Fi or Bluetooth MAC addresses of cellphones as they interact with store Wi-Fi networks.
FPF’s goal is to make sure these technologies are subject to privacy controls and are used responsibly to improve the consumer shopping experience.
“Companies need to ensure they have data protection standards in place to de-identify data, to provide consumers with effective choices to not be tracked and to explain to consumers the purposes for which data is being used,” said Jules Polonetsky, Director of the Future of Privacy Forum. “By being transparent about what is going on, location companies and retailers can make sure shoppers understand the benefit of the bargain.
“New technologies are helping retailers better understand what customers want and make shopping more convenient for everyone,” said Will Smith, co-founder and CEO, Euclid. “Privacy has always been a priority as we’ve designed and built our services, and we are excited to work with FPF to develop best practices for the retail analytics industry.”
“Our emerging industry has focused on building innovative analytics products that help our retail partners compete more effectively and deliver better value and service to consumers, while always protecting their anonymity and privacy. By proactively establishing these standards of conduct, we hope to demonstrate our continued commitment both as a company and as an industry to adhere to the highest standards of consumer privacy and protection,” said Jim Riesenbach, CEO, WirelessWERX.
“ShopperTrak is working with FPF because we believe in individuals’ rights to privacy. ShopperTrak’s wireless solution only stores anonymous data and enables consumers to opt-out of any tracking whatsoever, should they so desire,” said Christopher Ainsley, CEO ShopperTrak.
Working together with retailers and the in-store location technology companies, FPF will seek to input from a range of stakeholders and will release a proposed code of conduct by November 2013.
If you are interested in learning more about the project, please email [email protected].
For any questions, or to schedule an interview, please contact Heather Federman at [email protected].
The Future of Privacy Forum (FPF) is a Washington, DC based think tank that seeks to advance responsible data practices. The forum is led by Internet privacy experts Jules Polonetsky and Christopher Wolf and includes an advisory board comprised of leading figures from industry, academia, law and advocacy groups.
Getting COPPA Right with a New Directed at Children Signal
One of the most important provisions of the updated Children’s Online Privacy Protection Act (COPPA) rule that took effect yesterday is the extension of child privacy protection to behavioral advertising, the practice of tracking users across online sites and services to tailor advertising. The Future of Privacy Forum supported the Federal Trade Commission’s move to restrict behavioral ads for children and we are pleased to see many companies working hard to come into compliance.
However, when the FTC focused on behavioral ads, they drew their rulemaking scope widely, capturing almost all forms of tracking across sites other than a set of limited “internal operations purposes”. Third party code providers, such as analytics companies, ad networks, or social plug-in providers are deemed to have “actual knowledge” they are dealing with children if the first party site has effectively communicated its online status to the third party or if a “representative of the online service recognizes the child directed nature of the site.”
This last provision is challenging, since many third party code providers distribute their code freely to millions of web developers, with no way to assess whether they are being used by services directed at children. Does an email from anyone in the world to an employee of a social network put the company on notice that it is dealing with a child directed site? How should an ad network know if a “representative” of its service has recognized the child directed nature of an app? Some apps are obviously directed at children, but for others the legal analysis is quite fact specific. Given the strict liability standard under COPPA, all third parties that distribute code widely are facing a substantial and amorphous risk. We trust that the FTC staff will be reasonable in their enforcement efforts, but more certainty in this area would help ensure compliance from web publishers and third parties.
One way to help provide certainty is to develop a technical method for child directed sites to communicate their status to third parties. FTC Chief Technologist Steve Bellovin proposed a promising model several months ago, calling for a special site flag to be passed between companies that would indicate the child directed status of a site. FPF has been working with a number of stakeholders to refine a technical proposal that could help standardize this type of communication, effectively creating a limited “Do Not Track for Kids” signal.
In this direction, we are pleased to note that a number of companies have started rolling out technical flag options for sites directed at children to use. Facebook just released a new kid_directed_site parameter, which sites can use to let Facebook know that they are directed towards the under-13 set. Google’s AdMob mobile ad network SDK now includes a new setting called tag_for_child_ directed_ treatment, which allows mobile apps to indicate they want their content treated as child directed for ad requests. The Rubicon Project emailed its clients advising them to use a new site naming convention “[Site Name] – Children’s Site, which publishers should insert in their ad tags. And Twitter just advised sites directed to children that they must use the data-dnt parameter, which Twitter provides for sites that wish to opt-out their users from tailored content and suggestions.
For many companies, creating such a flag will be far more complex. Tags will need to be created by complex content management systems for sites that dynamically assemble pages. For companies that operate ad networks or exchanges, flags will need to be reliably passed from one ad network to another; sites or networks that don’t pass site data will need to develop a means to generate a flag. But the effort to implement this flag could be an effective way to both protect children and ensure compliance.
The FTC could play a key role here to encourage this new technical method of COPPA compliance, if it recognized that services designating a primary technical method for sites to communicate their status or to restrict data use should not be deemed to have gained actual knowledge via alternate means. To be clear, services that get this flag are now on the hook for full COPPA compliance, as are their child directed site partners. By sending or distributing the flag, companies are distributing and expanding a significant legal compliance obligation and accepting the risk of substantial penalties. By choosing to use this flag, they should be have certainty that they will not held responsible for being attributed knowledge in an uncertain manner.
Much criticism of the COPPA rule has focused on the compliance burden it poses on small companies and start-up app developers. By looking to technology for a solution, the FTC and industry could turn a legal burden into an effective, no cost and widely distributed method to advance children’s privacy.
MIT Sloan Management Review Highlights "Big Data for All" Scholarship
In a post for the MIT Sloan Management Review, Renee Boucher Ferguson considers the privacy costs involved with the use of data analytics to transform customer service. The capability of projects such as IBM’s Watson to “to determine consumer wants and desires, even (sometimes!) before customers themselves do so” requires a new approach to privacy, and Ms. Boucher Ferguson turns to Jules Polonetsky and Omer Tene’s “Big Data for All: Privacy and User Control in the Age of Analytics” to develop a new legal framework for these challenges.
PBS NewsHour: Jules Polonetsky on Benefits and Privacy Trade-Offs of 'Big Data'
Finding a Balance Between Privacy and Progress: Jules Polonetsky at TEDxMidAtlantic2012
Seeking Submissions for Privacy Papers for Policy Makers 2013
FPF is pleased to invite privacy scholars, professionals, and others with an interest in privacy issues to submit papers to be considered for inclusion in FPF’s annual edition of “Privacy Papers for Policy Makers.”
The purpose of Privacy Papers for Policy Makers is to present policy makers with highlights of important research and analytical work on a variety of a privacy topics. Specifically, we wish to showcase papers that analyze cutting-edge privacy issues, and propose either achievable short-term solutions or new means of analysis that could lead to solutions.
Academics, privacy advocates and Chief Privacy Officers on FPF’s Advisory Board will review the submitted papers to determine which papers are best suited and most useful for policy makers in Congress, at federal agencies and for distribution to data protection authorities internationally. Selected papers will be presented at an event with privacy leaders in the Fall, and will be included in a printed digest that will be distributed to policy makers.
The entry can provide a link to a published paper or a draft paper that has a publication data. FPF will work with authors of the selected papers to develop a digest.
Our deadline for submissions is July 19, 2013. Please include the author’s full name, phone number, current postal address, and e-mail address.
Please send submissions via e-mail to [email protected] with the subject line “Privacy Papers for Policy Makers 2013,” or send by mail to:
Looking at Privacy Protections for Facial Recognition
On Sunday, Google announced that it would not allow facial recognition applications on Google Glass until “strong privacy protections” were in place. But this announcement begs the very question: what sort of privacy protections can actually be put in place for this sort of technology?
Thus far, concerns about facial recognition technology have appeared within the context of “tagging” images on Facebook or how it might be used to transform marketing, but these interactions are largely between users and service providers. Facial recognition on the scale offered by wearable technology such as Google Glass can change how we navigate the outside world. As one commenter put it, notice and consent mechanisms can protect Glass users but not the use by the user himself.
Many suggestions have focused on sending signals to the outside world that Glass is at work, such as blinking lights or other audio or visual cues. This is similar to efforts such as requiring cameras to go “click” whenever a photo is taken in order to make surreptitious photography more difficult. However, these sorts of mechanisms place the responsibility on non-users to constantly be aware of their surroundings lest they be recognized without their approval.
In its report last year on best practices for facial recognition technology, the FTC specifically addressed scenarios where companies use facial recognition to identify anonymous images of a consumer to someone who could not otherwise identify him or her, pointing to mobile apps that could permit users to surreptitiously discover information about people on the street. Noting “the significant privacy and safety risks that such an app would raise,” the FTC suggested that “only consumers who have affirmatively chosen to participate in such a system should be identified.”
As a practical matter, for now, facial recognition on Glass could be tied to a user’s social network. Information that a user has access to about people out in the world would reflect information shared on that social network. Though a heads-up display could be permitted to recognize only “friends,” it seems inevitable that this technology will creep beyond this sort of artificial barrier. Drawing the line will be incredibly difficult. For example, what reason would there be to exclude professional email contacts or prominent public figures from being identified? With some work, almost anyone who has set foot in a public space can be visually identified. Facial recognition on wearable devices simply lowers this already-diminishing bar. Empowering the general public to affirmatively choose to participate in broad-based, public facial recognition on the scale offered by wearable technologies poses a tremendous challenge to many of our traditional privacy protection tools.
Stopping the collection of this information may prove impossible. Even as Google has pledged to limit facial recognition abilities on Glass, Lambda Labs, which provides facial recognition services, have indicated that facial recognition is “a core feature” of wearable technology and that “Google will allow it or be replaced with something that does.” While creating a comprehensive opt-out program will likely serve as one potential solution, such a system could create further privacy problems by requiring the collection of facial information in order for the application to “know” to ignore that face in the future. Another option could be for other wearable tech to send signals not to identify an individual’s face, creating a Google Glass duel of sorts.
However, the challenge of stopping or restricting facial data collection suggests a focus on regulating potential uses could be more productive. We could attempt to draw distinctions among what facial recognition is being used to accomplish—is it being used to assist or augment the user’s memory? For example, using facial recognition technology to help recall a distant, long absent relative could be distinguished from using additional data sources to learn about someone as you sit across from them at a table. Further, facial recognition applications could provide information based on contextual cues, such as identifying restaurant managers and staff at a restaurant while ignoring other people. In the end, applications will need to specifically enumerate how they will use the facial data they are collecting.
Both software developers and device manufacturers need to think creatively about how to establish guidelines around facial recognition technology. The alternative is a complete loss of anonymity in public, or a complete transformation of the public sphere into a place where individuals must cover up, lower their gazes, and avert their eyes—all actions that seem contrary to Google Glass’ effort to present individuals with new ways to experience our world.