For many Internet users, online privacy policies are long and difficult to read. Transfer those same policies to a mobile device, where users can find themselves clicking through multiple screens often with tiny type, and the policies can become almost useless to the average consumer.
View the entire article quoting the Future of Privacy Forum’s own Chris Wolf here.
As reflected in this Hogan Lovells’ blog entry http://www.hldataprotection.com/2011/08/articles/consumer-privacy/app-privacy-is-in-the-news-again/ app privacy remains in the news and on the minds of privacy advocates and industry. This entry links to a quote by FPF’s co-chair Chris Wolf in today’s New York Times on the need for all app developers to invest in privacy, and has a link to the FPF Application Privacy resource as well. Finally, there is a mention of the upcoming joint FPF/Mobile Marketing Association webinar on app privacy and a link to free registration for that webinar.
The Develop for Privacy Challenge, organized by the ACLUs of Northern California and Washington, the Tor Project, and the Information & Privacy Commissioner’s Office of Ontario, was launched to highlight some of the best privacy-enhancing mobile apps out there — apps that improve, rather than erode, our ability to protect and control our own private information.
View the entire post here.
Leaders of the Future of Privacy Forum (FPF), a privacy think tank whose Advisory Board includes privacy scholars, privacy advocates and corporate privacy officers, made the following statements in relation to today’s FCC & FTC Forum on Location Based Services:
“Today’s Location Based Services Forum is a positive and important educational opportunity to highlight best practices concerning the collection and use of location information,” said Christopher Wolf, FPF co-Chairman. He added, “Consumers are entitled to privacy protections for their location information when using mobile devices and only with privacy will there be the consumer trust needed for the nascent location based services sector to flourish.”
“For real privacy advances to be made in this space, it is important that the range of ways location based information is collected and used is well understood by consumers and policymakers,” explained Jules Polonetsky, FPF Co-Chairman. “Location based information comes from a wide ecosystem that includes wifi networks and GPS, in addition to cell towers. This information is then used and shared by multiple platforms, such as application developers and ad networks. To help further understanding of this complicated environment, we have released the following education chart, and we look forward to a continued discussion on the issue.”
To schedule an interview with Jules Polonetsky or Christopher Wolf, email: [email protected].
To learn more about privacy issues in the mobile and online application spheres, visit www.applicationprivacy.org
With a room filled to capacity this morning, the Center for American Progress hosted a special presentation entitled “Tracking: Where You Are, What You See, and What to Do.” Neera Tanden, the Chief Operating Officer for Center for American Progress moderated the panel which featured a keynote by FTC Commissioner Julie Brill. Panelists included FPF co-chair Chris Wolf along with Professor Peter Swire (Senior Fellow, Center for American Progress, and Professor of Law, Ohio State University), Ed Felten (Chief Technology Office, Federal Trade Commission), along with Jim Steyer (Founder and CEO, Common Sense Media).
Commissioner Brill, after describing the FTC’s ongoing examination of the privacy framework, focused on the five key elements the FTC is looking for a Do Not Track mechanism, including: (1) simple to find and use, (2) effective, (3) applicable across companies and technologies, (4) does more than just prevent consumers from receiving targeted online behavioral advertising, and (5) provides persistent choice.
Commissioner Brill cited the recent FPF survey showing that three quarters of most Apps lack a privacy policy, a situation she said needed great improvement.
The lively panel discussion included Ed Felten describing the progress being made by the browser companies in designing Do Not Track mechanisms into their products; a plea by Jim Steyer for a Do Not Track law focused on kids, which he described as an urgent need; an overview of the Do Not Track Kids bill introduced by Representatives Markey and Baron by Chris Wolf, including a synopsis of criticism of the bill from the Center for Democracy and Technology, the Direct Marketing Association and Libertarian Adam Theier, each of whom have focused on the First Amendment issues implicated by the bill because of its potential to limit even adult access to content because of the need to identify all users of web sites to determine which are kids entitled to protection, and because of the impracticality of the “Erase Button” requirement in the bill. Peter Swire discussed the potential technology could play in achieving some of the objectives of the Do Not Track Kids bill. Questions from the audience including one mentioning how parental consent for teen access to online content could thwart legally protected teen access to reproductive health information.
A replay of today’s program is available here.
Colleague Peter Swire has an article published in today’s publication of The Hill discussing the growth of privacy legislation today, see the full article here.
In order to demonstrate a model implementation for opt-in cookies under the Amendments to the EU Telecom Directive, the UK Information Commissioner’s Office (ICO) implemented an opt-in for the use of an analytics cookie. The “above the banner” opt-in request can be seen here, and at the links here and here you can see the results of its implementation in visuals.
So what happened? Tracked traffic to the site fell by a staggering 90%! Leading web analytics expert, Vicky Brock (@brockyvick) made a Freedom of Information (FOI) request to obtain the traffic to the ICO site measured using the Google Analytics tool. The results are what is shown in graphics linked to above (on Vicky Brock’s Flikr).
Though these numbers are only an initial look at the effects of implementing the cookie amendments to the Telcom Directive, they make it clear that interpreting the law expansively will be impractical. Although some companies may figure out how to do better at enticing consumers to consent to analytics, the negative effect on a Web site’s ability to track basic information about how a site is being used will clearly be dramatically affected.
Thursday, June 16 Computers Freedom and Privacy (CFP) hosted a panel called “The Privacy Profession — Corporate Apologists, or Agents of Positive Change?” that featured Chief Privacy Officers (CPO) from various agencies and companies. The panel included: Nuala O’Connor Kelly as moderator (Senior Counsel, Information Governance & Privacy, GE; FPF Advisory Board member), Doug Miller (Executive Director, Consumer Advocacy & Privacy, AOL; FPF Advisory Board member), Jonathan Cantor (Chief Privacy Officer, Department of Commerce), and John Kropf (Deputy Chief Privacy Officer, U.S. Department of Homeland Security). The discussion provided time for each of the panelists to share a bit about their career path, and then moved on to touch on various subjects including the major policy issues each CPO is facing in their current roles, questions for the CPOs to ask each other, and also provided opportunity for a few audience questions.
One of the interesting discussions that Nuala O’Connor Kelly elicited was about the “ethos” of the CPO role. More specifically, the CPOs considered whether they looked at their role as an internal versus external advocacy role. John Kropf aptly compared the role of a CPO to a line from a Johnny Cash song and said he “walk[ed] the line,” referring to the line between an internal or external oversight role. Overall, the panel agreed that their role is multidisciplinary, and inclusive of legal, technology, and policy considerations. As such, there was also emphasis later in the discussion about fostering relationships with other departments within organizations, including, and especially the Chief Information Officer (CIO) of an organization. Additionally, though each felt their position was similar in its role as an advocate for privacy, each highlighted the difference a corporate or agency environment or culture may have on their role as CPO. For instance, Jonathan Cantor compared his past experiences with privacy enforcement at the Social Security Office to those as CPO at the Department of Commerce.
In discussing the current and pressing policy issues, answers varied. Three common answers however, were: cyber security, cross-border data flows, and information sharing (whether it be with government or third party advertisers). The diversity of answers shared shed light on how truly multifaceted the policy implications of privacy concerns are. Accordingly, when John Kropf asked his fellow panelists about the future of privacy, the CPOs undoubtedly agreed that privacy and the role of CPOs was growing rapidly, and had a bright (and busy) future; Nuala chimed in, “only up.” Curious about how to motivate and encourage interest in the growing role of privacy, Doug Miller discussed how to encourage interest among employees and the public.
The panel provided a great opportunity for both audience members and panelists to discuss the roles and growth of the privacy office. The insights were based on a great depth of experience, and provided great perspective for all who attended.