The Future of Privacy Forum is a proud sponsor of the IAPP Privacy Summit 09 and you can find us at the following breakout sessions this week:
Thursday, March 12, 11am-Noon: Cheers & Jeers: Who is Doing Privacy Right and Who Deserves Detention
Jules Polonetsky, CIPP, Co-Chairman and Director, Future of Privacy Forum
Christopher Wolf, Partner, Proskauer Rose
This is a one-hour session with two parts.
Part 1 of this session will give out awards or demerits for sites and services that show success or failure in using data in a trustworthy manner. Come to cast your vote and see who makes the grade!
Part 2 will provide a technical look at the bits and bytes of behavioral advertising. What’s in those cookies, logfiles and profiles? How are IP addresses actually used? What are the hidden legal risks that you can you solve without coming to blows with your marketing team?
Privacy Book Club: Understanding Privacy
Nuala O’Connor Kelly, CIPP/G, Senior Counsel, Information Governance & Privacy, GE
Tom Oscherwitz, CIPP, Vice President of Government Affairs and Chief Privacy Officer, ID Analytics
Jules Polonetsky, CIPP, Co-Chairman and Director, Future of Privacy Forum
Dan Solove, Professor of Law, George Washington University
Friday, March 13, 12:15-1:15 pm: Identity, Identifiers and Personal Data
Jules Polonetsky, CIPP, Co-Chairman and Director, Future of Privacy Forum; David Hoffman, CIPP, Director of Security Policy and Global Privacy Officer, Intel Corporation
The enormous international focus on privacy is growing more urgent in the face of business and government pressure to get the economy moving again and restore trust in our most basic institutions. To help rebuild trust and bolster bottom lines in a down market, it pays to prioritize privacy. The time is right to make smart investments in an organization’s privacy professionals-the experts in the eye of the storm that must work collectively to find the right solutions to privacy challenges.
The IAPP, which now boasts 6,000 members across 47 countries, is convening its annual Privacy Summit in Washington DC from March 11-13, 2009-the largest and most global privacy event in the world. Attendees will have the unique opportunity to interact with privacy regulators from Canada, France, Spain, Israel, the UK, Italy, the U.S. and the experts who help shape their policies across 60 different educational and networking sessions. Keynote speakers include Frank Abagnale (of Catch Me if You Can fame), one of the world’s most respected authorities on forgery, embezzlement and secure documents as well as internationally renowned security technologist Bruce Schneier.
The Future of Privacy Forum will be strongly represented at this year’s Summit. Jules Polonetsky and Chris Wolf will be co-presenting a session entitled Cheers & Jeers: Who is Doing Privacy Right and Who Deserves Detention. Jules and Chris will also cover Behavioral Advertising Secrets: What Your Marketing and IT Team Didn’t Think You Needed to Know. Both topics should be big draws for the expected 1500 attendees at the Summit!
It’s this sort of event that advances our profession and helps privacy professionals work together to reclaim trust. Registration is open and we look forward to seeing you in DC.
Persistent Opt-Out Cookies
Future of Privacy Forum Applauds Yahoo for Enhancing Consumer Control of Cookies
FPF Co-Chairman and Director Jules Polonetsky today issued the following statement in reaction to Yahoo’s announcement that it would refresh the opt-out preferences of users across different computers and browsers, and re-set a new opt-out cookie if a user inadvertently deleted their opt-out cookie, for users who are signed in to Yahoo.
“Yahoo has emerged as one of the clear privacy leaders in the online advertising industry by continuing to innovate in improving user controls for behavioral advertising. The instability of the opt-out cookie is the Achilles heel of the behavioral advertising model and steps like this help ensure that user’s choices are more widely respected.”
“It is a credit to Yahoo that they are doing what they can, but the full solution will require the browser companies allowing sites to set a flag that consumers can use to more reliably record their privacy choices. Until users who express a choice can be assured that their preference will be respected, the behavioral advertising model will be at risk.”
Christopher Wolf's Presentation to the Canada Council of Chief Privacy Officers
If behavioral targeting is the key to providing Web users with advertising that’s better tailored to their particular needs and interests–instead of banner ads that they ignore–then what’s the harm to consumers?
That was a central question tackled by a panel of privacy and online marketing experts Thursday at the OMMA Behavioral conference in New York. Whether online user tracking–even when anonymous–represents a growing threat to privacy has become a hotly debated issue in the last year, with FTC, Congress and state governments considering increased regulation of behavioral targeting.
Jules Polonetsky quoted:
“If sites said to users, we try to work with ad networks to give you more relevant advertising, and we’re not trying to hide this, no one would run away,” said Polonetsky. He pointed to companies such as Amazon and eBay that have headed off backlash by letting customers know upfront that they use behavioral targeting in recommendation engines and advertising.”
Feb. 26, 2009 – Facebook’s Zuckerberg to Address User Privacy Concerns at Press Conference Thursday, PC World
Future of Privacy Forum Applauds DHS Appointment of New Chief Privacy Officer
Jules Polonetsky, director of the Future of Privacy Forum (FPF), today made the following statement on the U.S. Department of Homeland Security appointment of Mary Ellen Callahan, as the department’s chief privacy officer:
“Mary Ellen Callahan has the critical combination of privacy savvy, common sense and a strong backbone needed to help craft policy that balances the need for tools to fight and win the war on terror and respect for the privacy and personal dignity of individuals.
“For an administration that has promised to be both tough on terror and committed to civil liberties, this position will play a pivotal role. Mary Ellen is recognized as an intent listener who will be able to ensure that voices of both law enforcement and civil libertarians are heard and respected.”
Last week the major search engines presented before the Article 29 Working Party of European data regulators. Brendon Lynch of Microsoft had this handy chart which gave an overview of how the companies handle search data.
One thing I haven’t seen discussed is how companies are – or are not – handling the very tricky issue of stripping our proper names from search records. The easiest obvious way that a user could be potentially indentified from search logfiles (other than via legal process) is going to be when they have searched for their own name. Pulling out proper names is actually a difficult process, requiring a data base of all names in all languages used, leaving in the many “famous” names”, doing some calculations around velocity, etc. Not a trivial effort, but achievable in an useful, albeit imperfect manner.
We note that Yahoo is the only of the listed companies that has applied a public retention period to ad-serving log-files. In Europe, behavioral advertising service provider Wunderloop has qualified for data regulator-backed privacy seals by committing to very limited log-file retention periods. In the Federal Trade Commission Staff Report on Behavioral Advertising, released last week, clear guidance was provided that data should only be kept for as long as needed for the service. This would be a very good time for the big 3, plus many of the ad networks, to begin the process of figuring out how long they really need records of the Web sites a user has visited. Why wait for stress from EU regulators, threats of US regulation and press criticism? This effort is not as tricky to handle, nor as difficult a challenge to take on.
Feb. 12, 2009 – Agency Skeptical of Internet Privacy Policies, NY Times
