De-identification—the process of modifying personal data to ensure that data subjects are no longer identifiable—is one of the primary measures that organizations take to protect privacy. Over the past few years however, computer scientists and mathematicians have demonstrated that de-identification is not foolproof. At the same time, by necessity, organizations around the world continue to rely on a wide range of technical, administrative and legal measures to reduce data identifiability. The EU General Data Protection Regulation recognizes the concept of pseudonymization, albeit with limited legal implications compared to its stricter relative, anonymization.
This panel of interdisciplinary experts discussed the technology, law, policy, and implementation of de-identification techniques in Europe. Claudia Diaz, Professor at KU Leuven, chaired the session and introduced the complicated landscape in which de-identification is studied, implemented, and debated. Kelsey Finch, Policy Counsel for the Future of Privacy Forum, moderated the session, and tied the discussion at CPDP to its origins in the November 2016 Brussels Privacy Symposium workshop on Identifiability: Policy and Practical Solutions for Anonymization and Pseudonymization.
Claude Castelluccia, Research Director and Head of the Privatics Group for INRIA, kicked off the session with an overview of “differential testing,” a technique designed to identify when a dataset may be at risk for leaking data subjects’ sensitive attributes, rather than simply their identities.
Sophie Stalla-Bourdillon, Associate Professor at the University of Southampton, overviewed the shifting definitions of de-identified or anonymous data in European law and called for a recognition of amore dynamic legal standard.
Alessandro Spina, Data Protection Officer for the European Medical Agency, discussed developing the first set of professional guidelines for de-identifying and publishing pharmaceutical clinical reports.
Simon Hania, Vice President of Privacy and Security at TomTom, discussed the role of de-identification to achieving business goals, and the tough questions that arise when implementing these tools within organizations.
The papers on which Claude Castelluccia and Sophie Stalla-Bourdillon, and Alessandro Spina based their comments were also selected finalists at the Brussels Privacy Symposium, available here and here.
In a robust question and answer session with the audience and their fellow panelists, the speakers touched on questions, including: how to incentivize robust de-identification within organizations and across sectors; the implications of open data or release-and-forget styles of de-identification; transparency about de-identification commitments and techniques for consumers; and what contextual factors matter most in risk-based de-identification approaches.
If you would like to participate in this and future discussions regarding EU privacy issues, make sure you Save the Date! The next Brussels Privacy Symposium is November 6, 2017.
The Top 10: Student Privacy News (Dec 2016-Jan 2017)
The Future of Privacy Forum tracks student privacy news very closely, and shares relevant news stories with our newsletter subscribers.* Today, we are launching “The Top 10,” a monthly blog with our top student privacy stories from the past month (or month-and-a-half, in today’s case).
A school district has been found in violation of FERPA due to a little-known clause in the federal law which requires that family law courts suspend FERPA rights proactively (as opposed to their automatic suspension when custody rights are suspended).
FPF filed comments with the Commission on Evidence-Based Policymaking on privacy in the context of a federal student-level data system.
There has been a great deal of contradictory information on DREAMers and DACA over the past month and a half: the former Homeland Security Secretary said that federal authorities should not use DACA data to deport students; immigration handliners are upset that the President may not end DACA; Vox obtained an alleged draft order that ends DACA; and Congress has introduced a bill that requires that DACA data cannot be used for the purpose of immigration enforcement proceedings. While many collegeshave said they will not turn over data about immigrant student to the federal government following the President’s immigration Executive Order, the Chronicle for Higher Education reported that these pledges “don’t mean much.”
The Good Data Collaborative seeks to identify gaps in resources to assist civil society in using data responsibly through distinct activities: a landscape assessment of existing tools and resources, as well as academic literature; a consultation with key stakeholders and current and potential users of the resources; and a redesigned, central repository of resources to help them address responsible data challenges in their work.
FPF Joins National Cyber Security Alliance in San Francisco for Data Privacy Day 2017
Held every year on January 28, Data Privacy Day commemorates the 1981 signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. On January 26, 2017, Jules Polonetsky, FPF’s CEO, joined the National Cyber Security Alliance and many other FPF members and friends at Twitter headquarters for its Data Privacy Day Event 2017.
Leading up to the event, FPF participated in two #ChatSTC#PrivacyAware Twitter chats on January 18 and 25, 2017. The January 18 chat centered around how personal information is being used, collected, and shared. Experts shared tips about how to best manage your privacy online. The purpose of the January 25 chat was to discuss why privacy is good for business and how organizations can create cultures of privacy awareness and educate their consumers about their data use practices.
Data Privacy Day Event 2017 featured livedstreamed panels, TED-style talks, and interviews focusing on the latest privacy issues for consumers and business. FPF participated in several segments including, Privacy and Connected Toys,How to Read a Privacy Policy in Less Than 60 Seconds Even if It Was Written By A Lawyer, and Growing Up Online and the Need for Teaching Privacy in Schools, among others.
The 2nd Annual FPF Tech Lab Open House | April 18, 2017 in Washington, DC
The 2nd Annual FPF Tech Lab Open House is an opportunity for us to welcome our members, friends, and colleagues in town for the IAPP Global Privacy Summit. Hosted at our home office in Washington, DC, this event provides a rare occasion for policymakers, regulators, and thought leaders to interact with the latest in privacy-impacting gadgets and new technologies.
Join us on Tuesday, April 18th, from 5:30 -7:30pm at the FPF Office and check out the latest in tech:
– Play with Smart Toys: CognitToys Dino, ChiP Robot, and more
– Outsmart our Smart Home gadgets
– Learn how Wi-Fi and Proximity Sensors can be used to track smartphones in our space
– Come face to face with facial recognition
– Experience virtual reality
– Share fun moments with Snap Spectacles
– And more!
Plus, network with locals and out-of-towners, engage in lively discussions about privacy, all while enjoying drinks and hors d’oeuvres.
Doors open at 5:30 pm; a short program begins at 6:00 pm with remarks from special visiting guests.
By invitation only. Please contact [email protected] for more information.
Jared Allen, Senior Director of Media Relations, NADA, [email protected]
FPF and NADA Launch Guide to Consumer Privacy in the Connected Car
The Alliance of Automobile Manufacturers, General Motors, Global Automakers, and Toyota support Guide’s efforts to educate consumers about data in today’s cars
Washington, DC – Today, the Future of Privacy Forum (FPF) and the National Automobile Dealers Association (NADA) released a first-of-its kind consumer guide, Personal Data In Your Car. The Guide will help consumers understand the kind of personal information collected by the latest generation of vehicles, which use data to further safety, infotainment, and customer experience. The Guide will be made available to consumers by FPF, NADA, automakers, and dealers in order to explain the kinds of information that may be collected, the guidelines that govern how it is collected and used, and the options consumers may have. Copies of the Guide are being distributed by NADA and Ford Direct at the 2017 NADA Convention & Expo in New Orleans.
“The release of this Guide is a critical step in communicating to consumers the importance of privacy in the connected car, as well as the benefits that car data can provide,” said FPF CEO Jules Polonetsky. “As car data grows in volume and gains attention from both the media and regulators, we think it is critical to find creative ways to communicate with consumers in plain language how it works, how it can serve them, and what options and protections exist.”
“For so many consumers, the idea that their connected vehicle is constantly collecting personal information is completely new to them, and often times something they’ve never even thought about,” said NADA President and CEO Peter Welch. “Consumers have every right to know what kind of personal data may be collected by any vehicle they drive – but knowledge has to start with awareness. It is our hope that this guide helps generate awareness about privacy and vehicle technology, and ultimately leads to more consumers feeling confident and safe in any vehicle they drive.”
Today’s vehicles come equipped with a wide array of equipment and features that rely on the collection and use of data about consumers and their vehicles. These new features support a range of technologies that enhance safety, efficiency, performance, convenience, and entertainment. The Guide describes several components that are integral to properly protecting consumer data. For example, services that collect and share personal information should be accompanied by a clear privacy policy. The reality is that yes, cars are starting to know more about you, but what it knows may save your life.
In addition, Personal Data In Your Car highlights that nearly all leading automakers have committed to protecting consumer information by committing to the Automotive Privacy Principles. These Principles guide privacy practices in the automotive industry. They went into effect beginning with model year 2017 vehicles and for subscription services beginning on January 2, 2016.
The two major automaker trade groups voiced support for the Guide, with CEO of the Alliance of Automobile Manufacturers Mitch Bainwol saying, “We’ve long said that strong consumer data privacy protections are essential to maintaining the trust of our customers, and our Privacy Principles were a major step in protecting personal information collected in the vehicle. Efforts like this FPF/NADA guide are an important part of helping drivers – and others – understand the many steps automakers take to safeguard data.”
“Automobiles increasingly make use of innovative technologies designed to save lives, time and the environment,” said Global Automakers President and CEO John Bozzella. “Consumers have a right to know and trust that connected car platforms and the benefits that flow from them will not compromise their privacy or security, and we applaud FPF and NADA for developing a guide to help inform the public.”
As vehicles become more connected, it will be increasingly important to communicate with consumers how their information is collected and shared. For further information about technology in the car, consumers should contact their local dealer and review their vehicle’s owner’s manual.
The Guide launched at the Washington Auto Show on January 26th.
###
The Future of Privacy Forum is a non-profit organization that serves as a catalyst for privacy leadership and scholarship, advancing principled data practices in support of emerging technologies. To learn more, visit www.fpf.org.
The National Automobile Dealers Association is a national trade association representing franchised new-car dealers. To learn more, visit www.nada.org.
FPF and NADA Launch Guide to Consumer Privacy in the Connected Car
The Future of Privacy Forum (FPF) and the National Automobile Dealers Association (NADA) released a first-of-its kind consumer guide, Personal Data in Your Car. The Guide will help consumers understand the kind of personal information collected by the latest generation of vehicles, which use data to further safety, infotainment and customer experience. The Guide will be made available to consumers by FPF, NADA, automakers, and dealers in order to explain the kinds of information that may be collected, the guidelines that govern how it is collected and used, and the options consumers may have.
Today’s vehicles come equipped with a wide array of equipment and features that rely on the collection and use of data about consumers and their vehicles. These new features support a range of technologies that enhance safety, efficiency, performance, convenience, and entertainment. The Guide describes several components that are integral to properly protecting consumer data. For example, services that collect and share personal information should be accompanied by a clear privacy policy. The reality is that yes, cars are starting to know more about you, but what it knows may save your life.
Personal Data In Your Car highlights that nearly all leading automakers have committed to protecting consumer information by committing to the Automotive Privacy Principles. These Principles guide privacy practices in the automotive industry. They went into effect beginning with model year 2017 vehicles and for subscription services beginning on January 2, 2016.
As vehicles become more connected, it will be increasingly important to communicate with consumers how their information is collected and shared. For further information about technology in the car, consumers should contact their local dealer and review their vehicle’s owner’s manual.
The Guide launched at the Washington, DC Auto Show on January 26th. Watch the launch below.
Yesterday, the Mississippi Attorney General filed a Complaint against Google, alleging that the company violated its promises as a signatory of the Student Privacy Pledge (“Pledge”). After reviewing the Complaint and Google’s policy, the Future of Privacy Forum has determined that Google’s practices are consistent with its obligations under the Pledge.
First, it is important to understand that only Google’s educational products, known collectively as G Suite for Education, are subject to the Pledge. As we have written before, the Pledge covers only “school service providers,” – that is, companies when they are operating in their capacity as a provider of a service that is both designed and marketed for use in schools. This is consistent with most state student privacy laws and proposed federal bills. Why? When vendors are selling their general market products, they should not be required to change those products simply because they are sold to a school. The Pledge, and all state student privacy laws, are written to cover services like G Suite for Education that are specifically designed and marketed to schools.
The Complaint alleges that Google is advertising to students based on “data mining” the student’s behavioral activity while logged into G Suite. However, Google has consistentlystated that there are no ads in the G Suite for Education Core Services, which include Gmail, Calendar, Classroom, Drive, Docs, Sheets, Slides, Contacts, Groups, Vault, and Hangouts. Beyond those core services, school administrators must opt-in to allow students to use their school account with other Google services, some of which are ad supported, such as YouTube, Maps, or Blogger. Students can likewise be on a personal device, and “sync” the device or use other websites with their G Suite account if a school administrator allows them to do so. When using these commercial sites – not covered by the Pledge – students will see ads, but no student personal information from within the G Suite for Education Core Service products is ever used to target that advertising.
Targeted advertisements to students using data collected from G Suite for Education student accounts is not allowed under the Pledge, and Google does not do this. Therefore, we don’t believe the Complaint raises any valid issues about student data use by Google for Mississippi students. Google’s practices meet the commitments it has publicly made, as expressed in the Student Privacy Pledge.
Mobile Apps Study Underscores Necessity of Strong Best Practices for Health and Wellness Data
Kelsey Finch, FPF Policy Counsel, presented FPF’s 2016 Mobile Apps Study at the Federal Trade Commission’s annual PrivacyCon on January 12, 2017. Kelsey exhibited a visual representation of the App Study designed by FPF Fellow, Carolina Alonso. See the visual here and below.
The 2016 Mobile Apps Study underscores the necessity of strong Best Practices for health and wellness data. The App Study revealed that while the number of apps that provide privacy policies continues its upward trend from our previous surveys in 2011 and 2012, health and fitness apps – which often control and link to wearable devices, and which can collect sensitive health and wellness data – do worse than average at providing privacy policies. Only 70% of top health and fitness apps had a privacy policy (6% lower than overall top apps), and only 61% linked to it from the app store listing page (10% lower than overall top apps).
Recognizing the need for strong Best Practices, FPF released Best Practices for Consumer Wearables and Wellness Apps and Devices, a detailed set of guidelines that responsible companies can follow to ensure they provide practical privacy protections for consumer-generated health and wellness data. The document was produced with support from the Robert Wood Johnson Foundation and incorporates input from a wide range of stakeholders including companies, advocates, and regulators.
FPF is pleased to welcome Gabriela Zanfir-Fortuna, PhD. as a non-resident fellow. Gabriela worked for more than two years (March 2014-June 2016) for the European Data Protection Supervisor in Brussels, both for ‘Supervision and Enforcement’ and ‘Policy and Consultation’ Units. Notably, she represented the EDPS in various subgroups of the Article 29 Working Party, being a member of the drafting team of WP29 that assessed the EU-US Privacy Shield. Gabriela worked on international data transfers, international relations, EU large scale IT-systems (particularly, the Schengen Information System), case-law overviews and she was a member of the Court team.
At FPF, she will be responsible for tracking global privacy research scholarship for the FPF academic-industry Research Coordination Network (RCN). She will also help author blog posts, provide counsel on EU privacy law, and monitor EU activities related to FPF’s work. Please join us in welcoming Gabriela to the team!
FPF is delighted to welcome Leslie Harris as a senior fellow. Leslie is an Internet and technology policy lawyer who has been closely involved in the development of seminal Internet policy and regulation in Congress, Executive Branch agencies, the European Union and global governance bodies including the OECD,UNESCO and ICANN. From 2005 to 2014, she served as President/CEO of the Center for Democracy & Technology. Leslie is currently President of the Harris Strategy Group, a senior level consultancy providing strategic advice on policy and strategy related to new technology, civil liberties and human rights.
At FPF, she will lead our efforts to explore and examine legal, ethical, technological, administrative and practical roadblocks and challenges to sharing administrative data between businesses and researchers. Please join us in welcoming Leslie to the team!
Leading up to the event, FPF participated in two 
