Search results

[…] and in the interplay of developing business practices and technology. Key recommendations include: Phasing-out and eliminating the use of screen scraping—whereby a company uses a consumer’s log-in credentials to access a bank or card issuer website; Requiring all parties to implement security programs commensurate to their size and scale; Encouraging development of shared service […]

[…] suggest that stronger protections may be necessary for vulnerable individuals or in connection with services targeted at such users. Others have suggested protections for mobile-first users, preventing bad actors from deceiving individuals who access the internet on a mobile device by placing crucial information at the end of long disclosures or agreements. If broad […]

[…] through the device’s user configurations). Users should also be given an easy way (with clear instructions) to delete their data, including their details, personalized configurations, and access credentials. If users use this functionality, they should receive confirmation that their data has been deleted from services, devices, and apps. The confirmation is particularly important in […]

[…] foster the connections and dialogues critical to building trust. We also want to use our unique centrist position – of focusing not on what appears good or bad, but on what is objectively important – to help regulators make the most informed choices on why, how, and when to regulate data and technology. We, […]

[…] the need to embed privacy protections in the regulation of digital assets. The U.S. Department of the Treasury and the Federal Reserve have articulated concerns regarding how bad actors exploit distributed ledger technologies for illicit purposes, and those agencies will likely make recommendations to strengthen government oversight and supervision capabilities. However, the Order’s emphasis […]

[…] and social progress and prosperity, every technological revolution also brings with it disruption and friction. The first law of technology is that it is not good, not bad, but also not neutral. The new digital technologies (and, in particular, artificial intelligence (AI) and quantum computing) are in and of themselves already disrupting societies and […]

[…] A standardized and interoperable API would allow third parties to carry out their services on behalf of customers without accessing certain personal information, such as various login credentials. In the absence of widely adopted secure APIs, third parties sometimes turn to screen scraping to perform services, while collecting customer login credentials and other personal […]

[…] storing, sharing, and processing neurodata including: Employing appropriate privacy enhancing technologies; Encrypting sensitive personal neurodata in transit and at rest; and Embracing appropriate security measures to combat bad actors. Stakeholders should also adopt policy safeguards including but not limited to: Rethinking transparency, notice, terms of use, and consent frameworks to empower users with a […]

[…] can now be performed partially or entirely using online platforms and services. However, systems using digital transactions struggle to establish trust around personal identification because personal login credentials vary for every account and passwords are forgettable and frequently insecure. Largely because of this “trust gap,” the equivalent of personal identity credentials like a passport […]

[…] for individualized communications and treatment.  “Sensitive data” includes personal data that reveals: (A) racial or ethnic origin, religious belief, gender, sexual orientation, citizenship, or immigration status; (B) credentials sufficient to access an account remotely; (C) a credit or debit card number or financial account number; (D) a Social Security number, tax-identification number, driver’s license […]