Search results

[…] an$ advisory$ board$ comprised$ of$ leaders$ from$industry,$academia,$law$and$advocacy$groups.$!! !!!!!!Overextended:! Jurisdiction! and! Applicable! Law! under! the!EU! General! Data! Protection!Regulation!!The! proposed! EU!General!Data! Protection!Regulation!(“GDPR”)1!re9defines!EU! privacy!jurisdiction!and! applicable! law.!Article! 3(1)! of! the! GDPR,!which! deals! with! the! authority! to!regulate! a! controller! or! processor! located!within! the! European! Union!and!addresses!locally9based!actors,!is!uncontroversial!in!its!assertion!of!authority.!The!introduction!of!a!new!”one9stop9shop”! concept,! with! a! primary! regulator,!to!augment! this! “country! of! origin”9based!approach!should!help!provide!legal!certainty!for!organizations!operating!in!Europe.!!!Article! 3(2)! of! the! GDPR! extends! […]

[…] an$ advisory$ board$ comprised$ of$ leaders$ from$industry,$academia,$law$and$advocacy$groups.$!! !!!!!!Overextended:! Jurisdiction! and! Applicable! Law! under! the!EU! General! Data! Protection!Regulation!!The! proposed! EU!General!Data! Protection!Regulation!(“GDPR”)1!re9defines!EU! privacy!jurisdiction!and! applicable! law.!Article! 3(1)! of! the! GDPR,!which! deals! with! the! authority! to!regulate! a! controller! or! processor! located!within! the! European! Union!and!addresses!locally9based!actors,!is!uncontroversial!in!its!assertion!of!authority.!The!introduction!of!a!new!”one9stop9shop”! concept,! with! a! primary! regulator,!to!augment! this! “country! of! origin”9based!approach!should!help!provide!legal!certainty!for!organizations!operating!in!Europe.!!!Article! 3(2)! of! the! GDPR! extends! […]

[…] an$ advisory$ board$ comprised$ of$ leaders$ from$industry,$academia,$law$and$advocacy$groups.$!! !!!!!!Overextended:! Jurisdiction! and! Applicable! Law! under! the!EU! General! Data! Protection!Regulation!!The! proposed! EU!General!Data! Protection!Regulation!(“GDPR”)1!re9defines!EU! privacy!jurisdiction!and! applicable! law.!Article! 3(1)! of! the! GDPR,!which! deals! with! the! authority! to!regulate! a! controller! or! processor! located!within! the! European! Union!and!addresses!locally9based!actors,!is!uncontroversial!in!its!assertion!of!authority.!The!introduction!of!a!new!”one9stop9shop”! concept,! with! a! primary! regulator,!to!augment! this! “country! of! origin”9based!approach!should!help!provide!legal!certainty!for!organizations!operating!in!Europe.!!!Article! 3(2)! of! the! GDPR! extends! […]

[…] is! a! temporary!state!rather! than! a!stable!category.97!In!an!influential!law!review!article,!Paul!Ohm!observed!that!”eHidentification!science! disrupts! the! privacy! policy! landscape! by! undermining! the! faith! that! we! have! placed! in!anonymization.”98!The! implications! for! government! and! businesses! can! be! stark,!since!deH!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!93!This!article! deals!with!the!adjustment!of!the!existing!privacy!framework!to!accommodate!big!data!realities.!Other!privacy!issues!raised!by!big!data,!such!as!government!access!to!or!surveillance!of!private!sector!databases,!are!beyond!the!scope!of!this!paper.!See,!e.g.,!James!Dempsey!&!Lara!Flint,!Commercial!Data!and!National!Security,!72!GEO.!WASH.!L.!REV.!1459!(2004).!!!94!See,!e.g.,!Article!29!Data!Protection!Working!Party,!Opinion!4/2007!on!the!Concept!of!Personal!Data,!WP!136,!June!20,!2007,!http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2007/wp136_en.pdf;!Markle!Foundation!Task!Force!on!National!Security!in!the!Information!Age,!Creating!a!Trusted!Network!for!Homeland!Security!(2003),!http://www.markle.org/downloadable_assets/nstf_report2_full_report.pdf;!Ira!Rubinstein,!Ronald!Lee!&!Paul!Schwartz,!Data!Mining!and!Internet!Profiling:!Emerging!Regulatory!and!Technological!Approaches,!75!U.!CHI.!L.!REV.!261,!268H29!(2008).!!95!W.!Kuan!Hon,!Christopher!Millard!&!Ian!Walden,!The!Problem!of!’Personal!Data’!in!Cloud!Computing!H!What!Information!is!Regulated?!The!Cloud!of!Unknowing,!Part!1,!March!15,!2011,!Queen!Mary!School!of!Law!Legal!Studies!Research!Paper!No.!75/2011,!http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1783577.!!96!This!line!of!research!was!pioneered!by!Latanya!Sweeney!and!made!accessible!to!lawyers!by!Paul!Ohm.!Ohm,!supra!note!64;!Latanya!Sweeney,!Uniqueness!of!Simple!Demographics!in!the!U.S.!Population,!Laboratory!for!International!Data!Privacy!Working!Paper,!LIDAPHWP4!(2000);!Narayanan!&!Shmatikov,!supra!note!62;!Arvind!Narayanan!&!Vitaly!Shmatikov,!Myths!and!Fallacies!of!”Personally!Identifiable!Information”,!53(6)!COMMUNICATIONS!OF!THE!ACM!24!(2010),!http://www.cs.utexas.edu/users/shmat/shmat_cacm10.pdf;!and!more!recently!Arvind!Narayanan,!Hristo!Paskov!et!al,!On!the!Feasibility!of!InternetHScale!Author!Identification,!IEEE!S&P!2012,!http://randomwalker.info/publications/authorHidentificationHdraft.pdf.!!!97!See!series!of!blog!posts!by!Ed!Felten,!the!FTC’s!Chief!Technologist!and!a!Professor!of!Computer!Science!at!Princeton:!Ed!Felten,!Does!Hashing!Make!Data!”Anonymous”?,!TECH@FTC,!April!22,!2012,!http://techatftc.wordpress.com/2012/04/22/doesHhashingHmakeHdataHanonymous;!Ed!Felten,!Are!pseudonyms!”anonymous”?,!TECH@FTC,!April!30,!2012,!http://techatftc.wordpress.com/2012/04/30/areHpseudonymsHanonymous;!Felten,!supra!note!61.!!98!Ohm,!supra!note!64,!at!1704.!!! !!20!identification! has! become! a! key! component! of! numerous! business! models,!most! notably! in! the!context!of!health!data!(e.g.,!clinical!trials),!online!behavioral!advertising,!and!cloud!computing.!!The! first! major! policy! question! raised! by! the! big! data! phenomenon! concerns! the! scope! […]

[…] is! a! temporary!state!rather! than! a!stable!category.97!In!an!influential!law!review!article,!Paul!Ohm!observed!that!”eHidentification!science! disrupts! the! privacy! policy! landscape! by! undermining! the! faith! that! we! have! placed! in!anonymization.”98!The! implications! for! government! and! businesses! can! be! stark,!since!deH!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!93!This!article! deals!with!the!adjustment!of!the!existing!privacy!framework!to!accommodate!big!data!realities.!Other!privacy!issues!raised!by!big!data,!such!as!government!access!to!or!surveillance!of!private!sector!databases,!are!beyond!the!scope!of!this!paper.!See,!e.g.,!James!Dempsey!&!Lara!Flint,!Commercial!Data!and!National!Security,!72!GEO.!WASH.!L.!REV.!1459!(2004).!!!94!See,!e.g.,!Article!29!Data!Protection!Working!Party,!Opinion!4/2007!on!the!Concept!of!Personal!Data,!WP!136,!June!20,!2007,!http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2007/wp136_en.pdf;!Markle!Foundation!Task!Force!on!National!Security!in!the!Information!Age,!Creating!a!Trusted!Network!for!Homeland!Security!(2003),!http://www.markle.org/downloadable_assets/nstf_report2_full_report.pdf;!Ira!Rubinstein,!Ronald!Lee!&!Paul!Schwartz,!Data!Mining!and!Internet!Profiling:!Emerging!Regulatory!and!Technological!Approaches,!75!U.!CHI.!L.!REV.!261,!268H29!(2008).!!95!W.!Kuan!Hon,!Christopher!Millard!&!Ian!Walden,!The!Problem!of!’Personal!Data’!in!Cloud!Computing!H!What!Information!is!Regulated?!The!Cloud!of!Unknowing,!Part!1,!March!15,!2011,!Queen!Mary!School!of!Law!Legal!Studies!Research!Paper!No.!75/2011,!http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1783577.!!96!This!line!of!research!was!pioneered!by!Latanya!Sweeney!and!made!accessible!to!lawyers!by!Paul!Ohm.!Ohm,!supra!note!64;!Latanya!Sweeney,!Uniqueness!of!Simple!Demographics!in!the!U.S.!Population,!Laboratory!for!International!Data!Privacy!Working!Paper,!LIDAPHWP4!(2000);!Narayanan!&!Shmatikov,!supra!note!62;!Arvind!Narayanan!&!Vitaly!Shmatikov,!Myths!and!Fallacies!of!”Personally!Identifiable!Information”,!53(6)!COMMUNICATIONS!OF!THE!ACM!24!(2010),!http://www.cs.utexas.edu/users/shmat/shmat_cacm10.pdf;!and!more!recently!Arvind!Narayanan,!Hristo!Paskov!et!al,!On!the!Feasibility!of!InternetHScale!Author!Identification,!IEEE!S&P!2012,!http://randomwalker.info/publications/authorHidentificationHdraft.pdf.!!!97!See!series!of!blog!posts!by!Ed!Felten,!the!FTC’s!Chief!Technologist!and!a!Professor!of!Computer!Science!at!Princeton:!Ed!Felten,!Does!Hashing!Make!Data!”Anonymous”?,!TECH@FTC,!April!22,!2012,!http://techatftc.wordpress.com/2012/04/22/doesHhashingHmakeHdataHanonymous;!Ed!Felten,!Are!pseudonyms!”anonymous”?,!TECH@FTC,!April!30,!2012,!http://techatftc.wordpress.com/2012/04/30/areHpseudonymsHanonymous;!Felten,!supra!note!61.!!98!Ohm,!supra!note!64,!at!1704.!!! !!20!identification! has! become! a! key! component! of! numerous! business! models,!most! notably! in! the!context!of!health!data!(e.g.,!clinical!trials),!online!behavioral!advertising,!and!cloud!computing.!!The! first! major! policy! question! raised! by! the! big! data! phenomenon! concerns! the! scope! […]

[…] discussions: A Brief FPF Survey of Mobile Application Best Practices The August 22, 2012 multistakeholder meeting will be the second in a series of NTIA-convened discussions concerning mobile application transparency. Webcast: http://www.ntia.doc.gov/other-publication/2012/privacy-multistakeholder-meeting-webcast-8-22-2012 Moderated Conference Bridge: dial-in – ( 888–957–9870 or 210-839-8914) passcode – PRIVACY MSH For more details about the upcoming meeting visit the NTIA website.

[…] of” its” brand” might” make” a” different” choice”–”perhaps”not”movie”rental”companies,”thanks”to”the” VPPA,” but”certain” types” of”noncommercial” video” sites”might.” Platforms” might” presumptively” share”virtually” any” other” category” of” information:”books,” web” sites,” music,”location,” restaurant” reservations,”purchases,”and”on”and”on.”At”the”other”hypothetical”extreme,”we”could”make”it”so”difficult”to”transmit”information”that”no”sharing”occurs.”I”don’t”know”of”anyone”who”supports”this”option.”The”benefits”explored”in”Part”II”make”it”clear” that” we” would” lose” a” great” deal”if” we” strangled” playlist” sharing”or” obstructed” individuals” from”posting”links”to”recommended”content.””””””””””””””””””””””””””””””””””””””””””””””””””””””””””””””96″The”NetflixEsupported”bill”to”change”the”VPPA”specifies”that”consumers”may””withdraw”their”consent.””H.R.”2471″(Dec.”7,”2011).”But”the”bill”does”not”require”that”companies”such”as”Netflix”offer”a”caseEbyEcase”optEout,”and”it”does”not”ensure”that”cancelling”the”authorization”is”reasonably”easy.”See”McGeveran”Testimony,”supra”note”30.”97″Leslie”Meredith,”Senators*Consider*Banning*Automatic*Media*Sharing*on*Facebook,”SCI”AMERICAN”(Feb.”12,”2012),”http://www.scientificamerican.com/article.cfm?id=senatorsEconsiderEbanning”(“Nagging”requests”for”permission”could”overwhelm”Facebook”if”the”Senate”decides”all”media”should”be”governed””by”the”VPPA);”TK”CITE”Chris”Wolf”testimony.”98″In”theory”the”nature”of”the”movie”choices”could”be”so”private”that”it”would”violate”the”public”disclosure”of”private”facts”tort.”It”is”difficult”to”imagine”disclosures”of”media”choices”sufficiently””outrageous””to”trigger”liability.”TK”CITE”Restatement.”Moreover,”the”publication”requirement”in”some”jurisdictions”might”prevent”the”application”of”the”tort”to”limited”publications”among”Facebook”friends.”CITE”cases,”Strahilevitz”article.””99″McGeveran,”supra”note”13,”at”1139E40.” 23″DRAFT&–&DO&NOT&QUOTE&OR&CITE&WITHOUT&PERMISSION&If”there”should”not”be”either”zero”friction”or”extreme”friction,”then”our”task”is”setting”the”degree”in” between” those” two” poles.” With” perfect” information” I” suspect” we” could” […]

[…] we had currently no ability to determine accurate pricing behaviour or for which we concluded that the sites were not offering a homogeneous product. This notably excluded airlines or car rental companies. Also excluded were markets for which there was an exogenously given consumption constraint, such as banking sites, ISPs or mobile phone operators. […]

[…] the assumption is that dealings are with the person who is presumed to be correctly represented by the registered transaction identity, which means that a transacting entity deals with that individual. The dealing would then be via the registere d transaction identity but with the person: Fig. 3. On this view, the information which […]

[…] upon personal data, whether ornot by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval,consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment orcombination, blocking erasure or destruction.” 95/46/EC Art. 2(b).Directive 95/46/EC Art. 2(d); KORFF, DATA PROTECTION LAWS, supra note ___, at 13. 10695/46/EC Art. 2(a). 107-30-first generation statutes, […]