If Privacy is None of Your Business,You Could Soon Be Out of Business                              Anthony Targan         ...
OverviewDisclaimer: Views presented are my personal opinions and do notnecessarily represent those of ProQuest LLC Privac...
Privacy: What’s the Big Deal?Common Misperceptions… Facebook Generation: Nothing is private, right? Privacy Policy = “We...
“Consumer Privacy Bill of Rights”Consumers have the right to: Control how personal data is used Avoid having information...
“Do Not Track” Mechanism to give consumers more control over  the data that is being collected from them,  including for ...
Federal Trade CommissionEnforcement Authority by US FTC: FTC regulates “deceptive” or “unfair” privacy practices. Compan...
International Laws Canada European Union – Does not allow data transfer to  countries with inadequate privacy laws (US)...
Privacy Policy Essentials What sites are covered? One size does not fit all What is personally identifiable information?...
Privacy: Social Networking User Generated Content Connecting via Facebook Contests and Surveys (including via Facebook)...
Privacy Policy… “What Ifs” Selling Out: What happens if you sell your  business? Opting Out: How do people unsubscribe o...
Digital Millennium Copyright Act DMCA safe harbor provisions protect websites  from liability for material posted by thei...
EU Safe Harbor Certification Notice – Inform individuals how data is collected  and used Choice – Ability to opt out of ...
EU Safe Harbor Certification… Data integrity – Data must be relevant and reliable  for the purpose it was collected for....
Questions?Anthony TarganSenior Corporate CounselProQuest LLCAnn Arbor, Michigan734-997-4102anthony.targan@proquest.com
Upcoming SlideShare
Loading in...5
×

May 2012 - Business Law & Order - Anthony Targan

259

Published on

This is a presentation from Anthony Targan from the Business Law & Order event on E-Commerce, Advertising and Raising Money Online.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
259
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • http://www.whitehouse.gov/the-press-office/2012/02/23/fact-sheet-plan-protect-privacy-internet-age-adopting-consumer-privacy-bIndividual Control:  Consumers have a right to exercise control over what personal data organizations collect from them and how they use it.Transparency:  Consumers have a right to easily understandable information about privacy and security practices.Respect for Context:  Consumers have a right to expect that organizations will collect, use, and disclose personal data in ways that are consistent with the context in which consumers provide the data.Security:  Consumers have a right to secure and responsible handling of personal data.Access and Accuracy:  Consumers have a right to access and correct personal data in usable formats, in a manner that is appropriate to the sensitivity of the data and the risk of adverse consequences to consumers if the data are inaccurate.Focused Collection:  Consumers have a right to reasonable limits on the personal data that companies collect and retain.Accountability:  Consumers have a right to have personal data handled by companies with appropriate measures in place to assure they adhere to the Consumer Privacy Bill of Rights.
  • Consumer Privacy: Can the FTC Enforce a Voluntary Code of Conduct?http://www.readwriteweb.com/enterprise/2012/03/consumer-privacy-can-the-ftc-e.phpCompanies that commit to respecting Do Not Track will be subject to Federal Trade Commission (FTC) enforcement.
  • Canada: Personal Information Protection and Electronic Documents Act http://laws-lois.justice.gc.ca/PDF/P-8.6.pdfEuropean Commission http://ec.europa.eu/justice/data-protection/index_en.htmData Protection Directive (officially Directive 95/46/EC) http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31995L0046:en:NOTUnder European law, Internet service providers are not responsible for third-party content but are required to remove any content considered offensive if someone complains about it.APEC voluntary system of Cross Border Privacy Rules: http://www.apec.org/Groups/Committee-on-Trade-and-Investment/~/media/Files/Groups/ECSG/CBPR/CBPR-PoliciesRulesGuidelines.ashx
  • Myths and fallacies of “Personally identifiable information”http://www.cs.utexas.edu/~shmat/shmat_cacm10.pdf
  • “If you connect to a Site via Facebook, we may collect certain information from your Facebook account, including your Facebook User ID, any Facebook posts, Facebook friends, the amount of activity (i.e., comments, likes) that may occur in response to posts, certain demographic information and other information to the extent that you elect to make it publicly available on Facebook.”
  • US-EU Safe-Harbor http://www.export.gov/safeharbor/.BBB EU SAFE HARBOR web site:www.bbb.org/us/safe-harbor-complaints
  • US-EU Safe-Harbor http://www.export.gov/safeharbor/.BBB EU SAFE HARBOR web site:www.bbb.org/us/safe-harbor-complaints
  • Transcript of "May 2012 - Business Law & Order - Anthony Targan"

    1. 1. If Privacy is None of Your Business,You Could Soon Be Out of Business Anthony Targan Senior Corporate Counsel ProQuest LLC
    2. 2. OverviewDisclaimer: Views presented are my personal opinions and do notnecessarily represent those of ProQuest LLC Privacy laws and enforcement on the increase  White House: “Consumer Privacy Bill of Rights”  Federal Trade Commission  Internet businesses require global compliance Privacy Policy requirements, domestic and abroad Social Networking and User Generated Content DMCA and EU safe harbor
    3. 3. Privacy: What’s the Big Deal?Common Misperceptions… Facebook Generation: Nothing is private, right? Privacy Policy = “We won’t sell your personal info” If you don’t like it, just unsubscribe or opt out I’m in MI, so I only need to worry about US law
    4. 4. “Consumer Privacy Bill of Rights”Consumers have the right to: Control how personal data is used Avoid having information collected in one context and then used for an unrelated purpose Have information held securely Know who is accountable for the use or misuse of an individual’s personal data
    5. 5. “Do Not Track” Mechanism to give consumers more control over the data that is being collected from them, including for delivering behavioral advertising. Digital Advertising Alliance, Google, Microsoft, Yahoo, and Twitter have committed to develop technology to handle Do Not Track signal. Facebook?
    6. 6. Federal Trade CommissionEnforcement Authority by US FTC: FTC regulates “deceptive” or “unfair” privacy practices. Companies that adopt FTCs “best practices” subject themselves to FTC enforcement for any lapses.Authority to enforce Privacy Bill of Rights IF: Congress passes accompanying legislation; or Companies adopt voluntary codes of conduct
    7. 7. International Laws Canada European Union – Does not allow data transfer to countries with inadequate privacy laws (US) Italy – Google executives sentenced for failure to remove video that showed bullying of autistic boy by teenagers in Italy (2010) Asia-Pacific Economic Cooperation (APEC) US goal: global privacy policy equality to promote international interoperability and consistency
    8. 8. Privacy Policy Essentials What sites are covered? One size does not fit all What is personally identifiable information?  YES: Full name, social security number, IP address, phone number, birth date, residence address  NO: Business card information What information do you collect? How do you use or display information collected?
    9. 9. Privacy: Social Networking User Generated Content Connecting via Facebook Contests and Surveys (including via Facebook) Social Networking On-line Protection Act Cookies Children
    10. 10. Privacy Policy… “What Ifs” Selling Out: What happens if you sell your business? Opting Out: How do people unsubscribe or terminate their account? What happens to info? Third Parties: Hosting company or service providers may have different policies. Security measures Changes to the policy
    11. 11. Digital Millennium Copyright Act DMCA safe harbor provisions protect websites from liability for material posted by their users Remove known infringing material Comply with notice and take-down procedures
    12. 12. EU Safe Harbor Certification Notice – Inform individuals how data is collected and used Choice – Ability to opt out of data collection and transfer Onward Transfer – Only to companies that follow adequate data protection principles Security -- Reasonable efforts to prevent data loss
    13. 13. EU Safe Harbor Certification… Data integrity – Data must be relevant and reliable for the purpose it was collected for. Access – Individuals must be able to access information held about them, and correct or delete it if it is inaccurate Enforcement – Effective means of enforcing rules, including dispute resolution process (such as Better Business Bureau)
    14. 14. Questions?Anthony TarganSenior Corporate CounselProQuest LLCAnn Arbor, Michigan734-997-4102anthony.targan@proquest.com

    ×