• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Fair Information Practices: Overview and Application to the Omnibus Approach
 

Fair Information Practices: Overview and Application to the Omnibus Approach

on

  • 1,703 views

This presentation provides a high level overview of the Fair Information Practices and the creation of an Omnibus Privacy Law. The presentation is designed to inform lawmakers on the background and ...

This presentation provides a high level overview of the Fair Information Practices and the creation of an Omnibus Privacy Law. The presentation is designed to inform lawmakers on the background and benefits of creating and Omnibus Privacy Law in the United States, as such laws already exist in other parts of the world such as the European Union.

This is the first of three presentations on this topic.

Statistics

Views

Total Views
1,703
Views on SlideShare
1,622
Embed Views
81

Actions

Likes
0
Downloads
1
Comments
0

6 Embeds 81

http://www.ericgoldman.name 73
http://www.slideshare.net 3
http://192.168.2.100 2
http://ericgoldman.name 1
http://www.ericgoldman.name. 1
http://www.linkedin.com 1

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Fair Information Practices: Overview and Application to the Omnibus Approach Fair Information Practices: Overview and Application to the Omnibus Approach Presentation Transcript

  • Fair Information Practices Overview and Application to the Omnibus Approach
    • Thank you for checking out this presentation on SlideShare .
    • This presentation provides a high level overview of the Fair Information Practices and the creation of an Omnibus Privacy Law. The presentation is designed to inform lawmakers on the background and benefits of creating and Omnibus Privacy Law in the United States, as such laws already exist in other parts of the world such as the European Union.
    • This is the first of three presentations on this topic.
    Presentation Overview For more information please visit http://www.ericgoldman.name - Copyright 2009 Eric Goldman
  • Agenda
    • Introduction
    • Background
    • Value of the Omnibus Approach
    • Practices in Depth
    • Conclusion
    • Questions
    For more information please visit http://www.ericgoldman.name - Copyright 2009 Eric Goldman
  • Introduction
    • In order to increase privacy protections for our citizens, it becomes necessary to create a uniform set of privacy laws that apply broadly across multiple sectors
    • The current sectoral approach is limited to specific situations and does not provide general protections of citizen personal and private information
    • In order to combat cyber crime, such as identity theft and misuse of private records for discrimination, privacy laws based upon the Fair Information Practices developed by the United States in the 1970s are presently required
    For more information please visit http://www.ericgoldman.name - Copyright 2009 Eric Goldman
  • Background: What are the Fair Information Practices?
    • Originally developed in 1973 by the U.S. Dep't. of Health, Education and Welfare, Secretary's Advisory Committee on Automated Personal Data Systems
    • These practices outlined in the early1970s have been enacted into law in countries throughout the world
    • It is important to remember that the practices themselves are not laws, but serve as a framework to build legislation and regulations
    • At times, the practices outlined in this report may seem to overlap, however, it is important to consider each perspective on the complete problem
    For more information please visit http://www.ericgoldman.name - Copyright 2009 Eric Goldman
  • Value of the Omnibus Approach
    • Allows for standardization across sectors
      • Current approaches are administered with sectoral bias
      • Uniform enforcement and authority across sectors
      • Reduces loopholes in sectors with weak administration
    • Increases individual privacy protection
      • Reduces unsolicited and unknown usage of private information
      • Allows for monitoring and correction of private information
    • Uniformity with global standards
      • Facilitates globalized and multinational business operations
      • Can help with protect citizen data outside of United States
    For more information please visit http://www.ericgoldman.name - Copyright 2009 Eric Goldman
  • In Depth: Collection limitation
    • Overview
      • Information collected should be of a limited scope
      • Should be obtained with knowledge and/or consent
      • Collection should be obtained in a fair and legal manner
    • How this protects an individual’s privacy
      • Individuals are aware that their information is being collected
      • Individuals understand by whom this information is being obtained and for what purpose it will be used
      • No extraneous information is collected, which limits possible misuse or vulnerability if other safeguards are defeated
    For more information please visit http://www.ericgoldman.name - Copyright 2009 Eric Goldman
  • In Depth: Data quality
    • Overview
      • Information obtained should only be relevant to the purpose for which is it being collected
      • Information should be current and accurate in relation to the purpose of the collection activities
    • How this protects an individual’s privacy
      • Information which is not relevant is not vulnerable to attack
      • Once information is outdated or is no longer relevant it will need to be removed or updated which reduces exposure
      • Accurate and current information ensures that fair decisions will be made over time
    For more information please visit http://www.ericgoldman.name - Copyright 2009 Eric Goldman
  • In Depth: Purpose Specification
    • Overview
      • Purpose of collection should be disclosed prior to collection
      • Any changes to the original purpose should also be disclosed
      • Usage is limited to the purposes specified
    • How this protects an individual’s privacy
      • Information collected cannot later be used in some manner of which the individual does not approve or in a manner that would result in discrimination or unexpected consequences
      • Collection purposes and usage modifications are communicated to individuals, increasing their awareness of who has their information and for what purposes
    For more information please visit http://www.ericgoldman.name - Copyright 2009 Eric Goldman
  • In Depth: Use Limitation
    • Overview
      • Personal information is only used for the initial purpose
      • Information is only reused by consent or legal authority
    • How this protects an individual’s privacy
      • Information cannot unknowingly be transferred to a third party
      • Ensures that information is not used for new purposes that arise from information collector’s new needs or motivations
    For more information please visit http://www.ericgoldman.name - Copyright 2009 Eric Goldman
  • In Depth: Security Safeguards
    • Overview
      • Reasonable protections exist against loss, unauthorized access or disclosure, usage, and modification
    • How this protects an individual’s privacy
      • Users information should be protected against known attacks and methods that would breach privacy and confidentiality
      • Safeguards, such as access control systems also help limit accidental internal exposure that was not intended
      • Information is stored and transferred using secure methods to limit possible exposure or attack
    For more information please visit http://www.ericgoldman.name - Copyright 2009 Eric Goldman
  • In Depth: Openness
    • Overview
      • Privacy practices should be public knowledge
      • Individuals should have easy access to practices and how their information will be used once collected
    • How this protects an individual’s privacy
      • Collectors of information cannot hide their practices
      • Privacy practices can be scrutinized by regulators
      • Individuals are enabled to make more informed decisions about who they should allow access to their private information and how those collectors will then use the information
    For more information please visit http://www.ericgoldman.name - Copyright 2009 Eric Goldman
  • In Depth: Individual Participation
    • Overview
      • Individuals have the right to know what information is being collected about them and by whom
      • Collectors must provide easy access to information, with the ability to request corrections to the information collected
      • Procedures exist to challenge the denial of the above rights
    • How this protects an individual’s privacy
      • Ensures that records are accurate and are not misleading
      • Individuals have the power to stop unfair information usage
      • Individuals are always aware of who has what information and why they have this information
    For more information please visit http://www.ericgoldman.name - Copyright 2009 Eric Goldman
  • In Depth: Accountability
    • Overview
      • Collectors and users of collected information are accountable to ensure the other practices are enforced
      • Collectors must develop practices that are in compliance
    • How this protects an individual’s privacy
      • Collectors are consciously aware of the requirements, they cannot claim ignorance of violating privacy rights
      • Collectors have a vested interest in meeting the other practices because they are ultimately responsible for any breaches of these practices
    For more information please visit http://www.ericgoldman.name - Copyright 2009 Eric Goldman
  • Conclusion
    • The main ideas embodied in the above practices are:
      • Awareness: Individuals should know who is collecting their information, for what purpose it will be used, and how the data will be handled and protected from misuse
      • Consent: Information is only collected, maintained, and transferred as long as the individual provides explicit consent
      • Access: Individuals have the right to see what data is stored about them and to ensure that this information is accurate
      • Security: Personal information must be protected from unauthorized access or manipulation
      • Enforcement: Laws, penalties, and action must be taken to ensure holders of private information are accountable
    For more information please visit http://www.ericgoldman.name - Copyright 2009 Eric Goldman
  • Questions
    • Floor is open to questions
    For more information please visit http://www.ericgoldman.name - Copyright 2009 Eric Goldman
    • The reference list for this presentation is shared among multiple presentations, please see the full article for this presentation available at http://www.ericgoldman.name
    References For more information please visit http://www.ericgoldman.name - Copyright 2009 Eric Goldman