PRIMERPRIVACY LAW
Experience won’t just be about the tool youbuild, but it will include how you managesensitive data and how you respect use...
This talk is not about Facebook.This talk is about you.
uncharted legal territory                     What do we mean by “privacy?”
Distinguishing Fourth Amendment from privacyin the civil sense.
Electronic Communications Privacy Act
Personally Identifiable Information (Pii)
“Personally identifiable information” is information thatidentifies a particular person. “Pii” includes:  • Full name;  • ...
federal movement on privacy                     I just want to build cool stuff.                               Why should ...
Problem #1: The laws around data reside inindustry silos.
Few pieces of key legislation:    Do Not Track Act    Commercial Privacy Bill of Rights Act of 2011    Personal Data Priva...
Problem #2: They aren’t getting it in DC.
Silicon Valley, Alley, Beach > DC
Problem #3: This isn’t going away.
FTC Action   Opting Out = ScanScout   Children’s Privacy = SkidKids
oh crap.           What Developers Can Do
What people care about:
Data control
Data minimization
Data portability
Data withdrawal
Here are a few places to start:
Conducting an assessment on privacy anddata security.
type         amountAudit:         use         intake
Architectural solutions to privacy. Build withprivacy in mind.
We can work to create a marketplace thatrewards “privacy by design” while promotinginnovation.
Policy solutions to privacy.
Privacy policies and practices in their currentincarnation are not working.
kidz.        yes, different rules apply.
MinorsChildren’s Online Privacy Protection Act
Children’s Online Privacy Protection ActRegulates all types of identifying informationExemptions: electronic postcards, co...
Children’s Online Privacy Protection ActRequires websites to get parental consent beforecollecting or sharing info for chi...
Children’s Online Privacy Protection ActTo comply:   Post a privacy policy/advise whenever personal   information collecte...
We just scratched the surface.
Lawyer         Christina Gagnier         @gagnier         gagnier@gamallp.com         gamallp.com
?
PRIMERPRIVACY LAW
piiLabsSeattleWorkshop_ChristinaGagnier
piiLabsSeattleWorkshop_ChristinaGagnier
piiLabsSeattleWorkshop_ChristinaGagnier
piiLabsSeattleWorkshop_ChristinaGagnier
piiLabsSeattleWorkshop_ChristinaGagnier
piiLabsSeattleWorkshop_ChristinaGagnier
piiLabsSeattleWorkshop_ChristinaGagnier
Upcoming SlideShare
Loading in...5
×

piiLabsSeattleWorkshop_ChristinaGagnier

217

Published on

Presentation by Christina Gagnier of Gagnier Margossian at Privacy Identity Innovation's pii Labs workshop in Seattle, WA on May 14, 2012

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
217
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

piiLabsSeattleWorkshop_ChristinaGagnier

  1. 1. PRIMERPRIVACY LAW
  2. 2. Experience won’t just be about the tool youbuild, but it will include how you managesensitive data and how you respect users.
  3. 3. This talk is not about Facebook.This talk is about you.
  4. 4. uncharted legal territory What do we mean by “privacy?”
  5. 5. Distinguishing Fourth Amendment from privacyin the civil sense.
  6. 6. Electronic Communications Privacy Act
  7. 7. Personally Identifiable Information (Pii)
  8. 8. “Personally identifiable information” is information thatidentifies a particular person. “Pii” includes: • Full name; • National identification number; • IP address; • Vehicle registration plate number; • Driver’s license number; • Face; • Fingerprints; • Handwriting; • Credit card numbers; • Digital identity; • Date of birth; • Birthplace; and • Genetic information.
  9. 9. federal movement on privacy I just want to build cool stuff. Why should I care?
  10. 10. Problem #1: The laws around data reside inindustry silos.
  11. 11. Few pieces of key legislation: Do Not Track Act Commercial Privacy Bill of Rights Act of 2011 Personal Data Privacy and Security Act Secure and Fortify Electronics Data Act (SAFE) Data Security and Breach Notification Act
  12. 12. Problem #2: They aren’t getting it in DC.
  13. 13. Silicon Valley, Alley, Beach > DC
  14. 14. Problem #3: This isn’t going away.
  15. 15. FTC Action Opting Out = ScanScout Children’s Privacy = SkidKids
  16. 16. oh crap. What Developers Can Do
  17. 17. What people care about:
  18. 18. Data control
  19. 19. Data minimization
  20. 20. Data portability
  21. 21. Data withdrawal
  22. 22. Here are a few places to start:
  23. 23. Conducting an assessment on privacy anddata security.
  24. 24. type amountAudit: use intake
  25. 25. Architectural solutions to privacy. Build withprivacy in mind.
  26. 26. We can work to create a marketplace thatrewards “privacy by design” while promotinginnovation.
  27. 27. Policy solutions to privacy.
  28. 28. Privacy policies and practices in their currentincarnation are not working.
  29. 29. kidz. yes, different rules apply.
  30. 30. MinorsChildren’s Online Privacy Protection Act
  31. 31. Children’s Online Privacy Protection ActRegulates all types of identifying informationExemptions: electronic postcards, contests, onlinenewsletters, homework helpExample: Disney’s Club PenguinIf you know you have minors on your site, closethe accounts
  32. 32. Children’s Online Privacy Protection ActRequires websites to get parental consent beforecollecting or sharing info for children under 13Enforced by the Federal Trade CommissionApplies to commercial websites and other onlineservicesIf you know you have minors on your site, closethe accounts
  33. 33. Children’s Online Privacy Protection ActTo comply: Post a privacy policy/advise whenever personal information collected Parental notice, consent, access to information Can’t condition participation on providing more info Confidentiality & security of information collected from children
  34. 34. We just scratched the surface.
  35. 35. Lawyer Christina Gagnier @gagnier gagnier@gamallp.com gamallp.com
  36. 36. ?
  37. 37. PRIMERPRIVACY LAW

×