The document discusses how privacy regulation may impact businesses in 2012. It provides a brief history of US privacy law and discusses several proposed pieces of federal privacy legislation that were introduced in 2011 but not enacted. The document also summarizes recent FTC enforcement actions and expected revisions to the COPPA rules regarding children's privacy. It concludes by outlining some common threads and trends in privacy regulation to watch in 2012.
A general talk on privacy in early 2009, with quite a few slides summarizing the US National Research Council\'s report "Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Program Assessment" that was issued in late 2008
A general talk on privacy in early 2009, with quite a few slides summarizing the US National Research Council\'s report "Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Program Assessment" that was issued in late 2008
2017 Legal Update on Digital Accessibility Cases with Lainey Feingold3Play Media
This webinar will be presented by Lainey Feingold, an internationally recognized disability rights lawyer and pioneer of Structured Negotiation known for negotiating landmark accessibility agreements. In this webinar, Lainey will take us through key cases, government agency activity, settlements, and other developments in the digital accessibility legal landscape since her last 3Play Media webinar in September 2016.
Although white collar crimes are non-violent offenses. They are criminal offenses nonetheless and can be punished just as harshly as other, more well-know crimes; a basic understanding of some of the more common white - collar crimes might prevent you from unknowingly participating in one . Learn more about white collar crimes in California in this presentation.
Presentation on Cyber Harassment at 2009 Georgetown Law Reunion Weekend.
Some of the rantings made in response to his presentation are the work of Vanessa Kachadurian who is a defendant in a cyber harassment suit currently pending in federal court in Fresno. http://kachadurianlit.wordpress.com/
2017 Legal Update on Digital Accessibility Cases with Lainey Feingold3Play Media
This webinar will be presented by Lainey Feingold, an internationally recognized disability rights lawyer and pioneer of Structured Negotiation known for negotiating landmark accessibility agreements. In this webinar, Lainey will take us through key cases, government agency activity, settlements, and other developments in the digital accessibility legal landscape since her last 3Play Media webinar in September 2016.
Although white collar crimes are non-violent offenses. They are criminal offenses nonetheless and can be punished just as harshly as other, more well-know crimes; a basic understanding of some of the more common white - collar crimes might prevent you from unknowingly participating in one . Learn more about white collar crimes in California in this presentation.
Presentation on Cyber Harassment at 2009 Georgetown Law Reunion Weekend.
Some of the rantings made in response to his presentation are the work of Vanessa Kachadurian who is a defendant in a cyber harassment suit currently pending in federal court in Fresno. http://kachadurianlit.wordpress.com/
TechWeek Chicago 2012 was great success. Packed room with entrepreneurs eager to understand legal issues facing their business. If you were unable to attend, here is my portion of the presentation.
Personally Identifiable Information – FTC: Identity theft is the most common ...Jan Carroza
Retailers are liable for identity theft and can be subject to fines and criminal prosecution for breach. What consumer information is considered Personally Identifiable Information (PII)? What laws should retailers be aware of? What are the 6 General Mandates that affect every retailer? What can merchants do to secure their electronic payments systems and procedures?
Provide updates on CAN-SPAM, keyword search liability and the recent FTC affiliate marketing rules to identify how audience members can ensure that their campaigns produce results, not liabilities.
Links Associated with Privacy Death of privacy ‘Your ce.docxsmile790243
Links Associated with Privacy
Death of privacy: ‘Your cell phone Big Brother’s best friend’ (video with Steve Rambam CEO
of Pallorium Inc. an international online investigative service).
TEDx-Cory Doctorow: How do we make kids care about online privacy? (video that
illustrates how social networking and our use of the Internet influences how children
under-value their privacy).
Privacy no more? TrapWire’s all seeing eye tracks your every move. (video of how the
federal government uses surveillance cameras nationwide).
Privacy Issues in the Age of Technology: Jim Dempsey (provides an overview of privacy
issues and how data is used by organizations).
Defcon 21 - The ACLU Presents: NSA Surveillance and More (illustrates key issues
associated with NSA surveillance and how the government acquires data about
individuals).
Smartphones damage our privacy much more than we realize: interview with Carissa Véliz
(privacy issues regarding our use of cell phones, personal computers, social media sites,
etc.).
http://www.youtube.com/watch?v=QGHU8btqrrU
http://www.youtube.com/watch?v=RAGjNe1YhMA
http://www.youtube.com/watch?v=yyNA_6yv5Y0
https://www.youtube.com/watch?v=HekUeBJJbSw
https://www.youtube.com/watch?v=tknNtx9Sl2E
https://www.youtube.com/watch?v=RFqCyMtv1Cc
TECHNOLOGY AS A THREAT TO
PRIVACY: Ethical Challenges to the
Information Profession
J. J. BRITZ
Department of Information Science
University of Pretoria
0002 Pretoria, South Africa
E-mail: [email protected]
The aim of this paper is to assess the impact of technology on the private lives of people.
It is approached from a socio-ethical perspective with specific emphasis on the
implication for the information profession. The issues discussed are the concept privacy,
he influence of technology on the processing of personal and private information, the
relevance of this influence for the information profession, and proposed solutions to these
ethical issues for the information profession.
1. INTRODUCTION
We are currently living in the so-called information age which can be described as an
era were economic activities are mainly information based (an age of
informationalization). This is due to the development and use of technology. The main
characteristics of this era can be summarized as a rise in the number of knowledge
workers, a world that has become more open - in the sense of communication (global
village/Gutenberg galaxy) and internationalization (trans-border flow of data).
This paradigm shift brings new ethical and juridical problems which are mainly
related to issues such as the right of access to information, the right of privacy which
is threatened by the emphasis on the free flow of information, and the protection of
the economic interest of the owners of intellectual property.
In this paper the ethical questions related to the right to privacy of the individual
which is threatened by the use of ...
All levels of society rely upon information technology systems. Network operations are pervasive and impact nearly every aspect of our society. The desire of companies to collect, use, store, and secure information about customers, employees, and other individuals is a requirement of the new economy. It is no wonder that the prevalence of electronic communications and a growing dependency on cyber structures and operations also create potential vulnerabilities to cyberattacks. It is critical to preserve information systems and address and prevent weaknesses in cyber protection efforts. This webinar examines the means for companies to reach data goals ethically, efficiently and legally. The panel will also discuss the evolving regulatory approaches of the European Union, United States Federal government and significant developments in U.S. state regimes, including California. Best practices and model comprehensive privacy and cybersecurity policies are discussed. And, data breach response and related litigation, including class action litigation issues and fiduciary duty violations under corporate law, are discussed.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/data-privacy-compliance-2021/
Internet Privacy Essay
Internet Privacy Essays
Internet Privacy
Essay On Internet Privacy
Internet and Personal Privacy Essay
Essay on Internet Privacy
Internet Privacy Essay
Internet Privacy.
Internet Privacy Essay
Internet Privacy Analysis
Similar to How Will Privacy Regulation Impact Your Business in 2012 (20)
The Customer Engagement Roadmap - The Key to Increasing the Value of Your Membership Base
Want to increase your subscription site’s profitability? The Customer Engagement Roadmap will show you how!
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
How Will Privacy Regulation Impact Your Business in 2012
1.
2. How Will Privacy Regulation Impact Your Business In 2012? Daniel T. Rockey, Esq., CIPP Holme, Roberts & Owen LLP San Francisco
3. Legal Disclaimer This presentation is intended for general informational purposes only and should not be construed as legal advice or legal opinion on any specific facts or circumstances, nor is it intended to address specific legal compliance issues that may arise in particular circumstances. Please consult counsel concerning your own situation and any specific legal questions you may have. The thoughts and opinionsexpressed in this presentation are those of the individual presenters and do not necessarily reflect the official or unofficial thoughts or opinions of their employers. For further information regarding this presentation, please contact the presenter(s) listed in the presentation. Unless otherwise noted, all original content in this presentation is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License available at: http://creativecommons.org/licenses/by-sa/3.0/us.
4. How Will Privacy Regulation Impact Your Business In 2012? Brief History of US Privacy Law A Flurry of Proposed US Privacy Legislation Legislative Vacuum = More Aggressive FTC New COPPA Rules: What To Expect Privacy Litigation On The Rise How To Prepare: Privacy By Design
5. The Right to Privacy: US No Right of Privacy in US Constitution Nevertheless, a right has been implied from the 4th Amendment and general protections for life, liberty, etc. (Penumbral Theory) “The Right to Privacy,” Harvard Law Review, Brandeis (1890) “The common law secures to each individual the right of determining, ordinarily, to what extent his thoughts, sentiments, and emotions shall be communicated to others.” Olmstead v. United States, 277 U.S. 438, 478-9 (1928) (Brandeis, dissenting) Defined the right of privacy as the “right to be left alone.”
6. The Right to Privacy: US Historically, right to privacy = right to be free from intrusion in one’s home Rowan v. United States Post Office Dep’t, 397 U.S. 728 (1970) (upholding Do Not Mail because ‘‘[t]o hold less would tend to license a form of trespass and would make hardly more sense than to say that a radio or television viewer may not twist the dial to cut off an offensive... communication... entering his home.’’) Mainstream Mktg. Servs. v. FTC, 358 F. 3d 1228, 1238 (10th Cir. 2004) (upholding Do Not Call: “the State’s interest in protecting the well-being, tranquility, and privacy of the home is certainly of the highest order in a free and civilized society.”
7. Congress Begins to Recognize Right of Privacy in Information Fair Credit Reporting Act of 1970 (granted limited right to access, dispute and correct credit information; limits on sharing of credit info) Electronic Communications Privacy Act of 1986 (restricts intercepts of electronic communications, stored data) Video Privacy Protection Act of 1988 (prohibits video service providers from disclosing rental or purchase info) Drivers Privacy Protection Act of 1994 (prohibits DMV from sharing motor vehicle data with marketers w/o consent)
8. Targeted Approach: Health and Financial Data HIPAA (1996) (requires express consent to share health data other than for treatment, payment or healthcare operations) (ARRA & HiTech) Gramm-Leach-Bliley (1999) (applies to financial institutions; requires notice to share w/ affiliates; for 3rd parties, must allow opt-out) Fair and Accurate Credit Transactions Act of 2003 (added Affiliate Marketing Rule to FCRA- requires notice and opt-out to share “eligibility information,” including “personal characteristics or mode of living”)
9. Regulation of Online Data Collection Children’s Online Privacy Protection Act of 1998 (COPPA) Marks new era of privacy regulation For the first time, limits collection of online data for marketing purposes Relatively non-controversial, but creates a slippery slope
10. Following COPPA, Period of Legislative Inactivity, Emphasis On Self-Regulation Tremendous technological growth, legislative inactivity = marketing bad apples Direct marketing industry creates strong self-regulatory model to stave off regulation DMA Guidelines for Ethical Business Practice IAB: Interactive Advertising Privacy Principles NAI: Self-Regulatory Code of Conduct and Enforcement Procedure Third Party Certification Programs E.g.,
11. EU Adopts Comprehensive Privacy Scheme EU jumps in head first EU Data Protection Directive (95/46/EC) EU Privacy Directive (2002/58/EC) Express recognition of right of privacy in personal data Comprehensive, rather than piecemeal approach But extremely burdensome restrictions on business, marketing industry EU “Cookie Rules” (2009/136/EC) Prior consent for cookies
12. 2008 – 2010: Begins bi-partisan push toward privacy legislation High profile privacy snafus (e.g. Facebook, Rapleaf) lead to calls for Congressional action Handful of bills introduced, but garner little traction (Boucher/Stearns) Self-regulatory efforts instrumental in keeping legislation at bay But momentum builds in 2010
13. Meanwhile, Legislative Inactivity Leads to Aggressive Enforcement by FTC High profile FTC enforcement actions COPPA (Sony BMG; Mrs. Fields) Data security/data disposal (CVS; TJ Maxx) Deceptive data collection (Sears “My SHC”) FTC Endorsement/Blogger Rules (Ann Taylor)
14. Meanwhile, Legislative Inactivity Leads to Aggressive Enforcement by FTC FTC Saber-Rattling (Leibowitz) 2007: "The marketplace alone may not be able to solve all problems inherent in behavioral marketing.” 2010: "I think opt-in generally protects consumers' privacy better than opt-out, under most circumstances. . . . I don't think it undermines a company's ability to get the information it needs to advertise back to consumers.” 2010: Report on Online Behavioral Marketing Endorsed Do-Not-Track Opt-in for Sensitive Data Precise geolocation data
15. Federal Inactivity Also Leads to Patchwork of State Data Security Laws Dozens of states enact data breach legislation California enacts OPPA, require privacy policy for any business collecting data from Californians Mass., Minnesota, Nevada data security laws (encryption, WISP)
16. 2011: Year of Federal Privacy Legislation? Building Effective Strategies To Promote Responsibility Accountability Choice Transparency Innovation Consumer Expectations and Safeguards Act (“BEST PRACTICES” Act) (H.R. 611) Rush (D-IL) (2/10/2011) The Do Not Track Me Online Act of 2011 (H.R. 654) Speier (D-CA) (2/11/2011) The Financial Information Privacy Act of 2011 (H.R. 653) Speier (D-CA) (2/11/2011) Commercial Privacy Bill of Rights Act of 2011 (S. 799) John Kerry (D-MA) and John McCain (R-AZ) (4/12/2011) Consumer Privacy Protection Act of 2011 (H.R. 1528) Stearns (R-FL) Matheson (D-UT) (4/13/2011) Data Accountability and Trust Act (H.R. 1701) Bobby L. Rush (D-IL) (5/4/2011) Do-Not-Track Online Act of 2011 (S. 913) Rockefeller (D-WV) (5/9/2011) Data Accountability and Trust Act of 2011 (H.R. 1841) Stearns (R-FL) and (5/11/2011) Do Not Track Kids Act of 2011 (H.R. 1895) Markey (D-MA) Barton (R-TX) (5/13/2011)
17. 2011: Year of Data Privacy Legislation? Electronic Communications Privacy Act Amendments Act of 2011 (S. 1011) Leahy (D-VT) (5/17/2011) Personal Data Privacy and Security Act of 2011 (S.1151) Leahy (D-VT), Franken (D-Minn.) and Schumer (D-N.Y.) (5/17/2011) Geolocation Privacy and Surveillance ("GPS") Act (S. 1212) and (H.R.2168) Wyden (D-OR) and Chaffetz (R-Utah) (6/15/2011) Data Security and Breach Notification Act (S. 1207) Pryor (D-AR) and Rockefeller (D-WV) (6/15/2011) Location Privacy Protection Act of 2011 (S. 1223) Franken (D-MN) and Blumenthal (D-CT) (6/16/2011) Secure and Fortify (SAFE) Data Act (H.R. 2577) Bono Mack (R-CA) (7/8/2011) Proposed amendment to Video Privacy Protection A ct (HR 2471) Goodlatte (7/8/2011) Data Breach Notification Act of 2011 (S. 1408) Feinstein (D-CA) (7/22/2011) Protecting Children From Internet Pornographers Act of 2011 (H.R. 1981) Smith (R-TX) (5/25/2011) Personal Data Protection and Breach Accountability Act of 2011 (S.1535) Blumenthal (D-CT) (9/8/2011)
18. 2011: Year of Data Privacy Legislation? Nineteen Bills introduced Partisan gridlock over budget Zero bills enacted into law What does this mean for marketers?
20. 2011: Year of Data Privacy Legislation? Continued uncertainty But some trends are clear
21. Legislation to Watch: Data Privacy Consumer Privacy Protection Act of 2011 (H.R. 1528) Stearns (R-FL) Matheson (D-UT) PII includes IP address plus traditional PII Prior notice/opt-out required for use “unrelated to a transaction” or upon material change to policy Allows FTC approved safe harbors No private right of action/no state AG Preempts state law
22. Legislation to Watch: Data Privacy Commercial Privacy Bill of Rights Act of 2011 (S. 799) John Kerry (D-MA) and John McCain (R-AZ) PII includes unique identifiers, biometric and precise geolocation Notice and Opt-out/Opt-in for sensitive data/third party transfer if material change 1st party marketing/site optimization not unauthorized use FTC security rules No private right of action Federal preemption of state laws Safe harbors
23. Legislation to Watch: Data Breach Personal Data Privacy and Security Act of 2011 (S.1151) Leahy (D-VT), Franken (D-Minn.) and Schumer (D-N.Y.) Data security/accuracy requirements for data brokers (PII on 10,000 persons, excludes FCRA/HIPAA/GLB regulated entities) Breach notification w/ FTC safe harbor exemption Preempts state law No Private Right of Action Scraping safe harbor (amends CFAA)
24. Legislation to Watch: Data Breach Data Breach Notification Act of 2011 (S. 1408) Feinstein (D-CA) Narrow focus on data breach notification Safe harbor exemption from notification requirement if company conducts risk assessment and is able to demonstrate to the Federal Trade Commission that there is no significant risk of harm to individuals affected by a security breach No private right of action
25. Legislation to Watch: Do Not Track The Do Not Track Me Online Act of 2011 (H.R. 654) Speier Requires FTC to create Do Not Track rules Includes IP address and persistent identifiers Doesn’t preempt tougher state laws Do-Not-Track Online Act of 2011 (S. 913) Rockefeller Requires FTC to create Do Not Track Leaves to FTC to determine covered info No state law preemption
26. Legislation to Watch: Geolocation Geolocation Privacy and Surveillance ("GPS") Act (S. 1212) and (H.R.2168) Wyden (D-OR) and Chaffetz (R-Utah) Prohibits interception of geolocation info without prior consent (parental exception) Creates private right of action for damages/profits Location Privacy Protection Act of 2011 (S. 1223) Franken (D-MN) and Blumenthal (D-CT) Prohibits collection of geolocation info w/o express affirmative consent Private right of action for damages/punitives
27. Legislation to Watch in 2012 Do Not Track Kids Act of 2011 (H.R. 1895) Markey (D-MA) Barton (R-TX) Expressly extends COPPA to mobile applications Prohibits site, mobile app from “using, disclosing or compiling” data on children or minors (13 to 17 yrs) for targeted marketing purposes or geolocation w/o express affirmative consent No collection of any data from minors without adopting Digital Marketing Bill of Rights for Teens Fair Information Practices Principles established by this Act; “balances the ability of minors to participate in the digital media culture with the governmental and industry obligation to ensure that such operators do not subject minors to unfair and deceptive surveillance, data collection, or behavioral profiling.”
28. Legislation to Watch: VPPA Amendment to Video Privacy Protection Act (HR 2471) Goodlatte Netflix/Facebook exemption from VPPA Authorizes one-time durable consent to share data re videos
29. What to expect in 2012: Supercookies Chairs of Bi-Partisan House Privacy Caucus request FTC investigation into “supercookies” (9/27/2011) Barton (R-TX) and Markey (D-Mass) call for investigation, say violates § 5 of FTC Act Barton: “I think supercookies should be outlawed because their existence eats away at consumer choice and privacy.”
30. What to expect in 2012: COPPA Rules FTC announces proposed revisions to COPPA Rules (9/15/2011) Definitions Notice Parental consent Confidentiality and Security of Children’s Personal Information Safe Harbor Programs Data minimization requirement
31. What to expect in 2012: Revision to COPPA Rules Definitions Expands definition of “personal information” to include: IP addresses customer numbers held in cookies, and geolocation information.
32. What to expect in 2012: Revision to COPPA Rules Notice Streamlines notice content requirement (moves away from more disclosure is better mantra) 3 defined categories of information Requires all operators of an online service or website to provide contact information Ad networks Analytics providers Other content providers
33. What to expect in 2012: Revision to COPPA Rules Parental Consent Proposes eliminating the “email plus” method of obtaining parental consent. Website operators could seek FTC approval of alternate consent mechanisms. Goal: allow for new forms of consent as the technology evolves, and encourage innovation in obtaining verifiable consent (e.g. text message; scanned parental signature, credit card)
34. What to expect in 2012: Revision to COPPA Rules Confidentiality and security of children’s personal information Must ensure that service providers/third parties have reasonable procedures to maintain the confidentiality, security and integrity of such personal information.
35. What to expect in 2012: Revision to COPPA Rules Safe harbor programs Additional detail required for safe harbors Would require approved safe harbor programs to report on oversight of operators Annual audits of members
36. Common Threads National data breach legislation likely Privacy legislation less likely but possible Likely to be just-in-time notice and opt-out Opt-in/express affirmative consent for sensitive data Likely self-regulatory safe harbors May prohibit supercookies (flash cookies, HTML5) Likely to adopt simplified disclosure regime Unlikely to adopt Do Not Track
37. FTC Enforcement Actions: Mobile FTC announces first privacy enforcement action involving mobile apps Broken Thumbs developed iPhone apps targeted to “younger girls,” “nostalgic adults” (Emily’s Girls World, Emily’s Dress Up) Apps encouraged girls to email “Emily” their comments, submit “shout outs” to friends and family, ask Emil’s advice, and share “embarrassing” “blush” stories Allowed children to publicly post information on message boards BT also collected thousands of email addresses from children
38. FTC Enforcement Actions: Mobile FTC alleged violations of COPPA Rule (16 C.F.R. Part 312) despite App Store TOS Sued both BT and President/56% owner Failed to provide notice in app as to what info they collect, how they use it, disclosure practices Failed to provide required “direct notice” to parents Failed to obtain “verifiable parental consent” before collecting persona information from children
39. FTC Enforcement Actions: Mobile Consent Judgment $50,000 civil penalty Deletion of all previously collected data Injunction against further violations Compliance reporting, record-keeping requirements
40. FTC Enforcement Actions: Google FTC v. Google, Inc. FTC charged that by auto enrolling in Google Buzz, Google treated data inconsistently with prior promises, privacy policy Also, failed to comply with EU safe harbor Consent judgment: Compliance program Self-audits and reporting (20 years)
41. FTC Enforcement Actions: Text Messages FTC v. Phil Flora (9/29/2011) Defendant sent thousands of unsolicited text messages FTC did not bring under TCPA (not using “automatic telephone dialing system?) Instead, alleged that SMS messages are subject to CAN-SPAM Consent judgment
42. Litigation Developments IMS Health v. Sorrell (6/23/2011): Vermont law prohibited pharmacies from providing doctor prescribing data to pharmceutical companies for detailing SCT held law unconstitutional Law was a content-based and speaker-based restraint on free speech, requiring “heightened” constitutional scrutiny
43. IMS Health v. Sorrell: Deathknell for Do Not Track? Probably Not: Vermont law concerned commercial speech (not patient privacy) Permitted data sharing for purposes other than marketing (sought to limit disfavored opinions) Speculative benefit Do Not Track seeks to regulate personal privacy Arguably content/opinion neutral Precedent: COPPA, HIPAA, FCRA
44. What to Expect in 2012: EU Cookie Rules EU to begin Enforcing 2009 Cookie Rules Require prior notice and consent France: browser settings not enough. Consent without reference to specific use ineffective Browser finger printing?
45. Privacy Litigation: Lots of it but little to show for it In re Google Buzz User Privacy Litigation, Case No. 5:10-CV-00672-JW (N.D. Cal.) (Sept. 03, 2010) Google sets aside $8.5 million for privacy organizations Google makes changes "to the Google Buzz user interface that clarify Google Buzz's operation and users' options regarding Google Buzz" Google agrees to disseminate "wider public education about the privacy aspects of Google Buzz."
46. Privacy Litigation In re Apple iPhone litigation (9/20/2011) Class alleged that Apple permitted apps developers to collect/disseiminate for marketing purposes data from users without notice/consent Judge Koh held that class had not alleged injury-in-fact; i.e. actual damages (Article III standing)
47. How to Prepare for 2012 Don’t Wait and See: Privacy by Design Must analyze data inflows and use at outset of project Secure personal data (encryption for mobile devices and in transmission Say what you do and do what you say Participate in safe harbor Stay tuned
48. How Will Privacy Regulation Impact Your Business In 2012? Daniel T. Rockey, Esq., CIPP Holme, Roberts & Owen LLP San Francisco
49. How Will Privacy Regulation Impact Your Business In 2012? Daniel T. Rockey, Esq., CIPP Holme, Roberts & Owen LLP San Francisco