This document discusses key issues related to privacy and the internet. It outlines different approaches to defining and protecting privacy, noting that privacy means different things to different people and cultures. It also discusses the trade-offs associated with privacy regulation and the challenge of controlling information online given factors like digitization, ubiquitous networks, and the user generation of large amounts of content. The document advocates for an alternative approach focused on education, empowerment, and targeted enforcement rather than anticipatory regulation.
Presented by EndCoder Denise Fouche, this presentation describes South Africa's legal response to cyber security threats, particularly in the banking industry.
Presented by EndCoder Denise Fouche, this presentation describes South Africa's legal response to cyber security threats, particularly in the banking industry.
The Challenge of Benefit-Cost Analysis As Applied to Online Safety & Digital ...Adam Thierer
"The Challenge of Benefit-Cost Analysis As Applied to Online Safety & Digital Privacy." A slide show by Adam Thierer presented on January 17, 2012 before George Mason University Law & Economics Center conference on Privacy, Regulation, & Antitrust.
Cyber Libertarianism: Real Internet Freedom (Thierer & Szoka)Berin Szoka
Adam Thierer & I are attempting to articulate the core principles of cyber-libertarianism to provide the public and policymakers with a better understanding of this alternative vision for ordering the affairs of cyberspace. We invite comments and suggestions regarding how we should refine and build-out this outline. We hope this outline serves as the foundation of a book we eventually want to pen defending what we regard as “Real Internet Freedom.”
10-22-13 Presentation on Google Glass and Privacy ChallengesJonathan Ezor
"Flawed Transparency: Shared Data Collection and Disclosure Challenges for Google Glass and Similar Technologies" presented by Prof. Jonathan I. Ezor of Touro Law Center for Innovation in Business, Law and Technology for the 2013 CEWIT conference in Melville, NY
This year I had the opportunity to give a presentation at the World Bank in Washington DC during one of their "brown bag sessions", focused on Privacy, Drones and IoT.
The World Bank is an organization that works worldwide with a wide range of projects, including some initiatives connected with new technologies, and every time, they should evaluate different risks involved, including privacy risks.
The purpose of the presentation was to understand the concept of ‘privacy’ and its different meanings worldwide, how to define the privacy framework and assess the risks arising from the use of new technologies such as drones or IoT, and introduce the Privacy Impact Assessment as an effective tool that we can use in any jurisdiction.
I am going to share some thoughts of these broad and complex chapters that I had to sum up within one hour in this presentation!
Here the full post: http://www.lauravivet.com
What every product manager needs to know about online privacyTrevor Fox
This seminar will introduce the issue and describe the potential for new privacy laws in the US and in the EU that could affect the business model of social medial/Web 2.0/mobile app vendors.
The Challenge of Benefit-Cost Analysis As Applied to Online Safety & Digital ...Adam Thierer
"The Challenge of Benefit-Cost Analysis As Applied to Online Safety & Digital Privacy." A slide show by Adam Thierer presented on January 17, 2012 before George Mason University Law & Economics Center conference on Privacy, Regulation, & Antitrust.
Cyber Libertarianism: Real Internet Freedom (Thierer & Szoka)Berin Szoka
Adam Thierer & I are attempting to articulate the core principles of cyber-libertarianism to provide the public and policymakers with a better understanding of this alternative vision for ordering the affairs of cyberspace. We invite comments and suggestions regarding how we should refine and build-out this outline. We hope this outline serves as the foundation of a book we eventually want to pen defending what we regard as “Real Internet Freedom.”
10-22-13 Presentation on Google Glass and Privacy ChallengesJonathan Ezor
"Flawed Transparency: Shared Data Collection and Disclosure Challenges for Google Glass and Similar Technologies" presented by Prof. Jonathan I. Ezor of Touro Law Center for Innovation in Business, Law and Technology for the 2013 CEWIT conference in Melville, NY
This year I had the opportunity to give a presentation at the World Bank in Washington DC during one of their "brown bag sessions", focused on Privacy, Drones and IoT.
The World Bank is an organization that works worldwide with a wide range of projects, including some initiatives connected with new technologies, and every time, they should evaluate different risks involved, including privacy risks.
The purpose of the presentation was to understand the concept of ‘privacy’ and its different meanings worldwide, how to define the privacy framework and assess the risks arising from the use of new technologies such as drones or IoT, and introduce the Privacy Impact Assessment as an effective tool that we can use in any jurisdiction.
I am going to share some thoughts of these broad and complex chapters that I had to sum up within one hour in this presentation!
Here the full post: http://www.lauravivet.com
What every product manager needs to know about online privacyTrevor Fox
This seminar will introduce the issue and describe the potential for new privacy laws in the US and in the EU that could affect the business model of social medial/Web 2.0/mobile app vendors.
“Permissionless Innovation” & the Grand Tech Policy Clash of Visions to ComeMercatus Center
Successful innovation, which is essential to better health, safety and security, requires freedom to experiment and develop. But there is an array of government rules and processes that increasingly prohibit “permissionless” innovation.
Data protection and other systems of personal data protection around the globe are fundamentally based on principles of "notice and choice". These basic principles are now however assailed from three directions: the chimera of online consent; the lack of opportunity for consent in the world of ambient intelligence or ubiq; and the destruction of purpose specification by the rise of Big Data. This paper connects the dots between all three and considers if anything is left of DP after.
IoT & Big Data - A privacy-oriented view of the futureFacundo Mauricio
Understanding the future based on the current technology, with a focus on Big Data and Internet of Things (IoT). A discussion of privacy and personal information and how it affects us.
Tutorial for ACM Multimedia 2016, given together with Gerald Friedland, with contributions from Julia Bernd and Yiannis Kompatsiaris. The presentation covered an introduction to the problem of disclosing personal information through multimedia sharing, the associated security risks, methods for conducting multimodla inferences and technical frameworks that could help alleviate such risks.
Age Friendly Economy - Legislation and Ethics of Data UseAgeFriendlyEconomy
Upon completion of this module you will:
- Be able to recognize the necessity of regulating big data
- Understand the difference between privacy and data protection
- Know how to implement actions of data protection into your own (future) company
Duration of the module: approximately 1 – 2 hours
Keynote talk for VL/HCC 2018. I talk about why developers should care about privacy, what privacy is and why it is hard, some of our group's research in building better tools to help developers (in particular, Coconut IDE Plug-in and PrivacyStreams), and lastly some frameworks for thinking about privacy and developers.
The objective of this module is to gain an overview of the ethics surrounding big data and the legislation that governs it.
Upon completion of this module you will:
- Gain knowledge on how to recognize the necessity of regulating big data
- Obtain an understanding of the difference between privacy and data protection
- Understand the need to implement data protection actions into your own business
The presentation is all about the issues in professional ethics. This talks about the failures of ethics in Information Technology. Sliding thru the powerpoint gives you a hint what are the ethical and social issues in information systems
What is the GDPR & What does it mean for YOUR business?Nexsen Pruet
The European Union’s General Data Protection Regulation, which became effective on May 25, began a new era in data privacy. Among other changes, the GDPR imposes new limits on the collection of personal information of EU residents and expands individuals’ rights with respect to companies’ use of such information, including the “right to be forgotten.” These requirements are backed up by substantial penalties—up to 4% of a company’s global revenue. But, does a U.S. company need to worry about the GDPR if it has no business operations in the EU? In a surprising number of cases, the answer is “yes.”
#NPLaw's Kirsten Small, CIPP/US, provides an overview of the GDPR and explores its implications for US businesses in this presentation.
How Can Policymakers and Regulators Better Engage the Internet of Things? Mercatus Center
The world today is seemingly always plugged into the Internet and technologies are constantly sharing data about our personal and professional lives. Device connectivity is on an upward trend with Cisco estimating that 50 billion devices will be connected to the Internet by 2020. Collection and data sharing by these devices introduces a host of new vulnerabilities, raising concerns about safety, security, and privacy for policymakers and regulators.
Internet of Things & Wearable Technology: Unlocking the Next Wave of Data-Dri...Adam Thierer
"Internet of Things & Wearable Technology: Unlocking the Next Wave of Data-Driven Innovation." A presentation by Adam Thierer (Mercatus Center at George Mason University) made on September 11, 2014 at AEI-FCC Conference on "Regulating the Evolving Broadband Ecosystem."
Evaluating a Sluggish Economy with Bruce YandleMercatus Center
In the first half of 2016, the US economy skirted close to recession territory but so far has registered positive growth. What are the major forces that seem to be driving the slow-growth economy? Is the economy getting stronger? Or, will we hit recession territory before the end of the year?
The Affordable Care Act fundamentally changed the landscape of the U.S. health care system. With more than five years since the law’s passage, questions remain about how to fix a system that remains broken despite recent reform efforts. Did the Affordable Care Act adequately reform a failing health system, or did that prescription only treat the symptoms of a much larger illness?
With nearly a trillion dollars at stake and draft legislation in development, now is the time for policymakers to free spectrum for innovative 21st century use. In order for 21st century technologies like the sharing economy and the Internet of Things to reach their full potential, and drive economic opportunity, more spectrum must be made available. Federal spectrum reallocation is a win-win-win scenario for the economy, social well-being, and the government.
Buchanan Speaker Series: Education, Inequality, and IncentivesMercatus Center
The F. A. Hayek Program for Advanced Study in Philosophy, Politics, and Economics welcomed Roland G. Fryer, Jr., the Henry Lee Professor of Economics at Harvard University and faculty director of the Education Innovation Laboratory, for the inaugural Buchanan Speaker Series event on “Education, Inequality, and Incentives.”
Modernizing Freight Rail Regulation: Recommendations from the TRB StudyMercatus Center
In June 2015, the National Academy of Sciences’ Transportation Research Board issued a report with recommendations to update and modernize economic regulation of rail freight transportation. Jerry Ellig served as a member of the committee that prepared the report. This presentation, given to the National Industrial Transportation League’s Railroad Transportation Committee in November 2015, summarizes the report’s main recommendations. For a short narrative that explains the recommendations, see Dr. Ellig’s commentary in Real Clear Policy.
Modernizing the SSDI Eligibility Criteria: Trends in Demographics and Labor M...Mercatus Center
Social Security Disability Insurance program outlays have increased rapidly, roughly doubling in real terms over the past fifteen years.Participation in program (as % of labor-force) has doubled over the past twenty years. Determining the cause of this rapid rate of growth is essential for setting the program on a sustainable, long-term responsible path.
Amid concerns about government data security, like the recent OPM breach, Congress is considering cybersecurity information sharing legislation. But will a new information sharing program bolster federal information security? If not, what should be done instead?
Tools for Tracking the Economic Impact of LegislationMercatus Center
Laws passed by Congress impact the economy, but Congress has no systematic way to comprehensively track and assess the economic impact of legislative actions. This is especially difficult when laws empower federal agencies to regulate. While the current budget process scores and tracks the economic impact of spending and taxes, it does not account for the economic consequences of regulation.
The Sharing Economy: Perspectives on Policies in the New EconomyMercatus Center
The sharing economy’s rapid rise has transformed how many people work and live, from commuting, shopping, eating, vacationing, and even borrowing money. Firms like Uber, Lyft, and Airbnb seem to be grabbing headlines on a daily basis as they grow into billion-dollar ventures, disrupt local businesses, and create new policy questions for regulators.
To help shed light on these issues, the Mercatus Center at George Mason University invites you to join Research Fellow Christopher Koopman for a Capitol Hill Campus presentation examining the economics and policy issues surrounding the sharing economy.
Sustaining Surface Transportation: Overview of the Highway Trust Fund and Ide...Mercatus Center
The current system of funding highways is unsustainable. Expansion of the use of the trust fund, coupled with decreased revenue from gas taxes, has resulted in the fund falling short of demand for funding.
Stephen C. Goss Presentation for Mercatus Center SSDI PanelMercatus Center
The Social Security Disability Insurance (DI) trust fund’s projected 2016 depletion will require Congress to act soon to prevent large, sudden benefit cuts.
Experts on both sides of the aisle have noted that a “quick fix” of simply shifting payroll taxes from Social Security’s much larger retirement trust fund (OASI) into DI, without further reform, could cost Congress its last chance to solve Social Security’s broader financing problems before it is too late. What more responsible reform options are available?
The Mercatus Center and the Committee for a Responsible Federal Budget hosted a discussion on May 12 on how best to respond to SSDI’s financing crisis.
David Stapleton Presentation for Mercatus Center SSDI PanelMercatus Center
The Social Security Disability Insurance (DI) trust fund’s projected 2016 depletion will require Congress to act soon to prevent large, sudden benefit cuts.
Experts on both sides of the aisle have noted that a “quick fix” of simply shifting payroll taxes from Social Security’s much larger retirement trust fund (OASI) into DI, without further reform, could cost Congress its last chance to solve Social Security’s broader financing problems before it is too late. What more responsible reform options are available?
The Mercatus Center and the Committee for a Responsible Federal Budget hosted a discussion on May 12 on how best to respond to SSDI’s financing crisis.
Jason J. Fichtner Presentation for Mercatus Center SSDI PanelMercatus Center
The Social Security Disability Insurance (DI) trust fund’s projected 2016 depletion will require Congress to act soon to prevent large, sudden benefit cuts.
Experts on both sides of the aisle have noted that a “quick fix” of simply shifting payroll taxes from Social Security’s much larger retirement trust fund (OASI) into DI, without further reform, could cost Congress its last chance to solve Social Security’s broader financing problems before it is too late. What more responsible reform options are available?
The Mercatus Center and the Committee for a Responsible Federal Budget hosted a discussion on May 12 on how best to respond to SSDI’s financing crisis.
Stephen C. Goss Presentation for Mercatus Center SSDI PanelMercatus Center
The Social Security Disability Insurance (DI) trust fund’s projected 2016 depletion will require Congress to act soon to prevent large, sudden benefit cuts.
Experts on both sides of the aisle have noted that a “quick fix” of simply shifting payroll taxes from Social Security’s much larger retirement trust fund (OASI) into DI, without further reform, could cost Congress its last chance to solve Social Security’s broader financing problems before it is too late. What more responsible reform options are available?
The Mercatus Center and the Committee for a Responsible Federal Budget hosted a discussion on May 12 on how best to respond to SSDI’s financing crisis.
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking.
📕 Curious on our agenda? Wait no more!
10:00 Welcome note - UiPath Community in Dubai
Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank
10:20 A UiPath cross-region MEA overview
Ashraf El Zarka, VP and Managing Director MEA, UiPath
10:35: Customer Success Journey
Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank
11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more
Boris Krumrey, Global VP, Automation Innovation, UiPath
12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services.
Brendan Lingam, Director of Sales and Business Development, Marc Ellis
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Monitoring Java Application Security with JDK Tools and JFR Events
Thierer Internet Privacy Regulation
1. Privacy & The Internet:
An Overview of Key Issues
Adam Thierer
Senior Research Fellow
Mercatus Center at George Mason University
May 19, 2011
2. Outline of Presentation
1) What do we mean by “privacy?
2) Different approaches to defining / protecting
it
3) Trade-offs associated with privacy regulation
4) The challenge of information control
5) Specific regulatory proposals
6) An alternative vision / the “3-E Solution”
2
3. What is Privacy?
• Privacy is a remarkably vague concept
• Means different things to different people
• Varies by cultures
• An ever-changing concept
• Reacts to evolving social norms & technological
change
• If it is a “right,” we must determine how it plays
alongside other, well-established rights (ex:
freedom of speech & press freedoms)
3
4. Privacy’s Fuzzy Concepts
• “Harm”
– How do we define and measure “harm”?
– Is “creepiness” a harm?
– Should “emotional harms” (feelings) be actionable?
• “Ownership”
– Who owns shared data?
– What is personally identifying information?
• “Informed Consent”
– Are strict contracts possible?
• “Sensitive Data”
– Health, financial, what else?
4
5. Alan Westin’s 3 Visions / Paradigms
1. “Privacy Fundamentalists”: Absolutists about
privacy being a “right” & one that trumps
most other values / considerations
2. “Privacy Pragmatists”: Values privacy to
some extent but also sees benefits of
information sharing
3. “Privacy Unconcerned”: Have little concern
about who knows what about them
5
6. How to Enforce / Protect Privacy?
(U.S. vs. E.U. Visions)
United States
• Privacy not viewed as a
fundamental right
• Issue-specific / Sectoral approach
• Bottom-up case law / torts
• States have role; often more
stringent than fed law
• More focus on “opt-out”
• “Big Brother” generally = govt
• = a reactive regime
European Union
• Privacy viewed as a
fundamental “dignity” right
• Broad-based approach
• Top-down “directives”
• More focus on “opt-in”
• “Big Brother” = private
sector as much as govt
• = a preemptive regime
6
7. The U.S. Sectoral / Issue-Specific
Approach to Privacy Law
• Privacy Act (1974) = govt data collection
• FERPA (1974) = fed-funded education institutions
• Cable Comm. Policy Act (1984) = cable data
• Video Privacy Prot. Act (1988) = video rental records
• Driver’s Privacy Prot. Act (1994) = DMV records
• HIPPA (1996) = health records
• Gramm-Leach-Bliley (1999) = financial records
• COPPA (1998) = kids’ (under 13) online privacy
• CAN-SPAM Act (1993)
• Do Not Call registry (2003)
7
8. The Battle over Online Privacy
• Policy battle has been raging since late 1990s
• FTC & Congress appeared poised to act
around 2000, but...
– Industry self-regulation was given a chance
– 9/11 preempted this debate to some extent
• Framework for past decade:
– Focus on Notice / Choice / Access / Security
– Rise of self-regulatory bodies & mechanisms
– Targeted FTC & state enforcement
8
9. New Fault Lines in the Online Privacy Wars
(and the legislative response)
• New activity driven by:
– Fears of “targeting” & “tracking” = “creepy” factor
– General unease with ubiquity of data access & availability
Proposals:
• “Baseline legislation” / FIPPS (Kerry-McCain, Rush, Stearns)
• “Do Not Track” mechanism + regulation (Speier & Rockefeller bills)
• “Do Not Track Kids” / COPPA expansion (Markey-Barton)
• Internet “Eraser Button” (Markey-Barton)
• Geolocation restrictions (Markey-Barton)
• Data breach disclosure (Kerry-McCain)
• Data minimization requirements (Kerry-McCain, Rush)
• ECPA vs. Data retention laws
9
10. Privacy Trade-Offs & Opportunity Costs
• Internet feels like the ultimate “free lunch;” most sites,
services & content are free of charge.
• But, in reality, there is no free lunch.
• The implicit quid pro quo of online life: you gotta give a little
to get a little (or a lot!). And most people like this deal.
• The Net is powered by advertising & data collection.
Information is lifeblood of Digital Economy.
• Info may be collected to facilitate a better browsing
experience or to help the site or service remain viable.
• In essence, information used in lieu of payment.
• Regulation could break this system & have other unintended
consequences.
10
11. The Problem of Information Control
Even if we agree privacy is important and
worth protecting, it will be very hard.
• “Information wants to be free” - Stewart
Brand
– and that includes personal information
• “The Net interprets censorship as damage and
routes around it.” - John Gilmore
– and privacy regulation is, at root, a form of data
flow censorship
11
12. 10 Factors That Complicate
Information Control Efforts
Drivers Results
Digitization Convergence
Intangibility Decentralized, Distributed
Networking
Moore’s Law Scale & Scope
Falling Storage Costs Volume
Ubiquitous High-Speed
Networks
User-Generation of Content
and Self-Revelation of Data
12
13. Some Facts (or ‘Why Putting
Genies Back in Bottles is So Hard’)
• Facebook: users submit @ 650,000 comments on the 100
million pieces of content served up every minute on its site.
• YouTube: over 35 hours of video uploaded every minute.
• Twitter: 300 million users produce 140 million Tweets / day, =
a billion Tweets every 8 days. (@ 1,600 per second)
• Apple: more than three billion apps have been downloaded
from its App Store by customers in over 77 countries.
“Humankind shared 65 exabytes of information in 2007, the
equivalent of every person in the world sending out the contents
of six newspapers every day.” - Hilbert and Lopez
13
14. “The Privacy Paradox”
• “People value their privacy, but then go out of
their way to give it up.” – Larry Downes, Laws of
Disruption
• “We give away information about ourselves—
voluntarily leave visible footprints of our daily
lives—because we judge, perhaps without
thinking about it very much, that the benefits
outweigh the costs. To be sure, the benefits
are many.” – Abelson, Ledeen & Lewis, Blown to Bits
14
15. What We Must Learn to Accept
• “Once information is out there, it is very hard to keep
track of who has it and what he has done with it.” --
David Friedman, Future Imperfect
• Privacy is not “dead” as some have claimed, but it is
different than it was in past
– New realities of info dissemination, accessibility,
searchability
• Rushed, heavy-handed solutions will be costly and
perhaps not effective anyway
15
17. “Do Not Track” – The Theory
• Could be voluntary, but might be mandated.
• Would demand that websites honor a
machine-readable header indicating that the
user did not want to be “tracked.”
• In theory, this will allow privacy-sensitive web
surfers to signal to websites they would like to
opt-out of any targeted advertising, or not
have any information about them collected
when visiting sites.
17
18. “Do Not Track” – Potential Downsides
• Costs: If law breaks the quid pro quo something must give…
– Paywalls and higher prices?
– less relevant or more intrusive advertising?
– Fewer services? Less media content?
• Int’l Competitiveness: Goldfarb & Tucker - “after the [EU’s]
Privacy Directive was passed [in 2002], advertising
effectiveness decreased on average by around 65 % in
Europe.” Because regulation decreases ad effectiveness,
“this may change the number and types of businesses
sustained by the advertising-supporting Internet.”
• Practical? Does DNT scale? Apply internationally? To other
devices?
• Regulatory creep: Will it serve as a template for other
forms of Net regulation?
18
19. COPPA Expansion – Background
• Special concerns about youth & online
marketing
• COPPA (‘98) was first attempt to deal with it
• Requires “verifiable parental consent” for sites
“directed at” children that collect info
• FTC defines rules (safe harbors) and enforces
• Never constitutionally challenged
19
20. COPPA Expansion – Potential Problems
• What works for under 13 not likely to work for
teens
• Would basically require mandatory age
verification of all web surfers
• COPPA becomes COPA? = unconstitutional
• Serious free speech issues
• Irony = in name of protecting privacy, more info
about users would need to be collected!
20
21. Internet “Eraser Button” Concept
• Goal: Make it easier for people (esp. kids) to
delete posted comments or content they later
regret
• Practical Problem: Where is this button? Who
controls it? What if info is shared content? Back-
door to fraud / abuse?
• Principled Problem: Conflicts mightily with
freedom of speech & press freedoms
21
23. The Conflict of Visions:
Anticipatory Regulation vs. Resiliency
• Long-standing conflict of visions about how to
best manage risks:
1. Anticipation
– Prevention is prime value
– Focus on the “Precautionary Principle”
2. Resiliency
– Experimentation is prime value
– Focus on Learning / Coping
23
24. Anticipatory vs. Resiliency-Based
Solutions
Anticipatory Reg Approach
• Mandatory “Do Not Track”
• Mandatory “Opt-In” for all
data collection
• Bans on apps / functionality
• Restrictions on sharing / all
defaults to private
• “Eraser Button” mandates /
demands for data deletion
Resiliency Approach
• Voluntary “Do Not Track”
• Offer opt-outs (encourages
experimentation & innovation)
• No preemptive bans on tech
• No restrictions on sharing, but
education about downsides
• Voluntary data “purges” &
“data hygiene”
24
25. Constructive Alternatives to Regulation
1. Be careful @ how “harm” & “market failure”
defined. (ex: Creepiness not a likely harm; data
breech likely a harm)
2. Focus on a “3-E Solution” to problems:
Education, Empowerment, & (Targeted)
Enforcement
3. Encourage corporate and personal responsibility
4. Think of privacy as an evolving set of norms,
interactions & experiments
5. Don’t Panic! We can learn to cope with
technological change.
25
27. #1: Educational Solutions
• Education at all levels
• Awareness campaigns from privacy advocates,
govt, industry, educators, etc.
• Encouraging better online “netiquette” and
“data hygiene”
• Push for better transparency across the board
– Better notice & labeling
– Need more watch-dogging of privacy promises
made by companies
27
28. #2: Empowerment Solutions
• = Helping users help themselves
• User “self-help” tools are multiplying
– AdBlockPlus, NoScript, other browser tools
• Industry self-regulation
– More cross-industry collaboration on privacy
programs
– More education efforts (better notice)
– Best practices & better defaults
– More and better tools to respond to new
developments and needs
28
29. #3: Enforcement Solutions
• Holding companies to the promises they make
– stepped-up FTC Sec. 5 enforcement
• Demand better notice & transparency
• Mandatory disclosure of data breaches
• Targeted regulation of sensitive data, but with
flexibility
29
30. Conclusion / Key Takeaways
• “Privacy” is incredibly complicated & contentious
• Privacy can conflict with other values / rights
• All regulation entails costs & trade-offs
• There is no free lunch
• Information control is very, very hard
• “Silver-bullet” solutions rarely work
• The more education & transparency the better
• Resiliency is generally a smarter strategy compared to
anticipatory, top-down regulation
• And, once more… don’t panic! We’ll get through and adjust.
30
31. Further Readings
• Adam Thierer, Filing to Federal Trade Commission in ‘Do Not Track’
Proceeding, February 18, 2011.
• Adam Thierer, “Birth of the ‘Privacy Tax,’” Forbes, April 4, 2011.
• Adam Thierer, “Online Privacy Regulation: Likely More Complicated
(And Costly) Than Imagined,” Mercatus on Policy, Mercatus Center
at George Mason University, December 6, 2010 .
• Adam Thierer, “Erasing Our Past on the Internet,” Forbes, April 17,
2011.
• Adam Thierer, “Unappreciated Benefits of Advertising and
Commercial Speech,” Mercatus on Point 86, Mercatus Center,
January 2011.
• Berin Szoka and Adam Thierer, “COPPA 2.0: The New Battle over
Privacy, Age Verification, Online Safety & Free Speech,” Progress on
Point 16, no.11, The Progress & Freedom Foundation, May 21,
2009.
31