Group items tagged

As the impact of digital advertising on consumer privacy comes under scrutiny, AT&T is taking a stance in support of stricter standards. Rep. Rick Boucher (D., Va.), chairman of the subcommittee, said in an interview Wednesday that a statute is needed to regulate how companies collect, share and use data on consumers' behavior in targeting online advertising. While ad targeting on the Web has been at the forefront of privacy advocates' concerns, worries are growing about other media, ranging from mobile phones to emerging TV technologies. To sell marketers targeted ads, technology and media companies collect data about customers, ranging from the Web sites they visit to the neighborhoods they live in to the TV shows they watch. Marketers often will pay a premium for this form of advertising because it allows them to show their ads to consumers who are likelier to buy their products or services. "Pitfalls arise because behavioral advertising in its current forms is largely invisible to consumers," says Dorothy Attwood, AT&T's senior vice president of public policy and chief privacy officer, in prepared testimony she is expected to deliver at the hearing of the House Subcommittee on Communications, Technology and the Internet. Her statement says consumers don't fully understand that their online activity is used to create detailed profiles of them. Internet and other media companies say the data they use to target ads are anonymous and can't be traced to individual consumers. AT&T plans to argue that consumers should have "full and complete" notice of what information is collected about them and how it is used and protected, and should have tools that let them determine whether their Web activities are being tracked. The company says it won't use consumer information for online behavioral advertising unless it first obtains consent from the consumers involved. AT&T's stance contrasts with the position taken by most big Internet companies and industry trade grou

The California State Senate approved today SB 20, legislation by State Senator Joe Simitian (D-Palo Alto), which aims to strengthen existing privacy protection laws for California consumers. The new law builds on legislation authored by Simitian in 2002 that requires a business or government agency that incurs a data breach to provide notice to the individual(s) whose information was compromised. More than 40 states have adopted similar legislation since that time, largely based on the California measure. "No one likes to get the news that information about them has been stolen," said Simitian, "but when it happens, people are entitled to get a notice they can understand, and that helps them decide what to do next." "The premise is simple," added Simitian. "What you don´t know can hurt you. Ignorance is not bliss. And you can´t protect yourself if you don´t know you´re at risk." Simitian said his latest proposal (SB 20), "is designed to make a good law even better." California´s current security breach notification law (AB 700, Simitian -2002) requires notice to consumers when their information has been compromised, but does not require data holders to provide any standard set of information about the nature of the breach. SB 20 will enhance consumer knowledge about security breaches by requiring that the notification contain specified information, including the type of personal information breached and the date of the breach.

A leading technology advisor to President Obama said in a research note for his investment firm today that privacy and net neutrality will be among the biggest telecommunications issues facing the Federal Communications Commission and the administration going forward. Analyst Blair Levin, who was the co-lead of Obama's technology and innovation team along with nominated FCC Chair Julius Genachowski, wrote in a Stifel Nicolaus research note that the economic crisis and change of administration will shift the focus of telecom policy away from traditional phone companies to "Internet/edge" players. Indeed, Google and other Web video and voice companies like Skype have been increasingly active in recent years at the FCC, pushing particularly for net neutrality rules that would prevent carriers from blocking or charging more for certain content that travels over the Web. Levin said in a note that net neutrality will emerge again as an issue in the new administration for wireless networks. On the other hand, there won't likely be a push for new net neutrality rules for cable, DSL, and fiber network carriers at the FCC. "(There is a) consensus emerging that disputes about whether a wireline network management tool is 'reasonable' (or is actually blocking or degrading traffic) to be resolved on a case-by-case basis," Levin wrote in the note with analysts Rebecca Arbogast and David Kaut. It would be a tough climb to impose rules that force wireless carriers to open their networks. Apple and AT&T successfully argued to lawmakers and regulators to keep their exclusive iPhone contract. Skype's petition to the FCC to force carriers to allow any handset or software to operate on any network was shot down by former FCC Chairman Kevin Martin. He said the biggest "sleeper" issue will be privacy. With a major overhaul of healthcare records to the Web, the rise in behavioral advertising and cloud computing, where information is stored in computers strung across many geographies

As arguments swirl over online privacy, a new survey indicates the issue is a dominant concern for Americans. More than 90 percent of respondents called online privacy a "really" or "somewhat" important issue, according to the survey of more than 1,000 Americans conducted by TRUSTe, an organization that monitors the privacy practices of Web sites of companies like I.B.M., Yahoo and WebMD for a fee. When asked if they were comfortable with behavioral targeting - when advertisers use a person's browsing history or search history to decide which ad to show them - only 28 percent said they were. More than half said they were not. And more than 75 percent of respondents agreed with the statement, "The Internet is not well regulated, and naïve users can easily be taken advantage of." The survey arrives at a fractious time. Debate over behavioral advertising has intensified, with industry groups trying to avoid government intervention by creating their own regulatory standards. Still, some Congressional representatives and the Federal Trade Commission are questioning whether there are enough safeguards around the practice. Last month, the F.T.C. revised its suggestions for behavioral advertising rules for the industry, proposing, among other measures, that sites disclose when they are participating in behavioral advertising and obtain consumers' permission to do so. One F.T.C. commissioner, Jon Leibowitz, warned that if the industry did not respond, intervention would be next. "Put simply, this could be the last clear chance to show that self-regulation can - and will - effectively protect consumers' privacy," Mr. Leibowitz said, or else "it will certainly invite legislation by Congress and a more regulatory approach by our commission." Some technology companies are making changes on their own. Yahoo recently shortened the amount of time it keeps data derived from searches. It is also including a link in some ads that explains how

Three out of four Americans believe that individuals are responsible for protecting their own privacy online. That's the bottom line of a new survey conducted by TRUSTe, a company that certifies the compliance of websites with privacy standards and statements. Nonetheless, The New York Times reports that the Federal Trade Commission is trying to put more responsibility on website operators: Last month, the F.T.C. revised its suggestions for behavioral advertising rules for the industry, proposing, among other measures, that sites disclose when they are participating in behavioral advertising and obtain consumers' permission to do so. One F.T.C. commissioner, Jon Leibowitz, warned that if the industry did not respond, intervention would be next. "Put simply, this could be the last clear chance to show that self-regulation can -- and will -- effectively protect consumers' privacy," [FTC commissioner Jon] Leibowitz said, or else "it will certainly invite legislation by Congress and a more regulatory approach by our commission." Behavioral advertising, which records individual users' Web usage by inserting cookies into their browsers and keeping a log of where they go and what they do, is the most high-profile privacy issue today. Google-owned DoubleClick is tracks Web users across many sites, combining them into one profile at DoubleClick's end to be used for ad targeting. Some survey respondents use cookie-deleting browsers and anonymizing software to thwart tracking systems. Privacy advocates, TRUSTe, and the FTC all strongly encourage companies to post meticulous privacy statements for online visitors, and to follow them to the letter. Still, only 15 percent of TRUSTe's survey respondents said they actually read privacy statements.

Federal Communications Commission Chairman Julius Genachowski will unveil in a speech on Monday new proposals that would force Internet providers to treat the flow of content equally, sources familiar with the speech said on Friday. The concept, referred to as net neutrality, pits open Internet companies like Google Inc against broadband service providers like AT&T Inc, Verizon Communications Inc, and Comcast Corp, which oppose new rules governing network management. Advocates of net neutrality say Internet service providers must be barred from blocking or slowing traffic based on content. Providers say the increasing volume of bandwidth-hogging services like video sharing requires active management of their networks and some argue that net neutrality could stifle innovation. "He is going to announce rulemaking," said one source familiar with his speech about broadband, to be delivered at the Brookings Institution, a public policy think tank. "The commission will have to codify into new regulations the principle of nondiscrimination." The FCC could formally propose the rules aimed at applying to wireless and landline platforms at an open meeting in October.

Many also may not be comfortable letting AT&T and Verizon, recently under fire for completely ignoring privacy laws, anywhere near their financial data.

If behavioral targeting is the key to providing Web users with advertising that's better tailored to their particular needs and interests--instead of banner ads that they ignore--then what's the harm to consumers? That was a central question tackled by a panel of privacy and online marketing experts Thursday at the OMMA Behavioral conference in New York. Whether online user tracking--even when anonymous--represents a growing threat to privacy has become a hotly debated issue in the last year, with FTC, Congress and state governments considering increased regulation of behavioral targeting. For Jules Polonetsky, co-chair and director of the AT&T-funded think tank Future of Privacy Forum, that debate has become almost superfluous. Whatever side one takes, he emphasized that there is now a widespread perception among consumers and regulators that online tracking is creepy at the very least. The key to diffusing the controversy is for publishers and marketers to give Web users notice that their behavior is being tracked in order to provide them with more relevant content, recommendations and marketing offers.

They may be after the phone, but what about the data? How much of your life is on your mobile device? Some misguided companies let employees use personal devices for work. I wonder what an auditor would say about due diligence and due care when data is leaked through such ignorance. Think, before you set a lax password, or none at all. Karl Thieves are increasingly going after iPhones and other smartphones but victims now can fight back with technology. One device allows a user to remotely activate a loud siren designed to rattle the thief. Another application, designed for iPhones, can reveal the phone's location. Police statistics show petty crime is down in New York but anecdotal evidence and recent headlines about street muggings targeting costly and coveted devices like Apple's iPhone and T-Mobile's Sidekick have disturbed smartphone users concerned about protecting access to e-mail, passwords and other data.

Thieves are increasingly going after iPhones and other smartphones but victims now can fight back with technology. One device allows a user to remotely activate a loud siren designed to rattle the thief. Another application, designed for iPhones, can reveal the phone's location. Police statistics show petty crime is down in New York but anecdotal evidence and recent headlines about street muggings targeting costly and coveted devices like Apple's iPhone and T-Mobile's Sidekick have disturbed smartphone users concerned about protecting access to e-mail, passwords and other data.

The new year has come and gone on the Gregorian calendar. But the new year for legal technology is still in progress at LegalTech New York, where vendors are unveiling their new products and services and attendees are helping them celebrate. LegalTech attendees should revel in the number of vendor initiatives aimed at reducing e-discovery costs from acquisition to review and production. And, like last year, EDD vendors continue to design and manufacture their products for international litigation. But LegalTech is not all about e-discovery. There were still plenty of vendors with products outside the Electronic Data Reference Model. EDD PARTIES Readers should be aware that Index Engines can access and extract data from tape and tape libraries -- and can do so really fast. But now they can also extract data from network storage systems, file shares, forensic images and hard drives and still provide users a single point of access to it -- via a Web browser. Index Engines first indexes data on disparate resources. Once the index is compiled, data can be deduped, searched, reviewed and extracted on demand. Also note that Index Engines can now filter unwanted file types such as EXE, DLL, etc., during the indexing process to reduce the time it takes to review the data. Read LegalTech New York 2009 Coverage on Legal Blog Watch In preparation for the new year, Kazeon Systems introduced new pay-as-you-go pricing models that augment their current standard software licensing option and focus on case matters. Kazeon hopes the new pricing models allow customers to implement an e-discovery solution that does not require a major financial investment or lengthy rollout. Vendors are starting to "go left" of the EDRM to provide organizations a better view of the end of litigation via early case assessment tools. In fact, KPMG promoted the concept with a T-shirt emblazoned with "go left." Toward that end, Daticon EED announced the availability of its Early Case Assessment servic

"Yesterday, a "Your iPhone's been hacked because it's really insecure! Please visit doiop.com/iHacked and secure your phone right now!" message popped up on the screens of a large number of automatically exploited Dutch iPhone users, demanding $4.95 for instructions on how to secure their iPhones and remove the message from appearing at startup. Through a combination of port scanning and OS fingerprinting of T-Mobile's 3G IP range, a Dutch teenager has for the first time automatically exploited a known security vulnerability introduced on jailbroken iPhones - the SSH daemon which unless modified remains running with default users root and mobile, using the same password on each and every device."

Companies that track consumer behavior on the Web for targeted advertising without proper consent are near their "last chance" to self-regulate, the head of the U.S. Federal Trade Commission said on Monday. Privacy advocates say regulations on big phone and Internet companies, such as AT&T Inc and Google Inc, are too lax, giving the firms excessive control over consumers' personal information. "From my perspective, the industry is pretty close to its last clear chance to demonstrate" that it can police itself, FTC Chairman Jon Leibowitz told the Reuters Global Financial Regulation Summit in Washington. Earlier this year, the FTC issued new guidance urging websites to tell consumers that data is being collected during their searches and to allow them to opt out. If companies fail to do a better job of making their privacy policies understandable to the average person, momentum will keep building for greater regulation, Leibowitz said. "It's really up to industry."

Following on the heels of Facebook's decision to rescind a highly controversial move to store all content posted on the social network, new data has emerged to support consumers' increasing alarm over online privacy. The vast majority--80.1%--of Web surfers are indeed concerned about the privacy of their personal information such as age, gender, income and Web-surfing habits, according to a survey of some 4,000 Web users administered and analyzed by Burst Media. More worrisome, perhaps, is the finding that privacy concerns are prevalent among all age segments, including younger demographics that are coming of age online. Still, privacy concerns do appear to increase with age, from 67.3% among respondents ages 18-24 to 85.7% of respondents 55 years and older. "Online privacy is a prevailing concern for web surfers," said Chuck Moran, vice president of marketing for Burst Media. The survey was administered by Burst with the purpose of better understanding how privacy is impacting Web users' experiences online, as well as its impact on advertisers. "Advertisers must take concrete actions to mitigate consumers' privacy concerns and at the same time continue to deliver their message as effectively as possible," Moran added. "In addition, and as recently seen in the news flare up regarding Facebook's privacy controversy, publishers need to be completely transparent about their privacy policies." Facebook recently changed its terms of use agreement, which gave the Palo Alto, Calif.-based company the ability to store user-posted photos and other content, even after it was deleted by users themselves. Earlier this week, however, the company reverted to a previous version of its legal user guidelines after thousands of members protested that Facebook was claiming ownership over the content. In addition, the Burst survey found that most Web users believe Web sites are tracking their behavior online. Three out of five--62.5%--respondents indicated it is likely that a W

We've all heard the argument before: "Why should you worry about the government looking into your personal records if you have nothing to hide?" Daniel J. Solove, an associate professor of law at The George Washington University Law School, analyzes that argument in a recently published paper titled "I've Got Nothing to Hide and Other Misunderstandings of Privacy." Solove argues that "the question assumes faulty assumptions about privacy and its value." Those who make the "nothing to hide" argument fail to understand the chilling effect that surveillance has on public discourse, the fact that small bits of private data (which an individual may not object to being uncovered) when put together form a larger and more intimate profile (which an individual may object to), and the mistake of having one's profile mistakenly associated with a group that is labeled as threatening. Here's an excerpt from the paper, which was published in the latest issue of the San Diego Law Review: [T]he problem with the "nothing to hide" argument is that it focuses on just one or two particular kinds of privacy problems - the disclosure of personal information or surveillance - and not others. It assumes a particular view about what privacy entails, and it sets the terms for debate in a manner that is often unproductive. It is important to distinguish here between two ways of justifying a program such as the NSA surveillance and data mining program. First is to not recognize a problem. This is how the "nothing to hide" argument works. It denies even the existence of a problem. The second manner of justifying such a program is to acknowledge the problems but contend that the benefits of the NSA program outweigh the privacy harms. The first justification influences the second, for the low value given to privacy is based upon a narrow view of the problem. The key misunderstanding is that the "nothing to hide" argument views privacy in a particular way - as a

Urging Privacy Protections with Health IT Privacy safeguards are needed if funds are to be provided for implementation of health IT systems in economic stimulus package. At today's news conference, the Coalition for Patient Privacy is releasing a letter sent to Congress advocating for the inclusion of privacy safeguards with any funding given to implement health IT systems in the proposed economic stimulus package. In the letter, the bipartisan coalition, representing over 30 organizations, individual experts and the Microsoft Corporation, welcomes the renewed commitment in Congress to protecting consumers over special interests, but makes clear that trust is essential to health IT adoption and participation, and only attainable with privacy protections. The coalition is calling on Congress to "A.C.T.", by providing: accountability for access to health records, control of personal information, and transparency to protect medical consumers from abuse. Consumer trust is essential to health IT adoption and participation, and only attainable with privacy safeguards. Through these three tenets, implementation of health IT is not only attainable, but would protect the right to privacy for consumers, employees, and providers.

Hundreds of medical records kept by a longtime Acton family doctor who abruptly closed his practice last year are about to be destroyed, leaving patients without crucial information and exposing a gap in state law about who owns abandoned medical records. On April 8, a Lynn storage company is scheduled to discard the records and auction the equipment left by Dr. Ronald T. Moody, who was evicted from his office last September as state regulators pursued him, saying he was practicing without a license. Many of Moody's former patients have no idea that their records are slated for destruction: None has been notified, nor does the law require such notice. "We throw people's lives away on a daily basis, and, believe me, we go out of our way to try and find someone" to salvage belongings, said Jim Appleyard, owner of the storage company that was hired by Moody's former landlord to clean out the office and store the items for six months, as required by law. But the idea of dumping hundreds of patients' files without them knowing about it bothered Appleyard. Unable to find Moody, he contacted the state Board of Registration in Medicine and pleaded to take the dozens of boxes of records. The board regulates doctors and administers rules governing medical records of physicians in private and group practices.

The Federal Trade Commission had some sharp words for Internet advertising companies Thursday, saying that they simply are not disclosing how they collect information about users well enough. And the agency threatened that the industry had better get its act together - or else. Or else what? Well, that's a bit harder. The commission has limited ability to issue binding regulations on advertising practices, and the process is cumbersome. But if the agency were to say that its attempt over the last few years to have Internet companies voluntarily bolster their privacy standards has failed, it could encourage Congress to pass online privacy legislation. Indeed, two members of the commission - Pamela Jones Harbour, an independent, and Jon Leibowitz, a Democrat - issued statements saying that while they support the commission's action, they hope for further regulation and possibly legislation on the issue. What the commission issued Thursday was the final version of its principles for online behavioral advertising - that is, ads shown to you based on something you did in the past. The agency issued its first draft of these at the end of 2007 and spent more than a year digesting comments. These principles were meant to spur various Internet groups to create self-regulatory standards for their members. And one group, the Network Advertising Initiative, did publish new rules. The top recommendation was that users should be given clear notice about what information was collected and an easy way to tell sites to stop watching them. "What we observe is that, with rare exception, is not the rule for any Web sites," said Eileen Harrington, the acting director of the commission's bureau of consumer protection, in an interview Thursday. "It is far more commonplace to put the information in the midst of lengthy and hard-to-understand privacy policies."