Group items tagged

Online targeted advertising and the collection of consumer data are the fuel of Internet commerce, not the major privacy problems described by some advocates and U.S. lawmakers, according to a new paper. "The use of such data permits firms to target their marketing messages to consumers' interests, pays for a wealth of content on the Internet, and helps protect consumers from a variety of online threats," said the paper, released Monday by the Technology Policy Institute (TPI), an antiregulation think tank. "It forms the basis for many of the business models that are fueling the growth of the Internet." Privacy groups want a "free lunch" online, with strong privacy controls that make it tougher for advertising to work online, the paper said. "Privacy advocates have provided little detail on the benefits of more privacy and have typically ignored the costs or trade-offs associated with increasing privacy," the paper said. Data collection delivers ads that people want and that advertising pays for a multitude of free services online, said the paper, co-authored by TPI President Thomas Lenard and Emory University law and economics professor Paul Rubin.

Will monetary value increase the value of user's data on social networks?

Facebook and Twitter have helped make social networking a household word. Now they need to make money. Efforts to monetize the popular Internet services are increasingly a priority within the two companies, with Facebook Chief Executive Mark Zuckerberg and Twitter Co-founder Biz Stone outlining several initiatives at the Reuters Global Technology Summit in New York this week. And analysts and investors, in search of the next Google-like hit, are paying close attention to the breakneck speed at which Facebook and Twitter are adding new users. While the popularity of the two social media firms has yet to translate into the kind of revenue-generating machine that Google Inc developed with its search advertising business, some say Facebook and Twitter have become so central to the Internet experience that they are inherently valuable. "Both are new ways of communicating. And when you have a new way of communicating ... you benefit people enough so that there is going to be value there," said Tim Draper, managing director of venture capital firm Draper Fisher Jurvetson, noting that he regretted not having invested in either firm. In April, Twitter's website attracted 17 million unique visitors in the United States, up sharply from 9.3 million the month before. Facebook grew to 200 million active users in April, less than a year after hitting 100 million users.

As USB devices have evolved into useful storage media, they've also turned into a security nightmare for agencies. The usage of USB devices should be encouraged and embraced to improve productivity, but they also must be managed to minimize the risks inherent with these tools. This paper discusses how USB devices have evolved and looks in-depth at the productivity benefits as well as the potential risks these devices can introduce if not managed properly. This paper also offers recommendations on how to balance the productivity versus risk challenge and highlights how government agencies can effectively manage the usage of USB devices and prevent data loss and malware introduction.

We've all heard the argument before: "Why should you worry about the government looking into your personal records if you have nothing to hide?" Daniel J. Solove, an associate professor of law at The George Washington University Law School, analyzes that argument in a recently published paper titled "I've Got Nothing to Hide and Other Misunderstandings of Privacy." Solove argues that "the question assumes faulty assumptions about privacy and its value." Those who make the "nothing to hide" argument fail to understand the chilling effect that surveillance has on public discourse, the fact that small bits of private data (which an individual may not object to being uncovered) when put together form a larger and more intimate profile (which an individual may object to), and the mistake of having one's profile mistakenly associated with a group that is labeled as threatening. Here's an excerpt from the paper, which was published in the latest issue of the San Diego Law Review: [T]he problem with the "nothing to hide" argument is that it focuses on just one or two particular kinds of privacy problems - the disclosure of personal information or surveillance - and not others. It assumes a particular view about what privacy entails, and it sets the terms for debate in a manner that is often unproductive. It is important to distinguish here between two ways of justifying a program such as the NSA surveillance and data mining program. First is to not recognize a problem. This is how the "nothing to hide" argument works. It denies even the existence of a problem. The second manner of justifying such a program is to acknowledge the problems but contend that the benefits of the NSA program outweigh the privacy harms. The first justification influences the second, for the low value given to privacy is based upon a narrow view of the problem. The key misunderstanding is that the "nothing to hide" argument views privacy in a particular way - as a

Hunch.com helps users search for answers -- but first, it performs a detailed search on the users themselves. Launching today after a year in development, Hunch aims to supply users with computer-generated advice on thousands of lifestyle and consumer questions: What kind of dog should I buy? What should I get dad for Father's Day? Which book by George Orwell would I like? Most important, though, Hunch is not a search engine. Rather than scouring the open Web for information, as Google, Microsoft's new Bing and scores of others do, or collating written opinions, as Amazon.com does, Hunch computes answers by comparing what it knows about you to what it knows about people like you. "Ultimately, what we're doing is providing a kind of shortcut through human expert systems," said Hunch founder Caterina Fake, who also started Flickr.com, the popular photo-sharing site that was acquired by Yahoo in 2005. By first inviting users to answer as many as 1,500 questions about themselves -- an addictive kind of personality test that involves such diverse questions as political orientation, relationship status and whether you believe in UFOs and keep your closet organized -- Hunch looks to assemble a demographic profile whose depth could rival anything in the commercial universe. The New York company also believes that users stand to benefit from this kind of large-scale data farming -- not just from getting better answers, but also from discovering the many microdemographics to which they belong. Hunch also says it will not sell user data to marketers. But this promise, written into the site's privacy policy, is not precisely a legal contract, said Siva Vaidhyanathan, a new-media scholar at the University of Virginia, and the difference leaves the data it collects in a fuzzy domain.

Visit the Amazon.com site to buy a book online and your welcome page will include recommendations for other books you might enjoy, including the latest from your favorite authors, all based on your history of purchases. Most customers appreciate these suggestions, much the way they would recommendations by a local librarian. But, what if you visited an investment site, only to find advertising messages suggesting therapies for your recently diagnosed heart condition? Chances are that you would experience what Fran Maier calls the "creepiness" factor, a sense that someone has been snooping into a part of your life that should remain private. Maier is the Executive Director of TrustE, a nonprofit that sets guidelines for online privacy and awards a seal of approval to companies meeting those guidelines. She was a speaker at the recent Supernova conference, an annual technology event in San Francisco organized by Wharton legal studies and business ethics professor Kevin Werbach in collaboration with Wharton. Creepiness Factor The creepiness factor is a risk inherent in so-called behavioral targeting. This practice is based on marketers anonymously observing a user's behavior on the Internet and compiling a personal profile based on interests and behavior -- sites visited, searches conducted, articles read, even emails written and received. Based on their profiles, users receive advertising targeted specifically to them, regardless of where they travel on the web. Consumer advocates worry that online data collection and tracking is going too far. Marketing executives counter that consumers benefit from seeing advertising relevant to their interests and contend that relinquishing some personal data is a reasonable trade-off for free access to Internet content, much of it supported by advertising.

Opinion: Privacy columnist Jay Cline says the time is ripe for a global privacy standard to replace the hodgepodge of privacy principles that multinational businesses must cope with. The first step is to agree on what privacy really means. Whenever I've mentioned to chief privacy officers the idea of having a single set of privacy rules for their companies to abide by worldwide, their response has been unanimous: Bring it on. Why? The legal and technical costs of complying with an expanding patchwork of state, federal and foreign privacy laws are mounting for multinationals. Having one set of rules would improve the bottom line. Data-protection commissioners from many world governments are singing the same tune. At a November conference in London, they issued a communique urging the United Nations to launch an international privacy convention toward this end. > You and I as customers and employees would also benefit from one set of rules that we could come to know and understand - instead of the vast array of obtusely worded privacy notices that we see on Web sites and find in our mailboxes. It's hard to imagine a major constituency, outside of the Idaho and Michigan militias, that would be against the concept of a global privacy agreement, if it was properly worded. So, what's the holdup?

Privacy is a central element of the FTC's consumer protection mission. In recent years, advances in computer technology have made it possible for detailed information about people to be compiled and shared more easily and cheaply than ever. That has produced many benefits for society as a whole and individual consumers. For example, it is easier for law enforcement to track down criminals, for banks to prevent fraud, and for consumers to learn about new products and services, allowing them to make better-informed purchasing decisions. At the same time, as personal information becomes more accessible, each of us - companies, associations, government agencies, and consumers - must take precautions to protect against the misuse of our information. The Federal Trade Commission is educating consumers and businesses about the importance of personal information privacy, including the security of personal information. Under the FTC Act, the Commission guards against unfairness and deception by enforcing companies' privacy promises about how they collect, use and secure consumers' personal information. Under the Gramm-Leach-Bliley Act, the Commission has implemented rules concerning financial privacy notices and the administrative, technical and physical safeguarding of personal information, and it aggressively enforces against pretexting. The Commission also protects consumer privacy under the Fair Credit Reporting Act and the Children's Online Privacy Protection Act.

A rule requiring healthcare providers, health plans, and other entities covered by the Health Insurance Portability and Accountability Act (HIPAA) to notify individuals of a breach of their unsecured protected health information will become effective September 23, 2009. The "breach notification" regulations implement provisions of the Health Information Technology for Economic and Clinical Health (HITECH) Act, which was part of the American Recovery and Reinvestment Act of 2009 (ARRA). The new "breach notification" regulations apply to HIPAA-covered entities and their business associates. HIPAA covered-entities include health plans, healthcare clearinghouses, and healthcare providers. A business associate is a person or entity (such as a healthcare benefits broker) who, on behalf of the covered entity, performs a function involving the use or disclosure of individually identifiable health information.

"For more than a decade, Web companies have said that behavioral targeting, or tracking people anonymously as they navigate around the Internet and then serving them targeted ads, doesn't harm users. On the contrary, they argue, such targeting benefits people by providing them with more relevant messages, and also lets marketers spend their ad dollars more efficiently. When privacy advocates complain about behavioral targeting techniques, industry executives tend to respond by condemning the critics as ivory-tower elitists. But new research is increasingly casting doubt on the idea that the average consumer doesn't care about behavioral targeting. "

Privacy & security are individual rights and responsibilities, not just corporate or governmental responsibilities. Reliance on technology is bound to fail without motivation for all involved to find mutual benefits.

Identity theft and security is always in the spotlight through the constant stream of news stories about companies losing confidential customer or client data, such as social security numbers, credit card numbers, health histories and so forth. These "breaking news" stories now seem to happen so frequently that we scarcely pay attention to them unless, of course, we are directly impacted by them. They have, however, heightened the public awareness and have even spawned new identity protection businesses. Information technology companies rightly react to this by developing new technologies to improve security and eagerly market these to CIOs as a way to protect the personal information of their customers and clients. While we should use these appropriately, we can't rely just on technology for identity protection. While some of these security incidents involve someone hacking into a system, many involve a human failing. Examples include a laptop with confidential information being lost or stolen and employees e-mailing sensitive data to their personal e-mail accounts so they can work on it from home.