Group items tagged

Mary Kay Hoal tried everything she could to keep her daughter off of MySpace. She put password locks on the computer and blocked the site. Still, her daughter found ways to log on. Hoal's concerns stemmed from statistics that showed 29,000 registered sex offenders were on MySpace, one out of every five kids are sexually solicited online, and nine out of ten children are exposed to pornography online. When she looked for alternative safe sites for kids, she found none, so she decided to do something about it. Story continues below ↓advertisement | your ad here Click Here! The result is www.yoursphere.com, the only social networking site for kids and teens that's backed by the Federal Trade Commission through the site's Privacy Vaults approval. The site's Chief Technology officer worked at the California Department of Justice tracking anonymous online sex offenders, as well as the Megan's Law database. Moreover, it requires verified parental consent for a minor to join. Other features include: -- Requires verifiable parental consent to join -- Confirms the identity of the parent providing consent -- Confirms that the parent or guardian providing consent is not a registered sex offender -- Is exclusively for kids and teens through age 18. -- Exceeds COPPA (Children's Online Privacy Protection Act) and Federal Trade Commission (FTC) guidelines for protecting kids online through our approval by Privacy Vaults Inc. -- Whose policy is "no creepers allowed" -- lurkers are removed and banned. -- No fake profiles. (No one is anonymous on Yoursphere.com) "The bottom line is that we're the only place in the online world that that has taken extraordinary measures to help ensure the safety of its members and meets or exceeds standards set by the government," Hoal said. "Our opinion is that if it's a behavior that is illegal, immoral or unacceptable offline, then it's unacceptable online." About Mary Kay Hoal After researching the disturbing la

"Every day thousands of people download new applications onto their smart phones without much care for the terms of service they so easily agree to. What most of these people don't know is they may be volunteering information and allowing for companies to gather data without their consent. Recently a company called Pinch Media was charged with being a little too invasive when it comes to gathering information through their iPhone apps. According to one iPhone developer, applications using Pinch Media can retrieve information like your phone's personal ID number and can work in conjunction with other applications like Facebook to determine your gender, birth year and even your exact longitude and latitude. Pinch Media has been accused of gathering information that has nothing to do with its applications. Instead, they have been using this data collection for advertisements and other marketing purposes. Worse, is that this information is often taken without the consent of the user and more often than not does not allow the user the option to stop the information gathering. Pinch Media has fought back by arguing that they are completely within their rights to retrieve the information as long as the user gives consent when they agree to the terms of the application. Regardless of whether or not the information they gathered is being used for good or ill mannered purposes one thing is certain. Smart phone users should pay more attention to the terms of service they agree to. A simple visit to a software developer's web site can be the difference between you using your applications and your applications using you. Take the time out to read the fine print, and if you aren't sure about something - email the company directly with your questions or concerns."

The European Commission threatened Britain with sanctions on Tuesday for allowing an Internet service provider to use a new advertising technology to track the Web movements of customers. The European telecommunications commissioner, Viviane Reding, said that use of a tracking tool created by Phorm violated European privacy laws. The country's largest service provider, BT, acknowledged last April that it used the tool without customers' consent in 2006 and 2007, Ms. Reding said. "European privacy rules are crystal clear: a person's information can only be used with their prior consent," Ms. Reding said. The case could become a test for the limits of ads that aim at online behavior. Supporters of the practice say it has the potential to transform advertising by allowing marketers to show Internet users only ads that are considered relevant to them, based on their surfing habits.

Like this http://cheaptravelbooker.com Like this http://cheaptravelbooker.com like this http://killdo.de.gg travel,hotel,fun,hotel new,new offer,hotel best,best hotel,hotel travel,seo,backlinks,edu,gov,ads,indexing,bookmark,killgoggle,gogglesuck,goggle bookmark,kill goggle,yahoo,bing,indexing,quality links,linkwell,traffic boster,index best

Do you know what your data did last night? Almost none of more than 27 million people who took the RealAge quiz realized that their personal health data was sold to drug companies, who in turned used that information for targeted e-mail marketing campaigns. There's a basic consumer protection principle at work here, and it's the concept of "unfair and deceptive" trade practices. Basically, a company shouldn't be able to say one thing and do another: sell used goods as new, lie on ingredients lists, advertise prices that aren't generally available, claim features that don't exist, and so on. RealAge's privacy policy doesn't mention anything about selling data to drug companies, but buried in its 2,400 words, it does say that "we will share your personal data with third parties to fulfill the services that you have asked us to provide to you." They maintain that when you join the website, you consent to receiving pharmaceutical company spam. But since that isn't spelled out, it's not really informed consent. That's deceptive. Cloud computing is another technology where users entrust their data to service providers. Salesforce.com, Gmail, and Google Docs are examples; your data isn't on your computer -- it's out in the "cloud" somewhere -- and you access it from your web browser. Cloud computing has significant benefits for customers and huge profit potential for providers. It's one of the fastest growing IT market segments -- 69% of Americans now use some sort of cloud computing services -- but the business is rife with shady, if not outright deceptive, advertising.

Traditionally, we trust doctors with confidential information about our health in the knowledge that it�s in our own interests. Similarly, few patients object to the idea that such information may be used in some form for medical research. But what happens when this process is subject to scrutiny?How explicit does our consent have to be? Since the introduction of the Data Protection Act 1998 medical researchers have raised concerns over the increasing barriers they face to accessing patient data.These concerns have heightened amongst some researchers since the passing of the Human Tissue Act 2004 introduced in the wake of the Alder Hey and Bristol Royal Infirmary scandals. When scientific advances are unraveling the secrets of DNA and the decoding of the human genome has opened up substantial new research opportunities.Clinical scientists and epidemiologists argue that the requirements being placed upon them are disproportionate to the use they are making of either datasets or tissues samples and, besides, their work is in the public interest.At the heart of the debate lie key questions over trust and consent and how these can best be resolved.To complicate things, it is no longer just medical researchers, but also public health bureaucrats who are keen to have access to our data.Quasi-official bodies have been charged with persuading individuals to change their behaviour and lifestyles in connection with all manner of issues such as diet, exercise, smoking and alcohol consumption.Social Marketing � the borrowing of commercial marketing techniques in the pursuit of 'public goods' � is in vogue amongst public health officials. Empowered by advanced data collection and computing techniques, armed with the latest epidemiological research, and emboldened by a mission to change unhealthy behaviour, public health officials are keen to target their messages to specific 'market segments' in most need of advice.Are government researchers abusing patients' trust? Can an

The Federal Trade Commission today approved a final consent order settling claims that CVS Caremark violated customers' privacy and the Health Information Portability and Accountability Act (HIPAA) when it failed to dispose of records properly last year. Earlier this year, CVS Caremark agreed to settle FTC charges that it failed to take reasonable and appropriate security measures to protect the sensitive financial and medical information of its customers and employees, in violation of federal law. In a separate but related agreement, the company's pharmacy chain also has agreed to pay $2.25 million to resolve Department of Health and Human Services allegations that it violated HIPAA regulations. "This is a case that will restore appropriate privacy protections to tens of millions of people across the country," said FTC chairman William Kovacic following the settlement. "It also sends a strong message to other organizations that possess consumers' protected personal information. They are required to secure consumers' private information." Under the final consent order, CVS Caremark is required to rebuild its security and confidentiality program, which will be audited every two years for the next 20 years. The HHS settlement requires the company to develop a new training program to instruct employees on how to handle patient data.

A new report from the Progress & Freedom Foundation says that officials in some states want to pass legislation that would extend the Children Online Privacy Protection Act (COPPA) from covering children under 13 to covering teens until they're 18. COPPA, which became law in 1998, requires verifiable parental consent before a child under 13 can provide personally identifiable information to a Web site that caters to children. Expanding the law to cover teens till they're 18, according to the report, would "require Web sites to obtain more information about both minors and their parents, which runs counter to the original goal of the Act: protecting the privacy of minors." Ultimately, say the authors, "this would actually make minors less 'safe online.'" In this podcast, the report's co-author, PFF Senior Fellow Adam Thierer, explains the original COPPA law and why, in his opinion, the expanded law could have a chilling effect on the free speech rights of minors. The podcast runs 11:30

"Faced with increasing pressure from Washington, the Interactive Advertising Bureau launched a public service campaign on Thursday aimed at educating consumers about behavioral targeting. The online campaign, created pro bono by WPP's Schematic, features rich media banner ads with copy like "Advertising is creepy" and "Hey, this banner can tell where you live. Mind if we come over and sell you stuff?" More than one dozen publishers -- including Microsoft, Google's YouTube, and AOL -- have committed to donate a combined 500 million impressions for the initiative. The campaign comes as policymakers are questioning whether data collection by marketers violates consumers' privacy. Rep. Rick Boucher (D-Va.) has said he plans to introduce a bill that could require Web companies to notify users about online ad targeting, and in some circumstances, obtain their explicit consent. In addition, the Federal Trade Commission has criticized the industry for using dense privacy policies to inform people about behavioral targeting, or tracking people online and sending them ads based on sites visited. In a meeting with reporters Thursday morning, IAB President and CEO Randall Rothenberg said one goal of the campaign is to address regulators' concerns that consumers don't understand behavioral advertising. "

"The ubiquity of online advertising is a product of its importance to the internet economy, said a group of consumer advocates Wednesday during a debate on the future of online advertising. But the impact of new targeted advertising methods on consumer privacy and its potential to manipulate online experiences was the subject of heated argument at the event, sponsored by the Information Technology and Innovation Foundation. Privacy does not mean the same thing to all consumers in all situations, said Progress and Freedom Foundation Senior Fellow Berin Szoka. Advertisements are attempts to capture user attention - the "great currency of the Internet" - and when successful support a wide range of valuable content, he said. But in online life, "consumers have many values," Szoka added. "Privacy is one of them," he said, but it is not an absolute. Consumers must sometimes trade privacy for content, he said. "There is no free lunch." As more information and entertainment migrates to the internet, Szoka said it is "critical…that we find a way to support this media." Targeted advertising can fit the bill, he suggested - especially if technology gives users more control over their own preferences. Most consumers don't understand that advertising is a necessity for today's internet, he said. New technologies like targeting need to be given a try, he said, so content providers can recoup the value of their advertising - down 25 percent since 2000, he noted. Center for Digital Democracy founder Jeff Chester said Szoka's ideas about advertising's future represented a "false dichotomy." The real debate should be over the rules that regulate advertiser content, he said. Chester warned of a "Targeting 2.0″ system in which neuroscience combined with massive databases not only serve ads, but target content to users. "It's about influencing our behavior without our consent," he said. Chester pointed to the subprime lending cr

"Iconix Brand Group, Inc. will pay a $250,000 civil penalty to settle Federal Trade Commission charges that it violated the Children's Online Privacy Protection Act (COPPA) and the FTC's COPPA Rule by knowingly collecting, using, or disclosing personal information from children online without first obtaining their parents' permission. Iconix owns, licenses, and markets - both offline and online - several popular apparel brands that appeal to children and teens, including Mudd, Candie's, Bongo, and OP. Iconix required consumers on many of its brand-specific Web sites to provide personal information, such as full name, e-mail address, zip code, and in some cases mailing address, gender, and phone number - as well as date of birth - in order to receive brand updates, enter sweepstakes contests, and participate in interactive brand-awareness campaigns and other Web site features. Since 2006, Iconix knowingly collected and stored personal information from approximately 1,000 children without first notifying their parents or obtaining parental consent, according to the FTC's complaint. On one Web site, MyMuddWorld.com, Iconix also enabled girls to publicly share personal stories and photos online, according to the complaint. "Companies must provide parents with the opportunity to say 'no thanks' to the collection and disclosure of their children's personal information," said FTC Chairman Jon Leibowitz. "Children's privacy is paramount, and Iconix really missed the boat by denying parents control over their kids' information online.""

The European Commission started legal action against Britain on Tuesday for what the EU executive called a failure to keep people's online details confidential. EU Telecoms Commissioner Viviane Reding said the action related to how Internet service providers used Phorm (PHOR.L) technology to send subscribers tailor-made advertisements based on websites visited. Reding said Internet users in Britain had complained about the way the UK applied EU rules on privacy and electronic communications that were meant to prohibit interception and surveillance without the user's consent. "Technologies like Internet behavioural advertising can be useful for businesses and consumers but they must be used in a way that complies with EU rules," Reding said in a statement. "We have been following the Phorm case for some time and have concluded that there are problems in the way the UK has implemented parts of the EU rules on the confidentiality of communications," Reding said. She called on Britain to change its national laws to ensure there were proper sanctions to enforce EU confidentiality rules. Unless Britain complies, Reding has the power to issue a final warning before taking the country to the 27-nation EU's top court, the European Court of Justice. If it rules in favour of the European Commission, the court can force Britain to change its laws. (Reporting by Huw Jones, editing by Dale Hudson)

making best indexing in goggle and bing. RADJASEOTEA is a master of backlinks. You want indexing in goggle and bing. LOOK THIS www.fiverr.com/radjaseotea/making-best-super-backlink-143445

Companies that track consumer behavior on the Web for targeted advertising without proper consent are near their "last chance" to self-regulate, the head of the U.S. Federal Trade Commission said on Monday. Privacy advocates say regulations on big phone and Internet companies, such as AT&T Inc and Google Inc, are too lax, giving the firms excessive control over consumers' personal information. "From my perspective, the industry is pretty close to its last clear chance to demonstrate" that it can police itself, FTC Chairman Jon Leibowitz told the Reuters Global Financial Regulation Summit in Washington. Earlier this year, the FTC issued new guidance urging websites to tell consumers that data is being collected during their searches and to allow them to opt out. If companies fail to do a better job of making their privacy policies understandable to the average person, momentum will keep building for greater regulation, Leibowitz said. "It's really up to industry."

Cable operators will sit in the hot seat Thursday as Congress reviews their plans to roll out targeted advertising amid fears that consumer privacy could be infringed if the companies were to track and record viewing habits. The House subcommittee on Communications, Technology and the Internet will hold a hearing that will look at new uses for digital set-top boxes, the devices that control channels and perform other tasks on the TV screen. Cable TV companies plan to use such boxes to collect data and direct ads more targeted to individual preferences. "We have recently called on Congress and the Federal Trade Commission to investigate cable's new interactive targeted TV ad system on both antitrust and privacy grounds," said Jeff Chester, executive director of the Center for Digital Democracy. He's concerned about Canoe Ventures, a consortium formed by the nation's six largest cable companies to oversee the rollout of targeted and interactive ads nationally. Chester worries that Canoe will track what consumers do in their homes. Currently, cable companies aim their ads based strictly on geography. Now, cable's goal is to take the Internet's success with targeted ads and transfer that to the TV medium. Thus, a household that watches a lot of Nickelodeon and the Disney Channel eventually could be targeted for theme parks promotions. This type of targeting is something broadcast TV can't do. For starters, Canoe plans to offer ads this summer that consider demographic factors such as age and income. Philadelphia-based Comcast Corp. and Cablevision Systems Corp. of Bethpage, N.Y., also have been testing or rolling out targeted ads outside the consortium. But cable operators are wary about being seen as trampling on consumer privacy and reiterate that they don't plan to target based on any personally identifiable information, such as someone's name and address. Canoe said it doesn't have plans this year to use set-top box data for ads. Instead, the first ads it pl

As the impact of digital advertising on consumer privacy comes under scrutiny, AT&T is taking a stance in support of stricter standards. Rep. Rick Boucher (D., Va.), chairman of the subcommittee, said in an interview Wednesday that a statute is needed to regulate how companies collect, share and use data on consumers' behavior in targeting online advertising. While ad targeting on the Web has been at the forefront of privacy advocates' concerns, worries are growing about other media, ranging from mobile phones to emerging TV technologies. To sell marketers targeted ads, technology and media companies collect data about customers, ranging from the Web sites they visit to the neighborhoods they live in to the TV shows they watch. Marketers often will pay a premium for this form of advertising because it allows them to show their ads to consumers who are likelier to buy their products or services. "Pitfalls arise because behavioral advertising in its current forms is largely invisible to consumers," says Dorothy Attwood, AT&T's senior vice president of public policy and chief privacy officer, in prepared testimony she is expected to deliver at the hearing of the House Subcommittee on Communications, Technology and the Internet. Her statement says consumers don't fully understand that their online activity is used to create detailed profiles of them. Internet and other media companies say the data they use to target ads are anonymous and can't be traced to individual consumers. AT&T plans to argue that consumers should have "full and complete" notice of what information is collected about them and how it is used and protected, and should have tools that let them determine whether their Web activities are being tracked. The company says it won't use consumer information for online behavioral advertising unless it first obtains consent from the consumers involved. AT&T's stance contrasts with the position taken by most big Internet companies and industry trade grou

Last month, the digital advertising industry's use of behaviorally targeted advertising gained a reprieve of sorts when the Federal Trade Commission issued a final report confirming its earlier support of self-regulation. But some commission members remained concerned about ads that are shown to Web users based on their previous online activities, and in particular the possibility of violations of online privacy. Some form of legal restrictions may be imposed on the industry, the FTC indicated, if the online ad industry isn't up to the task of regulating itself. "Privacy is definitely the biggest concern today," said Joe Apprendi, CEO of Collective Media, an online advertising network based in New York. "There has been the concern that through such approaches as deep-packet technology, companies can leverage information through subscriber-based providers to marry anonymous behavioral segment data and identify real people. "The fact is, online advertising is subject to a higher standard that offline direct marketing tactics," Apprendi said. The FTC report, "Self-Regulatory Principles for Online Behavioral Advertising," continues to advocate voluntary industry self-regulation, in keeping with its principles governing online behavioral advertising issued at the end of 2007, despite the urgings of consumer advocacy groups that it impose rules regulating online advertising. The commission's new guidelines are based on four principles: * Transparency and consumer control. The commission advises that Web sites that collect data for behavioral advertising provide "a clear, concise, consumer-friendly and prominent statement" that the data are being collected to provide ads tailored to the user's interests and that the user has an easy and obvious way to choose whether to allow this. * Security for data retention. Companies that collect data for behavioral advertising should provide "reasonable" protection of that information and reta

Stunned applicants filling out immigration forms are now being warned their personal information can be shared with the RCMP, national security and intelligence agents, and even foreign cops. The immigrants, many who arrive here from brutal regimes, are being told that they must sign a consent form or their requests will not be dealt with by federal immigration officials. One form, which was obtained by Sun Media, said the data can be shared with the Canada Border Services Agency, RCMP, Canadian Security Intelligence Service and foreign police. TARGET FRIENDS The information can be used to target friends or family members of those who say negative things about their homelands, said Jamal Kaker, of the Afghan Association of Ontario. "This will impact a lot of immigrants in many communities," he said yesterday. "This is scary because the information will get back to Afghanistan in no time." Toronto lawyer Guidy Mamann said it can be deadly for immigrants who give information that may be negative to their governments and are then refused by Canada. "The rights of these immigrants are being trampled," Mamann said. "All this was done under the radar without an announcement." He said foreign police -- some working for the worst regimes -- will be able to find out where their nationals who fled to Canada live and allegations they have leveled against their homelands. "All this information will now be shared," Mamann said. "The lives of immigrants and some Canadian citizens will become an open book." SIGN FORMS He said Canadian citizens are affected if they sign forms to sponsor a spouse or loved ones. "It's another nail in the coffin for civil rights in Canada," Mamann said. "Negative information against governments will now be open for sharing." Toronto lawyer Mendel Green called the changes troubling. "This is a serious breach of our privacy laws," he said. "It appears to be an excess of authority. Big Brother wants to watch our visitors." Federal immig

We all like to think our privacy is absolute. But if your job involves working across borders, you'll want to talk about privacy as a matter of degree rather than as an uncompromising right. Why? Not only do you want to be seen as someone who can get things done globally, but you also may personally want to be part of advancing social objectives that are arguably as important as privacy. Have you ever had to re-architect your global rollout of PeopleSoft or Lawson because of European Union privacy concerns? Or adjust how your company offers technical support to medical products sold in Europe? Have you ever been part of acquiring a failing European company where the privacy of employee data was a final sticking point? If you've seen projects with obvious social benefit get held up by seemingly minor data-related questions, then you might have been running up against this notion of "nothing trumps privacy." It's a popular idea. The half-billion people of Europe do view privacy as a human right. And they're not the only ones. As one of the first acts of the UN, Eleanor Roosevelt and the U.S. delegation in 1948 lobbied for the global adoption of the Universal Declaration of Human Rights(UNDHR), whose Article 12 states, "No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation." With Europe and the UN using absolute-sounding language to describe a right to privacy, it's no wonder we have all of these delayed and downsized corporate projects. People are legitimately concerned about our sometimes reckless march into the Information Age, and they want to put some brakes on it. But does privacy trump all foes? I can think of at least six other equally important social objectives that regularly put limits on privacy: 1. Personal health. We all want to stay healthy - even when we lose the ability to communicate and give consent. Emergency-room personnel need access t

Until now, lawsuits seeking to recover significant damages based on the loss of, or unauthorized access to, sensitive personal information have not been especially successful for plaintiffs. Most companies suffering data breaches have escaped by offering affected consumers inexpensive credit monitoring services. But two recent cases show plaintiffs a way to expose many previously safe companies to substantial claims for damages. Any company that thinks there are no risks in employing less than best practices for data privacy and security needs a wake up call. The headlines are all too familiar. Some well known consumer services company (or less known wholesale data processor) announces that millions of individual records containing names, Social Security numbers, account numbers and other sensitive information were left in a dumpster, saved to a stolen, unencrypted laptop, or stored on a misplaced USB drive or backup tape. The press is terrible, the company's stock takes a temporary plunge, and sometimes the Federal Trade Commission enters into a consent decree where the company promises to never do it again. But when affected individuals or groups of consumers tried to sue for damages, they seldom recover significant amounts. These cases have not often succeeded because the plaintiffs have been unable to prove actual pecuniary losses resulting from the security breach. Sure, if identify theft occurs the affected individuals can suffer significant emotional trauma, loss of time, etc. But Courts have been unwilling to award damages for anxiety, fear, and other emotional harm that can result from a data breach, for the risk of future identify theft, or for actual identity theft when the plaintiff could not prove that the theft occurred as a direct result of a data breach at a particular source. Most companies facing claims based on data breaches have been able to settle cheaply by offering to provide credit monitoring services, which most consumers do not use, resu

Current government rules do too little to protect the privacy of people's personal health information and also hinder the use of health data in medical research, a panel of experts reported on Wednesday. A committee of the Institute of Medicine, which provides advice to U.S. policymakers, urged Congress to take an entirely new approach to protecting personal health data in research. Federal standards for protecting privacy of personal health data under the Health Insurance Portability and Accountability Act of 1996, or HIPAA, are not doing the job, the panel said. Congress and the Obama administration are planning major changes this year to the U.S. health care system. Regarding the privacy rules, Congress should either start from scratch or thoroughly overall HIPAA's privacy provisions, the panel said. Better data security is needed, with greater use of encryption and other security techniques, the panel said. Encryption should be required for laptops, flash drives and other devices containing such data, it said. "Both privacy and health research are important. And we feel that we can strengthen privacy protections for people who participate in research while also allowing important research to proceed without unnecessary impediments," Dr. Bernard Lo of the University of California San Francisco, a member of the panel, told reporters. HIPAA governs how personally identifiable health information can be used and disclosed by health plans, health care providers and others. The intention is to protect personal health information while permitting the flow of information for health-related research and medical care. Lo said HIPAA has burdensome and confusing procedures for people to consent to have their health data used in medical research, dissuading people from taking part in such research.

A group of U.S. companies, led by technology giants Microsoft, Hewlett-Packard and eBay, is set to outline recommendations for new federal data-privacy legislation that could make life easier for consumers and lead to a standard federal breach-notification law. The recommendations, which were developed by a group of industry players called the Consumer Privacy Legislative Forum, are set to be released at an upcoming privacy conference six weeks from now, according to Peter Cullen, Microsoft's chief privacy officer. The companies have been working for the past three years to encourage the adoption of federal consumer data-privacy laws and to answer the question of what federal legislation should look like, Cullen said in an interview. Other forum members include Google, Oracle, Procter & Gamble and Eli Lilly. One idea is that laws should make it easier for consumers to understand what they're getting into when they share their personal data with Web sites, Cullen said. "The whole focus on consent really puts an unfair burden on the consumer," he said. "My mom doesn't know what an IP address is." The recommendations will cover rules around data use and the ability of consumers to correct inaccurate data. And they will cover data breach notification, which is now covered by a patchwork of state laws. Simplifying breach-notification laws by creating a single federal standard is important, Cullen said Wednesday while speaking at a discussion of privacy policy in San Francisco. "It's not that there is no privacy law. There's actually too much privacy law," he said. "If you think about data-breach notification laws just as an example, there are 38 state laws, many of them very different." "We need to think about much more of a framework approach." Congress has passed some laws covering consumer data privacy, such as the 1996 Health Insurance Portability and Accountability Act (HIPAA), but existing laws do not comprehensively cover consumer privacy in general.