Group items tagged

Following on the heels of Facebook's decision to rescind a highly controversial move to store all content posted on the social network, new data has emerged to support consumers' increasing alarm over online privacy. The vast majority--80.1%--of Web surfers are indeed concerned about the privacy of their personal information such as age, gender, income and Web-surfing habits, according to a survey of some 4,000 Web users administered and analyzed by Burst Media. More worrisome, perhaps, is the finding that privacy concerns are prevalent among all age segments, including younger demographics that are coming of age online. Still, privacy concerns do appear to increase with age, from 67.3% among respondents ages 18-24 to 85.7% of respondents 55 years and older. "Online privacy is a prevailing concern for web surfers," said Chuck Moran, vice president of marketing for Burst Media. The survey was administered by Burst with the purpose of better understanding how privacy is impacting Web users' experiences online, as well as its impact on advertisers. "Advertisers must take concrete actions to mitigate consumers' privacy concerns and at the same time continue to deliver their message as effectively as possible," Moran added. "In addition, and as recently seen in the news flare up regarding Facebook's privacy controversy, publishers need to be completely transparent about their privacy policies." Facebook recently changed its terms of use agreement, which gave the Palo Alto, Calif.-based company the ability to store user-posted photos and other content, even after it was deleted by users themselves. Earlier this week, however, the company reverted to a previous version of its legal user guidelines after thousands of members protested that Facebook was claiming ownership over the content. In addition, the Burst survey found that most Web users believe Web sites are tracking their behavior online. Three out of five--62.5%--respondents indicated it is likely that a W

Too many companies leave themselves vulnerable to employees' ignorance or purposeful flouting of the rules when it comes to information security, suggests a survey conducted by (ISC)2. Focused on the 'basics' of policy management, the survey revealed that organisations are becoming confident in their ability to comply with the policies and procedures set out to secure their organisations. Analysis of the results, however, reveal education efforts to be immature, with most concerns relating to accountability and company-wide understanding of what is required. The survey questioned 737 information security professionals last month about their organisation's efforts in policy and awareness management. A great majority, 80 percent, said their company's ability to comply with security policy was satisfactory, good or very good, leaving only 20 percent saying they were dissatisfied. However, this confident stance was tempered by concerns from nearly half of the respondents over a lack of training (48 percent) and poor employee understanding of policy (46 percent); a lack of defined accountability (42 percent); and an unsupportive company culture (48 percent). These obstacles to compliance with policy were cited by significantly more respondents than other issues of traditional concern, including a lack of budget, which only 22 percent were concerned about, and the ability to procure the latest technology, which concerned only 19 percent of respondents. "The challenges are shifting from the systems to the people," says John Colley, CISSP, managing director for EMEA (Europe, Middle East, Africa) for (ISC)2. "The relatively little concern expressed over budgets suggests security continues to be viewed as a business imperative, even in the current economic climate. Unfortunately, security requirements are not yet well understood, or worse flouted, often with management support, in order to get a job done. There is a colossal task ahead to ensure all emplo

Ignorant People are a big security risk.

Most Americans believe the world financial crisis has increased their risk of identity theft or related crimes, according to the latest Unisys Security Index. The biannual survey of consumers in nine countries found that more than two-thirds of Americans are "extremely or very concerned" about other people obtaining and using their credit or debit card details -- with 90 percent at least "somewhat concerned." In addition, computer security remains a major concern. More than 40 percent of Americans are extremely or very concerned about security in relation to viruses or unsolicited emails. Three-quarters of Americans believe that the world financial crisis will increase the risk that they will personally experience identity theft or related crimes. More than one-quarter believe that the risk will increase substantially. "Financial security for Americans has moved from third place to front and center, number one," Tim Kelleher, vice president of enterprise security at Unisys, provider of information technology consulting services, told SCMagazineUS.com Monday. "People feel they are much more financially at risk." This has major implications for banks and other financial institutions, as well as internet businesses, he said. "Banks and businesses need to understand that customers are more wary than ever about using services that may compromise their personal data," Kelleher said. "If economic concerns increase these fears, companies need new strategies to strengthen customer confidence through accountability and transparency, which also plays to part of the Obama administration's call to action for government and business." The U.S. Security Index is based on a random telephone survey of 1,004 persons ages 18 and over. The first wave of the study was conducted in August 2007.

www.killdo.de.gg Most quality online stores. Know whether you are a trusted online retailer in the world. Whatever we can buy very good quality. and do not hesitate. Everything is very high quality. Including clothes, accessories, bags, cups. Highly recommended. This is one of the trusted online store in the world. View now www.retrostyler.com

Federal Trade Commission staff today issued a report describing its ongoing examination of online behavioral advertising and setting forth revisions to proposed principles to govern self-regulatory efforts in this area. The key issue concerns how online advertisers can best protect consumers' privacy while collecting information about their online activities. Over the last decade, the FTC has periodically examined the consumer privacy issues raised by online behavioral advertising - which is the practice of tracking an individual's online activities in order to deliver advertising tailored to his or her interests. The FTC examined this practice most recently at its November 2007 "Behavioral Advertising" Town Hall. The following month, in response to public discussion about the need to address privacy concerns in this area, FTC staff issued a set of proposed principles to encourage and guide industry self-regulation for public comment. Today's report, titled "Self-Regulatory Principles for Online Behavioral Advertising," summarizes and responds to the main issues raised by more than 60 comments received. It also sets forth revised principles. The report discusses the potential benefits of behavioral advertising to consumers, including the free online content that advertising generally supports and personalization that many consumers appear to value. It also discusses the privacy concerns that the practice raises, including the invisibility of the data collection to consumers and the risk that the information collected - including sensitive information regarding health, finances, or children - could fall into the wrong hands or be used for unanticipated purposes. Consistent with the FTC's overall approach to consumer privacy, the report seeks to balance the potential benefits of behavioral advertising against the privacy concerns it raises, and to encourage privacy protections while maintaining a competitive marketplace. The report points ou

GoogleApps is an upgade to the Los Angeles computer systems security? Doesn't that explain a lot?! Google Inc. this week came swinging at critics who have cited privacy and security concerns in calling on the city of Los Angeles to rethink its plan to implement the Google Apps hosted e-mail and office applications. In an interview yesterday, Matt Glotzbach, director of product management for Google Enterprise, said the angst voiced by consumer groups and others about the Los Angeles project is overstated and based on incomplete information. In fact, he contended that transitioning the applications to Google will strengthen the security of the city's data and better maintain its privacy. "From what I know of the city's operation, this is a security upgrade," Glotzbach said. "Those who may be unfamiliar with cloud computing see this as a security risk simply because it is new and because it is something different," he said. Glotzbach said he believes that at least some of the concerns raised originated from Google's competitors. Meanwhile top managers at the Los Angeles Information Technology Agency (ITA), which oversees technology implementations in the city, yesterday said the city is still committed to implementing Google Apps. The agency insisted that provisions are in place for addressing the security and privacy issues raised by critics. A spokesman for Mayor Antonio Villaraigosa said the city council will sign off on the project only after it is assured that the privacy and security concerns have been properly addressed.

Google Inc. this week came swinging at critics who have cited privacy and security concerns in calling on the city of Los Angeles to rethink its plan to implement the Google Apps hosted e-mail and office applications. In an interview yesterday, Matt Glotzbach, director of product management for Google Enterprise, said the angst voiced by consumer groups and others about the Los Angeles project is overstated and based on incomplete information. In fact, he contended that transitioning the applications to Google will strengthen the security of the city's data and better maintain its privacy. "From what I know of the city's operation, this is a security upgrade," Glotzbach said. "Those who may be unfamiliar with cloud computing see this as a security risk simply because it is new and because it is something different," he said. Glotzbach said he believes that at least some of the concerns raised originated from Google's competitors. Meanwhile top managers at the Los Angeles Information Technology Agency (ITA), which oversees technology implementations in the city, yesterday said the city is still committed to implementing Google Apps. The agency insisted that provisions are in place for addressing the security and privacy issues raised by critics. A spokesman for Mayor Antonio Villaraigosa said the city council will sign off on the project only after it is assured that the privacy and security concerns have been properly addressed.

"Lora Bentley spoke with Anzen analysts Megan Brister and Jordan Prokopy via e-mail regarding behavioral advertising - what companies are doing, what regulators want to do and what we, as advertising consumers, need to know. With their coworker Miyo Yamashita, the analysts recently wrote a guest opinion for IT Business Edge. Bentley: Why are so many concerned about privacy when it comes to behavioral advertising? What is it about the Internet that convinces consumers that information they share there is not being used? Brister and Prokopy: Most concerns stem from the lack of transparency around data disclosure practices. While consumers may value a Web site's product and service offerings, they are generally unaware that businesses share their information with an extensive group of other businesses in order to deliver targeted advertising. This group includes news Web sites, advertising networks, profiling services, and Web analytics providers, to name a few. As Pamela Jones Harbour, a Commissioner at the Federal Trade Commission (FTC), discussed at the FTC Roundtable earlier this week, there is an asymmetry between consumer perceptions and business realities. Once consumers are informed of businesses' data handling practices, they will want to have more control over how businesses manage their information. As we discuss in our article, some businesses engaged in online behavioral advertising have been slow to adopt transparent consumer data management policies. This is a concern particularly for vulnerable groups, such as minors or non-English speaking consumers, because they may not understand legally written policies. Consumer advocacy groups argue that without knowledge and control over the collection, use, and disclosure of data, Web sites may misuse or expose sensitive data about consumers' health, lifestyles and finances."

Banks and financial firms are placing more emphasis on internal threats to cut the flow of data leakage as a result of employee mistakes or workers disgruntled with layoffs and downsizing during the economic crisis, according to a recent survey. The report, "Protecting What Matters: The Sixth Annual Global Security Survey," is based on a Deloitte survey of 250 CISOs in the financial-services industry. It found that 36% of respondents believe the internal threat represents the greatest risk to organizations, compared to 13% who said external threats are the biggest concern. Mark Steinhoff, head of Deloitte's financial services security and privacy practices, said an organization's biggest mistake would be to let its guard down. While the number of security breaches may have declined over the last year, cybercriminals are not rationing back their efforts. "The number of breaches that are occurring are really at the hands of insiders and organizations are understanding that there is a real threat of malicious attacks and exposure of personal information by insiders," Steinhoff said. The failing economy may be driving the increased concern over insider threats, Steinoff said. "The climate we're in today causes concerns about disgruntled employees," he said. "We are seeing the layoffs and other forms of downsizing. Frankly with limited budget and less than satisfied employees, it really raises the parameter on that threat." Human error is the leading cause of information systems failure, and is likely to be the main cause of security attacks in the near future, according to 86% of those surveyed. To protect against employee mistakes that lead to a breach, financial firms should focus on risk rather than compliance to protect themselves, Steinhoff said. "[Organizations] need to look at what they want to protect and look at various types of threats internally and evaluate who has access to the data and who has access to which system, and approach it from that persp

Last month, the digital advertising industry's use of behaviorally targeted advertising gained a reprieve of sorts when the Federal Trade Commission issued a final report confirming its earlier support of self-regulation. But some commission members remained concerned about ads that are shown to Web users based on their previous online activities, and in particular the possibility of violations of online privacy. Some form of legal restrictions may be imposed on the industry, the FTC indicated, if the online ad industry isn't up to the task of regulating itself. "Privacy is definitely the biggest concern today," said Joe Apprendi, CEO of Collective Media, an online advertising network based in New York. "There has been the concern that through such approaches as deep-packet technology, companies can leverage information through subscriber-based providers to marry anonymous behavioral segment data and identify real people. "The fact is, online advertising is subject to a higher standard that offline direct marketing tactics," Apprendi said. The FTC report, "Self-Regulatory Principles for Online Behavioral Advertising," continues to advocate voluntary industry self-regulation, in keeping with its principles governing online behavioral advertising issued at the end of 2007, despite the urgings of consumer advocacy groups that it impose rules regulating online advertising. The commission's new guidelines are based on four principles: * Transparency and consumer control. The commission advises that Web sites that collect data for behavioral advertising provide "a clear, concise, consumer-friendly and prominent statement" that the data are being collected to provide ads tailored to the user's interests and that the user has an easy and obvious way to choose whether to allow this. * Security for data retention. Companies that collect data for behavioral advertising should provide "reasonable" protection of that information and reta

Times are tough, and we all continue to hear about the heightened risk of the insider threat. Granted, unauthorized insider access to data has always been a concern. But the concern is increased now because of the tremendous changes that we are seeing in the economy. The term "disgruntled employee" now has a whole new meaning because there are more and more folks concerned about 'What if my job disappears? What kind of information can I keep? What kind of information can I have access to?' As one who's dealt with the insider threat, I have some questions of my own: What do you really mean by an insider? In our borderless world, the terms "insider" and "outsider" overlap. "Insiders" are not just employees and staff, but also service providers, business partners, consultants, contractors -- any number of parties who may work for companies we deal with. What do we really mean by an authorized versus an unauthorized insider? If you take a look at the Societe Generale situation, allegedly a fraud was committed by an authorized user with privileges he was not supposed to have. How? Well, the horribly overused cliché is that if you work with a company long enough, eventually you will have access to everything, and no one will know it. Bottom line: As people change jobs within a company, we are not good at updating their roles and responsibilities. If you look at all the efforts that have been spent on identity and access management products, the biggest challenge is trying to understand: What are the roles and responsibilities you are trying to apply to people? How do you develop these roles and responsibilities and how do group them? How do you really deal with people who have to change roles and responsibilities? How do you add and delete roles and responsibilities as people change jobs?

Industry Insiders Discuss HIT and HIPAA Issues March 30, 2009 by Astrid Fiano, Writer A significant part of President Obama's health care reform agenda is the push for implementing more health care technology. In the health care field privacy is always a major concern, and was the impetus of the Health Insurance Portability and Accountability Act of 1996--protecting the privacy of individually identifiable health information in all formats, and the confidentiality provisions of the Patient Safety Act--protecting identifiable information being used to analyze patient safety events. So those in the health care industry now wonder will the Administration's focus on health IT (HIT) present more challenges to privacy concerns? As part of a continuing focus on HIT issues, DOTmed interviewed industry expert Kirk J. Nahra, a partner in the Washington D.C. legal firm of Wiley Rein LLP, specializing in privacy and information security for the health care and insurance industries, and named an expert practitioner by the Guide to the Leading U.S. Healthcare Lawyers. DOTmed also interviewed Lise Rauzi, Vice President, Training Development, for Health Care Compliance Strategies (HCCS). HCCS provides online training compliance for employees. Nahra notes that regardless of the rising concern over privacy and the new HIT legislation, there have already been formal HIPAA security rules on electronic information in place for several years--the health care industry compliance has just been inconsistent. The problem -- to the extent there is one -- is that HIPAA rules are process-oriented, Nahra explained. The rules don't tell an entity what to do, but rather what to evaluate--a standard set of questions, but without a standard set of answers. For example, a covered entity has to have an internal audit, but the rules do not tell the entity how best to carry out that internal audit. Not surprisingly, different businesses have different ideas on how to implement their HIPAA evaluations

Social networking users are more vulnerable than ever and taking more risks with their online privacy. According to the 'Bringing Social Security to the Online Community' poll by AVG, while the social networking community has serious concerns about the overall security of public spaces, few are taking the most basic of steps to protect themselves against online crimes. Participants indicated concern over growing phishing, spam and malware attacks, and nearly half of those surveyed are very concerned about their personal identity being stolen in an online community. Despite widespread use of social networks at home and/or at work, 64 per cent of users infrequently or never change their passwords on a regular basis, while 57 per cent infrequently or never adjust their privacy settings. Further, 21 per cent accept contact offerings from members they do not recognise, more than half let acquaintances or roommates access social networks on their machines, 64 per cent click on links offered by community members or contacts and 26 per cent share files within social networks. As a result of this widespread proliferation of links, files and unsolicited contacts, nearly 20 per cent have experienced identity theft, 47 per cent have been victims of malware infections and 55 per cent have seen phishing attacks.

Facebook founder Mark Zuckerberg has responded to the privacy concerns raised in this post by Consumerist. The post pointed out that a change Facebook made to its terms of service left the impression that the social network could keep and use copies of user content (e.g. photos, notes, and personal information) in perpetuity even if users removed the information and closed their accounts. "One of the questions about our new terms of use is whether Facebook can use this information forever," Zuckerberg wrote. But, oddly, he did not answer that question. Instead he opted for a rather roundabout explanation: if you send a friend a message via Facebook's e-mail system, Facebook must create mutliple copies of that message -- one for your "sent" message box and one for your friend's inbox. That way, if you leave Facebook, the copy your friend has would not be deleted. Fair enough. The implication is that, by extension, Facebook also keeps copies of all your other information, too. But the e-mail example has a major hole in it. Copying content makes sense for e-mails, where the medium itself depends on messages being copied. The thing is, Facebook users generally do not 'send' other types of content to one another, including photographs. Rather, they post them on their own profiles for others to stop by and see. There's no obvious reason that Facebook would need to perpetually store multiple copies of photographs -- because, as far as the user is concerned, they appear only in one place. Plus, Zuckerberg seems to underestimate his users' understanding of e-mail. My guess is most Facebook users don't think that if they close an e-mail account that all the e-mails they've ever sent will disappear. Frankly, it's not e-mails that are at issue here; it's this other, more personal category of content -- the stuff that people post within their own digital walls. Zuckerberg goes on to write that despite the presence of "overly formal and protective" language that Facebo

"As the federal government readies the third iteration of Einstein, privacy concerns over the intrusion detection system were voiced at a Senate hearing on Tuesday. Philip Reitinger, Department of Homeland Security deputy undersecretary for the National Protection and Programs Directorate, told the Senate Committee on the Judiciary's Subcommittee on Terrorism and Homeland Security that DHS envisions deploying Einstein 3 as an intrusion prevention system. Einstein 1 monitors network flow and Einstein 2 detects system intrusions. "This more robust version of Einstein would provide the federal government with an improved early warning and an enhanced situational awareness; the ability to automatically detect malicious activity; and the capability to prevent malicious intrusions before harm is done," Reitinger said. But Gregory Nojeim, senior counsel and director of Project Freedom, Security and Technology at the Center for Democracy and Technology, cited press accounts that Einstein 3 would rely on pre-defined signatures of malicious code that might contain personally identified information, and threaten the privacy of law-abiding citizens. "While Einstein 2 merely detected and reported malicious code, Einstein 3 is to have the capability of intercepting threatening Internet traffic before it reaches a government system, raising additional concerns," Nojeim testified. Einstein 3 reportedly could operate within the networks of private telecommunications companies, and Nojeim wondered if the technology could analyze private-to-private communications. "If Einstein were to analyze private-to-private communications, that would likely be an interception under the electronic surveillance laws, requiring a court order," he said. "

"Although physicians support the use of electronic health records, concerns about potential privacy breaches remain an issue, according to two research articles published in the January 2010 issue of the Journal of the American Informatics Association (JAMIA), in its premiere issue as one of 30 specialty titles published by the BMJ (British Medical Journal) Group, UK. "

"If you're concerned about Google retaining your personal data, then you must be doing something you shouldn't be doing. At least that's the word from Google CEO Eric Schmidt. "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place," Schmidt tells CNBC, sparking howls of incredulity from the likes of Gawker. But the bigger news may be that Schmidt has actually admitted there are cases where the search giant is forced to release your personal data. "If you really need that kind of privacy, the reality is that search engines - including Google - do retain this information for some time and it's important, for example, that we are all subject in the United States to the Patriot Act and it is possible that all that information could be made available to the authorities." There's also the possibility of subpoenas. And hacks. But if any of this bothers you, you should be ashamed of yourself. According to Eric Schmidt. Gawker highlights the irony of Schmidt's typically haughty proclamations. After all, this is the man who banned CNet for a year after the news site published information about him it had gleaned from, yes, Google. But the larger point here is that Schmidt isn't even addressing the issue at hand. Per usual. When the privacy question appears, Google likes to talk about the people asking the questions. But the problem lies elsewhere: with the millions upon millions blissfully unaware of the questions. If you're concerned about your online privacy, you can always put the kibosh on Google's tracking cookies. You can avoid signing in to Google accounts. And, yes, you can avoid using Google for anything Eric Schmidt thinks you shouldn't be doing. But most web users don't even realize Google is hoarding their data. CNBC asks Schmidt: "People are treating Google like their most trusted friend. Should they be?" But he answers by scoffing at those who don't trust Google at all. Not that you'd expect anythin

European Union's move indicates growing government concern over how Internet companies are using individuals' private data The European Commission began legal action against the U.K. Tuesday over its failure to protect Internet users from Phorm -- a covert behavioral advertising technology tested by the U.K.'s biggest fixed line operator, BT, in 2006 and 2007. The move signals growing concern in Brussels over the way new Internet-based technologies are using people's personal data. In addition to taking legal action against the U.K., the Commission also issued a general warning to all 27 E.U. countries to uphold privacy laws, especially regarding social-networking Web sites and users of RFID (radio frequency identification) technologies. In Canada, the federal government has even proposed a legislation that will provide law enforcement agents sweeping powers to obtain user information from ISPs. The Commission, the executive body of the European Union responsible for upholding laws, said the U.K. had failed to enforce E.U. data protection and privacy rules, because broadband Internet subscribers were not informed that their browsing was being tracked.

By now, many employees are uncomfortably aware that their every keystroke at work, from email on office computers to text messages on company phones, can be monitored legally by their employers. What employees typically don't expect is for the company to spy on them while on password-protected sites using nonwork computers. But even that privacy could be in jeopardy. A case brewing in federal court in New Jersey pits bosses against two employees who were complaining about their workplace on an invite-only discussion group on MySpace.com, a social-networking site owned by News Corp., publisher of The Wall Street Journal. The case tests whether a supervisor who managed to log into the forum -- and then fired employees who badmouthed supervisors and customers there -- had the right to do so. The case has some legal and privacy experts concerned that companies are intruding into areas that their employees had considered off limits. "The question is whether employees have a right to privacy in their non-work-created communications with each other. And I would think the answer is that they do," said Floyd Abrams, a First Amendment expert and partner at Cahill Gordon & Reindel LLP in New York. The legal landscape is murky. For the most part, employers don't need a reason to fire nonunion workers. But state laws in California, New York and Connecticut protect employees who engage in lawful, off-duty activities from being fired or disciplined, according to a report prepared by attorneys at the firm Proskauer Rose LLP. While private conversations might be covered under those laws, none of the statutes specifically addresses social networking or blogging. Thus, privacy advocates expect to see more of these legal challenges. In February, three police officers in Harrison, N.Y., were suspended after they allegedly made lewd remarks about the town mayor on a Facebook account. The officers mistakenly thought the remarks were protected with a password, but city officials view

The Homeland Security Department's privacy office will hold a conference to explore the use of social media as if affects security and privacy. The "Government 2.0: Privacy and Best Practices" conference will be held June 22 to June 23 in Washington and is open to the public. The workshop is meant to help agencies use Web 2.0 technologies in ways to protect privacy and security, and to explore the best practices for implementing President Barack Obama's memo on open government that was released in January, according to a notice published in the federal register April 17. Panelists will discuss topics such as transparency and participation in government, privacy and legal concerns brought by the government's use of social media, and how the government can best use the technologies while protecting privacy rights during the conference, DHS officials said. DHS is asking for comments by June 1 on topics such as: * How the government is using social media. * The risks, benefits and operational concerns that come from government use of the technologies. * Privacy, security and legal issues raised by the government's use of social media. * Recommendations on best practices for government use of the technologies.

To address important consumer privacy concerns associated with online behavioral advertising, the staff of the Federal Trade Commission today released a set of proposed principles to guide the development of self-regulation in this evolving area. Behavioral advertising is the tracking of a consumer's activities online - including the searches the consumer has conducted, the Web pages visited, and the content viewed - in order to deliver advertising targeted to the individual consumer"s interests. For more than a decade, the FTC has engaged in investigation, law enforcement, studies, and other privacy developments to protect consumers' privacy online. Concepts used to develop the principles emerged from the agency's longstanding privacy program and, more recently, from two conferences hosted by the FTC. In the fall of 2006, a three-day public hearing, "Protecting Consumers in the Next Tech-ade," examined technology developments that could raise consumer protection policy issues, including privacy, over the next decade. This past November, building on the Tech-ade hearings, the FTC hosted a Town Hall entitled "Ehavioral Advertising: Tracking, Targeting, and Technology," to focus in on privacy issues raised by behavioral advertising. "The purpose of this proposal is to encourage more meaningful and enforceable self-regulation to address the privacy concerns raised with respect to behavioral advertising. In developing the principles, FTC staff was mindful of the need to maintain vigorous competition in online advertising as well as the importance of accommodating the wide variety of business models that exist in this area," according to its proposal "Behavioral Advertising: Moving the Discussion Forward to Possible Self-Regulatory Principles." The proposal states that behavioral advertising provides benefits to consumers in the form of free content and personalized advertising but notes that this practice is largely invisible and unknown to consumers. To address the

We all like to think our privacy is absolute. But if your job involves working across borders, you'll want to talk about privacy as a matter of degree rather than as an uncompromising right. Why? Not only do you want to be seen as someone who can get things done globally, but you also may personally want to be part of advancing social objectives that are arguably as important as privacy. Have you ever had to re-architect your global rollout of PeopleSoft or Lawson because of European Union privacy concerns? Or adjust how your company offers technical support to medical products sold in Europe? Have you ever been part of acquiring a failing European company where the privacy of employee data was a final sticking point? If you've seen projects with obvious social benefit get held up by seemingly minor data-related questions, then you might have been running up against this notion of "nothing trumps privacy." It's a popular idea. The half-billion people of Europe do view privacy as a human right. And they're not the only ones. As one of the first acts of the UN, Eleanor Roosevelt and the U.S. delegation in 1948 lobbied for the global adoption of the Universal Declaration of Human Rights(UNDHR), whose Article 12 states, "No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation." With Europe and the UN using absolute-sounding language to describe a right to privacy, it's no wonder we have all of these delayed and downsized corporate projects. People are legitimately concerned about our sometimes reckless march into the Information Age, and they want to put some brakes on it. But does privacy trump all foes? I can think of at least six other equally important social objectives that regularly put limits on privacy: 1. Personal health. We all want to stay healthy - even when we lose the ability to communicate and give consent. Emergency-room personnel need access t