The conference has commenced this morning in Jerusalem, a city of
both ancient traditions and thoroughly modern influences, and I was
reminded of how that same dynamic is true of privacy in the Internet
age. Yesterday marked the 30th anniversary of the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data.
These privacy guidelines have served as the basis for numerous privacy
laws in place across the globe. Yet, even these privacy principles need
to keep pace with the changing information environment. In my remarks
today at a panel discussion titled “Notice and Consent: Illusion or
Reality?”, I suggested that individual participation through mediums
such as notice and consent remains important to safeguarding users’
privacy, but by itself does not afford enough protection. This is
particularly true given the explosion of information collection and use
that is the fuel of today’s Internet economy. The same is true of the
various legal frameworks that govern data collection, usage, and
sharing. Both are important, but neither is sufficient on its own.