The World Privacy Forum is pleased to announce the agenda and speakers for a half-day tutorial on 28 February, 2025 for the international IEEE Computer Vision Conference , to be held this year in Tucson, Arizona. This tutorial presents advanced privacy research and analysis in the intersection of Computer Vision ...
The World Privacy Forum is pleased to announce that it has joined more than 200 of the nation’s leading artificial intelligence (AI) stakeholders to participate in a Department of Commerce initiative to support the development and deployment of trustworthy and safe AI. Established by the Department of Commerce’s National Institute of Standards and Technology (NIST) in February 2024, the U.S. AI Safety Institute Consortium (AISIC) brings together AI creators and users, academics, government and industry researchers, and civil society organizations to meet this mission.
Television maker VIZIO is paying $2.2 million in penalties to settle charges after the FTC and the New Jersey Attorney General's office brought a complaint against the company for violating its customers' privacy. The complaint against VIZIO stated that the company collected detailed information on millions of its customers TV viewing habits without their express consent, and that VIZIO facilitated something called "data appending," which is when even more detailed information is added to existing customer profiles.
WPF Executive Director Pam Dixon will testify before the Senate Judiciary this Tuesday, Nov. 3. The hearing is on data broker security, with Chairman Flake presiding. Hearing details: Data Brokers – Is Consumers’ Information Secure? Subcommittee on Privacy, Technology and the Law Date: Tuesday, November 3, 2015 Time: 2:30 pm ...
The World Privacy Forum filed comments with the Equal Employment Opportunity Commission about wellness programs and related privacy impacts to individuals. Many Americans now take part in employer wellness programs, and they are increasingly and justifiably concerned about the sensitive information these programs are gathering, sometimes in return for incentives such as discounts on pricing for health insurance. These comments to the EEOC address some of the most significant challenges individuals face, including voluntariness, fairness, due process, and information sharing outside of HIPAA.
The World Privacy Forum submitted comments today to the National Institute of Standards and Technology in response to its publication, Draft Report on De-Identification of Personally Identifiable Information (NISTIR 8053). The WPF welcomes the draft NIST report, as the area of de-identification and re-identification of personal data swirls with controversy ...
The World Privacy Forum filed comments with the U.S. Department of Commerce in response to its Request for Comments about big data, privacy, and the Consumer Privacy Bill of Rights. The White House Big Data report recognized that Big Data “raises considerable questions about how our framework for privacy protection applies in a big data ecosystem” and has the potential to “eclipse longstanding civil rights protections in how personal information is used in housing, credit, employment, health, education, and the marketplace.” This is among our concerns as well, and our comments focused on understanding big data's benefits while drawing attention to where there are significant privacy risks that need to be addressed.
It is important to use SSL, or encrypted connections when you use web-based email. Yahoo does not automatically set SSL or secure mail connections by default. You have to set it manually until January 2014. These tips walk you through how to set Yahoo Mail to use secure connections.
How unique are you? We played with a data privacy tool today here at WPF that showed us if the combination of our birthdate and zip code made us statistically unique. The more unique you are, the more identifiable you are in a sea of supposedly "anonymous" data. This tool was developed by Dr. LaTanya Sweeney at Harvard's Data Privacy Lab, and using it will tell you how easily you can be identified from records that may not even have your name on them.
Genetic Privacy | Bioethics -- WPF filed comments with the Presidential Commission for the Study of Bioethics today urging the Commission to recognize the need for enhanced genetic privacy protections in a digital world. WPF noted that "The increasing identifiability of genetic data presents major privacy issues for research activities that must be acknowledged and addressed." WPF suggested four key ways that Certificate of Confidentiality programs could be enhanced for privacy protection, and urged the Commission to speak out about the importance of protecting patient privacy in research activities involving genetic information. "The Commission should advocate providing patients with reasonable controls over research uses of their data as electronic records develop and spread throughout the health care system." Public comments may be submitted to the Commission until May 25, 2012.
Stop SOPA & PIPA ---- The World Privacy Forum is deeply concerned about the profound, far-reaching privacy consequences of two bills, SOPA and PIPA. The bills have many negative aspects. In terms of the privacy impacts, one of the serious consequences is that the right to create and use anonymization ...
World Privacy Forum information and materials on Genetic Privacy.
WPF report announcement -- The World Privacy Forum's newest report examines the privacy and confidentiality issues of cloud computing that have been largely overlooked to date. It is a thorough analysis with policy findings. Privacy in the Clouds: Risks to Privacy and Confidentiality from Cloud Computing was written by Robert Gellman for the World Privacy Forum. Cloud computing tips for consumers and business are also available.
Medical privacy | Medicare Part D -- In comments filed with the Centers for Medicare and Medicaid Services, the World Privacy Forum requested that CMS give effect to data restrictions that Congress has expressly included in the law. WPF also requested that CMS include in its standard agreements for use of CMS data a requirement that the recipient obtain a certification of confidentiality for all identifiable CMS data. WPF also requested that CMS perform a regulatory impact analysis and publish a system of records notice.
Genetic privacy -- Genome-wide association studies present complex and challenging privacy issues. The National Institutes of Health, in a published request for information, asked for public comment on its proposed policy regarding its support and management of a central genomic repository for genome-wide association studies. In comments filed with the National Institutes of Health, the World Privacy Forum raised concerns about the proposed NIH policy in the specific areas of genetic identifiability, secondary uses of the genetic data, oversight, legal protections, and informed consent.
AOL released three months’ worth of the detailed search queries of 657,000-plus of its users. The approximately 20 million search queries and the additional data on users’ click-throughs to web sites in the search results are generally highly revealing of individuals’ personal, financial, political, medical, religious, and other preferences as well as the businesses and people they associate with.
The collection of DNA material from 500,000 to 1,000,000 or more individuals as part of a large U.S. medical research project raises many challenging ethical, legal, and privacy issues. An advisory committee reporting to the Office of the Secretary of Health and Human Services ( the Secretary's Advisory Committee on Genetics, Health and Society) has published a detailed analysis of the issues such a project would raise in a draft report. The committee's final report and policy recommendations will be submitted to the Secretary of HHS. The World Privacy Forum has submitted public comments on the draft report; the comments include key policy recommendations. The Forum's recommendations include the need to provide protection from compelled disclosure of information, the necessity for a full-time project privacy officer with enforcement power, and the need for a far-reaching and robust privacy policy that exceeds the requirements of HIPAA, among other recommendations.