The UK Information Commissioner’s Office has published a new code of practice for online services directed to children, Age appropriate design: A code of practice for online services. The new code sets 15 flexible standards and gives specific explanations of how the GDPR applies to childrens’ online activities and pursuits. ...
Many people have told us that they think opting out is confusing. We agree. Opting out can range from the not-too-difficult (the FTC’s Do Not Call list is a fairly simple opt out) to the challenging (the National Advertising Initiative opt out can be tricky). Our hope is that this list will clarify which opt out does what, and how to go about opting out.
Pam Dixon will be speaking at the IAPP-FTC Practical Privacy Conference in Washington DC this week. The conference is from Dec. 2-3. Her panel talk will focus on privacy issues relating to identifiable large datasets and vulnerable populations. She will also be discussing the role of data brokers in compiling ...
WPF urges FTC to focus on consumers' ability to control their digital exhaust and statistical parity for big data era At the FTC workshop on Big Data September 15, Big Data: Tool for Inclusion or Exclusion?, panelists including the World Privacy Forum discussed legal and ethical frameworks that are applicable ...
Facebook has a "privacy shortcut" menu that gives you quick access to key privacy settings. You may have missed this feature, because it is behind an icon, and not everyone clicks through every icon. It's worth finding the Privacy Shortcuts, though, because you can quickly check the privacy of your status posts, view how your page looks to the public, see what you're tagged in, block users, and other things. Here are some tips on where you can find the privacy shortcuts on desktop and mobile.
FAQ: How can I see what my Facebook profile looks like to the “outside world”? I am about to start a job search, and I want to make sure I have things locked down. I don’t want potential employers digging around my Facebook timeline.
The European Court of Justice has recently decided an important case involving privacy and search engines. The decision may have enormously broad implications for privacy, for search engines, and for the Internet as a whole. This brief analysis provides context and highlights of the court's decision, with a discussion of the implications, which are far-ranging.
May 20 Update: see our full analysis of the ruling here . In a ruling with far-reaching implications for online privacy, the European Court of Justice has ruled that online search companies are subject to the European Data Protection Directive, (Directive 95/46/EC) . Search engine companies that are based in ...
FAQ: I am new to Facebook. What do I need to know about posting to someone else's Timeline? When you first join Facebook, you can discover many old friends, acquaintances and relatives you may have lost touch with and want to recontact. It can be exhilarating to find so many ...
It is important to use SSL, or encrypted connections when you use web-based email. Yahoo does not automatically set SSL or secure mail connections by default. You have to set it manually until January 2014. These tips walk you through how to set Yahoo Mail to use secure connections.
The Washington Post published new revelations from Edward Snowden’s leaked documents that revealed that the NSA is scooping up millions of email and IM address books globally. This is a serious piece of snooping business, and it deserves immediate attention on a policy level. For people who are reading this and wondering what you can do today, right now, here are some immediate steps to take.
Today the World Privacy Forum published the first of a series of new tips for users of Facebook, Facebook Privacy FAQs. “We are publishing online privacy tips for Facebook users in bite-size pieces so people can decipher the complex Facebook privacy settings and make meaningful changes and choices,” said Pam Dixon. “We are finding that too many consumers are confused about what the choices mean and how to make them.”
Facebook gives you the option to use use secure browsing when a secure connection is available. This is a security option that all Facebook users should use. It is a no-brainer to say yes to. Facebook has turned this option on by default, but the rollout for this option may not have reached your area. Also, there may be some country-level differences. It is worth taking a few steps to make sure turn this option is on. It is well worth it, and we highly recommend it for all users.
We have updated our much-visited Search Engine Privacy Tips in light of recent events surrounding online privacy. First, search engine encryption has become much more important for a number of reasons, which we discuss in the revised tips. Several search engines are now using encryption by default, including Google, DuckDuckGo and others. Additionally, WPF has been receiving reports from consumers about "fake" search engines containing viruses. Our new tipsheet has been refreshed to reflect these recent trends and issues.
Online privacy -- Pam Dixon will participate in the IAB's formal privacy policy debate as a privacy and consumer representative on Tuesday, Feb. 26. This marks the first time the IAB annual leadership summit has hosted a formal policy debate. The debate will be moderated by Katy Kay of Advertising Age.
Reputation and privacy -- Pam Dixon spoke at the Southwestern Law School Privacy Conference on the topic of reputational privacy Friday the 22cnd along with Neville Johnson and Paul Tweed. Dixon highlighted three key consumer situations WPF assisted with recently, discussing the employment challenges consumers faced when harmful material was available online during the job search process.
February 10, 2013 Online Job Seekers, Still Beware of Scams! Today the Augusta Chronicle published a story by Jenna Martin quoting World Privacy Forum's Pam Dixon about job seekers and how important it is for them to be wary of online job scams. "I am concerned that we are still ...
In a rare enforcement action of HIPAA, HHS fined an Arizona health care provider $100,000 for a variety of HIPAA violations, especially regarding electronic exchanges of protected health information. The HHS document outlining the reasons for the fine should act as a wake-up call to health care providers using public email, calendaring, and other tools for communication of ePHI. HHS specifically noted that the fined health care provider did not conduct an adequate risk assessment prior to using the email and Internet tools. The full HHS document is a must-read for health care providers. WPF has been warning about the need for full e-risk assessments since 2005 and strongly advocates for medical-identity-theft-specific risk assessments.
Search engine privacy -- WPF has updated its search engine privacy tips page to include more tips on how to segregate online activities. This has always been important, and it has become more important in light of Google's announcement that it will be sharing data across its business units.
Current online privacy debates focus on respecting the privacy interests of Internet users while accommodating business needs. Formal and informal proposals for improving consumer privacy offer different ideas for privacy regulation and privacy self-regulation, sometimes called codes of conduct. [1] Some in the Internet industry continue to advance or support ideas for privacy self- regulation. Many of these same players proposed and implemented privacy self-regulatory schemes that started in the late 1990s.
This section offers a historical review of privacy self-regulation that occurred in the years just before and just after 2000. For a variety of reasons, it is not necessarily fully comprehensive. Some self-regulatory efforts may have disappeared without a trace. Activities within existing trade associations are difficult or impossible to assess from evidence available to those outside the associations. However, this discussion captures the leading organizations of the time. [13]
This section reviews several other privacy self-regulatory activities that share some characteristics with the industry self-regulatory programs discussed above, but these activities differ in various ways. The most noticeable differences are the role of the government in the programs. The Department of Commerce is involved in the Safe Harbor Framework, and the Federal Trade Commission is involved in the Children’s Online Privacy Protection Act.
The self-regulatory efforts in this category include projects that have many components, including input from government, industry, academia, and civil society.
Is there any reason to think that privacy self-regulation will work today when it did not work in the past? Privacy self-regulation done in the same way that it has been done in the past, without sufficient consumer participation, and with the same goals of simply evading real regulation and effective privacy controls will continue to fail.
WPF executive director Pam Dixon testified at a joint subcommittee hearing focused on privacy and the collection and use of online and offline consumer information. Dixon's testimony focused on the new "modern permanent record" and how it is used and created. Dixon said "The merging of offline and online data is creating highly personalized, granular profiles of consumers that affect consumers’ opportunities in the marketplace and in their lives. Consumers are largely unaware of these profiles and their consequences, and they have insufficient legal rights to change things even if they did know." The testimony explored concrete examples of problematic consumer profiling activities.
