The US Department of Energy has released its draft Voluntary Code of Conduct for the smart grid. The draft code is open for comments from the public. WPF encourages all who have an interest in smart grid privacy to submit comments. What : Smart Grid voluntary code of conduct is ...
CFP self regulation panel -- At this year's Computers' Freedom, and Privacy conference, Pam Dixon will be on a panel discussing the NAI self-regulation and comparing the now NAI to the NAI of 2007, when WPF published a strong report discussing the profound issues with the NAI at that time.
Online privacy -- Pam Dixon will participate in the IAB's formal privacy policy debate as a privacy and consumer representative on Tuesday, Feb. 26. This marks the first time the IAB annual leadership summit has hosted a formal policy debate. The debate will be moderated by Katy Kay of Advertising Age.
Mobile Privacy -- The World Privacy Forum attended the NTIA Multistakeholder meeting as one of the core drafters of the code of conduct being considered by the NTIA Multistakeholder process. WPF and the other drafters are accepting comments from all stakeholders in preparation of the next iteration of the draft.
NTIA Mobile privacy -- WPF participated in the January 17th meeting of the NTIA Multistakeholder Process. The jointly crafted code WPF, ACLU, Mobile App Alliance, and Consumer Action created was again discussed and edited. A growing consensus is moving toward the joint code. The next meeting is January 31, 2013.
July 11, 2012 San Diego, California -- Today the World Privacy Forum published a comment essay by executive director Pam Dixon urging all privacy stakeholders to focus on the consumer during the Commerce Multistakeholder privacy process, set to get underway tomorrow. "We must put the consumer first and focus on what is important," said Pam Dixon.
On Feb. 23, 2012, nine signatory organizations published a MultiStakeholder Principles designed to guide the NTIA MultiStakeholder Process, a self-regulatory process to develop voluntary codes of conduct with industry and civil society. The document states: "The US Department of Commerce is proposing a multi-stakeholder process for developing better applications of privacy principles. For the multi-stakeholder process to succeed, it must be representative of all stakeholders and must operate under procedures that are fair, transparent, and credible. We believe the following baseline principles will provide the multi-stakeholder process the legitimacy it needs to succeed."
MultiStakeholder Privacy Principles -- The World Privacy Forum has led an effort to craft a set of principles with the nation’s leading civil liberties, privacy, and consumer groups. Today, the groups are releasing a set of baseline Multi-Stakeholder Principles in response to the U.S. Department of Commerce’s plan for a multi-stakeholder process on privacy. (The U.S. Department of Commerce is undertaking a representative process for bringing together members of industry and civil society to form new privacy rules.) These leading groups believe that for the multi-stakeholder process to succeed, it must be representative of all stakeholders and must operate under procedures that are fair, transparent, and credible.
WPF filed two sets of comments with the US Department of Commerce regarding the MultiStakeholder Process and the privacy topics to be taken up. The first set of comments were WPF’s formal filing of the joint Civil Society MultiStakeholder Principles on behalf of WPF and the American Civil Liberties Union, Center for Digital Democracy, Consumer Action, Consumer Federation of America, Consumers’ Union, Consumer Watchdog, Electronic Frontier Foundation, National Consumers’ League, Privacy Rights Clearinghouse, and US PIRG. The second set of comments were WPF’s own comments to the Department. WPF urged the Department to employ a fair process, choose focused topics, and to apply the full range of the Consumer Privacy Bill of Rights to each topic.
This report is a landmark analysis and history of self-regulatory efforts in the area of privacy. The report is authored by Robert Gellman and Pam Dixon. It includes details about programs such as the IRSG, the Privacy Leadership Initiative, the Privacy Alliance, and other privacy self-regulatory programs.
Current online privacy debates focus on respecting the privacy interests of Internet users while accommodating business needs. Formal and informal proposals for improving consumer privacy offer different ideas for privacy regulation and privacy self-regulation, sometimes called codes of conduct. [1] Some in the Internet industry continue to advance or support ideas for privacy self- regulation. Many of these same players proposed and implemented privacy self-regulatory schemes that started in the late 1990s.
This section offers a historical review of privacy self-regulation that occurred in the years just before and just after 2000. For a variety of reasons, it is not necessarily fully comprehensive. Some self-regulatory efforts may have disappeared without a trace. Activities within existing trade associations are difficult or impossible to assess from evidence available to those outside the associations. However, this discussion captures the leading organizations of the time. [13]
This section reviews several other privacy self-regulatory activities that share some characteristics with the industry self-regulatory programs discussed above, but these activities differ in various ways. The most noticeable differences are the role of the government in the programs. The Department of Commerce is involved in the Safe Harbor Framework, and the Federal Trade Commission is involved in the Children’s Online Privacy Protection Act.
Self-regulation -- The World Privacy Forum has published a report on past self-regulatory efforts in the area of privacy, Many Failures: A brief history of privacy self-regulation. "Privacy self-regulation has been a Potemkin Village of consumer protection," says executive director Pam Dixon. "History shows a pattern of past self-regulatory efforts that have been erected quickly and have faded after regulatory threats fade." The report is authored by Robert Gellman and Pam Dixon. It includes details about programs such as the IRSG, the Privacy Leadership Initiative, the Privacy Alliance, and other programs. A key finding of this report is that the majority of the industry self-regulatory programs that were initiated failed in one or more substantive ways, and many disappeared entirely.
The self-regulatory efforts in this category include projects that have many components, including input from government, industry, academia, and civil society.
Is there any reason to think that privacy self-regulation will work today when it did not work in the past? Privacy self-regulation done in the same way that it has been done in the past, without sufficient consumer participation, and with the same goals of simply evading real regulation and effective privacy controls will continue to fail.
Some of the advertising that is done online comes with hooks. Using a variety of technologies, some largely unseen, online advertisers can track online activities, sometimes in profound ways that consumers are not expecting. Not all online advertising has "hooks" that are problematic or that raise privacy challenges. But a type of advertising called "behaviorally targeted advertising" often does. Behavioral advertising has two key components: tracking and targeting.
The World Privacy Forum submits these comments to the European Advertising Standards Alliance on its Best Practice Recommendation on Online Behavioural Advertising.
WPF Comments on the FTC Privacy Report -- The World Privacy Forum filed comments with the FTC in response to its preliminary staff report, Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers. In our comments, we urge the FTC to take affirmative steps to protect consumer privacy online and offline. Our comments include a brief history of privacy self regulation, and point out how privacy self regulation has consistently failed. The comments also discuss Do Not Track, and urge the FTC to take a broader look at tracking protections for consumers. WPF also specifically requested that the FTC identify credit reporting bureaus subject to Fair Credit Reporting Act regulations and assist consumers in locating those bureaus.
World Privacy Forum Report | Digital Signage -- The World Privacy Forum published a groundbreaking report today on digital signage and privacy. The report, The One Way Mirror Society, discusses the remarkable consumer surveillance occurring in retail and other spaces. This is the first report on this topic to be published. From the report:
Self regulation -- The Interactive Advertising Bureau has released its self-regulatory guidelines for online advertisers. There are some bright spots in the new guidelines. In the area of sensitive information, especially regarding health privacy, the guidelines are weak and need improvement. The IAB definition of sensitive health information is weaker than the definition of sensitive information already adopted by industry in the formal NAI agreement. Additionally, the new IAB guidelines rely on weak accountability standards. WPF urges the IAB to re-examine the sensitive health definition, provide more accountability, and to include consumer input in a meaningful way into the drafting process.
Internet privacy -- The Federal Trade Commission released its self-regulatory principles for behaviorally-targeted advertising today. The World Privacy Forum will be holding a press conference responding to the principles at 12:30 p.m. Eastern.
Behaviorally targeted advertising | FTC proposed rules -- The World Privacy Forum filed comments in response to the Federal Trade Commission's proposed self-regulatory guidelines for companies targeting online advertising to consumers based on consumer behaviors. The WPF requested a separate, formal rulemaking process for determining how sensitive medical information should be handled online regarding behaviorally targeted advertisements. The WPF also discussed genetic data and requests for genetic tests, and noted that genetic information should be included in any definition of sensitive medical information. The WPF reiterated that the definition of personally identifiable information should include IP address, and encouraged the FTC to work from a rights-based approach regarding online advertising. The WPF also urged the FTC to include all fair information practices in any self-regulatory regime, and to enforce the regime directly.
Consensus document | Consumer rights and protections -- Nine privacy and consumer groups, including the World Privacy Forum, unveiled a consensus document outlining key consumer rights and protections in the behavioral advertising sector. The document is directed toward the Federal Trade Commission, and urges the FTC to take proactive steps to adequately protect consumers as online and other forms of behavioral tracking and targeting become more ubiquitous. The consensus document was filed with the Secretary of the FTC and its commissioners. Behavioral advertising is the focus of the FTC's eHavioral Advertising Town Hall meeting taking place November 1-2 in Washington, D.C. The network advertising sector has a self-regulatory plan, the Network Advertising Initiative, in place, and has had this plan in place since 2000. The consensus document addresses the many areas where the NAI plan has failedto protect consumers.