Today members of the CSISAC Steering Committee attending the OECD Ministerial in Gran Canaria, Spain released a statement regarding the new OECD Declaration on Government Access to Personal Data Held by Private Sector Entities. WPF Executive Director is on site in Gran Canaria and made a formal statement to the ...
After many study commissions and multiple serious attempts at a comprehensive data privacy bill, India's Ministry of Electronics and Information Technology has proposed a new draft privacy bill, and has opened a public consultation regarding the draft until 17 December 2022. The Ministry states that the proposed bill, the Digital ...
Privacy Policy This privacy policy was updated April 3, 2018. Earlier versions of our policy are linked at the bottom of the page. ——– This privacy policy applies to the World Privacy Forum web site, www.worldprivacyforum.org , and to other privacy activities of the World Privacy Forum. All personal information ...
The World Privacy Forum submitted comments today to the National Institute of Standards and Technology in response to its publication, Draft Report on De-Identification of Personally Identifiable Information (NISTIR 8053). The WPF welcomes the draft NIST report, as the area of de-identification and re-identification of personal data swirls with controversy ...
Thank you for your donation and for supporting our work! If you have any questions, please contact us at (760) 712-4281 or info@worldprivacyforum.org . We would love to hear from you.
The World Privacy Forum submits these comments to the European Advertising Standards Alliance on its Best Practice Recommendation on Online Behavioural Advertising.
The World Privacy Forum filed comments with the FTC in response to its preliminary staff report, Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers. In our comments, we urge the FTC to take affirmative steps to protect consumer privacy online and offline. Our comments include a brief history of privacy self regulation, and point out how privacy self regulation has consistently failed. The comments also discuss Do Not Track, and urge the FTC to take a broader look at tracking protections for consumers. WPF also specifically requested that the FTC identify credit reporting bureaus subject to Fair Credit Reporting Act regulations and assist consumers in locating those bureaus.
WPF Comments on the FTC Privacy Report -- The World Privacy Forum filed comments with the FTC in response to its preliminary staff report, Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers. In our comments, we urge the FTC to take affirmative steps to protect consumer privacy online and offline. Our comments include a brief history of privacy self regulation, and point out how privacy self regulation has consistently failed. The comments also discuss Do Not Track, and urge the FTC to take a broader look at tracking protections for consumers. WPF also specifically requested that the FTC identify credit reporting bureaus subject to Fair Credit Reporting Act regulations and assist consumers in locating those bureaus.
The World Privacy Forum filed comments today about how medical records and other health information is intersecting with online advertising and online activities. The WPF comments were filed with the Department of Health and Human Services in response to its request for comments on personal health records, privacy, and social media.
Health privacy -- The World Privacy Forum filed comments today about how medical records and other health information is intersecting with online advertising and online activities. The WPF comments were filed with the Department of Health and Human Services in response to its request for comments on personal health records, privacy, and social media.
The rise of privacy as an issue of international attention has taken place during the past forty years. Various agencies of the US Government have played roles on international privacy matters, including the State Department, Federal Trade Commission, Department of Homeland Security, Office of Management and Budget, the Department of Commerce, and scattered other agencies. The privacy activities of these agencies have waxed and waned over the decades. Of the US agencies, the US Federal Trade Commission has played by far the most significant role in consumer privacy issues, for example, identity theft, financial privacy, and a host of issues related to privacy and fair business practices. Historically, the Department of Justice, primarily a law enforcement agency, has never played a significant role in consumer privacy. Indeed, in its law enforcement capacity, the Justice Department is often directly antagonistic to the protection of consumer privacy.
The Department of Commerce’s actions on international privacy matters have often been characterized by highly visible but ineffectively administered programs that lack rigor. As this report discusses, three separate studies show that many and perhaps most Safe Harbor participants are not in compliance with their obligations under the Safe Harbor Framework. The Department of Commerce has thus far carried out its functions regarding the Safe Harbor program without ensuring that organizations claiming to comply with the Safe Harbor requirements are actually doing so.
The privacy responsibilities of the National Telecommunications and Information Administration of the Department of Commerce originated with the establishment of a privacy coordinating committee by President Jimmy Carter in 1977 as part of a presidential privacy initiative. [4] The staff that carried out the work was transferred to NTIA at the time of its establishment in 1978. [5]
With the adoption of the European Union’s Data Protection Directive [21] in 1995 and its implementation in 1998, much of the concern about transborder data flows of personal information centered on the export restriction policies of the Directive. Article 25 generally provides that exports of personal data from EU Member States to third countries are only allowed if the third country ensures an adequate level of protection. While some countries have been found to provide an adequate level of protection according to EU standards, the United States has never been evaluated for adequacy or determined to be adequate.
Report home | Read the report (PDF) | | Three studies of the Safe Harbor Framework were conducted since the start of Safe Harbor. The first study was conducted in 2001 at the request of the European Commission Internal Market DG [2001 Study]. [29] The second study, completed in 2004, ...
The shortcomings of the Safe Harbor Framework have come to the attention of some data protection authorities in Europe. In April 2010, the Düsseldorfer Kreis, a working group comprised of the 16 German federal state data protection authorities with authority over the private sector, adopted a resolution applicable to those who export data from Germany to US organizations that self-certified compliance with the Safe Harbor Framework. The resolution tells German data exporters that they must verify whether a self-certified data importer in the US complies with the Safe Harbor requirements.
The Asia Pacific Economic Cooperation (APEC) is a grouping of 21 member economies in the Asia Pacific Region, including Russia, China, and the United States. APEC was established in 1989 to facilitate economic growth, cooperation, trade, and investment in the region. The Asia-Pacific Economic Cooperation (APEC) is a forum for 21 member economies in the Asia Pacific region. APEC includes Russia, China, and the United States as members. APEC adopted a Privacy Framework in 2004. The APEC Privacy Framework is largely viewed as an attempt to create a different international privacy regime as an alternative to the European Union’s Data Protection Directive. Whether APEC will succeed in influencing international privacy developments in a meaningful way remains to be seen.
The World Privacy Forum prepared this report in part because the role of the Department of Commerce in privacy may change in the near future. The Department of Commerce is co-chair with the Department of Justice on the Subcommittee on Privacy and Internet Policy established by the Obama Administration toward the end of 2010. It is not comforting to consumer privacy advocates that Department of Justice is a law enforcement agency that is often antagonistic to consumer privacy interests, that the Commerce Department has mostly represented business interests in international privacy matters, and that the Commerce Department does not have an admirable record in the areas of privacy that it currently oversees. This leaves the leadership of the Subcommittee on Privacy and Internet Policy without a strong voice for consumer privacy interests.
LifeLock -- The Federal Trade Commission began sending checks to almost a million consumers who were subscribers to the LifeLock ID theft protection service. LifeLock agreed to pay fines of $11 million to the FTC and $1 million to a group of state attorneys generals to settle charges that had been made against the company. Consumers with questions about this distribution may call 888-288-0783 or see the FTC's web page on this, http://www.ftc.gov/refunds.
Opt-out and how-to -- The popular WPF Top Ten Opt Out List has been newly updated. We have added a new section to our list with step by step details on how to opt out of RapLeaf. We encourage consumers to view any of their profiles that exist at RapLeaf and to opt out of RapLeaf permanently. We have also updated the phone numbers and other information on the rest of our opt out list. To see more, visit our Opt Out List.
Resource | case file -- Amazon.com filed a lawsuit in April to fight the North Carolina Department of Revenue's request for detailed information on Amazon.com customers. The North Carolina tax department requested Amazon.com to hand over "all information for all sales to customers with a North Carolina shipping address" between 2003 to 2010. In the decision, Seattle, Washington U.S. District Court Judge Marsha J. Pechman wrote, "Citizens are entitled to receive information and ideas through books, films, and other expressive materials anonymously." She also stated that "The fear of government tracking and censoring one\'s reading, listening, and viewing choices chills the exercise of First Amendment rights." This is an important decision for privacy rights, and online privacy in particular.
Health privacy and HIPAA -- The World Privacy Forum filed two sets of detailed regulatory comments on recently proposed changes to HIPAA. The first comments focused on proposed changes to HIPAA in the area of marketing patient information. The proposed changes would be harmful to patient privacy, and are contrary to the law. WPF was joined in the marketing comments by the Center for Digital Democracy, Consumer Action, Consumer Federation of America, the Electronic Frontier Foundation, Privacy Activism, Privacy Rights Clearinghouse, and Privacy Times. The second set of comments WPF filed included the comments on marketing as well as on additional provisions that would be problematic if enacted.
Financial privacy and SEC -- The World Privacy Forum filed comments today criticizing the SEC proposed regulations that would release an unprecedented amount of financial details about individual borrowers through the EDGAR database. The WPF was joined by other privacy, consumer, and human rights organizations in its comments, which focused on the privacy issues with the proposed regulations. Pam Dixon, executive director of the WPF, stated in the comments that the SEC's new regulations would "Place on the public record and online the largest amount of personal financial information about borrowers ever disclosed, including information never before made public." The comments also note that the SEC's plan greatly increases the risk of identity theft for individual borrowers whose information will be released publicly.
Online privacy -- A press release issued by Connecticut's AG Richard Blumenthal revelaed that 38 states have joined a mulitstate investigation of Google's Street View wi fi sniffing program. Blumenthal stated in the release: “We are asking Google to identify specific individuals responsible for the snooping code and how Google was unaware that this code allowed the Street View cars to collect data broadcast over WiFi networks. Information we are awaiting includes how the spy software was included in Google’s Street View network and specific locations where unauthorized data collection occurred. We will take all appropriate steps -- including potential legal action if warranted -- to obtain complete, comprehensive answers.”
Data brokers -- WPF will be speaking at the CFP conference on two panels. On June 15, Pam Dixon will participate in a plenary session on data brokers. On June 16, Dixon will moderate a health care privacy panel. This panel will focus on electronic health care in the state of California and the current privacy issues in electronic health exchange.