Blog

It is precisely this issue that the courts will have to consider.

As numerous Techdirt stories make clear, the particular words used to describe something can make a big difference in how it is perceived. For example, intelligence agencies like to avoid the use of the bad-sounding “mass surveillance,” with its Orwellian overtones, and prefer to talk about “bulk collection,” which can be presented as some kind of cool big data project.
Read more: https://www.techdirt.com/articles/20160115/09582933351/whats-difference-between-mass-surveillance-bulk-collection-does-it-matter.shtml
Posted by Dont Mine on Me

Consumers are rightly concerned about data privacy!!

The connected home has been called the next frontier for ‘data analytics’, and with good reason. Already, a simple smart meter can report energy readings to a utility every few seconds, compared with a standard one, which is read either once a quarter, or whenever a user or meter reader records it. Multiply that by possibly hundreds of sensors and devices in the connected home of the future – which may only be a few years away – and there will be a data tsunami.
Read more: http://www.itproportal.com/2016/01/14/data-privacy-in-connected-homes/
Posted by Dont Mine on Me

People in America are upset about the extent to which their personal data is being collected, but feel it is largely out of their control.

People love free stuff. That’s the principle that helps explain the complicated series of privacy-related calculations that modern life increasingly requires.
Throughout the day, in any number of potential transactions, people are navigating the space between convenience and surveillance. A loyalty program at a supermarket means unlocking cheaper prices, but gives the store access to information about your shopping habits.
Read more: http://www.theatlantic.com/technology/archive/2016/01/the-convenience-surveillance-tradeoff/423891/
Posted by Dont Mine on Me

Mass emails that don’t mask the list of recipients do more than violate privacy. They can be really annoying.

Maybe I’m naive to expect a certain savviness about privacy from the FTC, especially just before it convenes a group of experts in privacy and cybersecurity at a conference in Washington, DC, next week. I certainly didn’t expect the agency to accidentally send out a list of every attendee’s email address. But, it did.
The Federal Trade Commission on Friday sent an email advising participants to show up early to get a seat, and left all the recipients on the list visible to each other.
Read more: http://www.cnet.com/news/doh-ftc-reveals-attendees-email-addresses-before-privacy-conference/
Posted by Dont Mine on Me

A lack of appropriate oversight and transparency will “ultimately stifle fundamental freedoms”, the UN experts on civil liberties said.

United Nations warning comes as Twitter, Facebook and Google insist they should be allowed to tip off suspected terrorists and criminals being monitored by the security services.
New snooping laws could result in “mass surveillance” and have a “chilling effect” in freedom of expression, the United Nations human rights watchdog has warned.
A lack of appropriate oversight and transparency will “ultimately stifle fundamental freedoms”, the UN experts on civil liberties said.
Read more: http://www.telegraph.co.uk/news/uknews/terrorism-in-the-uk/12088009/UN-warns-snooping-laws-will-have-chilling-effect-on-freedom-of-expression.html
Posted by Dont Mine on Me

This version of terms can also be found here at Kantara, Consent and Information Sharing Working Group, User Terms.

It is version .7 and includes a draft of human readable language after each term choice, followed by legal readable language in double brackets like this: {{ }}.

User Terms Draft 2 Icons

USER TERMS: Human language and {{ legal language }} below.
PREAMBLE: User submitted terms create an opportunity for individuals to share their own terms with entities about how they wish to be treated. This effort is meant to describe human, legal and machine readable versions of each possible term along with additional information for agents who might implement terms for individuals as well as for entities who might see, accept or refuse the terms. {{ Information is defined as personal information provided by the individual about themselves. Data + Meaning = Information. The observer creates meaning (or observer is “informed by” the data), and then can be assigned duties. Information not collected from a person does not by definition constitute personal data. }}
TERMS AGREEMENT: {{ Information can only be shared with those parties who first agree to abide by these terms. Any sharing of information with a party that has not first agreed to these terms is a violation of these terms. }}

SHARE: describes the terms for sharing information with entities by individuals.
Choice: 2nd

1st-2nd Party: My information shared and what I do will be kept between me and the entity.
{{Information shared by an individual (the “1st party”) and their activities are not permitted to be shared by the 2nd party with any other parties.}}

Choice: 3rd

3rd Party: I will allow sharing of my information or information about what I do with 3rd parties I approve of.
{{ Information about an individual and their activities can be shared by the 2nd party with mutually approved 3rd parties, including the public, subject to 1st Party’s purpose choices, including but not limited to advertising and data brokering. }}

DURATION: describes the terms for retaining information by entities about individuals. {{ Add language referring to laws or contracts, defining 3rd party jurisdiction, to limit this from abuse. }}
Choice: Session

Session: My information shared or about what I do will only be kept for the session, unless required by law or contractual obligation.
{{ Information about an individual must be destroyed by the 2nd party immediately after the completion of the transaction for which it was collected or otherwise generated, unless otherwise required by law or contract obligation. }} [NOTE: What about records for audit? What about hashed storage, e.g., in blockchain or other ledger system?]

Choice: 3

3 months: My information will be kept for up to 90 days after I share it or take an action, unless required by law or contractual obligation.
{{ Information about an individual must be destroyed on or before the date that is 90 days after its collection or other generation by the 2nd party, unless otherwise required by law or contract obligation. }}

Choice: Infinity

Unlimited until further notice: My information will be kept as long as I continue to choose this term, unless required by law or contractual obligation. If I change to another lesser term, my new term will be followed.
{{ Information about an individual can be retained indefinitely by the 2nd party, unless and until the 1st party notifies the 2nd party they have made an alternate selection for duration. }}

PURPOSE: describes the purpose for use of individual’s information provided or about actions they take
Choice: Transaction

Transaction: My information will be used only for the purposes I share it for or implied from my actions taken on the site/app.
{{ Information about an individual may be used only for the purpose of the transaction for which it was collected or generated. }}

Choice: Site / App Use

Site and App Use: My information will be used for providing and / or enhancing the site or service, but not other purposes without my permission.
{{ Information about an individual may be used beyond the transaction for which it was collected or generated, but only with respect to the operation [or further development?] of the site or app over which such original transaction occurred and not for any other secondary uses by the 2nd party or other parties. }}

Choice: Partner – 3rd use

Partner and 3rd Party use: My information or activities may be used by 3rd parties I approve of, for purposes I approve of.
{{ Partners: Subject to the limitations of the 1st party’s “sharing” preferences, information about an individual can be used for 3rd party purposes. }}

TRACKING
Choice: Tracking

Tracking: I will allow myself to be tracked by 3rd parties.
{{ Tracking of individual and their activities by any 3rd parties is authorized. }}

Choice: Do Not Track

Do Not Track: I do not want to be tracked off the site or app by the 2nd party, or by any other parties on the site or app.
{{ Tracking by 3rd parties is not authorized by individual. 2nd parties will not track activities by 1st party that occur on another service or site.
NEED to add: definition of tracking that will describe exceeding authority by an unauthorized party. }}

Happy New Year 2016!!!

Since the Snowden revelations, consumers have become increasingly wary of how their data is shared or stored – as are clients of technology storage vendors.
Earlier this year, a survey by the Information Commissioner’s Office (ICO) found that 77 per cent of consumers were very or fairly concerned that organisations are not collecting and keeping personal details secure, while 67 per cent believe companies are requesting unnecessary data or collecting details they do not need.
Read more: http://www.computing.co.uk/ctg/feature/2440163/the-biggest-privacy-stories-of-2015
Posted by Dont Mine on Me

A recent study actually found that most big hotel chains have vulnerable computer systems.

The company is still investigating how its system was compromised.
Hyatt, the Chicago-based hotel chain, announced Wednesday that it had discovered a virus on computers used to process payments for some of its hotel locations.
Read more: http://time.com/money/4160969/hyatt-credit-card-hacking-malware/
Posted by Dont Mine on Me