Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy Policy Issues & Pages

Published byAnabel Hutchinson Modified over 6 years ago

Similar presentations

Presentation on theme: "Privacy Policy Issues & Pages"— Presentation transcript:

1 Privacy Policy Issues & Pages
Amy Reese INF385E Information Architecture and Design 1 UT iSchool 21 September 2004

2 Overview pri·va·cy (prī′ və sē; Brit. also prīv′ ə sē), n., pl –cies.
The state of being private; retirement or seclusion. The state of being free from intrusion or disturbance in one’s private life or affairs: the right to privacy. Secrecy. Archaic. A private place. [ ; late ME privace. See private, -acy] Source: Webster’s New Universal Unabridged Dictionary © 1996 Barnes & Noble, Inc. by arrangement with Random House Value Publishing.

3 A Little Bit of History Federal Trade Commission Act (1914)
Privacy Act (1974) Electronic Communications Privacy Act (1986) Children’s Online Privacy Protection Act (1988) Gramm-Leach-Bliley Act (2000) Report to Congress: Privacy Online (2000) Fair Credit Reporting Act (2002)

4 A Little Bit of History Federal Trade Commission Act (1914)
(15 U.S.C. §§ 41-58, as amended) prevent unfair methods of competition, and unfair or deceptive acts or practices in or affecting commerce seek monetary redress and other relief for conduct injurious to consumers prescribe trade regulation rules defining with specificity acts or practices that are unfair or deceptive, and establishing requirements designed to prevent such acts or practices conduct investigations relating to the organization, business, practices, and management of entities engaged in commerce make reports and legislative recommendations to Congress Federal Trade Commission Act (1914) (15 U.S.C. §§ 41-58, as amended) Under this Act, the Commission is empowered, among other things, to (a) prevent unfair methods of competition, and unfair or deceptive acts or practices in or affecting commerce; (b) seek monetary redress and other relief for conduct injurious to consumers; (c) prescribe trade regulation rules defining with specificity acts or practices that are unfair or deceptive, and establishing requirements designed to prevent such acts or practices; (d) conduct investigations relating to the organization, business, practices, and management of entities engaged in commerce; and (e) make reports and legislative recommendations to Congress.

5 A Little Bit of History Privacy Act (1974)
developed with the intent to regulate the collection and use of personal information by federal executive branch agencies problems with the dispute of outdated regulatory guidelines and misinterpretation unresolved issues defy attempts at clarification The Privacy Act of 1974 (1975) This act was developed with the intent to regulate the collection and use of personal information by federal executive branch agencies. Although the Privacy Act tries to protect our consumers, there are often problems that arise in the dispute of outdated regulatory guidelines and misinterpretation. There are numerous issues that have been unresolved in the attempt to clarify this act.

6 A Little Bit of History Electronic Communications Privacy Act (1986)
sets out provisions for disclosure and privacy protections of electronic communications this refers to is any signals, data or intelligence transmitted via wire, radio waves, photo electronic, etc. that affects interstate commerce the EPCA prohibits any unlawful access of electronic communication and prevents government entities from requiring disclosure of this communication from a provider without proper procedure The Electronic Communications Privacy Act (1986) This act sets out provisions for disclosure and privacy protections of electronic communications. The electronic communication that this act refers to is any signals, data or intelligence transmitted via wire, radio waves, photo electronic, etc. that affects interstate commerce. The EPCA prohibits any unlawful access of electronic communication and prevents government entities from requiring disclosure of this communication from a provider without proper procedure.

7 A Little Bit of History Children's Online Privacy Protection Act (1988) gives parents control over what information is collected from children under age 13 online and how that information is used applies to operators of web sites directed to children or that collect personal information from children The Rule requires operators to: Post a privacy policy on the page and provide a link to the policy everywhere personal information is collected Provide notice to parents about collection practices and obtain verifiable parental consent before collecting personal information Give parents a choice as to whether their child’s personal information will be disclosed to third parties Provide parents to access or delete their child’s personal information, or opt-out of future information collection or use Allow activity access without disclosing more personal information than is reasonably necessary Maintain the confidentiality, security and integrity of personal information collected from children Children's Privacy: The Children's Online Privacy Protection Act The primary goal of the Children’s Online Privacy Protection Act (COPPA) Rule is to give parents control over what information is collected from their children online and how such information may be used. The Rule applies to: Operators of commercial Web sites and online services directed to children under 13 that collect personal information from them; Operators of general audience sites that knowingly collect personal information from children under 13; and Operators of general audience sites that have a separate children’s area and that collect personal information from children under 13. The Rule requires operators to: Post a privacy policy on the homepage of the Web site and link to the privacy policy on every page where personal information is collected. Provide notice about the site’s information collection practices to parents and obtain verifiable parental consent before collecting personal information from children. Give parents a choice as to whether their child’s personal information will be disclosed to third parties. Provide parents access to their child’s personal information and the opportunity to delete the child’s personal information and opt-out of future collection or use of the information. Not condition a child’s participation in a game, contest or other activity on the child’s disclosing more personal information than is reasonably necessary to participate in that activity. Maintain the confidentiality, security and integrity of personal information collected from children. In order to encourage active industry self-regulation, COPPA also includes a safe harbor provision allowing industry groups and others to request Commission approval of self-regulatory guidelines to govern participating Web sites’ compliance with the Rule

8 A Little Bit of History Gramm-Leach-Bliley Act (2000)
requires companies to provide their consumers with privacy notices, explaining the institutions’ information-sharing process consumers are given the right to limit some sharing of their information companies have the right to share the consumers’ information within the organization, but not with outside sources, such as telemarketers. The Gramm-Leach-Bliley Act (2000) This act requires companies to provide their consumers with privacy notices, which explain the institutions’ information-sharing process. On the consumers’ end, they are given the right to limit some sharing of their information. Companies have the right to share the consumers’ information within the organization, but not with outside sources, such as telemarketers.

9 A Little Bit of History Report to Congress: Privacy Online (2000)
commercial Web sites that collect personal identifying information (Pii) from or about consumers online would be required to comply with the four widely-accepted fair information practices: Notice Choice Access Security Consumer-oriented commercial Web sites that collect personal identifying information from or about consumers online would be required to comply with the four widely-accepted fair information practices: (1) Notice . Web sites would be required to provide consumers clear and conspicuous notice of their information practices, including what information they collect, how they collect it (e.g., directly or through non-obvious means such as cookies), how they use it, how they provide Choice, Access, and Security to consumers, whether they disclose the information collected to other entities, and whether other entities are collecting information through the site.3 (2) Choice . Web sites would be required to offer consumers choices as to how their personal identifying information is used beyond the use for which the information was provided (e.g., to consummate a transaction). Such choice would encompass both internal secondary uses (such as marketing back to consumers) and external secondary uses (such as disclosing data to other entities). (3) Access . Web sites would be required to offer consumers reasonable access to the information a Web site has collected about them, including a reasonable opportunity to review information and to correct inaccuracies or delete information. (4) Security . Web sites would be required to take reasonable steps to protect the security of the information they collect from consumers. Notice what information they collect how they collect it how they use it how they provide Choice, Access, and Security to consumers whether they disclose the information collected to other entities whether other entities are collecting information through the site Choice how their personal identifying information is used beyond the use for which the information was provided encompass both internal secondary uses and external secondary uses Access offer consumers reasonable access to the information collected include a reasonable opportunity to review, correct inaccuracies, or delete information Security required to take reasonable steps to protect the security of the information they collect

10 A Little Bit of History Fair Credit Reporting Act (2002)
Accuracy and fairness of credit reporting the banking system is dependent upon fair and accurate credit reporting investigate and evaluate the credit worthiness, standing, capacity, character, and reputation consumer reporting agencies are vital in assembling and evaluating consumer credit and other information insure that consumer reporting agencies exercise their responsibilities with fairness, impartiality, and respect for the right to privacy Reasonable procedures adopt reasonable procedures for meeting the needs of information in a fair and equitable manner, with regard to the confidentiality, accuracy, relevancy, and proper utilization Fair Credit Reporting Act (2002) § 602. Congressional findings and statement of purpose [15 U.S.C. § 1681] (a) Accuracy and fairness of credit reporting. The Congress makes the following findings: (1) The banking system is dependent upon fair and accurate credit reporting. Inaccurate credit reports directly impair the efficiency of the banking system, and unfair credit reporting methods undermine the public confidence which is essential to the continued functioning of the banking system. (2) An elaborate mechanism has been developed for investigating and evaluating the credit worthiness, credit standing, credit capacity, character, and general reputation of consumers. (3) Consumer reporting agencies have assumed a vital role in assembling and evaluating consumer credit and other information on consumers. (4) There is a need to insure that consumer reporting agencies exercise their grave responsibilities with fairness, impartiality, and a respect for the consumer's right to privacy. (b) Reasonable procedures. It is the purpose of this title to require that consumer reporting agencies adopt reasonable procedures for meeting the needs of commerce for consumer credit, personnel, insurance, and other information in a manner which is fair and equitable to the consumer, with regard to the confidentiality, accuracy, relevancy, and proper utilization of such information in accordance with the requirements of this title.

11 What Information is Out There?
Information Mining Government & Private Sectors differ vastly What information do businesses collect? Corporate liability? What do they do with it? How secure is the information out there? What can I do to control my information? Information Mining Data mining (also known as Knowledge Discovery in Databases - KDD) has been defined as "The nontrivial extraction of implicit, previously unknown, and potentially useful information from data"[1] It uses machine learning, statistical and visualization techniques to discovery and present knowledge in a form which is easily comprehensible to humans. What information do businesses collect? White house & .gov pages – internet domain, browser, operating sys, date & time of access, pages visited, & address of link used to get there -- Private sector – Paypal: name, address, phone, , credit/bank info, security questions, ssn, transaction info (amount, type, of 3rd party), IP, credit service reports, background check, site usage, cookies & share info! WDIG (Disney): name, address, phone, , gender, age, # children, interests, credit card info, buying habits, purchase dates, IP, beacons, cookies & share info! Disney’s liability statement: UNDER NO CIRCUMSTANCES, INCLUDING, BUT NOT LIMITED TO, NEGLIGENCE, SHALL WE BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES THAT RESULT FROM THE USE OF, OR THE INABILITY TO USE, ANY WDIG SITE OR MATERIALS OR FUNCTIONS ON ANY SUCH SITE, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. APPLICABLE LAW MAY NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY OR INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU. IN NO EVENT SHALL OUR TOTAL LIABILITY TO YOU FOR ALL DAMAGES, LOSSES, AND CAUSES OF ACTION WHETHER IN CONTRACT, TORT (INCLUDING, BUT NOT LIMITED TO, NEGLIGENCE), OR OTHERWISE EXCEED THE AMOUNT PAID BY YOU, IF ANY, OR $100 (WHICHEVER IS LESS) FOR ACCESSING OR PARTICIPATING IN ANY ACTIVITY RELATED TO ANY WDIG SITE. Sun Microsystems: name, address, phone, , cookies Yahoo!: name, address, birth date, gender, phone, , credit/bank info, security questions, fin(ssn & assets), transaction info, IP, site usage, cookies & share info! What do they do with it? How secure is the information out there? What can I do to control my information?

12 Do We Really Have Privacy?
Legislative Measures Is enough being done to insure our privacy? Is all privacy legislation in our best interests? California’s Spyware Bill How can I help? Personal Privacy & Freedom of Information “Mommy, can I have a cookie?” “Mommy, where does spam come from?” Identity Theft Corporations vs. the Individual Spyware bill: the author accepted several amendments from industry that in our estimation remove meaningful privacy and consumer protections “While this bill is well-intentioned, it would establish provisions that are virtually unenforceable, could well undermine existing law, and further, would set a bad precedent nationwide for other spyware bills that are likely to be considered in other states and in Congress.“ Cookies: Spam:

13 Legislative Measures http://www.ftc.gov/ Spyware bill:
the author accepted several amendments from industry that in our estimation remove meaningful privacy and consumer protections “While this bill is well-intentioned, it would establish provisions that are virtually unenforceable, could well undermine existing law, and further, would set a bad precedent nationwide for other spyware bills that are likely to be considered in other states and in Congress.“ Cookies: Spam:

14 Legislative Measures

15 Do We Really Have Privacy?
Legislative Measures Is enough being done to insure our privacy? Is all privacy legislation in our best interests? California’s Spyware Bill How can I help? Personal Privacy & Freedom of Information “Mommy, can I have a cookie?” “Mommy, where does spam come from?” Identity Theft Corporations vs. the Individual Spyware bill: the author accepted several amendments from industry that in our estimation remove meaningful privacy and consumer protections “While this bill is well-intentioned, it would establish provisions that are virtually unenforceable, could well undermine existing law, and further, would set a bad precedent nationwide for other spyware bills that are likely to be considered in other states and in Congress.“ Cookies: Spam:

16 Personal Privacy & Freedom of Information
“Essentially, cookies make use of user-specific information transmitted by the Web server onto the user's computer so that the information might be available for later access by itself or other servers. In most cases, not only does the storage of personal information into a cookie go unnoticed, so does access to it. Web servers automatically gain access to relevant cookies whenever the user establishes a connection to them, usually in the form of Web requests.”

17 Personal Privacy & Freedom of Information
“Cookies are based on a two-stage process. First the cookie is stored in the user's computer without their consent or knowledge. During the second stage, the cookie is clandestinely and automatically transferred from the user's machine to a Web server.”

18 Personal Privacy & Freedom of Information

19 Personal Privacy & Freedom of Information
How savvy are you? Take the Privacy Rights Clearinghouse Identity Theft Quiz!

20 Personal Privacy & Freedom of Information
Identity Theft If you live in California, you have the right to put a "security freeze" on your credit file. A security freeze means that your file cannot be shared with potential creditors. A security freeze can help prevent identity theft. Most businesses will not open credit accounts without checking a consumer's credit history first. If your credit file is frozen, even someone who has your name and Social Security number would probably not be able to get credit in your name. For more information on security freezes,

21 Do We Really Have Privacy?
Legislative Measures Is enough being done to insure our privacy? Is all privacy legislation in our best interests? California’s Spyware Bill How can I help? Personal Privacy & Freedom of Information “Mommy, can I have a cookie?” “Mommy, where does spam come from?” Identity Theft Corporations vs. the Individual Spyware bill: the author accepted several amendments from industry that in our estimation remove meaningful privacy and consumer protections “While this bill is well-intentioned, it would establish provisions that are virtually unenforceable, could well undermine existing law, and further, would set a bad precedent nationwide for other spyware bills that are likely to be considered in other states and in Congress.“ Cookies: Spam:

22 Do We Really Have Privacy?
Controlling Required Information Sites must provide opt-out measures Once given, can information be controlled? Background Checks & Employment Are they really necessary? Can we opt out? Can I move beyond my past?

23 Do We Really Have Privacy?
Privacy Policies What do these policies cover? Do I have recourse when they fail? What do they really do for you? Software How secure are the programs I’m using? Accidental security leaks Mixing software is like mixing medicine

24 Do We Really Have Privacy?
Be afraid, be very afraid….

25 Feeling Secure? Questions? Fears?

Download ppt "Privacy Policy Issues & Pages"

Similar presentations

Fair Credit Reporting Act You must be told if information in your file has been used against you You can find out what is in your file You can dispute.

Fair Credit Reporting Act You must be told if information in your file has been used against you You can find out what is in your file You can dispute.
Protection of privacy for all Students!

Protection of privacy for all Students!
Unified Carrier Registration (UCR) Update August 24, 2006.

Unified Carrier Registration (UCR) Update August 24, 2006.
The Problem Solvers TM www.singleton.com Privacy Rights: Minors and Parents Michael J. Hewitt Marcel Daigle Singleton Urquhart LLP.

The Problem Solvers TM Privacy Rights: Minors and Parents Michael J. Hewitt Marcel Daigle Singleton Urquhart LLP.
Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.

Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.
The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA) UNDERSTANDING AND DEVELOPING A STRATEGIC PLAN TO BECOME COMPLIANT.

The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA) UNDERSTANDING AND DEVELOPING A STRATEGIC PLAN TO BECOME COMPLIANT.
SIU School of Medicine Identity Protection Act and Associated SIU Policy.

SIU School of Medicine Identity Protection Act and Associated SIU Policy.
Click your mouse anywhere on the screen to advance the text in each slide. After the starburst appears, click a blue triangle to move to the next slide.

Click your mouse anywhere on the screen to advance the text in each slide. After the starburst appears, click a blue triangle to move to the next slide.
Disclaimer This Presentation is provided “as is” without any express or implied warranty. This Presentation is for educational purposes only and does not.

Disclaimer This Presentation is provided “as is” without any express or implied warranty. This Presentation is for educational purposes only and does not.
Institute of Information Systems, Humboldt University, 2006· Privacy Engineering Sarah Spiekermann & Lorrie Faith Cranor DIMACS Workshop, Rutgers University.

Institute of Information Systems, Humboldt University, 2006· Privacy Engineering Sarah Spiekermann & Lorrie Faith Cranor DIMACS Workshop, Rutgers University.
Equal Credit Opportunity Act (ECOA) 2012

Equal Credit Opportunity Act (ECOA) 2012
Employment Screening: CORI and Private Background Checks Presented by the Massachusetts Law Reform Institute 99 Chauncy St., Suite 500, Boston, MA 02111.

Employment Screening: CORI and Private Background Checks Presented by the Massachusetts Law Reform Institute 99 Chauncy St., Suite 500, Boston, MA
Property of Common Sense Privacy - all rights reserved 01875340890 THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.

Property of Common Sense Privacy - all rights reserved THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.
Per Anders Eriksson

Per Anders Eriksson
Personal Data Privacy and The Internet by Stephen Lau Privacy Commissioner for Personal Data, Hong Kong SAR at the Joint Conference of the OECD, HCOPIL,

Personal Data Privacy and The Internet by Stephen Lau Privacy Commissioner for Personal Data, Hong Kong SAR at the Joint Conference of the OECD, HCOPIL,
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Standards and Guidelines for Web Page Publishing December 9, 2009.

Standards and Guidelines for Web Page Publishing December 9, 2009.
“Internet” and “Operator” (COPPA Statute) InternetOperator Collectively the myriad of computer and telecommunications facilities, including equipment.

“Internet” and “Operator” (COPPA Statute) InternetOperator Collectively the myriad of computer and telecommunications facilities, including equipment.
Banks and the Privacy of Medical Information 8 th National HIPAA Summit March 8, 2004 Joy Pritts, JD Health Policy Institute Georgetown University 202-687-0880.

Banks and the Privacy of Medical Information 8 th National HIPAA Summit March 8, 2004 Joy Pritts, JD Health Policy Institute Georgetown University
2015 ANNUAL TRAINING By: Denise Goff

2015 ANNUAL TRAINING By: Denise Goff

Similar presentations

Ads by Google