Presentation is loading. Please wait.

Presentation is loading. Please wait.

Problems with Notice and Consent? Helen Nissenbaum, NYU INCO-TRUST Workshop, May 3-5 2010 Work supported by: NSF ITR-0331542: Sensitive Information in.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Problems with Notice and Consent? Helen Nissenbaum, NYU INCO-TRUST Workshop, May 3-5 2010 Work supported by: NSF ITR-0331542: Sensitive Information in."— Presentation transcript:

1 Problems with Notice and Consent? Helen Nissenbaum, NYU INCO-TRUST Workshop, May 3-5 2010 Work supported by: NSF ITR-0331542: Sensitive Information in a Wired World (PORTIA) NSF CT-M: Privacy, Compliance, and Information Risk CNS-0831124 & AFSOR: ONR BAA 07-036 (MURI)

2 1973: HEW Code of Fair Information Practices 1980: OECD Guidelines 1995: EU Data Directive Principles 1998: FTC Privacy Principles Elements: Transparency, notice, purpose and use specification, choice, access, integrity, security, proportionality, enforcement, redress

3 Problems Consent: Costly in time and resources Confusing cross-national requirements Opt-in or Opt-out? Soft coercion Notice: Abstruse Yawning loopholes Time-consuming Fickle People don’t read them

4 Solutions? Better models of control Substantive requirements

5 Contextual Integrity: Context-relative Informational Norms = Rules within contexts that prescribe the flow of personal information according to three key parameters: Actors ( Sender:Recipient:Subject) Information types Transmission principles All parameters must be specified!

6 CRIN expressed in Linear Temporal Logic From: A. Barth, A. Datta, J. Mitchell, and H. Nissenbaum, (2006) “Privacy and Contextual Integrity: Framework and Applications,” Proceedings of the IEEE Symposium on Security and Privacy.

7 A customer’s address held by a merchant may be shared with a shipping company and with no other party.

Download ppt "Problems with Notice and Consent? Helen Nissenbaum, NYU INCO-TRUST Workshop, May 3-5 2010 Work supported by: NSF ITR-0331542: Sensitive Information in."

Similar presentations

EU Privacy Directive. What is a directive? A piece of European legislation, passed by bureaucrats, addressed to member states Member states must ensure.

EU Privacy Directive. What is a directive? A piece of European legislation, passed by bureaucrats, addressed to member states Member states must ensure.
1 NAESB Data Privacy Task Force February 16, 2011.

1 NAESB Data Privacy Task Force February 16, 2011.
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.
Mobile Payments and the FTC Manas Mohapatra Director of Mobile Policy Mobile Technology Unit Federal Trade Commission The views expressed are not necessarily.

Mobile Payments and the FTC Manas Mohapatra Director of Mobile Policy Mobile Technology Unit Federal Trade Commission The views expressed are not necessarily.
Interaction of RFID Technology and Public Policy Presentation at RFID Privacy MIT 15 TH November 2003 By Rakesh Kumar

Interaction of RFID Technology and Public Policy Presentation at RFID Privacy MIT 15 TH November 2003 By Rakesh Kumar
Privacy and the Right to Know Grayson Barber, Esq. Grayson Barber, LLC.

Privacy and the Right to Know Grayson Barber, Esq. Grayson Barber, LLC.
Consumer Privacy and Information Access Professor Matt Thatcher.

Consumer Privacy and Information Access Professor Matt Thatcher.
The Geopolitics of Personal Data and the Governance of Privacy Colin J. Bennett Department of Political Science University of Victoria BC, Canada www.colinbennett.ca.

The Geopolitics of Personal Data and the Governance of Privacy Colin J. Bennett Department of Political Science University of Victoria BC, Canada
The Internet industry’s privacy seal program Silicon Valley Web Guild.

The Internet industry’s privacy seal program Silicon Valley Web Guild.
Privacy Policy Workshop M. Ryan Calo, Center for Internet and Society, Stanford Law School Mali Friedman, Covington & Burling LLP, San Francisco Office.

Privacy Policy Workshop M. Ryan Calo, Center for Internet and Society, Stanford Law School Mali Friedman, Covington & Burling LLP, San Francisco Office.
1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,
Domain Name Registrant Data: The Privacy Questions Alan Davidson Center for Democracy and Technology

Domain Name Registrant Data: The Privacy Questions Alan Davidson Center for Democracy and Technology
McCarthy Tétrault McCarthy Tétrault LLP An Act respecting the protection of personal information in the private sector (Quebec): « Particularities of the.

McCarthy Tétrault McCarthy Tétrault LLP An Act respecting the protection of personal information in the private sector (Quebec): « Particularities of the.
Privacy and Contextual Integrity: Framework and Applications Adam Barth, Anupam Datta, John C. Mitchell (Stanford), and Helen Nissenbaum (NYU) TRUST Winter.

Privacy and Contextual Integrity: Framework and Applications Adam Barth, Anupam Datta, John C. Mitchell (Stanford), and Helen Nissenbaum (NYU) TRUST Winter.
Www.oaic.gov.au Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.

Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.
P3P: Platform for Privacy Preferences Charlin Lu Sensitive Information in a Wired World November 11, 2003.

P3P: Platform for Privacy Preferences Charlin Lu Sensitive Information in a Wired World November 11, 2003.
On Privacy and Compliance: Philosophy and Law meets Computer Science Anupam Datta Stanford University Oakland PC Crystal Ball Workshop January 2007.

On Privacy and Compliance: Philosophy and Law meets Computer Science Anupam Datta Stanford University Oakland PC Crystal Ball Workshop January 2007.
Data Protection Data Protection Acts 1988 & 2003 Directive 95/46/EC Privacy.

Data Protection Data Protection Acts 1988 & 2003 Directive 95/46/EC Privacy.
Geneva, Switzerland, 14 November 2014 Data Protection for Public Cloud (International Standard ISO 27018) Stéphane Guilloteau Engineer Expert, Orange Labs.

Geneva, Switzerland, 14 November 2014 Data Protection for Public Cloud (International Standard ISO 27018) Stéphane Guilloteau Engineer Expert, Orange Labs.

Similar presentations

Ads by Google