got privacy? Musings on the state of Privacy in a connected world.
Accessibility and Privacy. A Zero Sum Game? 03/06/2010
While many organizations have a strong desire to make their web-sites useable and accessible for as many people as possible, most likely do not realize that this can result in some loss of privacy for users.
Accessibility can work in a number of ways, either through active involvement by a user choosing certain options on the site, or passively without direct user interaction through good site design, color palette selection and similar. Where active involvement by a user is required, this may be achieved either with them making a conscious choice at the time of using a site, or they may already have made a selection (e.g. choice of browser, screen resolution, use of screen reader) which is communicated to the site at the time of use. For users with disabilities, the availability of appropriate and useable accessibility options may mean the difference between them being able to use a site, or looking elsewhere.
How this overlaps with privacy may not be immediately obvious. Privacy refers to the amount of control that we have over our personal information, and how this is shared and used. On the Internet, Privacy can be taken to mean that you are aware of the information that you are sharing, and this information is used in a way that you are comfortable with until it is destroyed.
Browser Information Leakage
So how can accessibility compromise privacy? By knowing that a user is visually impaired, and combining that information with other information, for example that they are located in a certain area (from their IP address, or GPS or other location), you could compromise an individual’s privacy. Research has already indicated that between 63% and 87% of Americans can be uniquely identified by birth date, gender and 5-digit zip code (see here and here for the research and here for some analysis by the Electronic Freedom Foundation). If you’re not convinced – check out the Panopticlick “browser fingerprinter”, also from the EFF. When I just tested my browser, its fingerprint was unique amongst nearly 800,000 configurations tested so far.
Logon Information Leakage
Other accessibility options, such as reading text aloud, may be appropriate for an application being used at home, but may impact privacy if they are used in a location such as a library or a bank lobby, or may not even work if the appropriate hardware is not in place. Developers must give thought to where a website may be used when developing privacy options, particularly when the website grants access to sensitive information.
How Privacy can impact Accessibility
Restrictions on sharing information about people’s health and health conditions may impact the ability to plan appropriately accessible services for them. As a result, companies may not have the information that they need to know how to adapt their sites to their user base, reducing their ability to provide accessible information for all.
While none of these issues are insurmountable, the fast evolving fields of Accessibility and Privacy mean that practitioners must be conscious of these areas when designing new applications as in many places there is no standard for managing the overlap of these two fields.
Accessibility can work in a number of ways, either through active involvement by a user choosing certain options on the site, or passively without direct user interaction through good site design, color palette selection and similar. Where active involvement by a user is required, this may be achieved either with them making a conscious choice at the time of using a site, or they may already have made a selection (e.g. choice of browser, screen resolution, use of screen reader) which is communicated to the site at the time of use. For users with disabilities, the availability of appropriate and useable accessibility options may mean the difference between them being able to use a site, or looking elsewhere.
How this overlaps with privacy may not be immediately obvious. Privacy refers to the amount of control that we have over our personal information, and how this is shared and used. On the Internet, Privacy can be taken to mean that you are aware of the information that you are sharing, and this information is used in a way that you are comfortable with until it is destroyed.
Browser Information Leakage
So how can accessibility compromise privacy? By knowing that a user is visually impaired, and combining that information with other information, for example that they are located in a certain area (from their IP address, or GPS or other location), you could compromise an individual’s privacy. Research has already indicated that between 63% and 87% of Americans can be uniquely identified by birth date, gender and 5-digit zip code (see here and here for the research and here for some analysis by the Electronic Freedom Foundation). If you’re not convinced – check out the Panopticlick “browser fingerprinter”, also from the EFF. When I just tested my browser, its fingerprint was unique amongst nearly 800,000 configurations tested so far.
Logon Information Leakage
Other accessibility options, such as reading text aloud, may be appropriate for an application being used at home, but may impact privacy if they are used in a location such as a library or a bank lobby, or may not even work if the appropriate hardware is not in place. Developers must give thought to where a website may be used when developing privacy options, particularly when the website grants access to sensitive information.
How Privacy can impact Accessibility
Restrictions on sharing information about people’s health and health conditions may impact the ability to plan appropriately accessible services for them. As a result, companies may not have the information that they need to know how to adapt their sites to their user base, reducing their ability to provide accessible information for all.
While none of these issues are insurmountable, the fast evolving fields of Accessibility and Privacy mean that practitioners must be conscious of these areas when designing new applications as in many places there is no standard for managing the overlap of these two fields.
Add Comment
Safe Harbor...or Disaster? 02/19/2010
Marcus Morissette, Managing Director and Privacy Practice Lead, Concise Consulting Group
I have become increasingly concerned lately with some common misconceptions around the practicality and effectiveness of the Safe Harbor Framework, in particular its Self-Certification approach to compliance. Technically, there are two Safe Harbor frameworks, US/EU and US/Switzerland, but for the purposes of this argument I will focus on the US/EU variation, which is what people typically mean when talking about Safe Harbor.
As a data privacy professional and attorney, I often am faced with advising clients on the scope and benefits of seeking self-certification under the Safe Harbor framework. Lately it has become apparent to me that there is some serious misunderstanding about the benefits of self-certifying under the Safe Harbor framework. I have experienced a widely held belief by both companies (and unfortunately some “privacy” attorneys), that self-certifying and “complying” with the 7 Safe Harbor Requirements is somehow a direct replacement for complying with the EU Data Protection Directive (EU Directive).
Safe Harbor Self-Certification is insufficient for Direct Collection of Personal Data from an EU Data Subject.
US/EU Safe Harbor Self-Certification allows a US company to receive transfers of personal data from an EU data collector if it meets the Seven Safe Harbor Requirements with regards to the collection, processing and storage of personal data. Safe Harbor was created to facilitate the continuation of cross-Atlantic data transfers across the very different data protection regimes of the European Union and the United States.
It is assumed that the personal data collected will be collected by a registered data collector in the EU in a manner compliant with the EU Directive and any applicable national/sub-national implementation of that directive.
Safe Harbor does not allow a self-certified US company to directly collect (act as a data collector) personal data from an EU data subject. In other words, self-certification with the Safe Harbor framework is not a substitute for compliance with the EU Directive and national/sub-national implementation of the EU Directive where a US company directly collects data from EU data subjects (e.g. over the Internet).
If a US Company will be directly collecting personal data from EU data subjects, it will be responsible for direct compliance with the EU Data Directive, each applicable member states national implementation of that directive, and potentially each sub-state’s implementation of the national member state data protection law (if these are more restrictive than the EU Directive).
While this interpretation seems to be clear from reviewing the materials posted at the Safe Harbor website (http://www.export.gov/safeharbor/), it is apparent that considerable confusion exists. This could be detrimental to a company that relies on incorrect advice, and proceeds to collect personal data from the EU under the guise of its Safe Harbor program. It could lead to legal sanctions from the U.S. government (FTC action for deceptive trade practices), and/or legal action from the European Union and EU member states.
So, my advice to those professionals responsible for their organization’s privacy and Safe Harbor programs: make sure your privacy ship is truly anchored in a Safe Harbor, and not heading for the rocks.
I have become increasingly concerned lately with some common misconceptions around the practicality and effectiveness of the Safe Harbor Framework, in particular its Self-Certification approach to compliance. Technically, there are two Safe Harbor frameworks, US/EU and US/Switzerland, but for the purposes of this argument I will focus on the US/EU variation, which is what people typically mean when talking about Safe Harbor.
As a data privacy professional and attorney, I often am faced with advising clients on the scope and benefits of seeking self-certification under the Safe Harbor framework. Lately it has become apparent to me that there is some serious misunderstanding about the benefits of self-certifying under the Safe Harbor framework. I have experienced a widely held belief by both companies (and unfortunately some “privacy” attorneys), that self-certifying and “complying” with the 7 Safe Harbor Requirements is somehow a direct replacement for complying with the EU Data Protection Directive (EU Directive).
Safe Harbor Self-Certification is insufficient for Direct Collection of Personal Data from an EU Data Subject.
US/EU Safe Harbor Self-Certification allows a US company to receive transfers of personal data from an EU data collector if it meets the Seven Safe Harbor Requirements with regards to the collection, processing and storage of personal data. Safe Harbor was created to facilitate the continuation of cross-Atlantic data transfers across the very different data protection regimes of the European Union and the United States.
It is assumed that the personal data collected will be collected by a registered data collector in the EU in a manner compliant with the EU Directive and any applicable national/sub-national implementation of that directive.
Safe Harbor does not allow a self-certified US company to directly collect (act as a data collector) personal data from an EU data subject. In other words, self-certification with the Safe Harbor framework is not a substitute for compliance with the EU Directive and national/sub-national implementation of the EU Directive where a US company directly collects data from EU data subjects (e.g. over the Internet).
If a US Company will be directly collecting personal data from EU data subjects, it will be responsible for direct compliance with the EU Data Directive, each applicable member states national implementation of that directive, and potentially each sub-state’s implementation of the national member state data protection law (if these are more restrictive than the EU Directive).
While this interpretation seems to be clear from reviewing the materials posted at the Safe Harbor website (http://www.export.gov/safeharbor/), it is apparent that considerable confusion exists. This could be detrimental to a company that relies on incorrect advice, and proceeds to collect personal data from the EU under the guise of its Safe Harbor program. It could lead to legal sanctions from the U.S. government (FTC action for deceptive trade practices), and/or legal action from the European Union and EU member states.
So, my advice to those professionals responsible for their organization’s privacy and Safe Harbor programs: make sure your privacy ship is truly anchored in a Safe Harbor, and not heading for the rocks.
How will you mark Data Privacy Day? 01/27/2010
January 28th is Data Privacy Day. In a single generation, privacy concerns have shifted from worrying about who can see through your windows to who might be able to see your medical records on the Internet. Data Privacy Day gives us a chance to reflect on these changes, and to think about what steps we can take to better control personal information and manage our privacy.
The fact is that information, from where you live to how you live, is now available to many companies that you do business with, or in some cases to everyone with an Internet connection. This disclosure can provide many benefits, from customized offers based on purchase history to a free cup of coffee on your birthday. Disclosure also carries risks. Many of us have received notices telling us that our personal information has been lost or stolen, and although most of these instances do not lead to direct harm to us individually, they often cause concern.
Interestingly, the number one privacy concern that most people have is not related to the information that they share. Given the proliferation of social networking and other online activities, people are often comfortable (sometimes too comfortable) when it comes to sharing information in the public (or semi-private) domain. The real concern for many is how information that has been shared with trusted people or organizations will be managed and protected once is out of our direct control. Individuals can reduce this risk by limiting what they share, but we also need to take responsibility for holding organizations to their privacy policies and agreements; they are stewards of your information.
So to mark Data Privacy Day, here are 4 simple things that you can do to improve your own privacy:
1. Think before sharing your personal information. For example, when a shop asks for your phone number at the checkout ask why they need it. Usually the request is because they want a number that uniquely identifies you, rather than because they plan to call you. So, consider declining or just choose a generic number that you can remember. Similarly, if someone asks for your birthday, then January 1st will often suffice.
2. Always opt-out. Unlike Europe, where you need to opt-in to consent to your data being shared, we in the U.S. have to ensure that we opt-out whenever we have the opportunity to restrict companies from sharing information with other companies or partners. It only takes a few seconds, and restricts what can be done with your information. Find those boxes, and tick them.
3. Treat Social Networks like coffee shops. If you wouldn’t talk about it in a coffee shop, don’t talk about it on Facebook or Myspace. If you wouldn’t shout it on a street corner, don’t share it on Twitter! Once you have shared something electronically, it is out of your control, even if you think that only your friends will be able to see it.
4. Maintain Healthy Skepticism. Be suspicious about any requests for personal information, even if they look like they come from a person or organization that you know. Many people continue to be fooled by these requests. It’s easy to take a couple of minutes to make a call and confirm that a request is genuine before providing information that could be used to commit identity theft, or cause you other problems.
The fact is that information, from where you live to how you live, is now available to many companies that you do business with, or in some cases to everyone with an Internet connection. This disclosure can provide many benefits, from customized offers based on purchase history to a free cup of coffee on your birthday. Disclosure also carries risks. Many of us have received notices telling us that our personal information has been lost or stolen, and although most of these instances do not lead to direct harm to us individually, they often cause concern.
Interestingly, the number one privacy concern that most people have is not related to the information that they share. Given the proliferation of social networking and other online activities, people are often comfortable (sometimes too comfortable) when it comes to sharing information in the public (or semi-private) domain. The real concern for many is how information that has been shared with trusted people or organizations will be managed and protected once is out of our direct control. Individuals can reduce this risk by limiting what they share, but we also need to take responsibility for holding organizations to their privacy policies and agreements; they are stewards of your information.
So to mark Data Privacy Day, here are 4 simple things that you can do to improve your own privacy:
1. Think before sharing your personal information. For example, when a shop asks for your phone number at the checkout ask why they need it. Usually the request is because they want a number that uniquely identifies you, rather than because they plan to call you. So, consider declining or just choose a generic number that you can remember. Similarly, if someone asks for your birthday, then January 1st will often suffice.
2. Always opt-out. Unlike Europe, where you need to opt-in to consent to your data being shared, we in the U.S. have to ensure that we opt-out whenever we have the opportunity to restrict companies from sharing information with other companies or partners. It only takes a few seconds, and restricts what can be done with your information. Find those boxes, and tick them.
3. Treat Social Networks like coffee shops. If you wouldn’t talk about it in a coffee shop, don’t talk about it on Facebook or Myspace. If you wouldn’t shout it on a street corner, don’t share it on Twitter! Once you have shared something electronically, it is out of your control, even if you think that only your friends will be able to see it.
4. Maintain Healthy Skepticism. Be suspicious about any requests for personal information, even if they look like they come from a person or organization that you know. Many people continue to be fooled by these requests. It’s easy to take a couple of minutes to make a call and confirm that a request is genuine before providing information that could be used to commit identity theft, or cause you other problems.
Privacy After Death 11/02/2009
Does someone's right to privacy end once they are dead? In the US, we do not have a constitutional right to privacy in the same way that Europeans do (yet!), but explicit provisions in HIPAA (Health Insurance Portability and Accountabilty Act) maintain that information about an indivudual should be maintained as private after their death, but other regulations such as the Freedom of Information Act may conflict in certain situations, in addition to free speech rights guaranteed under the First Amendment.
In the EU, the right to personal privacy explicitly survives death
Some interesting links around this subject can be found at:
Is there privacy after death?
Privacy after death debated.
Some more thoughts on this topic from Rebecca Herold (@privacyprof) who had written a couple of thought pieces around this topic here and here
In the EU, the right to personal privacy explicitly survives death
Some interesting links around this subject can be found at:
Is there privacy after death?
Privacy after death debated.
Some more thoughts on this topic from Rebecca Herold (@privacyprof) who had written a couple of thought pieces around this topic here and here
