NYU/Princeton Conference on Mobile and Location Privacy: A Technology and Policy Dialog – Ashkan Soltani

April 13, 2013 By kristin thomson

NYU Law School, New York, NY | April 13, 2013

The age of ubiquitous computing is here. People routinely carry smartphones and other devices capable of recording and transmitting immense quantities of personal information and tracking their every move. Privacy has suffered in this new environment, with new reports every week of vulnerabilities and unintended disclosures of private information. On Friday, April 13, 2012, New York University’s Information Law Institute and Princeton’s Center for Information Technology Policy hosted a technology and policy dialogue about the new world of mobile and location privacy. The gathering aimed to bring together the policy and technology communities to discuss the substantial privacy issues arising from the growth of mobile and location technologies.

For video, visit NYU/Princeton Conference on Mobile and Location Privacy: A Technology and Policy Dialog – Ashkan Soltani.

New Report on Privacy and Crowdsourced Missing Persons Registries

From:              Fordham Law School and the Woodrow Wilson International Center for Scholars

Contact:         Peter Pochna, Rubenstein Associates, 212-843-8007, ppochna@rubenstein.com

FORDHAM LAW AND THE WOODROW WILSON CENTER RELEASE REPORT ON PRIVACY ISSUES RAISED BY MISSING PERSONS DATABASES

NEW YORK, NY AND WASHINGTON, DC (April XX, 2013) - The Fordham Center on Law and Information Policy (CLIP) at Fordham Law School and the Commons Lab of the Woodrow Wilson International Center for Scholars today issued a report titled “Privacy and Missing Persons after Natural Disasters,” prepared as part of a joint project. The report is available for free download at:

http://www.scribd.com/collections/3840667/Commons-Lab-Science-and-Technology-Innovation-Program-STIP and http://ssrn.com/abstract=2229610

The report offers a roadmap to the legal and policy issues surrounding privacy and missing persons following natural disasters. It provides strategies that humanitarian organizations, private sector organizations, volunteers and policy makers can pursue to help those affected by major natural disasters. For example, the report recommends that the United States government exercise existing legal authority to support appropriate sharing of personal information about missing persons following natural disasters. More broadly, the report recommends that those developing technologies to share information about missing persons implement design principles that carefully balance privacy consistent with existing legal obligations. The report also calls on privacy policy makers, legislators, and regulators to take steps to clarify how privacy rules apply to missing persons activities in identified key areas so that missing persons activities can proceed without the threat of legal liability.

“With this project, Fordham CLIP is trying to help the people and organizations assisting in the location of missing persons recognize and deal with critical privacy issues by providing a range of options to address the legal and policy concerns,” said Joel R. Reidenberg, the academic director of Fordham CLIP and a co-author of the report.  Robert Gellman, a privacy expert and co-author of the report, added, “Missing persons services are essential following natural disasters, but they can raise questions about how privacy laws apply to emergency humanitarian responses. The report suggests ways to resolve those questions.”

The project is part of an international effort led by the Missing Persons Community of Interest (MPCI) that is seeking to harmonize a wide array of databases and technologies to enhance searches for missing persons following natural disasters. MPCI, which emerged in response to the 2010 Haitian earthquake, includes participants from local disaster management, international humanitarian relief organizations, private sector technology companies, non-profits, and digital volunteer communities.

Tim Schwartz, the chair of MPCI, said the report “gives us for the first time a thorough analysis of how missing persons technologies impact individual privacy and provides us with a valuable framework that will help us refine these critical and complex systems.” Lea Shanley, director of the Commons Lab at the Wilson Center, added, “Response organizations and volunteer groups must work to find an appropriate balance between protecting privacy and safety, and facilitating critical information sharing about affected populations and missing persons during and after disasters. This research will inform the development of privacy guidelines and best practices.”

The report examined privacy issues created by missing persons activities following several recent natural disasters, such as the earthquake in Christchurch, New Zealand in February 2011 and Hurricane Katrina in New Orleans in August 2005.  The report identified New Zealand as a leader in addressing the privacy issues that follow natural disasters and in prompting the world’s data protection authorities to pay more attention to those issues. The report discusses the New Zealand response and shows what other data protection authorities can do to provide clarity in applying privacy rules to missing persons activities.

Joining Reidenberg on the team that created the report are Gellman, a privacy and information policy consultant who previously served as chief counsel to the U.S. House of Representative Government Operations Committee and served as a member of the National Committee on Vital and Health Statistics at the U.S. Health and Human Services Department, Jamela Debelak, CLIP’s executive director, and CLIP student researchers Adam Elewa and Nancy Liu.

The project was supported by the Wilson Center and a gift made by Fordham University alumnus and trustee Ed Stroz and his digital risk management company, Stroz Friedberg.

The Commons Lab of the Wilson Center’s Science and Technology Innovation Program seeks to advance research and independent policy analysis on emerging technologies that facilitate collaborative, science-based and citizen-driven decision-making, with an emphasis on their social, legal, and ethical implications. The initiative does not advocate for or against specific technological platforms, rather works to ensure that these technologies are developed and used in a way that maximizes benefits while reducing risks and unintended consequences. Our work often focuses on novel governance options at the “edges” where the crowd and social media operate—between formal organizations and emergent networks, and between proprietary and open models of data ownership and access.

The Fordham Center on Law and Information Policy (CLIP) was founded to make significant contributions to the development of law and policy for the information economy and to teach the next generation of leaders. CLIP brings together scholars, the bar, the business community, technology experts, the policy community, students, and the public to address and assess policies and solutions for cutting-edge issues that affect the evolution of the information economy.

Chaffetz: ‘Every confidence’ on GPS Act

By Alex Byers, Politico’s Morning Tech, April 12, 2013

CHAFFETZ: ‘EVERY CONFIDENCE’ THAT GPS ACT WILL CLEAR COMMITTEE – Rep. Jason Chaffetz is plenty positive when it comes to whether his bill – which would require law enforcement to score a warrant before obtaining the location of your cellphone – will pass the House Judiciary panel. “…”The last thing the major carriers or hardware companies want to do is have people become afraid of their phones or other mobile devices,” he said. Chaffetz said he didn’t have an exact timeline on next steps, although your MT-er has heard rumblings for a while about a location privacy hearing later this month. Chaffetz added that he’d prefer tackling the issue as a standalone item, instead of conflating the issue with email privacy reform – the opposite of what’s been suggested by Rep. Jim Sensenbrenner, chairman of the Judiciary subcommittee that will likely have jurisdiction and a co-sponsor of the GPS Act.

Massachusetts Supreme Court Rules ZIP Codes Are Definitely “Personal Identification Information”

by Erin Aures, Privacy Law Blog, April 1, 2013

In a recent ruling arising from certain certified questions in Tyler v. Michaels Stores, Inc., Civ. No. 11-10920-WGY D. Mass. Jan. 6, 2012, the Massachusetts Supreme Court interpreted “personal identification information” under Mass. Gen. Laws, ch. 93, § 105a Section 105a to include a consumer’s ZIP code and determined that collecting such personal information is a violation of state privacy law for which the consumer can sue see slip opinion. By way of background, the plaintiff, Tyler, alleged she was making a credit card purchase at Michaels an arts and crafts retailer when a cashier asked her for her ZIP code. Tyler provided her ZIP code. Tyler alleged her ZIP code was later used by Michaels to find Tyler’s mailing address and telephone numbers and send her unwanted and unsolicited marketing materials. …

For full text of the analysis, visit Massachusetts Supreme Court Rules ZIP Codes Are Definitely “Personal Identification Information” | Privacy Law Blog.

Related articles

• Bucks: Why Retailers Ask for Your ZIP Code (bucks.blogs.nytimes.com)
• Zip Codes Are Private Info, Says Massachusetts Supreme Court (blogs.lawyers.com)
• Bed Bath & Beyond Sued Over Zip Code Data (insideprivacy.com)
• Why you shouldn’t tell stores your ZIP code (nbcnews.com)

 

The Legislation of Privacy: New Laws That Will Change Your Life

From Backgroundcheck.org

“Technology is changing how we do everything, from connecting with friends to investigating our family history. While most of these changes are for the better, the reality is that many of these new technologies expose us to serious privacy risks, especially as legislation has struggled to keep up. Yet both here in the U.S. and around the world, that could soon change. There are numerous new and pending laws that are starting to seriously tackle the challenges posed by modern technology, helping close gaps in legislation and enforcement that open you up to online stalking, medical data breaches, and disclosure of your online data. Even if you don’t realize it, many of these laws can have a major impact on your life, from how you buy insurance to which bits of personal information are gathered while you shop online, go to the bank, or talk on the phone. What follows is a brief guide to many of the newer and upcoming laws regarding privacy in the United States. You’ll learn what the bills propose, how they’ll affect your life, and when they’ll go into effect, if they haven’t already.”

For the full guide to current and pending legislation, please visit The Legislation of Privacy: New Laws That Will Change Your Life – Background Check.

Google Admits Street View Project Violated Privacy

By David Streitfeld, NYT Technology, March 12, 2013

Google on Tuesday acknowledged to state officials that it had violated people’s privacy during its Street View mapping project when it casually scooped up passwords, e-mail and other personal information from unsuspecting computer users. In agreeing to settle a case brought by 38 states involving the project, the search company for the first time is required to aggressively police its own employees on privacy issues and to explicitly tell the public how to fend off privacy violations like this one.

For full text of the article, visit Google Admits Street View Project Violated Privacy – NYTimes.com.

Related articles

• Google Maps with Street View on iOS: what it can and can’t do (reviews.cnet.com)
• Google settles Street View privacy case with 38 states for $7 million (theverge.com)

 

Texas proposes one of nation’s “most sweeping” mobile privacy laws

by Cyrus Farivar, Ars Technica, March 6, 2013

Privacy experts say that a pair of new mobile privacy bills recently introduced in Texas are among the “most sweeping” ever seen. And they say the proposed legislation offers better protection than a related privacy bill introduced this week in Congress.If passed, the new bills would establish a well-defined, probable-cause-driven warrant requirement for all location information. That’s not just data from GPS, but potentially pen register, tap and trace, and tower location data as well. Such data would be disclosed to law enforcement “if there is probable cause to believe the records disclosing location information will provide evidence in a criminal investigation.”

For full text of the article, please visit Texas proposes one of nation’s “most sweeping” mobile privacy laws | Ars Technica.

Related articles

• Texas proposes one of nation’s “most sweeping” mobile privacy laws (arstechnica.com)
• Privacy Ref Introduces Interactive, Virtual Data Privacy Roundtable Series (prweb.com)

 

Reflections on the value of ethics in relation to Earth observation

Abstract:

Earth observation is a science and technology with tremendous power to collect data over the whole of the Earth at many wavelengths and at many spatial resolutions. But does this science and technology, or rather the use of this science and technology, have an ethical dimension? This article explores the application of ethical concepts to Earth observation. Three main aspects of ethics are examined: duty theories of ethics, consequentialist ethics, and environmental ethics. These ethical ideas are then applied to the UN Principles on Remote Sensing, the International Charter on Space and Major Disasters and to Google Earth, and also to questions of security and privacy. The article concludes that there is no absolute ethical position in relation to Earth observation, but a dependency on the perspective of the observer. For link to the article (but it’s behind a $58 paywall, seriously), click here.

Author: Ray Harris

Source: International Journal of Remote Sensing, Volume 34, Number 4, 2013 , pp. 1207-1219(13)

Publisher: Taylor and Francis Ltd

DOI: http://dx.doi.org/10.1080/01431161.2012.718466

Publication date: 2013-02-20

Is Social Media a Cybersecurity Gamechanger?

February 27, 2013

The Commons Lab just released a new policy memo analyzing the increased potential of social media to exacerbate conflict situations and create cybersecurity threats – a potential “gamechanger” as the United States seeks to ramp up its cybersecurity efforts. The brief is the first in the program’s Policy Memo Series. Author: Dr. Rebecca Goolsby.

Summary: Social media is responsible for much positive change in the world. But these new tools can be used by bad actors to foment strife and undermine stability, as seen during violent incidents in the Assam state of northeast India in July 2012. Cybersecurity efforts must take into account the growing potential for cyber-attack using social media, where hoax messages are incorporated into a stream of otherwise legitimate messages, and understand how quickly mobile apps and text services can disseminate false information. Authorities and volunteers must develop a healthy skepticism about information derived from these systems and new research and tools are needed to facilitate the self-policing of social media.

To download a copy of the report On Cybersecurity, Crowdsourcing, and Social Cyber-Attack (PDF), go to the Commons Lab Reports Collection on Scribd.

via Is Social Media a Cybersecurity Gamechanger? | Commons Lab.

Related articles

• Using Social Media for Global Security (365.rsaconference.com)
• This Week in Cybersecurity – Headlines & Highlights (impermium.com)
• Obama’s Cybersecurity Action Reaches Too Far (forbes.com)
• Finally, a Step Forward in Cybersecurity (infosecurity-magazine.com)

Lawmakers Target Drones With “Preserving American Privacy Act Of 2013″

by Kit Eaton, Fast Company, Feb 18, 2013

New draft legislation in the House of Representatives is attempting to restrict the private use of drones, making it a misdemeanor to use a UAV to photograph a person or their property without their explicit permission. Public space use would be equally limited, according to the “Preserving American Privacy Act of 2013″ (PDF), requiring a max altitude of just six feet. Law enforcement bodies would have to obtain a warrant or court order to be able collect information on individuals in a private area. …

For full text of the article, visit Lawmakers Target Drones With “Preserving American Privacy Act Of 2013″ | Fast Company.

Related articles

• Lawmakers Target Drones With “Preserving American Privacy Act Of 2013″ (fastcompany.com)
• Congressional Hearing Highlights Lack of Domestic Drone Rules (geodatapolicy.wordpress.com)
• Drones a target of U.S. House bill (computerworld.co.nz)