Monday, November 7, 2011

Cutting Edge Perspectives on Privacy and Data Security

An excellent article in the Stanford Lawyer concerning recent trends in data security and privacy. Some of the highlights include:

* A summary of the the recent revelations about abuses by online marketers, which Stanford Law researchers helped expose. Jonathan 
Mayer, JD ’12, who is also pursuing a PhD in computer science, has received national attention for helping uncover the practices of behavioral advertisers—online marketing firms that track individual preferences, including Web-browsing history, in order to display more relevant ads. These companies have assembled deeper, more complete 
profiles of almost every Internet user than many are aware. “History stealing” is among the most troubling practices Mayer helped uncover. A major advertising network was surreptitiously snooping into whether visitors to its sites had previously visited any of tens of thousands different, unaffiliated websites. These included websites that advertisers might use to draw or confirm inferences about a visitor’s sensitive financial details, like whether the visitor owed back taxes to the Internal Revenue Service or had looked at Federal Trade Commission resources concerning debt collection. The company reportedly stopped the practice, in response to Mayer’s findings.
*  An emerging consensus that “Self-regulation has failed to provide any meaningful privacy protection.  “It’s a mystery to me when companies like Facebook profess a commitment to 
privacy, when their business is based on getting info about their users,” said one of the experts quoted.
* This gem of an insight from Professor Mark Lemley: “One of the lessons of Internet law is that if you regulate too early or in too technology-specific a manner, your regulations quickly become useless or subject to evasion,” which was premised on the faulty notion that no consumers would ever really buy things online, and the Digital Millennium Copyright Act, which was enacted just a year before peer-to-peer file sharing was introduced and proved utterly ineffective in protecting copyrighted works shared over such services. Lemley worries that privacy scares might lead Congress to overreach and act too quickly, stifling innovation and depriving the market of the chance to strike a proper balance between innovation and 
privacy. Indeed, one could argue that has happened already.
* Indiana Law School Professor Fred Cate's observation that basic privacy principles of "notice and choice" made sense in the earlier days of the internet, now are outgrown and dated by the massive increase in PII and data sharing across networks required to push data and to facilitate commerce.


Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Powered by Blogger