Digital Discourse / Archives for privacy

SIIA Supports COPPA’s Extension of Schools as Consent Providers

April 26, 2013 By

The Federal Trade Commission yesterday released its updated FAQs clarifying the amended rule implementing the Children’s Online Privacy Protection Act (COPPA) released in December, 2012. Included are several clarifications long championed by SIIA regarding the intersection of COPPA and children’s online activities in the school setting.

For those not familiar, in short, COPPA requires parental consent under certain conditions for the online collection of personal information from children under age 13. SIIA has long supported this important law for helping protect children’s privacy and safety, and has also worked with the FTC and other stakeholders to ensure COPPA implementation does not bring inappropriate or unintended consequences that limit technology innovation and the user experience.

According to the new COPPA FAQ:

  • “COPPA does not preclude schools from acting as intermediaries between operators and parents in the notice and consent process, or from serving as the parent’s agent in the process of collecting personal information online from students in the school context.”
  • “COPPA does not apply where a school has contracted with an operator to collect personal information from students for the use and benefit of the school, and for no other commercial purpose.”

These provisions are important to minimize the barriers to student access to instructional technologies and digital learning within the school context. Both extend on the role of schools as trusted agents of student learning, privacy and safety, including that governed by the Family Educational Rights and Privacy Act (FERPA) as well as by Acceptable Use Policies (AUPs) signed between parents and schools. They help provide for student’s seamless access to online teaching and learning opportunities in the timely manner needed to address their educational needs under the guidance of their teacher and school, and governing local school board policies. The alternative of requiring parental consent in each case would present a significant administrative barrier, potentially put certain students at an educational disadvantage when consent cannot be secured in a timely manner, and would often leave students and teachers unable to take advantage of a “teachable moment.”

While the continuation of these school provisions is welcome, the updated FAQs do include some new guidance that will require further analysis and consideration. For example, the FTC guidance now requires that: “. . . the operator must provide the school with full notice of its collection, use, and disclosure practices, so that the school may make an informed decision.” And the FTC separately describes what information a school “should” seek from an operator, including “What are the operator’s data retention and deletion policies for children’s personal information?”

SIIA members can review a more detailed summary and analysis on new COPPA regulations and guidance. [Updated May 9, 2013]

SIIA looks forward to working further with public officials, families, educators and digital learning providers to ensure that children have access to critical online learning opportunities and applications in an appropriately safe and secure manner. This includes SIIA’s ongoing work around FERPA (the Family Educational Rights and Privacy Act), which governs educational institutions and agencies through the U.S. Department of Education and is referenced in the COPPA FAQ.

Mark SchneidermanMark Schneiderman is Senior Director of Education Policy at SIIA.

Share|
Filed Under: Data-Driven Innovation, Digital Policy Roundup, Ed Tech Government Forum, Education, Education Policies, Education Policy, Personalized Learning, Policy, Policy - Privacy Tagged With: , , , , , ,

Users Support Targeted Advertising Over Paying for Internet Content

April 19, 2013 By

Advertising has always been the driving force behind quality content, and the ad industry has reshaped its business models as today’s Internet-based content ecosystem continues to evolve. Generic print ads of yesterday have made way for tailored Internet ads that fuel free access to everything from local news to viral videos like the Harlem Shake!

But do Internet users know that ads tailored to their own interests helps provide for their free content? And how do they feel about seeing these ads?

A new poll shows that Americans value free Internet content, and they are comfortable with the tailored Internet advertising that powers it. The survey, released by the Digital Advertising Alliance (DAA), measured consumers’ attitudes about Internet advertising. Despite the seeming unpopularity of “behavioral advertising” the survey found that when given the choice, Americans would prefer ad-supported content to paying for ad-free content. Some key data points:

· 92 percent of Americans think free content like news, weather and blogs is important to the overall value of the Internet (64 percent extremely important, 28 percent somewhat important)

· 75 percent prefer ad supported content to paying for ad-free content

· 41 percent of users think that browser obstacles to displaying advertising will result in less access to free content

Tailored ads are worth more to advertisers than generic ads aimed at the general population. That’s why they are so vital to the future of quality Internet content. The DAA survey shows that most Internet users support this revenue model:

    · 68 percent prefer to get at least some ads Internet directed at their interests

· 40 percent prefer to get all their ads directed to their interests

· 47 percent would oppose a law that would restrict how data is used for Internet advertising but also potentially reduced free content availability, compared to only 22 percent that support such a law

 

DAA’s findings are promising for the viability of the content industry. Most Americans are comfortable with seeing ads that are directed at their interests–and all Internet users deserve a transparent experience with online advertising. To that end, the DAA runs the ad industry’s primary opt-out program, a choice tool that allows users to tailor how and whether they receive interest-based advertising.

Read more about the findings from the DAA poll.

Laura Greenback is Communications Director at SIIA. Follow the SIIA Public Policy team at @SIIAPolicy.

Share|
Filed Under: Content, Policy, Policy - Privacy, Uncategorized Tagged With: , , ,

There’s No Bad Data, Only Bad Uses of Data

March 25, 2013 By

Steven Lohr explored the roots of the debate over personal data and privacy in a timely article in the New York Times this Sunday. An important theme of his article is best summed up by Craig Mundie of Microsoft, who says, “There’s no bad data, only bad uses of data.” At SIIA, we concur that if we want privacy protections to be truly meaningful, we should move away from restricting data collection, and instead work to prevent its harmful use.

Lohr’s article first describes a scenario in which a person is harmed because data from his or her online click stream is being collected. But even though this example is being used to illustrate the danger of data collection, it winds up confirming that true harm comes not from the collection, but the misuse of data. It might be harmful to an Internet user if predictions and inferences about his or her web travels make their way to a health insurer or potential employer. But the harm stems from data misuse, not its collection!

The online advertising industry collects click stream data now. It wants to use this data to improve the effectiveness and value of its online advertising. And the industry has already pledged to wall off online data from harmful use by  isolating it from eligibility decisions regarding employment, health care, credit and insurance.

It’s crucial to allow industries to continue to collect data so it can be used to benefit society. For instance, data driven innovation’s contributions in the educational sphere have been well-documented. Two recent reports by the Center for Technology Innovation at the Brookings Institution, called Educational Success Stories and Big Data for Education, show how data analytic techniques can help schools better understand students’ learning approaches and challenges. Instead of relying on static, uniform tests, “instructors can analyze what students know and what techniques are most effective for each pupil. By focusing on data analytics, teachers can study learning in far more nuanced ways.”

There are many uses of data that are beneficial to society, and public policy should not obstruct them by constructing arbitrary barriers to data collection. The best way to respect individual privacy in the age of big data is to protect people from harmful uses of data. Industries like online advertising are already moving in this direction by developing best practices and self-regulation. Blanket prohibitions on data collection will only do more harm than good.

Mark MacCarthy, Vice President, Public Policy at SIIA, directs SIIA’s public policy initiatives in the areas of intellectual property enforcement, information privacy, cybersecurity, cloud computing and the promotion of educational technology. Follow the SIIA Public Policy team on Twitter at @SIIAPolicy

Share|
Filed Under: Policy, Policy - Privacy, Uncategorized Tagged With: ,

SIIA Applauds Sens. Leahy and Lee for Introducing ECPA Reform Legislation

March 19, 2013 By

SIIA thanks Sens. Patrick Leahy (D-VT) and Mike Lee (R-UT) for introducing a bill today to update the antiquated Electronic Communications Privacy Act (ECPA) and protect Americans’ online privacy in today’s networked world.

The bill would level the playing field for “cloud computing,” by ensuring that electronic correspondence stored remotely with an Internet company in the “cloud” receives the same level of protection afforded letters, photos and other private material stored in a drawer or filing cabinet, or on a computer at home.

ECPA was enacted 27 years ago with good intentions, but the world of communications and computing is a different place today. In 1986, there was no such thing as email, and Americans had not yet begun storing personal information online. Congress must make passing ECPA reform a priority this year, so that Americans can trust that their private online information is protected from overzealous law enforcement intrusion.

Requiring law enforcement to obtain a search warrant before obtaining Americans’ email and other private online communications is critical to bring U.S. law into the 21st Century.  SIIA urges the House and Senate to expeditiously enact this legislation.

Laura Greenback is Communications Director at SIIA. Follow the SIIA Public Policy team at @SIIAPolicy.

Share|
Filed Under: Policy, Policy - Privacy Tagged With: , ,

SIIA Urges Support for Legislation to Reform ECPA as House Subcommittee Examines Cloud Privacy

March 18, 2013 By

SIIA called for a level playing field for cloud computing as the House Judiciary Subcommittee on Crime, Terrorism, Homeland Security and Investigations prepares for a hearing tomorrow regarding reform of the Electronic Communications Privacy Act (ECPA).

We have seen tremendous technological advances in communications and computing technology since 1986, when ECPA was enacted. The legal framework provided by this outdated statue leaves both providers and users of remote computing with a complex and baffling set of rules. These rules are both difficult to explain and to apply in this age of networked and cloud computing.

SIIA urges members of the Judiciary Committee to work with all deliberate speed to enact legislation creating a warrant requirement for law enforcement access to remotely stored electronic content.  It is critical to level the playing field for information Americans store in the cloud, ensuring that it receives the same protection as the information they store in their homes.

Ken WaschKen Wasch is President of SIIA. Follow the SIIA Software team on twitter at @SIIASoftware.

Share|
Filed Under: Cloud Computing, Government, Policy, Policy - Cloud Computing, Software Tagged With: , ,

Is it Time for the FTC to Hit the Reset Button on Privacy?

March 6, 2013 By

Several years ago, my spouse was the victim of ID theft.  It was a frightening, invasive, time-consuming process to get to the bottom of what happened, and to fix it.  She is far from the only one, however, to be victimized by identity theft.

In 2012, the Federal Trade Commission received 369,132 complaints about identity theft – or 18% of all consumer complaints reported to the FTC.  This marked the thirteenth year in a row that identity theft topped the list of consumer complaints to the FTC.

Lately, the FTC has been heavily focused on issues such as “comprehensive online data collection.” And while the issues raised by data collection practices merit attention, the persistent scourge that is identity theft is receiving far less focus than it deserves.  So this begs the question, as the FTC welcomes a new Chairwoman in Edith Ramirez and establishes a new agenda for 2013:  Is it time for the FTC to hit the reset button?

The FTC has a real opportunity to refocus on what is undoubtedly a difficult issue – identity theft – a very real problem that creates a significant risk of fraud and monetary harm.  They could do this by analyzing the most pressing privacy issues facing consumers — the current online threats and vulnerabilities, the security protocols that can reduce the likelihood of identity theft, and ways that consumers can be empowered to protect themselves from identity thieves.

Yes, it is time for the FTC to hit the reset button, and focus on one of the greatest threats facing consumers today:  Identity theft.

David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy. Follow the SIIA public policy team on Twitter at @SIIAPubPolicy.

Share|
Filed Under: Policy, Policy - Privacy Tagged With: , ,

FTC: Don’t Confuse Mobile with Personal

February 1, 2013 By

SIIA is supportive of the FTC’s effort to provide guidance for the multistakeholder approach to mobile privacy protection being led by the NTIA.

Today’s mobile guidance report from the FTC provides some useful input to that end. However, SIIA continues to strongly disagree with some of the high-level conclusions reached by the Commission. Particularly, SIIA strongly disagrees with the FTC’s conclusion that “[m]ore than other types of technology, mobile devices are typically personal to an individual, almost always on, and with the user.”

While this may be true when applied to smartphones and the model for their use today, SIIA strongly believes that this vision misses the mark for tablets, and it most certainly inaccurately portrays the evolving nature of Internet-based technology and new-age devices. On the contrary, SIIA is confident that the larger trend in technology with products and services offered seamlessly across a wide range of platforms and devices, coupled with the increasing saturation of Internet-powered devices reflects the shift to an environment where devices are less “personal” and less linked to a particular individual than personal computers.

For instance, just several years after the introduction of the tablet computer, and less than a decade after the introduction of the the modern smartphone, it is not uncommon for a household to have a wide range of internet-connected devices, with perhaps the majority of those devices being mobile devices shared by numerous users.

SIIA believes that the FTC’s fundamental misunderstanding about the increasing personalization of devices sets an inappropriate basis on which to build a foundation of privacy practices, either voluntary or mandatory. In order to develop an effective privacy framework for rapidly evolving technology, it is critical that we fully understand how this evolution is taking place, and all the opportunities that this innovation brings.

David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy. Follow the SIIA public policy team on Twitter at @SIIAPubPolicy.

Share|
Filed Under: Policy, Policy - Privacy Tagged With: , ,
« Older Posts