May
28
2015

Health Privacy in a Connected World – Beneficial or a Privacy Violation?

Medical Stethoscope

Leading up to the second annual IoT Privacy Summit on June 17 we’ll be featuring a series of blog posts about the panels and speakers at the upcoming event.

Medical Stethoscope

In the next decade, big data and the Internet of Things (IoT) will dramatically change the healthcare landscape and the data that is collected, shared, and stored. New questions and challenges will arise from these new data sources. Looking ahead, organizations and entrepreneurs are turning their focus toward ‘privacy by design’ to address some of these near future IoT challenges.

One such challenge might be gaining consumer trust. In a study by TRUSTe, more than 1 in 4 people mentioned security or privacy concerns related to data collection as a reason why they do not currently own a smart device. But with the proliferation of fitness and health wearables, and the shift toward greater use of technology in the healthcare space, privacy with big data is an important topic to address.

At the 2nd annual IoT Privacy Summit 2015 a panel titled, “Health Privacy in a Fully Connected World: The Loss of Individual Autonomy or Opportunities for Better Health and Quality of Life?” will review case studies from companies that are striving to balance the significant potential for improved health outcomes with data privacy and security concerns. The panel takes places from 10:45-11:30 a.m. at the Rosewood Sand Hill in Menlo Park during this one-day event.

Speakers on this panel are Hilary Wandall, AVP & CPO of Merck & Co. Inc.; Sharon Anolik, President of Privacy Panacea; and David Glickman, Co-Founder and COO of Lively.

READ ALSO: IoT Privacy Summit: Smart Cities

With more than 40 speakers and 12 sessions, the 2nd Annual IoT Privacy Summit 2015 is expected to be the premier event for anyone working in IoT and/or privacy-related fields.

To register for the IoT Privacy Summit 2015, click here.

 

 

May
27
2015

EU and APEC Officials Agree To Streamline BCR/CBPR Application Process

GlobalDataTransfers

This article originally appeared in the June edition of The Privacy Advisor.

GlobalDataTransfers

By Angelique Carson, CIPP/US 

In 2014, Hewlett-Packard (HP) became the first company to win approval for both binding corporate rules (BCRs) and cross-border privacy rules (CBPRs). Both processes take a significant number of man hours to achieve, as HP’s privacy staff will tell you. But to demonstrate compliance, many of the administrative hurdles are the same. That’s why, as companies increasingly turn to BCRs—69 to date with 45 or 50 additional companies in the assessment phase—and CBPRs—with 12 to date with another 20 or so in the pipeline—as data transfer mechanisms, an EU/APEC working group has approved a plan for increased interoperability by making it easier for companies to comply with both BCRs and CBPRs at once.

A U.S. Department of Commerce (DoC) official said the main feedback from industry was the heavy lift in applying for approval under both frameworks was not that they had to make substantial changes to their privacy programs but the demonstration of the provisions of those programs.

The EU’s Article 29 Working Party has agreed to the APEC Data Privacy Subgroup’s proposal to develop a common questionnaire based on the forms that now must be completed to apply for BCRs and CBPRs separately.

The idea is that organizations will be able to submit the single questionnaire to both EU DPAs, whose approval is needed for organizations to be granted BCRs, and to APEC Accountability Agents, whose approval is needed to be granted CBPRs, to reach compliance with both systems at once.

Read the rest of this entry »

May
21
2015

Ad-Funded Internet Community to Convene at Upcoming DAA Summit

Manhattan skyline

Manhattan skyline

The Digital Advertising Alliance will host its 3rd annual summit on June 2 in New York. At this all day event, DAA participants can engage in discussions about innovation in the ad-funded Internet community as well as listen to presentations and panels from industry thought leaders.

Special guest, FTC Commissioner Terrell McSweeny, will discuss key topics related to the DAA program.

From TRUSTe, CEO Chris Babel will be attending and Patricia Neuray, VP of Sales, will speak on a panel titled, “Publishers’ Roundtable – Delivering Value in Audience Engagement with Transparency & Control.” Along with Patricia, other speakers on the panel are Michael Hauser, Assistant General Counsel, Turner Broadcasting System; Kyle McCarthy, Co-Founder and Editor, Family Travel Forum; and Sal Tripi, Assistant Vice President, Digital Operations & Compliance, Publishers Clearing House and PCH.com.

Other topics that will be covered at the DAA Summit include:

  • Key trends in the multi-screen digital ad marketplace and how companies participating with the DAA will adapt enhanced transparency and control to meet consumer expectation.
  • Reaching audiences across devices and how non-cookie technologies can be addressed through industry self-regulation.
  • Accountability under self-regulation in 2015, including the DAA Programs’ plans for expansion of compliance to include the mobile guidelines later this summer.
  • Building trust, vertical-by-vertical, featuring use cases on the ROI of self-regulation across a variety of fields.
  • Scaling Self-Regulation Across Borders, you’ll hear from the DAA’s global partners about how the DAA Icon can successfully be leveraged across international marketplaces.

TRUSTe is a DAA approved AdChoices icon provider. The icon gives users the ability to manage data collection and advertising preferences in both desktop and mobile environments. TRUSTe was an early DAA compliance pioneer and has worked with hundreds of ad ecosystem clients and partners to serve more than 60 billion icons each month.

The Digital Advertising Alliance (DAA) establishes and enforces responsible privacy practices across the online advertising industry, providing consumers with enhanced transparency and control. The DAA icon is served globally more than one trillion times each month.

The DAA is an independent non-profit organization led by advertising and marketing trade associations.

So far, we’ve witnessed self-regulations flourish in the privacy space while at the same time allowing innovation to continue.

Join us for the upcoming DAA Summit in New York! Register here.

May
20
2015

IoT Privacy Summit: Smart Cities

IoT 2015

Leading up to the second annual IoT Privacy Summit on June 17 we’ll be featuring a series of blog posts about the panels and speakers at the upcoming event.

cep_tel_3d_isometric_giden

The cities of the future are almost here. Connected technology is not just for wearable devices — it can also be utilized to increase the efficiency of cities and streamline the lives of citizens.

Envisioning a smart city might make you think of modern architecture but connected technology will do so much more than make a city look advanced. Smart water and energy systems will be key in launching a smart city. Smart LED streetlights will provide better energy efficiency. And innovators are currently brainstorming ways the average citizen can connect with and utilize this data to improve their lives.

However, as we move toward the connected cities of the near future it’s important to keep privacy in mind. In one TRUSTe survey about data collection and consumer awareness, only 20% of respondents said they believe the benefits of smart devices outweigh any privacy concern about their personal information. Clearly, consumers need to be assured that their privacy will be respected before the IoT can truly flourish.

Read the rest of this entry »

May
15
2015

IoT Privacy Summit: Self-Regulation & IoT Panel

IoT 2015

Leading up to the second annual IoT Privacy Summit on June 17 we’ll be featuring a series of blog posts about the panels and speakers at the upcoming event.

IoT 2015

 

No one knows for certain the exact impact big data will have on the future of privacy, or how the government might respond to big data’s exponential growth. However, privacy experts and thought leaders can provide some educated insight into what we might be able to expect.

The panel titled, “Can Self-Regulation Meet Privacy Challenges of IoT?” at the upcoming IoT Privacy Summit 2015 at 11:30 a.m. on June 17, will examine the thin line policymakers must walk between protecting consumer privacy and not hindering innovation. For instance, the auto industry’s recently developed Privacy Principles will be discussed in order to explore how self-regulatory rules can strike the right balance between protecting privacy and preserving innovation in the IoT.

Speakers include:

  • Nancy Libin, Partner, Wilkinson Barker Knauer, LLP; former Chief Privacy and Civil Liberties Officer of the U.S. Department of Justice
  • Alex Reynolds, Director and Regulatory Counsel, Consumer Electronics Association (CEA)
  • Justin Brookman, Director Consumer Privacy, Center for Democracy & Technology
  • Hilary Cain, Director Technology & Innovation Policy Toyota Motor North America, Inc.
  • Nithan Sannappa, Senior Attorney, Federal Trade Commission

“Earlier this year, the Federal Trade Commission issued a report on the Internet of Things in which it stated clearly that it did not recommend IoT-specific legislation at this time,” said Nancy Libin,Partner, Wilkinson Barker Knauer, LLP; former Chief Privacy and Civil Liberties Officer of the U.S. Department of Justice, who is speaking on this panel.” Congress appears similarly inclined to allow the market for IoT products and services to unfold before addressing any privacy and security issues through legislation. Current laws provide protection for consumers who adopt IoT products, and if companies incorporate data privacy and security features into their IoT products during development, they may obviate the need for any other regulation in this space in the future.”

Register now for the IoT Privacy Summit 2015.

May
14
2015

Meet TRUSTe: Andrew McDevitt, Senior Privacy Consultant

Each week we give you an inside look at the talented, knowledgeable and friendly people who work at TRUSTe. This week’s Meet TRUSTe post will introduce you to one of our privacy consulting team members. 

andrew_blog

Name: Andrew McDevitt

Job Title: Senior Privacy Consultant – CIPM, CIPP/E/G/US

How long have you been a consultant at TRUSTe? I have been with the company for 9 months.

Tell us about your role at TRUSTe. I serve on an excellent team of privacy consultants that work with our diverse clients to help them address specific data privacy compliance and risk challenges. I spend a lot of my time working with clients on projects focused on employee data privacy, especially in the context of the U.S. Department of Commerce’s EU/Swiss Safe Harbor Program. I also work on education and healthcare oriented privacy engagements and serve as a subject matter expert to support our Data Privacy Management Platform (DPM Platform) product development team.

Tell us about your background in privacy and why you decided to get CIPP certified? Over the past 17 years, I’ve worked in US federal and state government relations roles within the business process outsourcing and software industries with a special focus on employee management related compliance and risk matters. Given the tremendous amount of employee level data that some of my previous employers managed on behalf of other organizations, the advances in technology I was observing and the growing data breach events being reported by the press in all business sectors, I became extremely interested in data privacy issues. In 2011, I earned the CIPP/US certification. Over the course of the following three years, I also took and passed the CIPP/E, CIPP/G and the CIPM exams with the intent of transitioning into the data privacy consulting world. I essentially made the decision that I wanted to dedicate the rest of my career to helping various organizations establish or improve their privacy practices and risk postures. This is because I think privacy is one of the biggest global public policy issues of our time.

Read the rest of this entry »

May
13
2015

New Trust Framework to Address Privacy & Security Challenges of Connected Devices

PrivacyDataSecurity

PrivacyDataSecurity

The Online Trust Alliance (OTA), announced today that it’s welcoming experts to join the working group creating a trust framework for the security, privacy and sustainability risks of the Internet of Things (IoT) devices. The framework will be presented in a special panel at TRUSTe’s IoT Privacy Summit 2015 on June 17 in Menlo Park, Calif.

The framework will initially focus on connected home and wearable/fitness technologies. It reflects input from a consortium of leaders in both the private and public sectors — including the security and privacy community, app developers, manufacturers and international retailers. This working group builds on and expands the scope of the IoT Privacy Tech Working Group announced at the first TRUSTe IoT Privacy Summit last year.

Initial goals of the framework include:

  • Aiding consumers with the ability to make purchasing decisions based on vendors’ commitment to privacy and security.
  • Provide manufacturers and developers with guidance on how to adopt privacy and security best practices.
  • Provide offline and online retailers with criteria for making product purchasing decisions.
  • Encourage collaboration in the industry.

The next full working group meeting is on June 16 in Mountain View, Calif. To register to attend, click here.

You can hear more about this work by attending the TRUSTe IoT Privacy Summit. Register here.

 

 

May
08
2015

Here’s What You May Have Missed at European Data Protection Days, and TRUSTe’s Roundtable in Berlin

EDPD1

EDPD1

This week began with the 5th annual European Data Protection Days that serves to bring privacy specialists, government officials and thought leaders from all over the world together in Berlin to discuss the key issues in data privacy management. The two-day event earlier this week (May 4th and 5th) took place at the Pullman Berlin Schweizerhof hotel in Berlin. On the 5th, TRUSTe hosted a Roundtable as part of our successful Privacy Insight Series that provides a more intimate environment for top privacy leaders to discuss current privacy challenges.

Read the rest of this entry »

Older posts «