Main Nav

Data Privacy Day 2013 Event

The National Cyber Security Alliance (NCSA), a non-profit public-private partnership focused on helping all digital citizens stay safer and more secure online, kicked off Data Privacy Day 2013 with a forum at the George Washington University Law School, along with Federal Trade Commissioner Maureen Ohlhausen and other privacy and security experts from AT&T, Facebook, Intel, MasterCard, Microsoft and the federal government.  The theme of the event was "Respecting Privacy, Safeguarding Data, and Enabling Trust."  The forum explored a wide range of issues including respecting privacy, safeguarding data, privacy innovation, and the implications for personal information in the digital age and the mobile environment.

Data Privacy Day is celebrated across the United States, Canada, Council of Europe member countries, and other countries worldwide. The day constitutes an international collaboration and nationwide effort to educate and raise awareness about data privacy, stewardship of data, and protecting the privacy of personal information.

Keynote speaker, FTC Commissioner Maureen Ohlhausen, talked about the FTC’s role in data security, including its enforcement record, its policy research, and its consumer and business education efforts (i.e., Her practical guidance for companies - “It is critical that businesses honor the promises they make to protect consumers’ privacy.  This is at the heart of the Commission’s law enforcement against deceptive practices.  Businesses must live up to the assurances they make regarding security standards.”

Commissioner Ohlhausen also addressed Congress's role by saying that well-crafted legislation could help protect consumer data by streamlining regulations for data security and breach notification.  She noted that most states have breach notification statutes, but that not all laws are the same.  By enacting a single standard, companies would know what to do and consumers would know what to expect.

The first panel was "Data Stewardship and Privacy: Enabling Trust."  Panelists included:
•    Ari Schwartz, Senior Policy Advisor, Department of Commerce (moderator)
•    Erin Egan, Chief Privacy Officer, Facebook
•    Brendon Lynch, Chief Privacy Officer, Microsoft
•    JoAnn Stonier, Chief Privacy Officer, MasterCard  

Brendon Lynch said, "Privacy is an art, not a science."  Mr. Lynch mentioned Microsoft's principle-based privacy method, as well as "understanding consumer expectations."  He added that, "How a company deals with privacy is key to long-term success." (Note: For Data Privacy Day 2013, Microsoft released new data reflecting consumers’ perceptions about how their information is used online, as well as a new series of short videos to help people better manage their online privacy.)

Erin Egan said that innovating around the concept of transparency and control are key Facebook principles.  She talked about "meaningful" Facebook privacy controls, filters that allow users to see what others can see, and the use of icons to alert users to privacy settings.

JoAnn Stonier said that we live in a converged data world where there is a whole ecosystem of data being created.  This provides an opportunity for standards to be put in place to ensure trust between the consumer and commerce.

All agreed that privacy is a critical component of each company’s strategy and that getting input from stakeholders was important in building privacy into design and creating appropriate controls.  As user awareness increases, there are opportunities for companies who are good stewards of data and that how a company deals with privacy is key to long term success.

The second panel was "The Future of Privacy & Innovation: Implications of Personal Information in an On Demand Mobile Environment."  Panelists included:
•    Justin Brookman, Director, Project on Consumer Privacy, Center for Democracy and Technology (moderator)
•    Jeff Brueggeman, Vice President, Global Policy and Deputy CPO, AT&T
•    Jules Polonetsky, Director, Future of Privacy Forum
•    John Verdi, Director of Privacy Initiatives, NTIA/OPAD

In answer to the question, “What are mobile challenges when it comes to privacy?” Jules Polonetsky said that mobile is less about the user interface and more about ubiquity and on demand.  John Verdi commented that location services are different (i.e., that there is a difference between providing privacy policies/transparency on mobile/small screens and on laptops).  Jeff Brueggeman said that companies need to start thinking about application developers and how they can innovate quickly and still build in privacy.  He said that AT&T views itself as a platform for innovation and works collaboratively with a large population of app developers.

The panel was also asked the question, “What do you do to assure people they can use things like location services?”  Mr. Polonetsky said that mobile is a different playing field and that the app ecosystem tracks differently than web browsers and do-not-track.  Mr. Brueggeman said that AT&T incorporates privacy into app developer programs and encourages them not to collect more data than they need.

The final question, “Are we going to see more of a differentiation on privacy in the mobile space moving forward?” led Mr. Brueggeman to state that we are likely to see a more hybrid model developing where people will pay in order for their data to not be shared.

EDUCAUSE will continue to monitor and report on this issue.

Tags from the EDUCAUSE Library