Clearly we need a model. Is this one adequate?
Understanding Proposed Models for Privacy
January 15, 2011 by Dissent
Andy Serwin, who recently published the article, “The Federal Trade Commission and Privacy: Defining Enforcement and Encouraging the Adoption of Best Practices” (available on SSRN), has a new blog post, “Understanding Proposed Models for Privacy.”
I can see already that it will take me at least a few cups of coffee to work my way through his post, but I want to pull out one section here so that my blog readers will understand why I think we should all be reading and discussing his approach and ideas:
There are some that have interpreted my Privacy 3.0 article, first published over 3 years ago as a chapter in my privacy treatise, as advocating purely a focus on sensitivity and ignoring other issues. If this were true, I would have called the article Privacy 3.0—The Principle of Sensitivity. I did not because I believe that while sensitivity is extremely important, and data classification is the first step in the analysis, it is truly only the first step, which is why I chose the word proportionality.
In Privacy 3.0 I argued that it was widely recognized that the current theoretical construct of privacy—Prosser’s tort-based enforcement/accountability model—had failed. What was needed was a model that provided appropriate, but not over or under-inclusive protection, particularly in the rapidly changing Web 2.0 world where information sharing was the basis of a number of now ubiquitous services, such as Facebook.
I also recognized that society would gain benefit from information sharing, though there should be restrictions, or use-limitations, on the sharing.
Instead, a theory of proportional protection places higher restrictions and access barriers on truly sensitive information that either has limited or no use to third-parties and has great capacity to damage individuals and society, while simultaneously permitting the necessary and appropriate access to those having a legitimate need to know certain information, particularly when that information is less sensitive. Proportionality also has the advantage of minimizing the societal impact of privacy issues because enforcement and compliance will be focused on the most appropriate levels of sensitive information.
In other words, use-limitations should be proportional to the sensitivity of data.
While an examination of data elements for sensitivity could lead to improving privacy protection, that model did not seem to provide prospective guidance. As such, I proposed creating four tiers—highly sensitive; sensitive; slightly sensitive; and non-sensitive. By creating these tiers, one could associate certain use-restrictions and enforcement with each tier. As noted below, I did not simply focus on sensitivity as part of proportionality, but rather a broader set of issues that needed to be defined once the four tiers of information were created:
Thus, there are common elements that I will be discussing regarding each tier. These include:
whether information can be gathered without notice or consent;
whether consent must be opt-in or opt-out;
the effect of consent;
the types of processing that can be done;
can information be gathered under false pretenses;
are there time restrictions upon the retention of the data;
data security requirements;
data destruction requirements;
what steps are required, or permitted, to mitigate any mishandling of information; and
penalties for misuse of the information, including the imposition of statutory penalties in certain cases.
Read the whole article on Privacy & Security Source.
(Related) "Never tell anybody outside the family what you're thinking..." Don Corleone to Sonny
Can You Tell Your Own True Story Even If It Impinges on the Privacy of Your Lovers, Friends, and Family?
January 15, 2011 by Dissent
One of the limitations on ability to keep some things private is that the information may be revealed by family members. As mentioned in previous blog entries on this blog and more recently on PHIprivacy.net in the context of genetic issues, your private information may be revealed in a number of legal, however unfortunate, ways.
Attorney Mark Fowler has an interesting blog entry about this topic. It begins:
Autobiographers and memoirists sometimes face thorny legal issues when they write about aspects of their own lives that are inseparably intertwined with the private lives of others. Can a woman truthfully describe the intimate details of her sex life if, in doing so, she identifies her partner and aspects of his life (adultery, promiscuity, kinkiness?) he would prefer to keep forever secret? Can a gay man write about his HIV-positive status if, in doing so, he effectively discloses that his partner is also infected with the virus? The answer is an unsatisfying: “Sometimes — provided it is done the right way.”
Read more on Rights of Writers. It’s a fascinating and complex issue and Fowler discusses some cases to clarify how courts have approached the situation when right to privacy may collide with a speaker’s right to tell their own life’s story.
Cyber War Interesting but speculative. This is how it could have been done, but could we keep the secret? Past experience suggests we could not.
New York Times Reports US and Israel Behind Stuxnet
"Confirming heavy speculation in the Slashdot community, the New York Times reports that joint US-Israeli efforts were almost certainly behind the recent Stuxnet attack on Iran's nuclear program."
The article stops just short of saying in so many words that Israeli is the doer, but leaves little doubt of its conclusion.
You win some...
Court: Tucows doesn’t have to reveal name of user of privacy service
January 16, 2011 by Dissent
O’Raghallaigh of Managing Intellectual Property notes that the Court of Appeals for the Ninth Circuit affirmed a lower court ruling in Balsam v. Tucows holding that Tucows was not obliged to reveal the identity of one of their registrants who used the firm’s Angeles privacy protection service.
Balsam had sought the identity of the individual who sent him a lot of spam, and while the court was sympathetic, it offered him no legal joy:
There is no simple remedy for the vast number of unsolicited emails, popularly known as “spam,” that fill our electronic inboxes daily. Even though federal and state legislatures have adopted various laws to combat this problem, “spammers” continue to find new ways to advertise. Daniel Balsam, a victim of spam, seeks an alternative method of enforcement by bringing claims against the registrar of a domain site that bombarded him with more than 1,000 unwanted emails advertising a pornographic website. He claims that the registrar utilizes a system to hide the identity of spammers, making it difficult to identify the spammer. We consider Balsam’s claim that he is an intended third-party beneficiary of an agreement between the registrar and the Internet Corporation for Assigned Names and Numbers (“ICANN”). Under Balsam’s theory, the agreement’s provisions on wrongful use of domain names inure to his benefit. Although his approach is novel and creative, it cannot survive a motion to dismiss.
...and you lose some.
Our View: Court hangs up on Fourth Amendment
January 16, 2011 by Dissent
An editorial in the Appeal- Democrat addresses the Ninth Circuit decision in Diaz:
The California Supreme Court has expanded law enforcement authority at the expense of privacy and personal liberty by allowing police to confiscate and search cell phones of people they arrest without first obtaining a search warrant.
In a 5-2 decision Jan. 3, the court held that cell phones are “entitled” to inspection by law enforcement upon an arrest because the devices are considered “immediately associated with (the arrestee’s) person.” The majority opinion in the case, People v. Diaz, ruled that “lawful custodial arrest justifies the infringement of any privacy interest the arrestee may have in property immediately associated with his or her person at the time of arrest.” [Would that extend to data “in the Cloud?” Bob]
Essentially, the ruling treats a cell phone akin to clothing worn by an arrestee — a bad idea with troubling consequences.
Read more of the editorial in the Appeal-Democrat.