New Zealand News - Technology - Give up your personal data and be a winner!
And that's the key: the opportunity to collect information from huge numbers of consumers over the internet is what competitions on the internet are often about.
Mark Foster, sales director at My Offers, a competition website, says big consumer goods companies such as Proctor & Gamble and Reckitt Benckiser have gone online to collect consumer information.
The My Offers website runs surveys for its clients.
For every questionnaire completed, My Offers enters you into a draw to win a prize: last year, the site gave away over £250,000 worth. The site's mail-brokering division claims to be the largest email broker in the UK, with 7.2 million email addresses.
Intranet Journal - Privacy 101.
It's a fact that some businesses and organizations do not take privacy very seriously. However, the truth is that privacy of confidential customer information is mandated by law -- many laws, actually. [ ... ]
eMarketer - Who Should Secure Privacy Online?
Should privacy online be the responsibility of government, or business? David Hallerman reviews US internet users' opinions on the two options.
MediaDailyNews 02-12-03 - P3P Standards Could Have Privacy Concerned Users Tossing Cookies .
Ad frequency caps, site visitor numbers and all sorts of third party data are being sabotaged. Blame it on a little birdie, a browser behemoth and good intentions.
Cookies are used to target, serve, track and optimize ad campaigns, pre-populate online forms, personalize user experiences and measure site visits and interaction, but P3P policy tracking agents are throwing a wrench into those everyday business mechanisms that Web publishers take for granted.
[ ... ]
"Every time I come back it thinks I'm a new user," explains Dave Morgan, president and CEO of audience management software company Tacoda Systems. Morgan cautions that since cookies are being rejected, visitor numbers can be inaccurate and frequency caps on ads like pop-ups can fail.
The most at-risk publishers: sites and networks that serve content from a variety of Web domains and/or those that manage their own ad serving in-house. By now, most any third party ad serving platform managed off-site has implemented P3P. Some estimate that two-thirds of the top 100 most visited sites have not implemented P3P on their servers.
MediaDailyNews 02-12-03 - Why Some Web Publishers Still Aren't P3P Compliant.
A once under-the-radar privacy protection initiative is causing big headaches for Web publishers, and some may not even know it.
Microsoft's Internet Explorer 6 browser looks for machine-readable privacy policies called P3P statements on third party servers. If they're not there, or don't meet standards, IE's default settings block third party cookies, which can wreak havoc on ad serving, reach and frequency capping, campaign and site measurement and more. (See the first of this two-part series for more details.)
About half of Web surfers across the globe use IE 6 according to Browser News. Factor in the folks using AT&T's Privacy Bird software which alerts users to potential privacy and P3P-related concerns, and P3P is a force to be reckoned with. AT&T's Privacy Bird software has been downloaded about 32,000 times according to AT&T.
"Here's the rub," says Dave Morgan, president and CEO of audience management software firm Tacoda Systems, "publishers don't know if the cookies are being blocked because the browser doesn't tell, so the ad server doesn't know the cookies got blocked." He worries that because Web publishers and advertisers have grown accustomed to discrepancies in reporting numbers, alarms aren't going off.
[ ... ]
Don't forget the lawyers. Standard P3P language is not always consistent with actual site privacy policies which are usually laden with legalese. "Our privacy policy is much, much, much more stringent than the P3P norm," stresses Carl Fischer, VP corporate communications at iVillage. "Legally we won't put a privacy statement intact that doesn't reflect what we're actually doing."
Although publishers are ultimately accountable under general Federal Trade Commission regulations, there's no real P3P patroller on duty. Still, P3P is nothing to ignore. Urges Morgan, "The advertising industry has to drive how these technologies function because that's where the revenue comes from."
Most of the P3P generating tools I have seen either run on Windows or JAVA. Anyone found a good tool that will generate a P3P policy from a pre-OS/X Macintosh?
The Register (UK) - NHS patient privacy? What patient privacy!
Up to 200,000 requests are made under by investigators under false pretences to obtain health information on British patients each year. And most attempts succeed, according to the Foundation for Information Policy Research (FIPR).
This calculation is based upon an old pilot study in one health authority exposed 30 phone calls per week made under false pretences, with investigators pretending to be doctors or health administrators. The pilot was inspired by a BMA recommendation in 1996 that telephone requests to a health authority or provider for patient information should be logged, approved by a clinician and then authenticated by calling back to a telephone number in the NHS directory.
So did the NHS embrace and extend this scheme? Of course not, the whole idea was shelved.
Political News from Wired News - A Chilly Response to 'Patriot II'.
Unlike its hastily passed predecessor, the Justice Department's wide-ranging follow-up to the Patriot Act of 2001 is already facing intense scrutiny, just days after a civil rights group posted a leaked version of the legislation on its website.
The legislation, nicknamed Patriot II, would broadly expand the government's surveillance and detention powers. Among other measures, it calls for the creation of a terrorist DNA database and allows the attorney general to revoke citizenship of those who provide "material support" to terrorist groups.
Privacy advocates said the bill "gutted the Fourth Amendment," while prominent Democratic senators, including Patrick Leahy, ranking Democratic member of the "Senate Judiciary Committee", immediately chastised the administration for its secrecy.
Despite assurances to lawmakers that no bill was in the works, the Justice Department internally circulated a confidential 120-page summary and text of the Domestic Security and Enhancement Act in early January.
The non-partisan "Center for the Public Interest" published a leaked copy of the bill on Friday.
"As recently as just last week, Justice Department officials have denied to ... the Judiciary Committee that they were drafting another anti-terrorism package," said Leahy in a written statement. "There is bipartisan concern ... about the administration's lack of responsiveness to congressional oversight."
[ ... ]
The act allows the government to:
* Conduct domestic wiretapping without court order for 15 days following a congressional authorization of use of force or an attack on the United States.
* Secretly detain citizens.
* Deport any alien, including green-card holders, who are convicted of drug possession or an aggravated felony.
* Access a citizen's credit reports without a subpoena.
* Abolish federal court "consent decrees" that limit police surveillance of non-criminal organizations and public events.
* Criminalize the use of encryption software in the commission or planning of a felony.
* Apply strict gag rules to those subpoenaed by a grand jury.
* Collect DNA from suspected terrorists and indeed from any individual whose DNA might assist terror investigations.
* Extend authorization periods for secret wiretaps and Internet surveillance.
* Ease restrictions on the use of secret evidence.
"The administration is pushing everything to less and less judicial and public oversight," said Deirdre Mulligan, director of the Samuelson Law, Technology and Public Policy Clinic. "It's hard to shock me, but this legislation rises to level of shock of consciousness. Alarming as the Patriot Act was, these provisions are right off the edge."
"We haven't been given the most general statistics on the Patriot Act," said Jameel Jaffer of the American Civil Liberties Union, which has sued for information. "It doesn't make sense to expand their powers when we don't know how they are using the ones they got."
The hastily written Patriot Act faced little debate before being passed on Oct. 26, 2001, just weeks after the attacks of Sept. 11th.
[ ... ]
Some news accounts have incorrectly said that the legislation was sent to the vice president and the House speaker. However, the control sheet (PDF) indicates only that the document was sent to 10 internal divisions of the department.
[ ... ]
"This is something you have on the shelf," said Hoofnagle (ed. deputy counsel for the Electronic Privacy Information Center). "You wait for an opportune moment, like going to war, to introduce it. They call this a draft but this bill is definitely close to final and gives a good road map of what the Justice Department wants."
IEEE-USA Board of Directors, June 2002) - IEEE-USA Position On "User Rights in Digital Copyright.
IEEE-USA urges Congress to clarify the rights of users of digital information under copyright law.
When Congress enacted the service provider safe harbor provisions as part of the Digital Millennium Copyright Act (DMCA), it provided certainty against suit for copyright infringement for the reproduction and distribution of copyrighted material as long as the act of the service provider fell within the rules for at least one of the safe harbors. Congress did not provide similar safe harbors for user reproductions, even though such reproductions are necessary to utilize a digital work, or are commonplace and do not diminish the value of the work.
IEEE-USA Board of Directors, June 2002) - Position On the Digital Millennium Copyright Act (DMCA) Encryption Research.
IEEE-USA is concerned that legitimate encryption and security research is being threatened. Accordingly, it asks the U.S. government to provide sanctions against those who misrepresent the DMCA and deter legitimate research in encryption and security.
Recently, researchers whose work falls within the exemption provided by Congress have been threatened with possible litigation under the DMCA, causing great concern for those researchers who want to publish their results in academic conferences and journals and similar forums, including those sponsored by the IEEE. IEEE-USA strongly condemns those who threaten legitimate research and its publication when Congress has stated its intention to protect such research and publication from litigation. This safe harbor should be available for all such research and publication, regardless of whether performed by an academic or a nonacademic, and regardless of whether the research is conducted by an individual or on behalf of an organization. IEEE-USA believes that there must be appropriate sanctions against those who misrepresent the DMCA in an effort to deter legitimate research.
IEEE-USA notes that the DMCA provision on encryption research may not fully protect legitimate encryption research and publication, as was Congress' intent. IEEE-USA believes that the encryption research exemption must be amended so that it clearly includes all legitimate research done by any entity or person (academic or otherwise) and the publication of that research, and is applicable to all types of copyright protection and management systems. Until that is accomplished, IEEE-USA urges the courts to interpret the encryption research exemption broadly, to protect legitimate encryption as was Congress' intent for the DMCA exception.
IEEE-USA Board of Directors, June 2002) - Position On the Digital Millennium Copyright Act (DMCA) Notice-and-Takedown.
IEEE-USA urges Congress to determine whether the notice-and-takedown provisions for online information are being abused by going beyond the requirements set forth by Congress, and asks the Copyright Office to provide guidance material to aid users and service providers.
The service provider safe harbor provisions of the Digital Millennium Copyright Act (DMCA) limit the copyright infringement liability of an online service provider if that provider promptly removes or blocks access to material alleged to infringe a copyright following proper notice from the copyright owner. It also limits the liability of the service provider to its users for the removal of the material, provided that the service provider provides prompt notice to the user of the removal of the material and restores the information if there is a proper claim by the user that the material is not infringing.
IEEE members have reported that some content providers have sent baseless or inadequate DMCA notices to service providers, and that some service providers have gone beyond the removal of material that allegedly infringes, including blocking access to all the user's material, suspending the user's account, and sometimes even suspending all access to the Internet by the user. IEEE-USA believes that this goes far beyond the balance between user and content provider rights struck by Congress in the DMCA notice-and-takedown provisions.
IEEE-USA urges Congress to hold periodic oversight hearings to determine whether content providers are issuing baseless or inadequate notices, and whether service providers are removing more than just the alleged infringing material specified in a proper notice, are suspending user accounts, or are otherwise going beyond the limited takedown required to remain within the DMCA safe harbor. Because of the reports by IEEE members, IEEE-USA asks Congress to clarify the notice-and-takedown provision and formulate appropriate sanctions against those misusing the provision.
IEEE - IEEE-USA Wants Digital Millennium Copyright Act Re-Examined .
Two recent court battles, as well as concerns raised by members, have prompted IEEE-USA's Intellectual Property Committee to re-examine its position on the 1998 Digital Millennium Copyright Act (DMCA) and, in a pair of position statements, to urge the U.S. Congress to clarify some of the law's provisions.
The first case involved Edward Felton, a professor at Princeton University, N.J., USA. He sued the Secure Digital Music Initiative, a music industry group, for blocking his publication of research on cracking the security of digital music. A federal court dismissed the case in November 2001.
The other involved Russian programmer Dmitry Sklyarov, who was arrested in 2001 at that year's Def Con conference in Las Vegas, Nev., USA, for having written the software used to break Adobe's e-book encryption programs. He was charged with violating the U.S. law, which forbids the circumvention of technological measures controlling access to copyrighted works, even though his software is legal in Russia, where Sklyarov developed it. In December 2002, Sklyarov's employer, ElcomSoft, was found not guilty of violating DMCA.
Slashdot | Your Rights Online - IEEE Wants Congress To Re-Examine DMCA.
softsign writes "Reading this story in this month's IEEE The Institute, I found that IEEE-USA quietly published two position papers asking the US Congress to re-examine and/or clarify sections of the DMCA last year. The papers - developed by the organization's Intellectual Property committee - specifically cite concerns over the chilling effects and misuse of the DMCA against researchers and ISPs. Initially, the IEEE was pretty wishy-washy about the DMCA, but it seems that they've been listening to their members and have developed a pretty strong anti-DMCA, pro-innovation stance. Including an enlightened view on Fair Use rights!"
|
