Privacy Legislation

14,000,000 Leading Edge Experts on the ideXlab platform

Scan Science and Technology

Contact Leading Edge Experts & Companies

Scan Science and Technology

Contact Leading Edge Experts & Companies

The Experts below are selected from a list of 11016 Experts worldwide ranked by ideXlab platform

Ju Young Lee - One of the best experts on this subject based on the ideXlab platform.

  • Is 'New' 'Stronger'?: Online Behavioral Advertising and Consumer Privacy Legislation
    2015
    Co-Authors: Ju Young Lee
    Abstract:

    Online behavioral advertising (OBA) or behavioral targeting advertising refers to an online practice that delivers advertising messages to consumers based on data about their prior and real-time online activities. Advertisers can effectively track consumer preferences by having access to diverse personal information gathered online. It is not new at all for profit-making companies to strive to gather personal information so that they can target their advertisements to “right” consumers and in turn minimize advertising waste. Advertisers assert that behavioral advertising can not only boost conversion rates, but also maximize consumer satisfaction; it benefits consumers, as well as causing no harm to consumers. Despite the online advertising industry’s argument, according to a survey conducted by Consumer Reports in 2014, 85% of online consumers oppose the personal data tracking for advertising purposes regardless of whether the data are anonymized or not. In addition, 76% of consumers responded that they saw “little or no value” in targeted ads. The United States Federal Trade Commission (FTC) has been watching online tracking and behavioral profiling for advertising since the mid-1990s. As there have been considerable Privacy concerns raised on the consumer side, the FTC has made many regulatory efforts including its proposals of self-regulatory principles in 2007 and “Do Not Track” mechanism in 2010. These FTC’s efforts, however, have not enabled consumers to effectively control the collection and use of their personal data. Although the U. S. Congress also has proposed Legislations of online consumer Privacy protection, no proposals have led to a comprehensive Privacy Legislation yet. As part of an ongoing effort to strengthen Privacy regulations, there came two new proposals: one is the White House’s draft of the Consumer Privacy Bill of Rights Act of 2015, and the other is the Congressional Privacy Bill containing the Commercial Privacy Rights Act of 2015. Both industries and consumer advocates have been presenting their evaluations of those proposals since their release. Naturally, companies deplore that they are unreasonably stringent, whereas consumer organizations complain that they are still weak. Aside from the evaluations by interested parties, this proposed research intends to analyze the two latest proposals in terms of whether they could be an effective measure to resolve the problems and concerns raised by consumers in relation to OBA. Based on a socialist concept of Privacy explicated by Fuchs (2012), this study examines whether the new proposals provide sufficient protection for consumer Privacy defined “as a collective right of exploited groups that need protection from corporate domination that uses data gathering for accumulating capital, for disciplining workers and consumers, and for increasing the productivity of capitalist production and advertising.” To define “consumer concerns,” this study analyzes the documents of consumer complaints particularly related to OBA, which include the documents listed in the “Resources for Consumer Concerns about Privacy,” provided by the Consumer Federation of America, the complaints filed with the FTC by the consumer and Privacy groups, and prior research on consumer perceptions of OBA. On the basis of the OBA problems extrapolated from these sources, how these problems can be resolved by the new Legislation proposals is evaluated. As an additional discussion for a better measure to protect consumer Privacy, this study will compare the two proposals with a draft of the European General Data Protection Regulation released in January of 2012 that is considered to be a comprehensive data protection law providing consumers with strong protection from the unauthorized use of their personal data. This study will be a significant addition to the discussions of a pertinent level of consumer Privacy protection against online tracking and behavioral profiling.

  • is new stronger online behavioral advertising and consumer Privacy Legislation
    2015
    Co-Authors: Ju Young Lee
    Abstract:

    Online behavioral advertising (OBA) or behavioral targeting advertising refers to an online practice that delivers advertising messages to consumers based on data about their prior and real-time online activities. Advertisers can effectively track consumer preferences by having access to diverse personal information gathered online. It is not new at all for profit-making companies to strive to gather personal information so that they can target their advertisements to “right” consumers and in turn minimize advertising waste. Advertisers assert that behavioral advertising can not only boost conversion rates, but also maximize consumer satisfaction; it benefits consumers, as well as causing no harm to consumers. Despite the online advertising industry’s argument, according to a survey conducted by Consumer Reports in 2014, 85% of online consumers oppose the personal data tracking for advertising purposes regardless of whether the data are anonymized or not. In addition, 76% of consumers responded that they saw “little or no value” in targeted ads. The United States Federal Trade Commission (FTC) has been watching online tracking and behavioral profiling for advertising since the mid-1990s. As there have been considerable Privacy concerns raised on the consumer side, the FTC has made many regulatory efforts including its proposals of self-regulatory principles in 2007 and “Do Not Track” mechanism in 2010. These FTC’s efforts, however, have not enabled consumers to effectively control the collection and use of their personal data. Although the U. S. Congress also has proposed Legislations of online consumer Privacy protection, no proposals have led to a comprehensive Privacy Legislation yet. As part of an ongoing effort to strengthen Privacy regulations, there came two new proposals: one is the White House’s draft of the Consumer Privacy Bill of Rights Act of 2015, and the other is the Congressional Privacy Bill containing the Commercial Privacy Rights Act of 2015. Both industries and consumer advocates have been presenting their evaluations of those proposals since their release. Naturally, companies deplore that they are unreasonably stringent, whereas consumer organizations complain that they are still weak. Aside from the evaluations by interested parties, this proposed research intends to analyze the two latest proposals in terms of whether they could be an effective measure to resolve the problems and concerns raised by consumers in relation to OBA. Based on a socialist concept of Privacy explicated by Fuchs (2012), this study examines whether the new proposals provide sufficient protection for consumer Privacy defined “as a collective right of exploited groups that need protection from corporate domination that uses data gathering for accumulating capital, for disciplining workers and consumers, and for increasing the productivity of capitalist production and advertising.” To define “consumer concerns,” this study analyzes the documents of consumer complaints particularly related to OBA, which include the documents listed in the “Resources for Consumer Concerns about Privacy,” provided by the Consumer Federation of America, the complaints filed with the FTC by the consumer and Privacy groups, and prior research on consumer perceptions of OBA. On the basis of the OBA problems extrapolated from these sources, how these problems can be resolved by the new Legislation proposals is evaluated. As an additional discussion for a better measure to protect consumer Privacy, this study will compare the two proposals with a draft of the European General Data Protection Regulation released in January of 2012 that is considered to be a comprehensive data protection law providing consumers with strong protection from the unauthorized use of their personal data. This study will be a significant addition to the discussions of a pertinent level of consumer Privacy protection against online tracking and behavioral profiling.

Iakovos S Venieris - One of the best experts on this subject based on the ideXlab platform.

  • technical enforcement of Privacy Legislation
    Personal Indoor and Mobile Radio Communications, 2007
    Co-Authors: Georgios V Lioudakis, E A Koutsoloukas, N L Dellas, Francesca Rubina Gaudino, Dimitra I Kaklamani, Iakovos S Venieris
    Abstract:

    The potential invasion of individuals' Privacy constitutes the flip side of the advanced services' provision, boosted by the recent advances in mobile communications, location and sensing technologies and data processing. Being situated in the realms of legal and social studies, the notion of Privacy is mainly left, concerning its protection, to Legislation and service providers' self-regulation by means of Privacy policies. However, all laws and codes of conduct are useless without enforcement. Based on this concept, this paper presents a framework that formally models the Privacy principles that regulate the services' provision and incorporates them into a Privacy enhancing middleware system. The mediation of the considered architecture between the users and the service providers, guarantees the enforcement of a Privacy policy that is defined by the technical translation of the Privacy principles and regulations and overrides the service providers' ones.

  • PIMRC - Technical Enforcement of Privacy Legislation
    2007 IEEE 18th International Symposium on Personal Indoor and Mobile Radio Communications, 2007
    Co-Authors: Georgios V Lioudakis, E A Koutsoloukas, N L Dellas, Francesca Rubina Gaudino, Dimitra I Kaklamani, Iakovos S Venieris
    Abstract:

    The potential invasion of individuals' Privacy constitutes the flip side of the advanced services' provision, boosted by the recent advances in mobile communications, location and sensing technologies and data processing. Being situated in the realms of legal and social studies, the notion of Privacy is mainly left, concerning its protection, to Legislation and service providers' self-regulation by means of Privacy policies. However, all laws and codes of conduct are useless without enforcement. Based on this concept, this paper presents a framework that formally models the Privacy principles that regulate the services' provision and incorporates them into a Privacy enhancing middleware system. The mediation of the considered architecture between the users and the service providers, guarantees the enforcement of a Privacy policy that is defined by the technical translation of the Privacy principles and regulations and overrides the service providers' ones.

I. Govender - One of the best experts on this subject based on the ideXlab platform.

  • Mapping ‘Security Safeguard’ Requirements in a data Privacy Legislation to an international Privacy framework: A compliance methodology
    2015 Information Security for South Africa (ISSA), 2015
    Co-Authors: I. Govender
    Abstract:

    It is commonplace for organisations to collect personal information to be processed and stored on their systems. Until recently, there was no comprehensive Legislation that addressed the `processing' of personal information by organisations in South Africa. The Protection of Personal Information Bill (“POPI”) was signed into law in November 2013 and is expected to come into effect, later this year (2015). POPI is informed by international data Privacy Legislation. The implications are that it will be incumbent for organisations to revisit how they `handle' peoples' personal information. This can be a daunting task as evidenced by countries that still find it a challenge to comply with data Privacy laws that have been enacted there, a while ago. This article proposes a methodology to comply with POPI. The Generally Accepted Privacy Principles (GAPP) is an American/Canadian framework containing international Privacy requirements with best practices. Both, POPI and GAPP address a common purpose: `How personal information is collected, used, retained, disclosed, and disposed.' GAPP is reputed as a solid benchmark for good Privacy practice, comprising of ten overarching Privacy principles which yields a set of criteria for effective management of Privacy risks and compliance. Much of the provisions in POPI is addressed in GAPP. A key condition (Security Safeguards) in POPI stipulates what aspects of personal information must be adequately secured, with limited insight on how to go about this process. Accordingly, this article proposes a methodology to fill this gap. All of the provisions under `Security Safeguards' in POPI is mapped onto GAPP, thereby contextualising GAPP to facilitate compliance with South Africa's data Privacy Legislation and to the same end, complying with international Privacy laws. This framework could also be implemented as a checklist/auditing document, guiding the organisation in its implementation of data Privacy and POPI compliance.

  • ISSA - Mapping ‘Security Safeguard’ Requirements in a data Privacy Legislation to an international Privacy framework: A compliance methodology
    2015 Information Security for South Africa (ISSA), 2015
    Co-Authors: I. Govender
    Abstract:

    It is commonplace for organisations to collect personal information to be processed and stored on their systems. Until recently, there was no comprehensive Legislation that addressed the ‘processing’ of personal information by organisations in South Africa. The Protection of Personal Information Bill (“POPI”) was signed into law in November 2013 and is expected to come into effect, later this year (2015). POPI is informed by international data Privacy Legislation. The implications are that it will be incumbent for organisations to revisit how they ‘handle’ peoples' personal information. This can be a daunting task as evidenced by countries that still find it a challenge to comply with data Privacy laws that have been enacted there, a while ago. This article proposes a methodology to comply with POPI. The Generally Accepted Privacy Principles (GAPP) is an American/Canadian framework containing international Privacy requirements with best practices. Both, POPI and GAPP address a common purpose: ‘How personal information is collected, used, retained, disclosed, and disposed.’ GAPP is reputed as a solid benchmark for good Privacy practice, comprising of ten overarching Privacy principles which yields a set of criteria for effective management of Privacy risks and compliance. Much of the provisions in POPI is addressed in GAPP. A key condition (Security Safeguards) in POPI stipulates what aspects of personal information must be adequately secured, with limited insight on how to go about this process. Accordingly, this article proposes a methodology to fill this gap. All of the provisions under ‘Security Safeguards’ in POPI is mapped onto GAPP, thereby contextualising GAPP to facilitate compliance with South Africa's data Privacy Legislation and to the same end, complying with international Privacy laws. This framework could also be implemented as a checklist/auditing document, guiding the organisation in its implementation of data Privacy and POPI compliance.

George Yee - One of the best experts on this subject based on the ideXlab platform.

  • VizSEC - Visualization for Privacy compliance
    Proceedings of the 3rd international workshop on Visualization for computer security - VizSEC '06, 2006
    Co-Authors: George Yee
    Abstract:

    The growth of the Internet has been accompanied by the growth of e-services (e.g. e-commerce, e-health). This proliferation of e-services has put large quantities of consumer private information in the hands of the service providers, who in many cases have mishandled the information, either intentionally or unintentionally, to the detriment of consumer Privacy. As a result, government bodies have put in place Privacy Legislation that spells out a consumer's Privacy rights and how consumer private information is to be handled. Providers are required to comply with such Privacy Legislation. This paper proposes visualization as a tool that can be used by security or Privacy analysts to understand how private information flows within and between provider organizations, as a way of identifying vulnerabilities that can lead to non-compliance. A model of private information flow and a graphical notation for visualizing this flow are proposed. An application example of using the notation to identify Privacy vulnerabilities is given.

  • CDVE - Cooperative Visualization of Privacy Risks
    Lecture Notes in Computer Science, 1
    Co-Authors: George Yee, Larry Korba, Ronggong Song
    Abstract:

    The growth of the Internet has been accompanied by the growth of e-services (e.g. e-commerce, e-health). This proliferation of e-services has put large quantities of customer private information in the hands of service providers, who in many cases have mishandled the information to the detriment of customer Privacy. As a result, government bodies have put in place Privacy Legislation that spells out the Privacy rights of customers and how their private information is to be handled. Service providers are required to comply with this Privacy Legislation. This paper proposes a cooperative visualization technique that can be employed by service providers to understand how private information flows within their organizations, as a way of identifying Privacy risks or vulnerabilities that can lead to violations of Privacy Legislation. The description of the technique includes a model of how an e-service uses private information, a graphical notation for the visualization, and an application example.

Westone - One of the best experts on this subject based on the ideXlab platform.

Privacy Legislation - 15 days free trial to Access Experts & Abstracts