{"id":13973,"date":"2010-01-28T13:12:06","date_gmt":"2010-01-28T18:12:06","guid":{"rendered":""},"modified":"2014-05-09T09:13:04","modified_gmt":"2014-05-09T13:13:04","slug":"the-role-of-privacy-by-design-in-protecting-consumer-privacy-1","status":"publish","type":"insight","link":"https:\/\/cdt.org\/insights\/the-role-of-privacy-by-design-in-protecting-consumer-privacy-1\/","title":{"rendered":"The Role of Privacy by Design in Protecting Consumer Privacy"},"content":{"rendered":"
1) What is Privacy by Design?<\/a> <\/a>1) What is Privacy by Design?<\/p>\n CDT has submitted comments to the Federal Trade Commission for the second in a series of public roundtable discussions the agency is sponsoring exploring the privacy challenges posed by 21st-century technology and business practices that involve the collection and use of consumer data. CDT views these roundtable sessions as a historic opportunity for the FTC to develop and announce a comprehensive privacy protection policy for the next decade.<\/p>\n As new technologies enable the collection of greater amounts of data online, it is essential that companies consider privacy at each stage of product development. “Privacy by Design,” a concept prominently championed by Ontario\u2019s Information and Privacy Commissioner Anne Cavoukian, presents a set of “foundational principles” to guide innovation in a manner that is consistent with Fair Information Practices (FIPs). Privacy by Design offers a roadmap to integrate privacy considerations into business models, product development cycle, and new technologies. We urge the FTC to encourage the integration of Privacy by Design into corporate practices and innovation.<\/p>\n As described by Cavoukian, “Privacy by Design asserts that the future of privacy cannot be assured solely by compliance with regulatory frameworks; rather, privacy assurance must ideally become an organization\u2019s default mode of operation.” Privacy by Design presents a set of “foundational principles” that can help companies innovate in ways that are consistent with FIPs. These seven principles are:<\/p>\n CDT Consumer Privacy Roundtable Comments<\/a>: The Role of Privacy by Design in Protecting Consumer Privacy <\/a>2) Privacy Enhancing Technologies or Privacy by Design?<\/p>\n Privacy by Design is often associated with Privacy Enhancing Technologies (PETs), such as encryption software, anonymizers, and browser extensions that provide granular data controls. While innovative PETs are an important component of Privacy by Design, when relegated to afterthoughts and product add-ons they do not fulfill the larger goal of crafting a set of consumer rights and company responsibilities that together fortify and protect the decisions that consumers make online. PETs are most useful for users who already understand online privacy risks. They are essential user empowerment tools, but they form only a single piece of a broader framework that should be considered when discussing how technology can be used in the service of protecting privacy. <\/a>3) Privacy by Design: Behavioral Advertising<\/p>\n Massive increases in data processing and storage capabilities have allowed advertisers to track, collect and aggregate information about consumers’ Web browsing activities and to compile individual profiles that are used to match advertisements to consumers\u2019 interests. All of this is happening in the context of an online environment where more data is collected \u2013 and retained for longer periods \u2013 than ever before. Re-spawning deleted cookies through the use of flash cookies and new efforts to access consumers’ browser histories are just two examples of the many methods being used to circumvent consumer control. Internet users’ browser histories are increasingly being viewed as valuable, despite the obvious privacy concerns raised by the practice of mining these histories. As companies have taken advantage of new technologies to develop new ways to circumvent user control, tools, practices, and regulations meant to protect consumer privacy have failed to keep up. There is no reason that this should be the case. Browser developers could have integrated flash controls into their cookie controls and protected histories by default in the releases after these problems became well known and should be encouraged to do so now. A commitment to Privacy by Design could yield marked improvements for privacy in the current ecosystem, one in which an extraordinary level of Internet savvy and detective work are necessary to determine which advertising networks are collecting data on any one Web site. A standard that required data-collecting objects be denoted by HTTP headers, for example, would make data collection more transparent and easier to control. The code for beacons and cookies could even include information about where to find the behavioral profiles being constructed about the consumer. Such a standard would enable browsers to act as a dashboard through which consumers could control the data collected about them and find the profiles being created around their data.\u00a0 Browsers could further implement the “privacy as a default” principle of Privacy by Design by encouraging consumers to work through a Privacy Wizard when they first install or update their browsers. Meanwhile, there is little reason that practices that are defined by technology should be monitored “by hand.” Technological innovation to support industry compliance is needed as well. Multiple companies are typically involved in the targeting of a particular ad, including the advertiser in the case of retargeting, data aggregators providing data to the advertiser directly or through demand-side platforms or ad exchanges, and downstream ad networks that use behavioral data to optimize audiences as the ad is relayed to the consumer. Compliance throughout all of these data transfers should be far more automated than it is today, with compliance mechanisms built directly into ad delivery and targeting technologies. The FTC should encourage innovation that will help simplify compliance without lowering standards and, more generally, should be supportive of the development of protocols that will help enable Privacy by Design.<\/p>\n Center for Democracy and Technology, Online Behavioral Advertising<\/a>: Industry\u2019s Current Self-Regulatory Framework is Necessary, but Still Insufficient On Its Own to Protect Consumers
\n2) Privacy Enhancing Technologies or Privacy by Design?<\/a>
\n3) Privacy by Design: Behavioral Advertising<\/a>
\n4) CDT\u2019s Recommendations for FTC action<\/a><\/p>\n
\n\n
\nAnn Cavoukian, Privacy by Design: The 7 Foundational Principles <\/a>
\nWhat Is Privacy by Design?<\/a><\/p>\n
\n
\nCavoukian has published the Privacy by Design Diagnostic Tool Workbook, which companies can use to determine whether and how they are complying with Privacy by Design principles. Meanwhile, many companies, including IBM, Sun Microsystems, Hewlett-Packard and Microsoft have already incorporated Privacy by Design into their product development processes and made strong statements about the important role that protecting privacy plays in their business models.
\nAnne Caovukian, Privacy Diagnostic Tool (PDT)<\/a> Workbook, Version 1.0<\/p>\n
\n
\nAlthough privacy tools are now built into all of the major browsers and trade associations are beginning to offer opt-out tools, some companies have consistently sought to circumvent user control by relying on alternative technologies.<\/p>\n
\nMore broadly, a commitment to Privacy by Design by trade associations and companies that play a role in the behavioral advertising ecosystem would prevent deceptive practices like re-spawning and spying on browser histories and help build a framework of trust that might make consumers more willing to share their data for the purposes of behavioral advertising: consumers who wish to avoid data collection would be able to do so and consumers who allow for collection could feel confident that information collected is transparent, limited in scope, secure, and accessible to them, not just to the companies that track them.<\/p>\n
\nOutside of the browser, advertising networks should be encouraged to build data collection, transfer, and use architectures and best practices with privacy considerations in mind. Entities engaged in behavioral advertising should use threshold analyses and privacy impact assessments to determine the level of protection that the data they are collecting requires. Privacy impact assessments should link the amount of data collected to the purpose for which data is being used; limitation on data use and transfer should be set in the planning stages of any product. Protocols for storing, transferring, and deleting collected data should be part of product development.<\/p>\n
\nSoltani, Ashkan, Canty, Shannon, Mayo, Quentin, Thomas, Lauren and Hoofnagle, Chris Jay, Flash Cookies and Privacy <\/a><\/p>\n
\n