July 21, 2012 San Diego, California — Today the World Privacy Forum filed comments on California’s plan to harmonize existing California state law to federal health privacy laws. California’s health privacy law, the CMIA, offers Californian’s stronger privacy protections than national level health privacy laws. WPF urges California to reconsider its plan to weaken Californian’s privacy. Executive director Pam Dixon said “The harmonization plan coming out of California’s Department of Health and Human Services is not in harmony with California patients and their health privacy.”
New California privacy enforcement office — California Attorney General Kamala Harris has created a new privacy protection and enforcement unit. The unit will be housed in the Department of Justice and will focus on protecting consumer and individual privacy through civil prosecution of state and federal privacy laws, a news release said. “The Privacy Unit’s mission to enforce and protect privacy is broad. It will enforce laws regulating the collection, retention, disclosure, and destruction of private or sensitive information by individuals, organizations, and the government. This includes laws relating to cyber privacy, health privacy, financial privacy, identity theft, government records and data breaches. By combining the various privacy functions of the Department of Justice into a single enforcement and education unit with privacy expertise, California will be better equipped to enforce state privacy laws and protect citizens’ privacy rights. ” Joanne McNabb, who ran the now de-funded California Office of Privacy Protection, will serve as director of privacy education and policy for the unit.
Drones — A recent item about drones in the GWU CyberSecurity Policy Newsletter revealed that drones can be hacked via spoofing the drone GPS systems. Government drones in US airspace are poised to become a privacy issue of increasing concern.
Mobile privacy — Mobile app privacy is the topic of the multistakeholder process to be undertaken this week under the direction of the US Department of Commerce. Over the weekend, a NYT article revealed that mobile carriers received more than 1.3 million requests by law enforcement for mobile data, including requests for text messages. This article is a focusing event. It is a reminder that in mobile privacy we need to put the consumer first, focus on what is important, and apply responsibility for privacy and transparency throughout the hierarchy of mobile players, from carriers to platforms to app stores to publishers to developers. It is unclear yet what segments of the hierarchy require what amounts of the burden, but what is clear is that carriers will certainly need to do a lot. It is also clear that the idea of just an icon on a screen to communicate the idea of mobile privacy to consumers is a band-aid approach at best when faced with the truth of where some of the real risks are for consumers.
HIE interactive map — WPF has posted a new interactive map of health information organizations and exchanges in California. This is a map-in-progress, and we will be adding data to the map in stages.