Stop SOPA & PIPA —- The World Privacy Forum is deeply concerned about the profound, far-reaching privacy consequences of two bills, SOPA and PIPA. The bills have many negative aspects. In terms of the privacy impacts, one of the serious consequences is that the right to create and use anonymization software tools would be essentailly
Facebook — In response to the FTC’s proposed settlement with Facebook over the company’s multiple privacy violations, the World Privacy Forum has asked the FTC to make key changes. “We applaud the FTC for its work on the Facebook case,” said executive director Pam Dixon. “We support many parts of the settlement. However, we urge the FTC to provide full redress for affected consumers by rolling back the privacy controls to the 2009 defaults, and we also urge the FTC to follow the 2004 Gateway Learning, Corp. precedent and require Facebook to disgorge profits they made from violating their privacy policy retroactively.” The comment period is open to the public until December 30.
Facial recognition — Pam Dixon of WPF testified at the FTC’s Facial Recognition workshop, speaking on a panel about the policy implications of facial recognition technology. The World Privacy Forum’s report on Digital Signage was mentioned several times at the hearing, as were the collaborative consumer protection principles the WPF led.
Common Rule | Health Privacy — The World Privacy Forum filed extensive comments with the US Department of Health and Human Services about its proposed changes regarding the rules governing human subject medical research. In the comments, WPF noted that the HHS approach to privacy for research subjects was incomplete and did not use all Fair Information Practices. WPF strongly urged HHS to revise its proposal on a number of issues, including consent and the use of biospecimens in research. The World Privacy Forum is urging HHS to acknowledge that the realm of health data that is truly non-identifiable has shrunken remarkably, for example, biospecimens with DNA cannot be considered non-identifiable anymore. “In our comments, we are requesting that HHS give individuals the opportunity to make choices about the use of their own health data and specimens,” said Executive director Pam Dixon. WPF also stated in its comments that “A central database with identifiable information about participants in human subjects research is a terrible idea.” (See p. 21 of WPF comments.)
Self-regulation — The World Privacy Forum has published a report on past self-regulatory efforts in the area of privacy, Many Failures: A brief history of privacy self-regulation. “Privacy self-regulation has been a Potemkin Village of consumer protection,” says executive director Pam Dixon. “History shows a pattern of past self-regulatory efforts that have been erected quickly and have faded after regulatory threats fade.” The report is authored by Robert Gellman and Pam Dixon. It includes details about programs such as the IRSG, the Privacy Leadership Initiative, the Privacy Alliance, and other programs. A key finding of this report is that the majority of the industry self-regulatory programs that were initiated failed in one or more substantive ways, and many disappeared entirely.