Cybersecurity

Jun 20 2008

OECD reaffirms its support for the 1980 OECD principles on privacy, or “Fair Information Practices”

OECD | Fair Information Practices — At a key meeting of the OECD on the future of the Internet economy, the OECD Secretary General Angel Gurria reaffirmed support of the 1980 OECD Privacy Principles. Also, Secretary General Angel Gurria expressed support for formalizing the participation of civil society in OECD going forward and for paying more attention to information security and identity theft problems. Secretary General Gurria noted that “A more decentralised, networked approach to policy formulation for the Internet Economy that includes the active participation of stakeholders needs to be the norm.” Many parts of the recent OECD meeting may be viewed online.

Feb 20 2008

Legal and Policy Analysis: Personal Health Records: Why Many PHRs Threaten Privacy

New publication | PHRs and privacy — The World Privacy Forum has published a new legal and policy analysis examining Personal Health Records — or PHRs — and the privacy issues associated with them. This analysis, Personal Health Records: Why Many PHRs Threaten Privacy, was prepared by Robert Gellman for the World Privacy Forum. The analysis finds that significant, serious threats to privacy exist in some PHRs.

Jun 07 2007

World Privacy Forum makes presentation at National Academy of Sciences’ Institute of Medicine

Genetic privacy — Executive director Pam Dixon presented key issues and potential solutions regarding privacy and Genome Wide Association Studies at the Institute of Medicine’s Board on Health Sciences Policy meeting. Her presentation included recommendations to engage in a comprehensive study of certificates of confidentiality, to encourage standards of identifiability, to encourage study of what more uniform standards of privacy and security for researchers might look like, and a recommendation to work toward broad solutions that extend beyond GWAS activities.

Feb 05 2007

World Privacy Forum comments about the ethical, legal, and social implications of using genetic health care data in electronic health records

Genetic Privacy — The World Privacy Forum filed public comments with the Department of Health and Human services in response to an HHS request for information regarding the use of patients’ genetic data for research, health care, and for use in electronic health records. The World Privacy Forum is requesting that HHS use all Fair Information Principles in any personalized health care projects, and is requesting that a formal ELSI (ethical, legal, and social implications) committee be set up to oversee any projects, among other requests.

Dec 15 2006

WPF comments on proposed guidance on Confidential Information Protection and Efficiency Act of 2002 (CIPSEA)

e-Government /CIPSEA — The World Privacy Forum submitted comments to the Office of Management and Budget regarding proposed guidance on Title V of the e-Government Act. The proposed guidance did not address the relationship between CIPSEA and the USA PATRIOT Act Section 215, and guidance regarding identifiability and the Privacy Act of 1974 needs to be further refined. WPF suggests that OMB consider developing a formal statistical confidentiality seal controlled by a federal agency. The purpose would be to provide an identifiable marker that would tell individuals if the information they provide will receive the highest degree of confidentiality protection available under law.

New Report: Risky Analysis: Assessing and Improving AI Governance Tools

We are pleased to announce the publication of a new WPF report, “Risky Analysis: Assessing and Improving AI Governance Tools.” This report sets out a definition of AI governance tools, documents why and how these tools are critically important for trustworthy AI, and where these tools are around the world. The report also documents problems in some AI governance tools themselves, and suggests pathways to improve AI governance tools and create an evaluative environment to measure their effectiveness. AI systems should not be deployed without simultaneously evaluating the potential adverse impacts of such systems and mitigating their risks, and most of the world agrees about the need to take precautions against the threats posed. The specific tools and techniques that exist to evaluate and measure AI systems for their inclusiveness, fairness, explainability, privacy, safety and other trustworthiness issues — called in the report collectively AI governance tools – can improve such issues. While some AI governance tools provide reassurance to the public and to regulators, the tools too often lack meaningful oversight and quality assessments. Incomplete or ineffective AI governance tools can create a false sense of confidence, cause unintended problems, and generally undermine the promise of AI systems. The report contains rich background details, use cases, potential solutions to the problems discussed in the report, and a global index of AI Governance Tools.
National IDs Around the World — Interactive map

About this Data Visualization: This interactive map displays the presence...
Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974

This comprehensive report and proposed bill text is focused on the Privacy Act of 1974, an important and early Federal privacy law that applies to the government sector and some contractors. The Privacy Act was written for the 1970s information era -- an era that was characterized by the use of mainframe computers and filing cabinets. Today's digital information era looks much different than the '70s: smart phones are smarter than the old mainframes, and documents are now routinely digitized and stored and perhaps even analyzed in the cloud, among many other changes. The report focuses on why the Privacy Act needs an update that will bring it into this century, and how that could look and work. This work was written by Robert Gellman, and informed by a two-year multi-stakeholder process.