News, Press, and Media

The conference, the first of its kind to be held in Japan, bring together the world’s leading privacy and security experts from Japan, the European Union, and the United States to discuss issues in common from a global perspective. Conference experts will share their best information, policies, practices, and ideas on how to solve the pressing privacy and security issues of today and those we willface in the future, including the impact of the economic crisis on data security and privacy.

SAN DIEGO, Ca., Sept. 24 — The World Privacy Forum’s latest report, Red Flag and Address Discrepancy Requirements: Suggestions for Health Care Providers, discusses the applicability of the new FTC regulations to the health care sector along with suggestions for providers. The report addresses newly issued regulations by the Federal Trade Commission that require financial institutions and creditors to develop and implement written identity theft prevention programs. Health care providers – whether they are for-profit, non-profit, or governmental entities – may have obligations under the new rules.

Human Subjects Research Protection (OHRP) — The World Privacy Forum filed comments today with the Office of Human Research Protection urging the office to do more to protect the privacy of people who are subjects of research. The comments urge the OHRP to focus more attention on providing privacy-specific training for boards overseeing research, which are often weak in knowledge about the breadth of privacy issues in research. The WPF also voiced its strong support for certificates of confidentiality for research involving human subjects, stating that”nearly all research that involves identifiable health data or other personal data about individuals should have a certificate of confidentiality unless a researcher can state a substantive reason why a certificate is not appropriate for the study.” OHRP will be accepting comments until Sept. 29.

Border Crossing Information System, DHS — The World Privacy Forum submitted public comments today to the Department of Homeland Security regarding its proposed Border Crossing Information System. The BCI system would set up a database of all border crossings via car, rail, air and other means, including collecting identifiable data on the activities of American citizens. Information collected includes biographical and other information such as name, date of birth, gender, a photograph, itinerary information, and the time and location of the border crossing. The WPF comments focus entirely on the proposed Routine Uses of the system. As currently written, the DHS proposal contains some Routine Uses that directly contravene the Privacy Act of 1974 and are illegal. Other Routine Uses are overbroad and vague, and still others contravene guidance from the Office of Management and Budget (OMB). One example of an overbroad Routine Use is Routine Use J, which will allow DHS to release data collected for the Border Crossing Information System for hiring decisions or contract awards. This information may be requested by Federal, state, local, tribal, foreign, or international agencies. Another Routine Use, G, impermissibly duplicates and weakens the Privacy Act’s condition of requirement for notice when information is disclosed in certain circumstances.

This conference is convened for the purpose of gaining a deepened mutual understanding of privacy and security approaches cross-culturally, with the conference providing an international forum for discussing and understanding the different concepts of privacy and security in the US, Asia, and the EU. Through sharing of current practices and ideas, the participants will explore possible bridges between what these concepts mean in different countries both now and looking to the future as well.