Happy new year ¡ ¡

Chapell Associates

Chapell Associates is a consult firm on privacy and data collection. Chapell & Associates is headed by Alan Chapell. In 1997, Mr. Chapell founded the privacy program at Jupiter Research, an Internet research firm focusing on the consumer Internet economy. During his 4-1/2 years at Jupiter, Mr. Chapell also directed Jupiter's marketing, sales and compliance operations.

Services:

Compliance Services: Risk Assessment - Development of Privacy and Data Disclosure Policies - Implementation and Training - Data Warehousing and Database Design

Consumer Research

and

(and I think this is the most interesting)
Privacy Marketing - Research has demonstrated that the development of a robust privacy program creates significant opportunities. Organizations leverage privacy as a way to build customer trust, to support the collection of better customer data, and to market more effectively. Good privacy practices can lead to new revenue sources, particularly for organizations that posses, or seek to posses a well-known and respected brand. We develop privacy practices that increase ROI.

They have their own blog: http://www.chapellassociates.com/blog.htm

And papers and articles by Chapell & Scarborough

And Mr. Chapell will be the next guest at KUCI (Privacy Piracy) Next Wednesday (January 4th)

Privacy Piracy

KUCI is my favorite radio station. KUCI is brought to you by the University of California, Irvine

And there is program Privacy Piracy:

Every WEDNESDAY afternoon from 5-6 PM LIVE, Pacific Time on 88.9 FM in Irvine and WORLDWIDE live audio streaming at www.kuci.org

Privacy Piracy is a program by Mari Frank, who is attorney and privacy consultant, is the creator of The Identity Theft Survival Kit, the audiocassette series Identity Theft Prevention and Survival, co-author of Privacy Piracy.

In her website you can listen interviews with a lot of privacy gurus: Ponemon, Solove, Sullivan, Colleman.

This is our radio ¡¡ ¡ ¡

European Parliament approves communications data retention

Privacy International analyzes the Directive on communications data retention

" The European Parliament voted today to adopt a new directive allowing for the retention of data "generated by telephony, SMS and internet, but not the content of the information communicated". This data includes email addresses and location data from cell phones. The directive is highly controversial due to the impact it will have on the privacy of European Union citizens.

Also of concern is the broad discretion that is left to EU member states. For example, data may be accessed for the purposes of combatting serious crime and terrorism, but no concrete definition of these concepts has been provided, allowing member states to transpose their own definitions on the provisions of the Directive. In addition, the length of time that a telecommunications company has to retain the data is left relatively undefined - from a minimum of 6 months to a maximum of 24 months - and member states may extend these time frames. Already several countries have indicated intentions to. "

Full report at Privacy International.

LINKS:

Privacy International Data Retention

Data Retention Petition Campaign

Data Retention Directive

European Parliament

USA Patriot Act

Spy powers: Extending, improving Patriot Act is the right goal

A Lansing State Journal editorial

"Congress has roughly another month to thoughtfully debate the USA Patriot Act; what it should keep to bolster the nation's security, and those provisions it should discard because they are a threat to civil liberties.

Late last week Congress agreed to extend the act until Feb. 3, and the White House has reluctantly agreed to the extension.

This temporary extension is a reasonable alternative to President Bush's preference: enshrining the entire act permanently in federal law.

Republican congressional leaders fought hard for the president's position, but an unlikely coalition of senators amassed a filibuster attempt, and Republican leaders relented. Now, perhaps, there can be a full and needed airing of the Patriot Act's strengths and weaknesses.
Earlier last week, the White House said it had prevented Senate Democrats from "killing the Patriot Act." That's inaccurate on at least two counts."

(Full editorial at Lansing State Journal)

Links:

EPIC:
Congress Enacts One-Month Patriot Act ExtensionFollowing widespread public debate, intense negotiation, and political maneuvering, the Congress has extended the Patriot Act until February 3, 2006. More information about the Patriot Act can be found at EPIC's FISA page, Patriot Act page, Patriot Act Sunset page, and Patriot Act FOIA page. (Dec. 23)

Daily Herald: In our View: Continue reviews of Patriot Act

El Diario (New York): Spying and the Patriot Act

Merry Xmas Joyeux Nöel Feliz Navidad

Merry Xmas ¡ ¡ ¡ ¡

Czech Republic

Czech Republic

Status of implementation of Directive 95/46 on the Protection of Individuals with regard to the Processing of Personal Data:

Consolidated version of the Personal Data Protection Act Act 101 of April 4, 2000 on the Protection of Personal Data and on Amendment to Some Acts.


Sensitive data in general
Position No. 2/2001 – The processing of trade-union membership sensitive personal data, October 2001

Position No. 5/2004 – The amount of paid trade-union dues as an income tax deductible, May 2004

Health data
Position No. 1/2000 – Medical records on patients, December 2000

Position No. 1/2002 – Personal data processing in the context of health care provision, August 2002

Position No. 3/2004 – Personal data processing in the context of clinical testing of drugs, January 2004

Administration and public registers
Position No. 4/2004 – Interpretation of application of a part of the Register of Population Act (on birth numbers), July 2004

Position No. 2/2004 – The access to personal data from municipal and regional bodies agenda, January 2004

Household & social activities, consumer rights
Position No. 2/2002 – Personal data processing in connection with library work, August 2002

Position No. 1/2004 – Identity checks at the entrance of a building, January 2004

Position No. 6/2004 – Copying of identity papers in the light of the PDP Act, November 2004

Credit reporting, finance and insurance

Position No. 1/2001 – Publication of the names of debtors, April 2001

Position No. 1/2005 – Activities of insurance intermediaries and the notification/registration obligation, May 2005


LINKS:

www.uoou.cz

Belgium

Today we begin a special editon of Policy Papers on Data Protection in Europe, the first one:

Belgium



Administration and public registers
Avis N°42/1997 Diffusion des décisions juridictionnelles par le recours aux technologies de l'information et de la communication, 23.12.1997

Household & social activities, consumer rights
Avis N°9/2005 sur un encadrement des listes noires, 15.06.2005

Credit reporting, finance and insurance
Note : les droits des personnes fichées à la centrale des crédits aux particuliers de la Banque Nationale (B.N.B.), 31.08.2003

Direct marketing
Note : marketing direct et protection des données personnelles, 24.03.2003
Avis N°34/2000 d'initiative relatif à la protection de la vie privée dans le cadre du commerce électronique, 22.11.2000

Telephone directories
Recommandation N° 01/1999 Utilisation des données conntenues dans les annuaires téléphoniques, 23.06.1999

Video surveillance
Avis d'initiative N°34/1999 relatif aux traitements d'images effectués en particulier par le biais de systèmes de vidéo-surveillance, 13.12.1999

LINKS:

Commission de la protection de la vie privée
Rue Haute, 139
B - 1000 BRUXELLES
Tel 32/2/542.72.00 Fax. 32/2/542.72.01 or 542.72.12
e-mail: commission@privacy.fgov.be
website

Research:

Facultés universitaires Notre-Dame de la Paix
CRID (Centre de Recherches Informatique et Droit)

Katholieke Universiteit Leuven
Interdisciplinary Centre for Law & Information Technology (ICRI)

Vrije Universiteit Brussel
Center for LAW, SCIENCE,TECHNOLOGY & SOCIETY STUDIES

Economic Evaluation of the Data Protection Directive

This report Economic Evaluation of the Data Protection Directive 95/46/EC, has been commissioned by the European Commission, Internal Market Directorate-General and prepared by RAMBOLL Management. The objective of this report is to measure the economic impact of the Directive on data controllers and to examine its cost effectiveness and efficiency by assessing the implementation and transposition process and analysing the direct costs of the directive.


"The case studies show that the costs of compliance with the national legislation implementing the Directive are limited for the sectors examined. Most companies, except the multinational companies (CSC and Benetton Italy) and large public institutions (customs authorities), experience modest costs. In addition the costs on multinational companies and large administrations are minor related to the size and turnover of these organisations."

Touch-screen voting machines

Image Source: Diebold website www.diebold.com

The Beacon Journal writes about touch-screen voting machines, a device manufactured by Diebold Inc.

"Voters have told election officials they are concerned others can see the choices being made on new touch-screen voting machines.

The privacy concerns about the machines in wide use across the United States can be resolved with common sense approaches like careful placement of the machines, the manufacturer and Ohio's top election official said Monday"

Full article at: The Beacon Journal


ABOUT Diebold, Incorporated is a global leader in providing integrated self-service delivery systems and services. Founded in 1859, the company employs more than 14,000 associates with representation in nearly 90 countries worldwide and headquarters in Canton, Ohio, USA. Diebold reported revenue of US$2.4 billion in 2004 and is publicly traded on the New York Stock Exchange under the symbol 'DBD.'

Worker Privacy: You Have None

Photo by artyfarty at Flickr.com

Wired publishs this article by Joanna Glasner Worker Privacy: You Have None

"If you have internet access at work, there's a very good chance your employer has a system in place to monitor your online activities.

So, if you're concerned about privacy, take heed. Under current U.S. law, there's little you can do to protect the confidentiality of your internet use on the job. Here's a rundown of the rights you don't have at work.

Notice of monitoring: Only two states (Connecticut and Delaware) require that employers inform workers if they are monitoring online activity, according to Jeremy Gruber, legal director, the National Workrights Institute. Federal legislation requiring such disclosure has been proposed but not enacted.

That said, most employers do provide notice to employees if they track workplace web use. In an employer survey conducted this year by the American Management Association and the ePolicy Institute, 89 percent of respondents said they notify employees if their web usage is being tracked.

Privacy outside the office: More workers are telecommuting these days, often using laptops and other portable devices provided by their employer. But leaving the office doesn't guarantee freedom from internet surveillance..."

Full article at Wired.com

Privacy Enhanced Linking

There is a new publication by Latanya Sweeney

Privacy-Enhanced Linking

Citation: L. Sweeney. Privacy-Enhanced Linking. Accepted December 2005. Earlier version available as Carnegie Mellon University, School of Computer Science Technical Report CMU-ISRI-05-136. Pittsburgh: November 2005. (PDF)

Abstract

While computer scientists are uniquely situated to incorporate privacy protections in the link analysis algorithms they construct, most computer scientists are unaware of this opportunity and of ways to think about achieving needed protections. The work presented in this writing introduces a new way for computer scientists to think about providing privacy protection within link analysis and introduces the notion of “privacy-enhanced linking” as algorithms that perform link analysis with guarantees of privacy protection modeled after the Fair Information Practices. In this approach, privacy protection is realized by assessing the validity and interpretation of link analysis results such that inappropriate harm to individuals is provably minimized.

Building Trust

In general, trust refers to an aspect of a relationship between two parties, by which a given situation is mutually understood, and commitments are made toward actions in favor of a desired outcome. In contrast with hope, trust is almost strictly interpersonal. In contrast with faith, trust is almost always considered a subordinate material form whereas "faith" is typically reserved for a "higher power" — God, etc.

The term trust also has other meanings in several different fields:

Contents

1 Sociology
2 Property law
3 Economic history
4 Finance
5 Computer science
6 Music

This book: Building Trust: How to Get It! How to Keep It! by Hyler Bracey, explain how to build it.

Xbox 360 & Privacy

Voila this is the new Xbox 360 by Microsoft. And as you can play online you have to be carefoul with your privacy.

Two websites where you can read more about it:

Gamespot:

"Privacy is always a concern when you're online, but the Xbox 360 lets you specify a variety of settings to make sure you only interact with the people you want to interact with."

Hexus.gaming:

"Now no doubt Microsoft has this totally covered in its Terms and Conditions that you have to agree to when you sign up for an Xbox LIVE account, but did you know just how much information Microsoft shares with other Xbox 360 owners about what you’re doing? Simply put, anyone you’ve been in contact with through Xbox LIVE can subsequently see what you’re up to, regardless of whether they’re in your friends list or not. "
Full article at: Hexus.gaming

The Face Book

From the Social Software Weblog

Thefacebook.com, which resembles the website Friendster, enables users to upload photographs, personal information and their course lists. Members can create networks by looking up other users and inviting them to be friends.

After a friendship is confirmed, users are electronically linked to each other from their profile pages. The website also allows users to graphically visualize how their friends are connected in an intricate web.

...Teaching Assistant in Germanic Languages and Literatures Geraldine A. Grimm, one of the teachers who signed up for the website, said much of the faculty is prejudiced against the site… “After checking out the site, I was impressed by the all-inclusive nature of a Friendster-style Harvard site that brings undergrads, grads, alums, faculty and staff together,” she wrote.


From the mac weekly

Privacy issues confront the rapidly expanding collegiate online networkBrian MartucciStaff Writer
Launched in February 2004 by three Harvard roommates (who dropped out of school to run the site after it became popular), Facebook was '"initially a small project that we imagined Harvard students would enjoy,"' a company spokesperson said in the British newspaper The Guardian. "[It] really works as an information directory and not just as a site you go to when you're bored or need entertainment."

Full article at The Mac Weekly

Venky Shankar

Venkatesh (Venky) Shankar is Professor of Marketing and Coleman Chair in Marketing at the Mays Business School, Texas A&M University. He was a visiting scholar at the Sloan School of Management, MIT. His areas of specialization include Digital Business, Competitive Strategy, International Marketing, Pricing, Retailing, New Product Development, and Biotechnology.

He has different papers about Trust & Privacy:

Online Trust: A Stakeholder Perspective, Concepts, Implications, and Future Directions

Price Levels and Price Dispersion on the Internet