Location Based Services and the e-Privacy directive

FROM EUROPEAN COMMISSION WEBSITE

Location-based services have developed a lot in the recent past. In 2002, the e-privacy Directive 2002/58/EC established for the first time specific rules to be followed for the processing of location data. These rules, together with the general data protection directive 95/46/EC, have been transposed in most Member States. The workshop aims to investigate – together with industry, data protection authorities and consumer associations – the current practices and legal challenges that operators and users are confronted with when offering or using location-based services.

For the proposed agenda click here.

The issue paper can be found here.

The presentations can be found here.

Data Protection and Privacy Officer - Hutchison 3G UK Limited.

Location-based Services, privacy challenges - LBS and e-Privacy Directive - DG INFSO

Location-based services and the e-privacy Directive 2002/58/EC Mathias MOULIN – Legal advisor - French Data Protection Authority - CNIL

Location-based services - Telefónica Móviles España, Dirección General de Asesoría Jurídica y Secretaría General, G. Derecho de la Nueva Economía

Privacy statement - Personal data gathered in the course of this workshop will be processed according to applicable legislation on data protection. For further details click here.

Data Mining & Privacy

Every time more and more data are analyzed, for security against terrorism, marketing.

Accenture published in Outlook Journal this article by Michael Kuhn, Iain D. Lopata and Greg B. Todd in June 2005. FROM DATA TO DECISION.

"High performance requires more than data acquisition and control. Organizations need a more comprehensive approach to business intelligence that enables them to create value from data by providing timely, reliable and relevant information for making strategic, managerial and operational decisions at all levels"

And about Data Mining & Privacy SF Gate publishs this article Data Mining Found to Flunk Privacy Rules By MICHAEL J. SNIFFEN, Associated Press Writer.

"None of five federal agencies using electronic data mining to track terrorists, catch criminals or prevent fraud complied with all rules for gathering citizen information. As a result, they cannot ensure that individual privacy rights are appropriately protected, congressional investigators said Monday.

The agencies' lapses either "increased the risk that personal information could be improperly exposed or altered" or "limited the ability of the public — including those individuals whose information was used — to participate in the management of that personal information," the Government Accountability Office said.

A study by the GAO, Congress' investigating arm, sampled five of the dozens of federal agencies that use computerized data analysis: the Agriculture Department, FBI, Internal Revenue Service, Small Business Administration and State Department. It evaluated how one data mining activity in each agency complied with the Privacy Act, federal information security laws and government directives."

Full article at SF Gate

8th annual Global Information Security Survey

Article published in Business Wire August 29, 2005

8th annual Global Information Security Survey by InformationWeek Magazine and Accenture.

At the same time, the U.S. Information Security Survey uncovered indications that companies and organizations are failing to provide rigorous protection of customer and client data. The survey, which was conducted over the Web this summer, received responses from more than 2,500 U.S. information technology and security professionals.

Highlights:

-- Compliance is reshaping corporate security practices.
-- Security attacks are becoming increasingly more sophisticated, yet basic passwords continue to be the most common line of defense.
-- Security breaches are increasingly coming from within, forcing companies to keep tabs on their employees.
-- Vulnerabilities in operating systems and applications - including the use of instant messaging - continue to be common points of entry.
-- Concern continues to grow over privacy and identity theft, yet organizations are failing to provide rigorous protection of customer data.

"Companies are taking a more structured approach to information security and making it more of a priority," said Alastair MacWillson, partner in charge of Accenture's security practice. "Many companies are beginning to see the benefits in leveraging new technologies to proactively assess and manage threats and vulnerabilities, and are consolidating, integrating and securing applications to improve integrity and productivity."

Read the full article at Business Wire

México: Urgen aprobar la ley de datos personales

Urgen a aprobar ley de datos personales

Coinciden legisladores, académicos y funcionarios durante el Foro “Protección de Datos Personales”, organizado por el Congreso de la Unión y la Universidad La Salle, en que hace falta legislar al respecto.

Artículo publicado por Lilia Saúl en El Universal online. Ciudad de México. Martes 23 de agosto de 2005

Legisladores, académicos, funcionarios del gobierno federal, así como el Instituto Federal de Acceso a la Información (IFAI) coincidieron en la urgencia de aprobar una ley federal de datos personales.

Aunque todos coinciden en que deben protegerse los datos de los ciudadanos para privilegiar su privacidad e individualidad, el Banco de México, en voz de Alejandro Díaz de León Carrillo considera que existe la posibilidad de abrir estos datos a las sociedades de información de manera regulada.

Durante el Foro “Protección de Datos Personales” organizado por el Congreso de la Unión y la Universidad La Salle, Antonio García Torres, senador del PRI, dijo que urge la aprobación de esta ley.

El legislador precisó que existe un gran mercado negro que comercia con los datos personales y no existe una cifra, dijo, de a cuánto ascienden los ingresos de estas empresas.

Por su parte, María Marván Laborde, comisionada presidenta del IFAI, enfatizó que hay una necesidad imperiosa de regular los datos, “pero sin perder de vista que se busca la protección del individuo”.

Artículo completo en El Universal Online

Principles of privacy in hospitality industry

“Principles of Privacy” is a document written by Mark Haley and developed by the Technology Committee of the American Hotel & Lodging Association with a grant from the American Hotel & Lodging Educational Foundation.

There is a article available at Hotel Interactive.

PRINCIPLES OF PRIVACY
PRINCIPLES OF PRIVACY PART 2


"Protecting guest privacy means hoteliers have to set thorough and specific policies and guidelines. Here is a list of suggestions from the American Hotel & Lodging Association to help hotels define and implement sound privacy practices.
Hotel Operations Policy Elements

At registration, write down room number assignments and hand to guests across the front desk. Do not speak the number aloud.
Many experts advise requiring a photo ID issued by a government agency in order to register. Some hotels photocopy the ID, which then puts a burden on the hotel to secure and destroy the copy.
Enforce strict policies against giving out room numbers over the telephone or front desk.
Give new or duplicate keys only to registered guests who can show ID. Define a policy for guests lacking ID at the moment: Can they produce ID if admitted to the room by hotel personnel? Can they verify their address and form of payment as shown in the property management system?
Minimize the use of guest names and room numbers in radio or telephone conversations.
Do not show guest names on reports given out for newspaper drops.
Do not allow third parties to do amenity drops, bag pulls or other activities on guestroom floors.
Train room attendants to keep room assignment sheets in their pockets rather than on their carts, especially if names appear on the report.
Ensure that Expected Departure folios delivered to guest rooms the night before checkout are slid completely underneath doors all the way into the guestroom and cannot be pulled back into the corridor.
Secure express check-in or video check-out buckets so that names are not visible across the desk.
Secure reports in the back office that show guest information, especially"

FULL ARTICLE AT HOTEL INTERACTIVE
COMPLET DOCUMENT AVAILABLE AT AHLA. MEMBER 10 $ / NON MEMBER 20 $