Lesson beginning: March 23, 1999 - 12:00:00 AM (midnight Monday)Jump to: lessons | readings | events |
2. Who's Watching the Watchers?: Privacy Standards
We began last week by considering the nature of privacy itself and discussing some of the privacy concerns raised by the availability of information on the Internet.
This week, we will look at how industry groups are addressing these concerns by developing both privacy policies and technological solutions. Consider whether these standards might make it easier for users to protect themselves without having to investigate the privacy policies and technical specifications of every individual web site they visit. Or are standards, like individual privacy policies and techniques, useless if they are not backed up by clear legal enforcement?
Please take the time to go over the readings and react to them in your discussion groups.
- INTERNET PRIVACY: A PUBLIC CONCERN, Lorrie Faith Cranor
For a useful overview of this week's topic, here is a concise article by the Co-chair of the World Wide Web Consortium's P3P Interest Group.
- Fair Information Practice Principles
Both industry groups and government regulators have outlined seven basic Fair Information Practice Principles. As you go over them, query whether the websites that you frequent have privacy policies that incorporate these principles.
- Privacy Online: A Report to Congress, Federal Trade Commission, June 1998
The Commission examined the practices of commercial sites on the World Wide Web. The Commission's survey of over 1,400 Web sites led it to conclude, among other things, that industry's efforts to encourage voluntary adoption of the most basic fair information practice principle -- notice -- have fallen far short of what is needed to protect consumers.
If you don't have time to peruse the reading at length, make sure you at least read the executive summary.
- Competing privacy standards are proposed, The Associated Press
- P3P in a Nutshell, Joseph Reagle and Lorrie Faith Cranor
P3P is a developing specification that allows end-users to select privacy preferences about the type and amount of data they want to share with web site operators. Sites whose privacy practices fall within the range of a user's preference will be accessed "seamlessly"; otherwise users will be notified of a site's practices and have the opportunity to either agree to those terms or
continue browsing elsewhere.
- Euro Commission Plays Down Opinion on Privacy Standards, Elizabeth de Bony
The European Union has voiced concerns about the compatibility of P3P with the EU's data protection directive.
- Proposed Standards Fail to Please Advocates of Online Privacy, Jeri Clausing
This article shows what some of the critics of P3P have to say. One feels that the only way to protect consumers is through strong privacy laws like the European Union directive.
The TRUSTe program hinges on the trustmark, an online branded symbol that signifies a web site has made a commitment to disclose its privacy practices. A click on the trustmark will bring up the site's privacy statement. To ensure that privacy principles and disclosed practices are met, the program is backed by a multi-faceted assurance process. Two similar programs include BBBOnline (www.bbbonline.org) and PNI (www.privacyrights.org).
- Privacy Watchdog Declines to Pursue Microsoft, a Backer, Jeri Clausing
New York Times, March 23
- Abstract: TRUSTe, a third-party provider of "privacy seals of approval" for the web, rebuked Microsoft but did not audit the company for its use of a Global User Identification number.
- Other: Lesson Two Hypothetical
- Start: March 22, 1999 - 12:00:00 AM (midnight Sunday),
End: March 29, 1999 - 12:00:00 AM (midnight Sunday)