Presentation is loading. Please wait.

Presentation is loading. Please wait.

Author(s): Don M. Blumenthal, 2010 License: Unless otherwise noted, this material is made available under the terms of the Attribution – Non-commercial.

Published byCameron Stokes Modified over 9 years ago

Similar presentations

Presentation on theme: "Author(s): Don M. Blumenthal, 2010 License: Unless otherwise noted, this material is made available under the terms of the Attribution – Non-commercial."— Presentation transcript:

1 Author(s): Don M. Blumenthal, 2010 License: Unless otherwise noted, this material is made available under the terms of the Attribution – Non-commercial – Share Alike 3.0 license http://creativecommons.org/licenses/by-nc-sa/3.0/ We have reviewed this material in accordance with U.S. Copyright Law and have tried to maximize your ability to use, share, and adapt it. The citation key on the following slide provides information about how you may share and adapt this material. Copyright holders of content included in this material should contact open.michigan@umich.edu with any questions, corrections, or clarification regarding the use of content. For more information about how to cite these materials visit http://open.umich.edu/education/about/terms-of-use. Any medical information in this material is intended to inform and educate and is not a tool for self-diagnosis or a replacement for medical evaluation, advice, diagnosis or treatment by a healthcare professional. Please speak to your physician if you have questions about your medical condition. Viewer discretion is advised: Some medical content is graphic and may not be suitable for all viewers.

2 Citation Key for more information see: http://open.umich.edu/wiki/CitationPolicy Use + Share + Adapt Make Your Own Assessment Creative Commons – Attribution License Creative Commons – Attribution Share Alike License Creative Commons – Attribution Noncommercial License Creative Commons – Attribution Noncommercial Share Alike License GNU – Free Documentation License Creative Commons – Zero Waiver Public Domain – Ineligible: Works that are ineligible for copyright protection in the U.S. (USC 17 § 102(b)) *laws in your jurisdiction may differ Public Domain – Expired: Works that are no longer protected due to an expired copyright term. Public Domain – Government: Works that are produced by the U.S. Government. (USC 17 § 105) Public Domain – Self Dedicated: Works that a copyright holder has dedicated to the public domain. Fair Use: Use of works that is determined to be Fair consistent with the U.S. Copyright Act. (USC 17 § 107) *laws in your jurisdiction may differ Our determination DOES NOT mean that all uses of this 3rd-party content are Fair Uses and we DO NOT guarantee that your use of the content is Fair. To use this content you should do your own independent analysis to determine whether or not your use will be Fair. { Content the copyright holder, author, or law permits you to use, share and adapt. } { Content Open.Michigan believes can be used, shared, and adapted because it is ineligible for copyright. } { Content Open.Michigan has used under a Fair Use determination. }

3 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 3 Self-Regulation and Privacy 510 - Data Security and Privacy: Legal, Policy, and Enterprise Issues University of Michigan School of Information Week 7

4 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 4 New Business Roles  Chief Privacy Officer  Chief Security Officer  Actual titles vary  Can be same person in small company  May hold other jobs  CPO typically more in line of business role or came from that background; CSO in tech role

5 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 5 Privacy Programs

6 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 6 Homonyms in Privacy  Two meanings for “Privacy Policy”  Internal structures  External statements

7 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 7 Common Element  Personal information  Personally Identifiable Information (PII)  Elements of PII vary  Some can be disputed  IP number  See EU Article 29 proceedings

8 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 8 Internal Privacy Policy

9 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 9 Privacy Plan Norms  Must be consistent with  Business operations  Legal compliance framework  Management goals  Organizational culture  Systems architecture  Programs, Policies, Procedures

10 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 10 Privacy Plan Organization  Boards of Directors  Senior management  Internal management  Operational staff

11 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 11 Looking Familiar So Far?  Internal privacy policies, programs, procedures track security ppp

12 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 12 Differences  Privacy narrower; often within security  Privacy focuses more on issues surrounding specific types of information  Privacy and security may have own specific statutory definitions to consider  Statutes/regulations generally more detailed with security

13 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 13 Link Privacy and Security PPP  Avoids duplication of effort  PII does affect considerations; e.g.,  Add tracking of whether PII  Add consumer preferences

14 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 14 External Privacy Policy

15 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 15 Public Statements  Statements of protections given to personal data  Reasons  Statutory requirement  Customer service  Formats  Print  Web sites

16 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 16 Customer Service  Statements of how will treat data  No broad law requiring but must follow if posted  Changing policy may create problems

17 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 17 Consumer Issues  Readable  Understandable  Mechanism to force/encourage acknowledgment  Notice mechanism - Platform for Privacy Preferences (P3P)  Standard format  Retrieved and interpreted by browsers (IE)  Automate decisions  Avoids having to read notices at every site

18 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 18 Private Sector Programs

19 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 19 Seal Programs  To confer level of trust on the part of consumers and businesses  BBB  TRUSTe  Chamber of Commerce

20 Self-Regulation Standards  Individual seal programs  Joint effort CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 20

21 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 21 Self-Regulatory Principles for Online Behavioral Advertising, July 2009. http://www.ana.net/advocacy/getfile/15279 Developed by:  American Association of Advertising Agencies  Association of National Advertisers  Council of Better Business Bureaus  Direct Marketing Association  Interactive Advertising Bureau

22 Joint Effort  Education  Transparency  Consumer control  Data security  Material changes  Sensitive data  Accountability CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 22

23 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 23 Professional Certifications  International Association of Privacy Professionals  Certified Information Privacy Professional (CIPP)  CIPP/G – Government  /C –Canada  /IT – Information

24 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 24 Public-Private Program

25 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 25 COPPA  15 USC 6501 et seq; 16 CFR 312  Operate website or online service that gathers PII and is aimed at children or have actual notice of use by children  Prominent privacy notice with operators, kinds of info, how will use and disclose  Reasonable for activity  Parental choice and review; sliding scale  Safe Harbor

26 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 26 COPPA Safe Harbor  Industry group guidelines  Submit for FTC approval  Must track COPPA requirements  Must have enforcement mechanism  Approved organizations  Children’s Advertising Review Unit of BBB  Entertainment Safety Rating Board  TRUSTe  Privo  No actions for failure to enforce

27 CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 27 COPPA Enforcement  Ohio Art  “Get your parents’ consent” with nothing more  Hershey Foods  Form for parents but no enforcement  Xanga.com  General interest site but actual knowledge; 1.7 million accounts had birthdates showing less than 13  Imbee.com  Information gathered before parental notice and kept if parent did not respond  Sony BMG  Multiple violations related to music fan site

28 Links  http://www.youtube.com/watch?v=MxG2J3 bf1BQ http://www.youtube.com/watch?v=MxG2J3 bf1BQ  http://www.wired.com/threatlevel/2009/12/ heartland-guilty-plea/ http://www.wired.com/threatlevel/2009/12/ heartland-guilty-plea/ CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 28

29 Infosec Governance CC: BY NC SA 2010 – Don M. Blumenthal Self-Regulation and Privacy - 29 A de Veiga and J. Eliot, An Information Security Governance Framework, Information Systems Management, Fall 2007 24:361-72, p, 363

Download ppt "Author(s): Don M. Blumenthal, 2010 License: Unless otherwise noted, this material is made available under the terms of the Attribution – Non-commercial."

Similar presentations

Author(s): Don M. Blumenthal, 2010 License: Unless otherwise noted, this material is made available under the terms of the Attribution – Non-commercial.

Author(s): Don M. Blumenthal, 2010 License: Unless otherwise noted, this material is made available under the terms of the Attribution – Non-commercial.
Author(s): Paul Conway, 2008-2010. License: Unless otherwise noted, this material is made available under the terms of the Creative Commons Attribution.

Author(s): Paul Conway, License: Unless otherwise noted, this material is made available under the terms of the Creative Commons Attribution.
Author(s): Michael Hortsch, Ph.D., 2010 License: Unless otherwise noted, this material is made available under the terms of the Creative Commons Attribution.

Author(s): Michael Hortsch, Ph.D., 2010 License: Unless otherwise noted, this material is made available under the terms of the Creative Commons Attribution.
Author(s): Caroline Richardson, M.D., 2009 License: Unless otherwise noted, this material is made available under the terms of the Creative Commons Attribution–Noncommercial–Share.

Author(s): Caroline Richardson, M.D., 2009 License: Unless otherwise noted, this material is made available under the terms of the Creative Commons Attribution–Noncommercial–Share.
Author(s): Don M. Blumenthal, 2010 License: Unless otherwise noted, this material is made available under the terms of the Attribution – Non-commercial.

Author(s): Don M. Blumenthal, 2010 License: Unless otherwise noted, this material is made available under the terms of the Attribution – Non-commercial.
Author(s): John Doe, MD; Jane Doe, PhD, 2009 License: Unless otherwise noted, this material is made available under the terms of the Creative Commons Attribution.

Author(s): John Doe, MD; Jane Doe, PhD, 2009 License: Unless otherwise noted, this material is made available under the terms of the Creative Commons Attribution.
Author(s): John Doe, MD; Jane Doe, PhD, 2009 License: Unless otherwise noted, this material is made available under the terms of the Creative Commons Attribution.

Author(s): John Doe, MD; Jane Doe, PhD, 2009 License: Unless otherwise noted, this material is made available under the terms of the Creative Commons Attribution.
Templates for editing U-M OER Materials

Templates for editing U-M OER Materials
Author(s): Paul Conway, 2008-2010. License: Unless otherwise noted, this material is made available under the terms of the Creative Commons Attribution.

Author(s): Paul Conway, License: Unless otherwise noted, this material is made available under the terms of the Creative Commons Attribution.
Module: Leadership Training Workshop for Health Professionals Organization: East Africa HEALTH Alliance Author(s): Dr. Roy William Mayega, 2009-2012 Resource.

Module: Leadership Training Workshop for Health Professionals Organization: East Africa HEALTH Alliance Author(s): Dr. Roy William Mayega, Resource.
Module: Leadership Training Workshop for Health Professionals Organization: East Africa HEALTH Alliance Author(s): Prof. John T. Kakitahi, 2009-2012 Resource.

Module: Leadership Training Workshop for Health Professionals Organization: East Africa HEALTH Alliance Author(s): Prof. John T. Kakitahi, Resource.
Project: Ghana Emergency Medicine Collaborative Document Title: Open Educational Resources Author(s): University of Michigan Department of Emergency Medicine.

Project: Ghana Emergency Medicine Collaborative Document Title: Open Educational Resources Author(s): University of Michigan Department of Emergency Medicine.
Author(s): Steve Jackson, 2009 License: Unless otherwise noted, this material is made available under the terms of the Attribution - Noncommercial - Share.

Author(s): Steve Jackson, 2009 License: Unless otherwise noted, this material is made available under the terms of the Attribution - Noncommercial - Share.
We have reviewed this material in accordance with U.S. Copyright Law and have tried to maximize your ability to use, share, and adapt it. The citation.

We have reviewed this material in accordance with U.S. Copyright Law and have tried to maximize your ability to use, share, and adapt it. The citation.
Module: Public Health Disaster Planning for Districts Organization: East Africa HEALTH Alliance, 2009-2012 Author(s): Dr. Roy William Mayega (Makerere.

Module: Public Health Disaster Planning for Districts Organization: East Africa HEALTH Alliance, Author(s): Dr. Roy William Mayega (Makerere.
Author: Michael Jibson, M.D., Ph.D., 2009 License: Unless otherwise noted, this material is made available under the terms of the Creative Commons Attribution–Share.

Author: Michael Jibson, M.D., Ph.D., 2009 License: Unless otherwise noted, this material is made available under the terms of the Creative Commons Attribution–Share.
We have reviewed this material in accordance with U.S. Copyright Law and have tried to maximize your ability to use, share, and adapt it. The citation.

We have reviewed this material in accordance with U.S. Copyright Law and have tried to maximize your ability to use, share, and adapt it. The citation.
Author(s): MELO 3D Project Team, 2011 License: Unless otherwise noted, this material is made available under the terms of the Creative Commons Attribution.

Author(s): MELO 3D Project Team, 2011 License: Unless otherwise noted, this material is made available under the terms of the Creative Commons Attribution.
We have reviewed this material in accordance with U.S. Copyright Law and have tried to maximize your ability to use, share, and adapt it. The citation.

We have reviewed this material in accordance with U.S. Copyright Law and have tried to maximize your ability to use, share, and adapt it. The citation.
Author(s): MELO 3D Project Team, 2011 License: This work is licensed under the Creative Commons Attribution-ShareAlike 3.0 Unported License. To view a.

Author(s): MELO 3D Project Team, 2011 License: This work is licensed under the Creative Commons Attribution-ShareAlike 3.0 Unported License. To view a.

Similar presentations

Ads by Google