New Controls Needed to Improve Privacy

WASHINGTON, D.C.– As the speed of technological innovation has continued to increase in recent years, it has completely outpaced the ability of companies, consumers and regulators to keep up with the ways in which those changes affect online privacy, experts say, and in order to make real improvements in the way that sensitive data is handled, all of the concerned parties will need to change the way they think about privacy.

WASHINGTON, D.C.– As the speed of technological innovation has continued to increase in recent years, it has completely outpaced the ability of companies, consumers and regulators to keep up with the ways in which those changes affect online privacy, experts say, and in order to make real improvements in the way that sensitive data is handled, all of the concerned parties will need to change the way they think about privacy.

For much of the Internet era, privacy has generally been defined and discussed in terms of helping users protect their personally identifiable information and prevent advertisers and others from using that data in unwanted ways. But that model is outdated and of little use in today’s environment, and it needs to be pushed aside in favor of a more considered approach, according to two panelists speaking at the Gov 2.0 Summit here Wednesday.

In a discussion of the current state of privacy regulation and policy and what can be done to improve it, Loretta Garrison of the Federal Trade Commission and Dorothy Atwood, chief privacy officer at AT&T, both stressed the need for more intelligent thinking and discussion of privacy issues, especially as they relate to individual privacy.

“We do need to step back and look much more broadly at privacy and regulation and what this means. There’s no such thing really as anonymity on the Web,” Garrison said. “It’s very clear there are so many digital trails and bits of information that can be assembled and used to create new profiles of consumers. There’s no agreement on what comprises sensitive information, where you draw the line. There are no rules of the road. The technology has outpaced the policymaking.

“Our reliance on notice in the past, it’s been demonstrated that you can’t expect consumers to read [privacy] notices, understand what’s going on and make informed decisions. We need a better balance between what the technology can do and what consumers expect,” she said.

Atwood agreed, saying that AT&T is thinking along the same lines and is interested in finding ways for customers to have more control over their own data and personal information. That’s a tall order, however, given how much data is gathered, stored and analyzed every which from Sunday by thousands of companies each day.

“We used to think about how to help people keep information closed. But we’ve learned that we need to help them share it on their own terms,” Atwood said. “We need to give them tools to share it and a way to control that. We don’t quite know what that means yet. We need innovation around tools. It’s a difficult task to stop the bad guys and still allow innovation.”

Part of what that might mean for users in practical terms is more of a say in the ways in which their data is used and visibility into what companies are doing with it, how they’re collecting it and what the implications are. One model could involve a third party that informs various companies that a person interacts with how that person wants her data used and stored.

“We think a lot about how to make this more usable for customers. We want to functionalize privacy controls so that you can see what’s happening to your data as it’s happening,” Atwood said. “What we need to do more of is be more useful and focus on interoperability so that consumers don’t have to tell AT&T and Google and Facebook how they want to be treated. We have to think about how we get there and who, then, the customer would be trusting in order to get there. It wouldn’t have to be one person or entity.”

In the short term, the FTC’s Garrison said she’d like to see consumers have more information to make better decisions.

“Right now, consumers don’t really understand what’s going on, and that’s an issue that needs to be addressed,” she said. “They sort of know they’re being tracked, but they don’t know how. Individuals don’t have leveraging power with companies. If they don’t want to be tracked, they should be able to say no.”

 

Suggested articles

Discussion

  • Anonymous on

    <pre>

    I am supprised there isn't more posts on this, is it that we just give up, and accept that our oath breakin government officials will eventually arrest us for being a terrorist, even though we have done nothing different in the past 12 years.  The only thing which changed in the past 12 years is the government becoming completely out of control, ignoring the Constitution / Bill of Rights and now.. beginning to make terrorists out of otherwise law abiding citizens.

    Privacy is gone. Period. It left the room the moment the undeclared war on terror lured the first official to break his oath of office, and allow spying on everything.

    Even if you locked up in prison for life, all the oath breakers who caused it, and tore all the FIOS splitters out, you still couldn't undo the damage done.  And you'll never expose corrupt here either since it's all nicely wrapped in "State Secrets" which doesn't have any public oversight.

    Of course your talking about Commercial spying not government spying.  For this I would leave you to research Fravia (RIP) and his blesed searchlores.org , He was most adept at this, and yet even He was beaten by the forces in motion.

    Commercial spying leads to things like some guy with some kind of AT&T linebadge and an electronic clipboard hassling the F out of you at your front door, trying to dig for information--ultimately to sell an AT&T plan.  I wouldn't have a problem with the social engineering part, except they BUILD on what they know, and as was pubically anounced a couple years ago, AT&T said they may cut off anyone who talks about them in a bad light.   So you have terror by spying and data collection (which may be truth or lies which may have more implications) and you have chilled speech via a nazi styled TOS / AUP.

    The other angle here is Commercial now is Government when Contracted.. (contracts lead to debt, and a whole parallel pandora's box)

    The problem here isn't the need to improve Privacy, for citizens as it is for citizens to obtain a way to remain secret. While at the same time if your looking at the government angle, the "state secrets" need citizen (not law enforcement, and not elected officials, and not contractors) oversight to prevent corruption.

     

    Privacy is dead, so that people can be killed when they become an enemy target.

    Privacy is dead, so that citizens can't profit.  (espionage)

    Privacy is dead, so that corproations can profit off citizens pain and suffering. (attack health suppliments so big pharma can medicate everyone in perpetual sickness and chronic pain)

    There is one way to regain privacy, and there's a way to undo the theft of privacy,  there's even a way to put an end to people abusing physics and electronics, but it's unpopular, it's called DESTRUCTION.

     

    (now I am sure this box has grunged my text up so nobody wants to read it) 

     

    </pre>

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.