1 / 12

CABA Forum: Privacy and Trust Wednesday, April 2, 2014 Washington DC

CONNECTED HOME TRACK - HOW WILL ORGANIZATIONS MEET CONSUMER DEMANDS FOR PRIVACY AND TRUST?. CABA Forum: Privacy and Trust Wednesday, April 2, 2014 Washington DC. Session Overview.

lotte
Télécharger la présentation

CABA Forum: Privacy and Trust Wednesday, April 2, 2014 Washington DC

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CONNECTED HOME TRACK - HOW WILL ORGANIZATIONS MEET CONSUMER DEMANDS FOR PRIVACY AND TRUST? CABA Forum: Privacy and Trust Wednesday, April 2, 2014 Washington DC

  2. Session Overview Learn from industry leaders what action organizations should take when it comes to consumer privacy and trust. Organizations that understand the real and perceived consumer concerns over cybersecurity will be better positioned to develop the right products and services. Hear about strategies to deal with negative media and publicity. Most importantly attendees will learn about developing the right messaging and marketing to increase consumer trust and sales.

  3. Panel Moderator: Michelle Chibba, Director, Policy and Special Projects, Office of the Information and Privacy Commissioner of Ontario Canada (IPC) – Panelists: Sumanth Channabasappa, Director of Innovation, Network Technologies Team, CableLabs Jonathan Cluts, Director of the Consumer Prototyping and Strategy Team, Microsoft Christopher Martin, Senior Manager, Bosch Charles McParland, Computer Scientist, Lawrence Berkeley National Lab

  4. Privacy 101 • Information privacy refers to the right or ability of individuals to exercise control over the collection, use and disclosure by others of their personal information • Personally-identifiable information (“PII”) can be biographical, biological, genealogical, historical, transactional, locational, relational, computational, vocational or reputational, and is the stuff that makes up our modern identity • Privacy is contextual • Where there is no reasonable possibility of identifying a specific individual, either directly, indirectly, through manipulation or linkage of information, there is no privacy issue.

  5. Privacy requires SecuritybutSecurity ≠ Privacy

  6. Data Assets = Data Risks and LiabilitiesThreats to Privacy. misuse of data. function creep. unauthorized data linkage. false positives. inaccurate data. unauthorized disclosure

  7. Privacy in an Interconnected Home The Supreme Court has repeatedly held that people have heightened privacy interests in what happens within their home—even over information that is technologically observable by others. We have “Peeping Tom” laws for the same reason—just because someone has a means to watch what you’re doing in the home doesn’t mean they should. Smart devices have the potential to do amazing things for consumers—smart, automated cars cannot get here fast enough—but it’s paternalistic to assert that those smart devices must be allowed to secretly surveil consumers without understanding them or contrary to their wishes. Justin Brookman, Director of Consumer Privacy, Center for Democracy & Technology (CDT) (in IAPP Newsletter, November 2013.)

  8. Smart TVs The key problem was "incompetence“ -- "Somebody thought it was a good idea to build these TVs with all these features and nobody ever said 'maybe we need some security people on the design team to make sure we don’t have a problem', much less 'maybe all this data flowing from the TV to us constitutes a massive violation of our customers’ privacy that will land us in legal hot water'. The deep issue here is that it’s relatively easy to build something that works, but it’s significantly harder to build something that’s secure and respects privacy.“ Dan Wallach, Princeton University Centre for Information Technology Policy (The Guardian, November 2013)

  9. Personal information must be managed responsibly. When it is not, accountability is undermined and confidence/trust in the enterprise is eroded. • 43% do not trust companies with their personal information • 89% avoid doing business with companies where they have privacy concerns • 94% of U.S. consumers want control over who can collect their personal information and who can track them online Source: 2013 U.S. Consumer Privacy Confidence Privacy Report, Truste

  10. The Golden RulesFair Information Practices • Why are you asking? - Collection, purpose specification • How will the information be used? - Primary purpose, use limitation • Any additional secondary uses? - Notice and consent, prohibition against unauthorized disclosure • Who will be able to see my information? - Restricted access from unauthorized third parties FTC Privacy Framework: 3 Pillars • Privacy by Design • Simplified Consumer Choice • Transparency

  11. Resources • Guidelines for Security Considerations that applies in general to architecture http://www.ietf.org/rfc/rfc3552.txt • Privacy Considerations for Internet Protocols http://tools.ietf.org/html/rfc6973 • CableLabsSMA Specification, now archived, as an example http://cablelabs.com/specification/packetcable-security-monitoring-and-automation-signaling-specification/ • FTC. Protecting Consumer Privacy in an Era of Rapid Change (http://www.ftc.gov/sites/default/files/documents/reports/federal-trade-commission-report-protecting-consumer-privacy-era-rapid-change-recommendations/120326privacyreport.pdf ) • PbDprinciples (7 Foundational Principles of Privacy by Design ) • PbD: Achieving the Gold Standard in Data Protection for the Smart Grid (http://www.ipc.on.ca/images/Resources/achieve-goldstnd.pdf) • Security by Design: An Enterprise Architecture Approach (http://www.ipc.on.ca/images/Resources/pbd-privacy-and-security-by-design-oracle.pdf)

  12. Resources (cont’d) • Building Privacy into Mobile location analytics (MLA) Through Privacy by Design (http://www.ipc.on.ca/images/Resources/pbd-mla.pdf) • Sensors and In-home Collectionof Health Data http://www.ipc.on.ca/images/Resources/pbd-sensor-in-home.pdf • Wi-Fi Positioning Systems: Beware of Unintended Consequences (http://www.ipc.on.ca/images/Resources/wi-fi.pdf) • Mobile Near Field Communications (NFC) “Tap ‘n Go Keep it Secure and Private (http://www.ipc.on.ca/English/Resources/Discussion-Papers/Discussion-Papers-Summary/?id=1136) • Wireless communications fact sheet (http://www.ipc.on.ca/English/Resources/Educational-Material/Educational-Material-Summary/?id=645)

More Related