Tag Archives: personal data

Tim Berners-Lee: demand your data from Google and Facebook

Tim Berners-Lee, the father of the world wide web, has urged internet users to demand their personal data from online giants such as Google and Facebook to usher in a new era of highly personalised computer services “with tremendous potential to help humanity”, according to guardian.co.uk.

Berners-Lee, the British born MIT professor who invented the web three decades ago, says that while there has been an explosion of public data made available in recent years, individuals have not yet understood the value to them of the personal data held about them by different web companies.

In an interview with the Guardian, Berners-Lee said: “My computer has a great understanding of my state of fitness, of the things I’m eating, of the places I’m at. My phone understands from being in my pocket how much exercise I’ve been getting and how many stairs I’ve been walking up and so on.”

Exploiting such data could provide hugely useful services to individuals, he said, but only if their computers had access to personal data held about them by web companies. “One of the issues of social networking silos is that they have the data and I don’t … There are no programmes that I can run on my computer which allow me to use all the data in each of the social networking systems that I use plus all the data in my calendar plus in my running map site, plus the data in my little fitness gadget and so on to really provide an excellent support to me.”

Read the whole story HERE.

Commission downplays Parliament EU-US data privacy concerns

EUObserver writes about how Justice Commissioner Viviane Reding has insisted that US authorities cannot override EU laws on data privacy, following concerns expressed by MEPs that certain US laws and legal subpoenas could force EU companies to disclose personal data to US law enforcement agencies.

In an oral question to the Commission, liberal MEPs drew attention to US legislation, including the Medicare Act and the Patriot Act, which, they said, could require the submission of personal data stored in Europe to the US authorities.

Read the rest here: http://euobserver.com/871/115299

The EU right to be forgotten, already criticized by US academics. Does it really threaten freedom of speech?

Professor Jeffrey Rosen published in the Stanford Law Review some very serious criticism against the soon to be enforced in the EU right to be forgotten, stating mainly that it is a threat to freedom of speech. You can find the article HERE.

I don’t really see how obliging a person to erase an embarrassing photo of yourself   infringes that person’s right to free speech. At least, one should balance the right to dignity against freedom of speech in a particular situation and afterwards make a decision in this respect.

Then again, the European system for the protection of human rights is very elaborated and exhaustive, a particular system, with concrete mechanisms of protection and precise principles to be effectively applied (such as the balance I was talking about).

Where is the freedom of speech breached here? “Any person should have the right to have personal data concerning them rectified and a ‘right to be forgotten’ where the retention of such data is not in compliance with this Regulation. In particular, data subjects should have the right that their personal data are erased and no longer processed, where the data are no longer necessary in relation to the purposes for which the data are collected or otherwise processed, where data subjects have withdrawn their consent for processing or where they object to the processing of personal data concerning them or where the processing of their personal data otherwise does not comply with this Regulation. This right is particularly relevant, when the data subject has given their consent as a child, when not being fully aware of the risks involved by the processing, and later wants to remove such personal data especially on the Internet. However, the further retention of the data should be allowed where it is necessary for historical, statistical and scientific research purposes, for reasons of public interest in the area of public health, for exercising the right of freedom of expression, when required by law or where there is a reason to restrict the processing of the data instead of erasing them.” This is recital 53 of the Preamble of the proposed regulation for data protection, which means Art. 17 of the regulation should be interpreted according to the principles stated in this recital.

I think the provision is very clear and when reading it I feel my privacy protected and not my freedom of speech threatened.

A closer look on the steaming US privacy framework

A Bill of Rights dedicated to consumer privacy is huge. The US, which enforces a quilt of privacy statues, will have some coherent guidance sourcing in a sort of a fundamental law, such as a Bill of Rights.

Data protection (or informational privacy) reform is as full of energy as a volcano on both sides of the Atlantic. While the European Commission publicized its proposed data protection regulation exactly a month ago, its US counterpart published yesterday a White Paper containing substantial privacy reforms.

The Bill of Rights is part of the new privacy framework presented in the White Paper, which encompasses three more components: a multi-stakeholder process to determine how these rights will apply in specific business contexts; an effective enforcement model; and greater interoperability between the privacy frameworks of the United States and its international partners.

Having a first look on the Bill of Rights, I noticed it uses the notion of “personal data”, just like the EU data protection legislation, and not “personally identifiable information”. It defines the personal data as “any data, including aggregations of data, which is linkable to a specific individual”. The definition is also similar to the EU definition of personal data, according to which personal data is any information related to an identified or identifiable person.

What is interesting is that the US privacy Bill of Rights recognizes directly that “Personal data may include data that is linked to a specific computer or other device“, while in the EU this is an almost endless discussion (whether the IP address falls or not under the data protection Directive provisions).

I should note that the Bill of Rights is not enforceable per se, but “The Administration supports Federal legislation that adopts the principles of the Consumer Privacy Bill of Rights”.

Another common point of the EU and the new US privacy Bill of Rights is the reference to codes of conduct. While the EU regulates in detail what a code of conduct is and how it should be used in the proposed data protection regulation, the US also recognizes such means for protecting informational privacy: “Even without legislation, the Administration will convene multistakeholder processes that use these rights as a template for codes of conduct that are enforceable by the Federal Trade Commission.

Another statement included in the Privacy Bill of Rights indicates that one of the main reasons it was adopted is precisely compliance with EU data protection standard: “These elements—the Consumer Privacy Bill of Rights, codes of conduct, and strong enforcement—will increase interoperability between the U.S. consumer data privacy framework and those of our international partners“.

I also have to underline that the US Bill of Rights envisages “consumers”, while the EU data protection legislation refers to “any person”. The two concepts are evidently not identical. Nonetheless, the EC Directive on the protection of personal data in electronic communications is also somehow guided to protect more of a consumer than a mere individual.

If you want to look closer to the Bill of Rights yourself, be my guest: http://www.hldataprotection.com/uploads/file/White%20Paper.pdf

Also, you can find HERE more on the White Paper and the Bill of Rights.

Embrace your surveilled persona





Source: /www.adcet.edu.au

I’ve made a note a few days ago about an article I stumbled upon, which is called “Should we do away with privacy?”, so I decided to finally post about it. Its main idea is that the surveillance society reached a point in which, in order to be free, the individual should embrace his surveilled persona.

The basic line is stop fighting the process of giving up your privacy and start using in your favor the results of you being watched and transformed in data.

This idea is very interesting. I am currently writing a paper about how literature anticipated the emergence of the surveillance society and I’ve been reading a lot about this topic. I strongly feel that there is no way of putting an end to the surveillance society, no way of tempering it and it occurred to me that, possibly, the emergence of the surveillance society is as natural as the evolution of humankind.

Cindy Gallop’s idea is that “If you identify exactly who you are and what you stand for, what you believe in, what you value, and if you then only ever behave, act and communicate in a way that is true to you, then you never have to worry about where anybody comes across you or what you’re found doing.

Now, this is something to think about. As far as the social reality goes, this statement cannot be countered. As far as the philosophy of human rights goes, it is obvious that such an attitude would be exactly what Bentham was looking for in his Panopticon theory: correct behaviors due to permanent surveillance. The discussion can be endless, and it doesn’t suit a blog. Therefore, I invite you to read the article and make your own opinion about it: