- From: Mark Lizar <mark@smartspecies.com>
- Date: Thu, 14 Oct 2010 12:39:39 +0100
- To: public-privacy@w3.org
- Cc: Christine Runnegar <runnegar@isoc.org>
- Message-Id: <AD0CA128-1CEF-4359-AA4D-5592CAF4A22C@smartspecies.com>
The Need for Digital Notice As you may or may not be aware there is an OECD Privacy conference this month in which the W3C (i believe) has the opportunity to contribute input. Regardless, I would like to raise the issue of digital Notice and its role in the development of public privacy to this list and if possible through this list to the OECD. For this reason I wanted to highlight further the idea of a subject access API and the role of Notice to regulators globally. Fundamentally, digital notice is needed for people to understand privacy impacts or to engage in controlling their information sharing and privacy. Perhaps this is something this list might be interested in discussing? My hope is that this can be done in view of providing a request, asking the OECD to provide regulator guidance, which enforces and evolves digital data protection regulation to a minimum digital standard for legal notice. As you may or may not be aware at this time the legal infrastructures do not support digital notice and as a result there is no core legal infrastructure for the social web. This is a big problem and I believe this is the source of many issues we face in public privacy today. The specific OECD topic: > The Evolving Role of the Individual in Privacy Protection: > Critically in both privacy protection and public identity management the quality of notice (a.k.a. transparency), greatly impacts on the quality of consent and control people need to have to effectively manage their own identity and privacy. In this respect, I am looking for a Public Privacy recommendation to the OECD asking them to provide regulatory guidance and evolve existing data protection regulation in a way that supports a digital standard of notice. From a rights perspective, without a minimal digital standard of notice, data subject access to information is disproportionate to the technical methods which are being used to harvest personal data. This makes it difficult for an individual (and the W3C) to develop control and trust in the use of digital identity. (violating rights and crippling the social internet) In this regard I am looking for ITAC to ask the OECD to include thes two points in their guideline review: Evolve the existing data protection to include: 1. digital (proportional) ability for data subject's to access institutionally held information. (e.g. no mandatory written requests if possible) 2. ability for a subject to give a digital notice to control the collection, use, and revocation of information shared digitally with a service provider. Talking Points To champion and advocate this issue I would go so far as to assert that a high standard quality in notice would go a long way to solving many internet privacy and trust framework issues in identity management. In addition, i assert that a higher quality of notice would have a tremendous impact on the social and creative expression across the internet, positively impacting the Internet economy and facilitating global interoperability of personal data control architecture. (e.g. Open social use of the web, live identity, real time integration of actual data, standard observability over time, internet of things, etc.) The bottom line, the use of information age identity management with industrial aged notice is a rights concern. A concern that promotes inequality of access to information as the existing quality of notice is not sufficient enough for the average data subject to understand privacy on the network layer. > 1. What technical innovations offer promise for giving individuals > easier access to and control over information about them? Digital notice for subject access and digital subject notice to and from organisations > > 2. What are the incentives and barriers for innovating privacy tools > and what are challenges to successful deployment? The incentives are accessibility, education, access and control of information independent of service providers, - Notices are inherently legal and are also an explicit component of consent. With no legal quality of notice enforced the law and consent lack trust and integrity needed for the social web. > > 3. What is the role of technological innovation within a broader > framework for privacy protection? Digital notice would provide road signs for an internet of services at a regulatory level this is a needed mechanism for technological interoperability. The subsequent transparency enables the development of tools so people can not only see privacy impacts but also evolve control over their information. - With a standard in digital notice issues lack un-usable terms of service, and lack of internet policy infrastructure can be comprehensively addressed. - Notice is an implicit component of informed consent - Notice's are inherently legal as they are "one sided legally binding demarcations." Best Regards, Mark Lizar On 6 Oct 2010, at 22:25, Christine Runnegar wrote: > Hello all. > > IGF @ Vilnius > > > First, please let me reiterate my thanks for supporting the Internet > Society in this endeavour and contributing very considered and > insightful perspectives on the Future of Privacy. It was a very > successful workshop with approximately 100 participants in the room > plus remote participation. We also presented a brief report on the > workshop during the main session on Security, Openness and Privacy, > summarising some of the views expressed regarding international > cooperation on privacy, including those provided by the Internet > technical community. The contributions from the Internet technical > community can be found here: www.isoc.org/privacyinsights. > > > ITAC Privacy work > > > As you are no doubt aware, the Kantara Initiative (and W3C) is a > member of the Internet Technical Advisory Committee (ITAC) to the > OECD. ITAC's work with the OECD WPISP covers many areas, including > privacy. > > > The terms of the ITAC Charter are available here: http://www.internetac.org/wp-content/uploads/2009/03/itac-charter1.pdf > . Important - Please read this document. > > > OECD Privacy Conference > > > Recently, I posted an email to the ITAC email list (oecditac@elists.isoc.org > ) regarding an ITAC contribution for the upcoming OECD Privacy > Conference in Israel (25-26 October 2010) entitled: The Evolving > Role of the Individual in Privacy Protection: 30 Years After The > OECD Privacy Guidelines, and encouraging ITAC members interested in > privacy issues to indicate their availability for a conference call > to prepare some discussion points for the conference. > > > The OECD Secretariat has very kindly invited us to participate in a > panel on Fostering Innovation in Privacy Protection as a discussant. > The OECD does not want a formal presentation as they would like to > have a more interactive discussion. They would like us to provide > perspectives on the role of technical innovations in the realm of > privacy governance. While the OECD has invited me to be the voice, > we really want this to be an ITAC contribution. We have a lot of > Internet technical privacy experts in ITAC (particularly in the IAB, > OASIS, Kantara Initiative P3WG and W3C). This is a great opportunity > for us to provide input into the policy debate on privacy. > > In addition to the points for that panel, Trent Adams and I would > like to prepare a couple of points for each session to have ready > for use as appropriate. > > Specifically, we would like to build on the work that you and other > members of the Internet technical community have already done for > the IGF Workshop on the Future of Privacy. > > If you are interested in contributing to the ITAC presentation, > would you please let me know as soon as possible. > > > Please do not hesitate to contact me if you have any questions. > > > Best regards, > > Christine > > ______________________ > > Christine Runnegar > Senior Manager Public Policy > Internet Society > Galerie Jean-Malbuisson 15 > CH-1204 Geneva > Switzerland > > Tel: +41 22 807 1455 > www.isoc.org > > _______________________________________________ > WG-P3 mailing list > WG-P3@kantarainitiative.org > http://kantarainitiative.org/mailman/listinfo/wg-p3
Received on Thursday, 14 October 2010 12:00:29 UTC