Re: Possible User Harms Through Multi-Site Data Collection (Group 2) from Erica Newland on 2012-04-11 (public-tracking@w3.org from April 2012)

From: Erica Newland <enewland@cdt.org>
Date: Wed, 11 Apr 2012 17:22:27 -0400
To: public-tracking@w3.org
Message-Id: <138F1746-8926-4153-9002-81AD78D1586A@cdt.org>

Thanks, Shane. A clarification on "creepy/chill factor": This harm is not dependent on modifying user experience -- it's simply the chilling effect that can occur when someone is looking over your shoulder, when you want to do something you may not want others to know about and choose not to do it because you feel like that action is being recorded or seen by others. This harm is not ameliorated by the Shane & Team proposal.

Another harm we discussed was, in the US context, the lowering of the standard for government access to information: when a third party retains certain information for business records or legally mandated purposes (!), this may lower the standard that government has to meet to access the information in those records, even if gov't would need a warrant to obtain the same information directly from the individual. See e.g., US v Miller (1976).

On Apr 11, 2012, at 5:09 PM, Shane Wiley wrote:

> Possible User Harms Through Multi-Site Data Collection
>  
> ·        Government requests (unexpected source of evidence)
> ·        Data breach (inadvertent disclosure – embarrassment, singled-out or targeted in some fashion)
> ·        Internal bad actor (in EU becomes controller of their own and takes on liability)
>  
> (Above this line survives Shane & Team proposal, below the line is removed by Shane & Team proposal)
>  
> ·        Creepy/chill factor - Tracking users across domains to modify their experience outside of their knowledge or control
> ·        Denial of employment, finance/credit, healthcare treatment, insurance
> ·        Discrimination:  price, offer, eligibility, redlining
> ·        Content exclusion (filter bubble – diminished diversity - advertiser enforced confirmation bias)
> ·        Modifying a user’s experience based on the discovery/allegation of sensitive information
> ·        Secondary use in violation of external promises or silent norms
> ·        Sharing or selling to a 3rd party
> ·        Unsolicited or unwanted marketing (annoyance factor)
>  
>  
>  
>  
>  

Erica Newland
Policy Analyst
Center for Democracy & Technology
1634 Eye Street NW, Suite 1100
Washington, DC 20006
202.407.8836
enewland@cdt.org
http://www.cdt.org
Follow us on Twitter at @CenDemTech

Received on Wednesday, 11 April 2012 21:23:02 UTC