Comments on: Ads With Eyes http://blog.cdt.org/2009/02/02/ads-with-eyes/ Digital Policy in Process Fri, 16 Oct 2009 17:02:16 -0500 http://wordpress.org/?v=2.8.4 hourly 1 By: PolicyBeta - Blog Archive - (Digital) Sign of the Times http://blog.cdt.org/2009/02/02/ads-with-eyes/comment-page-1/#comment-29784 PolicyBeta - Blog Archive - (Digital) Sign of the Times Wed, 15 Jul 2009 18:53:13 +0000 http://blog.cdt.org/?p=807#comment-29784 [...] long this information is stored and what is done with it after ads are targeted and aired. CDT has written before about the privacy concerns associated with these new technologies and how such devices have [...] [...] long this information is stored and what is done with it after ads are targeted and aired. CDT has written before about the privacy concerns associated with these new technologies and how such devices have [...]

]]> By: Ryan Calo http://blog.cdt.org/2009/02/02/ads-with-eyes/comment-page-1/#comment-29197 Ryan Calo Fri, 19 Jun 2009 17:48:46 +0000 http://blog.cdt.org/?p=807#comment-29197 GREAT post. I could not agree more. I wrote about this in my student note and have blogged on the origins of billboards with eyes (and ears) over at the Stanford Center for Internet and Society. So glad that CDT is taking on this important dimension to outdoor advertising and would love to be a part of the dialogue. http://cyberlaw.stanford.edu/node/5775 (Coming Soon: Smell, Touch, and Dead People) http://cyberlaw.stanford.edu/node/6144 (The True Danger of the Internet: What Occurs To Us) GREAT post. I could not agree more. I wrote about this in my student note and have blogged on the origins of billboards with eyes (and ears) over at the Stanford Center for Internet and Society. So glad that CDT is taking on this important dimension to outdoor advertising and would love to be a part of the dialogue.

http://cyberlaw.stanford.edu/node/5775 (Coming Soon: Smell, Touch, and Dead People)
http://cyberlaw.stanford.edu/node/6144 (The True Danger of the Internet: What Occurs To Us)

]]> By: Harley Geiger http://blog.cdt.org/2009/02/02/ads-with-eyes/comment-page-1/#comment-18894 Harley Geiger Mon, 09 Feb 2009 16:42:32 +0000 http://blog.cdt.org/?p=807#comment-18894 Hello and thanks for the comments. Michael, I completely agree with you that too many people equate the mere existence of a privacy statement with strong privacy practices. Unfortunately, the purposefully dense language of privacy policies exacerbates apathy and remains inaccessible to the most vulnerable consumers. While I am a big fan of privacy education and consumer literacy, I believe such efforts will only do so much. This is actually one of the most difficult problems with privacy protection regimes based solely on consumer notice and consent. Such issues illustrate the need for comprehensive consumer privacy legislation -- so that strong safeguards will apply regardless of whether consumers read the privacy statements. But either way, you're right, consumers should still examine such policies before submitting sensitive information. Even if consumers don't read them, however, it is definitely worthwhile for companies to develop and publish privacy policies. Some people will read and analyze them, including consumer protection and education groups like CDT. Companies are also required to adhere to their published policies under Section 5 of the FTC Act. Most importantly, publishing a strong privacy policy would demonstrate a commitment on behalf of the company to the safekeeping of sensitive information. Part of the point of such a policy is to spur companies to develop safeguards that reduce the risk of a data breach. In the case of digital signage privacy, demonstrating this commitment will become increasingly important as the industry seeks to proliferate digital signs with tracking technology. Without such a commitment, the industry will find it more difficult to gain public acceptance, which ultimately will reflect poorly upon the advertisers themselves. While publishing a privacy statement is not the same thing as maintaining strong privacy practices, it is a crucial first step. Thanks for the comments, Michael and Jon-Michael! Sincerely, Harley Lorenz Geiger CDT Hello and thanks for the comments.

Michael, I completely agree with you that too many people equate the mere existence of a privacy statement with strong privacy practices.
Unfortunately, the purposefully dense language of privacy policies exacerbates apathy and remains inaccessible to the most vulnerable consumers.
While I am a big fan of privacy education and consumer literacy, I believe such efforts will only do so much.
This is actually one of the most difficult problems with privacy protection regimes based solely on consumer notice and consent.
Such issues illustrate the need for comprehensive consumer privacy legislation — so that strong safeguards will apply regardless of whether consumers read the privacy statements.
But either way, you’re right, consumers should still examine such policies before submitting sensitive information.

Even if consumers don’t read them, however, it is definitely worthwhile for companies to develop and publish privacy policies.
Some people will read and analyze them, including consumer protection and education groups like CDT.
Companies are also required to adhere to their published policies under Section 5 of the FTC Act.

Most importantly, publishing a strong privacy policy would demonstrate a commitment on behalf of the company to the safekeeping of sensitive information.
Part of the point of such a policy is to spur companies to develop safeguards that reduce the risk of a data breach.
In the case of digital signage privacy, demonstrating this commitment will become increasingly important as the industry seeks to proliferate digital signs with tracking technology.
Without such a commitment, the industry will find it more difficult to gain public acceptance, which ultimately will reflect poorly upon the advertisers themselves.

While publishing a privacy statement is not the same thing as maintaining strong privacy practices, it is a crucial first step.

Thanks for the comments, Michael and Jon-Michael!

Sincerely,

Harley Lorenz Geiger
CDT

]]> By: Michael Sherrin http://blog.cdt.org/2009/02/02/ads-with-eyes/comment-page-1/#comment-18719 Michael Sherrin Thu, 05 Feb 2009 19:43:18 +0000 http://blog.cdt.org/?p=807#comment-18719 One of the big problems I find with privacy is few people understand it. Many people think if a website has a privacy policy, that site will keep their information private - and thus they almost never read the policy. Recent studies show people will give out information for small gifts like a pen or even nothing at all. Privacy itself is misunderstood by the public. http://www.theregister.co.uk/2003/04/18/office_workers_give_away_passwords/ http://www.tgdaily.com/content/view/21550/118/ One of the big problems I find with privacy is few people understand it. Many people think if a website has a privacy policy, that site will keep their information private – and thus they almost never read the policy. Recent studies show people will give out information for small gifts like a pen or even nothing at all. Privacy itself is misunderstood by the public.

http://www.theregister.co.uk/2003/04/18/office_workers_give_away_passwords/

http://www.tgdaily.com/content/view/21550/118/

]]> By: Jon-Michael C. Brook http://blog.cdt.org/2009/02/02/ads-with-eyes/comment-page-1/#comment-18668 Jon-Michael C. Brook Wed, 04 Feb 2009 22:55:33 +0000 http://blog.cdt.org/?p=807#comment-18668 Harley, Great Article! I completely expect to see this as a US Federal Trade Commission issue shortly. They attack companies for privacy agreement violations under deceptive trade practices, recently announced Digital Rights Management interest, and are rumored to begin examination of End User License Agreements, those pesky things you click on when you install software. As you pointed out, the US takes an industry by industry approach to privacy. The EU is probably the largest "nation" that sees a citizen's privacy as a fundamental right - however, even one of our European correspondents believe privacy rights are eroding (http://blog.cippguide.org/2008/10/30/thoughts-about-ip/). For people interested in a more in-depth treatment of the sectoral privacy policies of the US (such as HIPPA, GLBA, SOX, etc..), the Congressionally assigned duties of the FTC and the alternate tact of privacy as a fundamental right, please take a look at the International Association of Privacy Professionals and their Certified Information Privacy Professional product. Best of luck, and keep up the education! JC Harley,

Great Article! I completely expect to see this as a US Federal Trade Commission issue shortly. They attack companies for privacy agreement violations under deceptive trade practices, recently announced Digital Rights Management interest, and are rumored to begin examination of End User License Agreements, those pesky things you click on when you install software.

As you pointed out, the US takes an industry by industry approach to privacy. The EU is probably the largest “nation” that sees a citizen’s privacy as a fundamental right – however, even one of our European correspondents believe privacy rights are eroding (http://blog.cippguide.org/2008/10/30/thoughts-about-ip/).

For people interested in a more in-depth treatment of the sectoral privacy policies of the US (such as HIPPA, GLBA, SOX, etc..), the Congressionally assigned duties of the FTC and the alternate tact of privacy as a fundamental right, please take a look at the International Association of Privacy Professionals and their Certified Information Privacy Professional product.

Best of luck, and keep up the education!

JC

]]>