"EU approaches to data protection, competition and consumer protection share common goals, including the promotion of growth, innovation and the welfare of individual consumers. In practice,
however, collaboration between policy-makers in these respective fields is limited. Online services are driving the huge growth in the digital economy. Many of those services are marketed as ‘free’ but in
effect require payment in the form of personal information from customers. An investigation into the costs and benefits of these exchanges for both consumers and businesses is now overdue. Closer dialogue
between regulators and experts across policy boundaries can not only aid enforcement of rules on competition and consumer protection, but also stimulate the market for privacy-enhancing
"This report highlights the unexpected problems that arise from new types of predictive consumer scoring, which this report terms consumer scoring. […] The report includes a roster of the types of consumer data used in predictive consumer scores today, as well as a roster of the consumer scores such as health risk scores, consumer prominence scores, identity and fraud scores, summarized credit statistics, among others. The report reviews the history of the credit score – which was secret for decades until legislation mandated consumer access — and urges close examination of new consumer scores for fairness and transparency in their factors, methods, and accessibility to consumers."
”[…] big data does not present wholly – or even mostly – new challenges. In reality these issues have been confronting policymakers since at least the 1970s, when the federal government
developed the first version of the Fair Information Practice Principles. In fact, we already have solutions for some of the privacy issues that confront us today and there are specific actions the
executive branch can take to improve Americans’ privacy. With that goal in mind, the bulk of these comments will focus on two main areas. The first area is immediate actions the administration can and
should take to improve how the federal government collects and uses personal information. The second area is a few specific subjects where sustained focus and attention could improve privacy knowledge and
best practices in the future.”
"Unlocking the value of data and instituting responsible data practices go hand-in-hand, and both have been an important focus of FPF’s work since our founding in 2008. FPF recognizes the
enormous potential benefits to consumers and to society from sophisticated data analytics, yet FPF also understands that taking advantage of big data may require evolving how we implement traditional
privacy principles. Through our work on inter-connected devices and applications and the emerging Internet of Things, FPF has acquired experience with the technologies involved in data collection and use.
FPF appreciates this opportunity to provide Comments and share its insights into how best to promote the benefits of big data while minimizing any resulting privacy risks or harms."
"It is not just metadata. Telephony metadata reveals private and sensitive information about people. It can reveal political affiliation, religious practices, and people’s most intimate associations. It reveals who calls a suicide prevention hotline and who calls their elected official; who calls the local Tea Party office and who calls Planned Parenthood. The aggregation of telephony metadata—about a single person over time, about groups of people, or with other datasets—only intensifies the sensitivity of the information. Aggregated metadata ‘generates a precise, comprehensive record’ of people’s habits, which in turn ‘reflects a wealth of detail about [their] familial, political, professional, religious, and sexual associations.’ United States v. Jones, 565 U.S. __, 132 S. Ct. 945, 955 (2012) (Sotomayor, J., concurring). The call records collected by the government are not just metadata - they are intimate portraits of the lives of millions of Americans.”
"This is, at base, a factual dispute. Is it easy to draw sensitive inferences from phone metadata? How often do people conduct sensitive matters by phone, in a manner reflected by metadata? We
used crowdsourced data to arrive at empirical answers. Since November, we have been conducting a study of phone metadata privacy. Participants run the MetaPhone app on their Android smartphone; it submits
device logs and social network information for analysis. In previous posts, we have used the MetaPhone dataset to spot relationships, understand call graph interconnectivity, and estimate the
identifiability of phone numbers. At the outset of this study, we shared the same hypothesis as our computer science colleagues—we thought phone metadata could be very sensitive. We did not anticipate
finding much evidence one way or the other, however, since the MetaPhone participant population is small and participants only provide a few months of phone activity on average. We were wrong. We found
that phone metadata is unambiguously sensitive, even in a small population and over a short time window. We were able to infer medical conditions, firearm ownership, and more, using solely phone
"David Davis MP, a former shadow home secretary, told the Guardian he has established that police will be able to access the health records of patients when investigating serious crimes even
if they had opted out of the new database, which will hold the entire population’s medical data in a single repository for the first time from May. […] Davis, who established the existence of these
‘backdoors’ in a parliamentary question answered by health services minister Dan Poulter, said he had ‘no problems with the data being used for licensed medical research, but when we have police accessing
from a database that people have opted out from, and companies being able to buy this data, I think we need to have a debate about whether my property, which are my patient records, can be sold and
"On Tuesday, September 10th, 2013, the Future of Privacy Forum joined with the Center for Internet and Society at Stanford Law School to present a full-day workshop on questions surrounding
Big Data and privacy. The event was preceded by a call for papers discussing the legal, technological, social, and policy implications of Big Data. A selection of papers was published in a special issue
of the Stanford Law Review Online and others were presented at the workshop. This volume collects these papers and others in a single collection. These essays address the following questions: Does Big
Data present new challenges or is it simply the latest incarnation of the data regulation debate? Does Big Data create fundamentally novel opportunities that civil liberties concerns need to accommodate?
Can de-identification sufficiently minimize privacy risks? What roles should fundamental data privacy concepts such as consent, context, and data minimization play in a Big Data world? What lessons can be
applied from other fields?"
"Innovations in technology and greater affordability of digital devices have presided over today’s Age of Big Data, an umbrella term for the explosion in the quantity and diversity of high
frequency digital data. These data hold the potential - as yet largely untapped - to allow decision makers to track development progress, improve social protection, and understand where existing policies
and programmes require adjustment. […] With the promise come questions about the analytical value and thus policy relevance of this data - including concerns over the relevance of the data in developing
country contexts, its representativeness, its reliability - as well as the overarching privacy issues of utilising personal data. This paper does not offer a grand theory of technology-driven social
change in the Big Data era. Rather it aims to delineate the main concerns and challenges raised by ‘Big Data for Development’ as concretely and openly as possible, and to suggest ways to address at least
a few aspects of each."
"I want to complicate matters further by suggesting another way in which data has become big: data now mediate our day-to-day social relationships to an unprecedented degree. This other big data revolution relies on the proliferation of new data collection and analysis tools that allow individuals to track easily, quantify, and communicate information about our own behaviors and those of others. This type of big data arguably touches more of us more directly than the big data practices more commonly discussed, as it comes to reshape our relationships across multiple domains of daily life. In this sense, data is big not because of the number of points that comprise a particular dataset, nor the statistical methods used to analyze them, nor the computational power on which such analysis relies. Instead, data is big because of the depth to which it has come to pervade our personal connections to one another."
"What do a retired librarian in Wisconsin in the early stages of Alzheimer’s, a police officer, and a mother in Texas have in common? The answer is that all were victims of consumer data brokers. Data brokers collect, compile, buy and sell personally identifiable information about who we are, what we do, and much of our ‘digital exhaust.’ We are their business models. The police officer was ‘uncovered’ by a data broker who revealed his family information online, jeopardizing his safety. The mother was a victim of domestic violence who was deeply concerned about people finder web sites that published and sold her home address online. The librarian lost her life savings and retirement because a data broker put her on an eager elderly buyer and frequent donor list. She was deluged with predatory offers. These people - and 320 million others in the United States - are not able to escape from the activities of data brokers. Our research shows that only a small percentage of known consumer data brokers offer a voluntary opt out. These opt outs can be incomplete, extremely difficult, and must typically be done one-by-one, site-by-site. Often, third parties are not allowed to opt individual consumers out of data brokers. This state of affairs exists because no legal framework requires data broker to offer opt out or suppression of consumer data. Few people know that data brokers exist, and beyond that, few know what they do."
"This Committee Majority staff report focuses on data broker activities that are subject to far less statutory consumer protection: the collection and sale of consumer data specifically for marketing purposes. In this arena, data brokers operate with minimal transparency. One of the primary ways data brokers package and sell data is by putting consumers into categories or ‘buckets’ that enable marketers – the customers of data brokers – to target potential and existing customers. Such practices in many cases may serve the beneficial purpose of providing consumers with products and services specific to their interests and needs. However, it can become a different story when buckets describing consumers using financial characteristics end up in the hands of predatory businesses seeking to identify vulnerable consumers, or when marketers use consumers’ data to engage in differential pricing. Further, the data breaches that have repeatedly occurred in this industry and with others in the data economy underscore the public’s need to understand the volume and specificity of data consumer information held by data brokers."
"The attacks of September 11, 2001, and the intelligence failures preceding them, sparked a call for greater government access to information. Across a range of laws and policies, the level of suspicion required before law enforcement and intelligence agencies could collect information about U.S. persons was lowered, in some cases to zero. […] The result is not merely the collection of large amounts of information, but a presumptive increase in the quantity of information that reflects wholly innocuous, and in some cases constitutionally protected, activity. Other publications, including reports issued by the Brennan Center, have addressed whether lowering the threshold for suspicion to collect information poses an undue risk to civil liberties. This report addresses a separate question: Regardless of whether the expansion of the government’s domestic information collection activity can be expected to yield enough additional ‘hits’ to justify its various costs, how do federal agencies deal with the apparent ‘misses’ - the stores of information about Americans that are swept up under these newly expanded authorities and that do not indicate criminal or terrorist behavior?"
"We analyzed 700 million words, phrases, and topic instances collected from the Facebook messages of 75,000 volunteers, who also took standard personality tests, and found striking variations in language with personality, gender, and age. In our open-vocabulary technique, the data itself drives a comprehensive exploration of language that distinguishes people, finding connections that are not captured with traditional closed-vocabulary word-category analyses."
"We don’t deny that big data holds substantial potential for the future, and that large dataset analysis has important uses today. But we would like to sound a cautionary note and pause to consider big data’s potential more critically. In particular, we want to highlight three paradoxes in the current rhetoric about big data to help move us toward a more complete understanding of the big data picture. First, while big data pervasively collects all manner of private information, the operations of big data itself are almost entirely shrouded in legal and commercial secrecy. We call this the Transparency Paradox. Second, though big data evangelists talk in terms of miraculous outcomes, this rhetoric ignores the fact that big data seeks to identify at the expense of individual and collective identity. We call this the Identity Paradox. And third, the rhetoric of big data is characterized by its power to transform society, but big data has power effects of its own, which privilege large government and corporate entities at the expense of ordinary individuals. We call this the Power Paradox. Recognizing the paradoxes of big data, which show its perils alongside its potential, will help us to better understand this revolution. It may also allow us to craft solutions to produce a revolution that will be as good as its evangelists predict."