"As we look at the dynamic change shaping today’s data-driven world, one thing is becoming increasingly clear. We really do not know that much about it. Polarized along competing but
fundamental principles, the global dialogue on personal data is inchoate and pulled in a variety of directions. It is complicated, conflated and often fueled by emotional reactions more than informed
understandings. The World Economic Forum’s global dialogue on personal data seeks to cut through this complexity. A multi-year initiative with global insights from the highest levels of leadership from
industry, governments, civil society and academia, this work aims to articulate an ascendant vision of the value a balanced and human-centred personal data ecosystem can create."
"The message arrives on my ‘clean machine,’ a MacBook Air loaded only with a sophisticated encryption package. ‘Change in plans,’ my contact says. - Be in the lobby of the Hotel ______ by 1
pm. Bring a book and wait for ES to find you.’ ES is Edward Snowden, the most wanted man in the world. For almost nine months, I have been trying to set up an interview with him - traveling to Berlin, Rio
de Janeiro twice, and New York multiple times to talk with the handful of his confidants who can arrange a meeting. Among other things, I want to answer a burning question: What drove Snowden to leak
hundreds of thousands of top-secret documents, revelations that have laid bare the vast scope of the government’s domestic surveillance programs?"
"This request for investigation arises from research by the Center for Digital Democracy (CDD) and its ongoing investigation of data marketing and profiling companies that have joined to the
U.S.-EU Safe Harbor framework, as developed by the U.S. Department of Commerce (DOC) and formally accepted by the European Commission (EC). These 30 companies (data marketing and profiling companies) are
similar in that they collect, use and share EU consumers’ personal information to create digital profiles about them, analyze their behavior, and use the data to make marketing and related decisions
regarding each of them. While these companies are largely unknown to EU citizens, they pride themselves on knowing everything about individuals and how to comprehensively profile and target them. The
commercial surveillance of EU consumers by U.S. companies, without consumer awareness or meaningful consent, contradicts the fundamental rights of EU citizens and European data protection laws, and also
violates the intention of the Safe Harbor mechanism to adequately protect EU consumers’ personal information. This filing is intended to provide the Federal Trade Commission (FTC) with factual information
and legal analysis on probable violations of Safe Harbor commitments that materially mislead EU consumers."
"Digital technologies, commonly referred to as cyber systems, are a security paradox: Even as they grant unprecedented powers, they also make users less secure. Their communicative
capabilities enable collaboration and networking, but in so doing they open doors to intrusion. Their concentration of data and manipulative power vastly improves the efficiency and scale of operations,
but this concentration in turn exponentially increases the amount that can be stolen or subverted by a successful attack. The complexity of their hardware and software creates great capability, but this
complexity spawns vulnerabilities and lowers the visibility of intrusions. Cyber systems’ responsiveness to instruction makes them invaluably flexible; but it also permits small changes in a component’s
design or direction to degrade or subvert system behavior. These systems’ empowerment of users to retrieve and manipulate data democratizes capabilities, but this great benefit removes safeguards present
in systems that require hierarchies of human approvals. In sum, cyber systems nourish us, but at the same time they weaken and poison us."
"Data has many and varied sources. It may originate from individuals, groups or machines in a private or public environment, geared towards market or non-market wealth generation. It is
increasingly processed, stored, exchanged and aggregated, and has become a critical input and a key driver for the new economy, enabling new value chains to be established. Platforms benefit from
collecting this readymade and easily-accessible commodity together with an increasing stream of personal data and digital footprints. These represent yield value that grows with user traffic and the
widening of the catchment area. The very nature of data is currently being debated. Is it an unsaleable asset, a common asset, private transferable property, or a right of use or usage? There are also
many ethical and economic issues, as well as issues concerning the enforcement of fundamental freedoms. This new economic and social landscape has to be organised, in compliance with core values to
guarantee sustainable development."
"Thank you for inviting Google representatives to the meeting organized on July 24 by the Article 29 Working Party with three US-based search engines to discuss the challenges of implementing
the European Court of Justice’s recent decision in the ‘Costeja’ case. Please find below the responses to the questionnaire that you sent to us. In the interest of transparency, we will follow your lead
and make our responses public."
"The Court’s interpretation of Article 12 of the 1995 Data Protection Directive, which was drafted three years before Google was founded, has resulted in the ruling that the search engine’s European sites must process more than 70,000 data removal requests that it has received since its web form went live on 30th May, 17 days after the judgment. After having heard evidence from data protection experts, the Information Commissioner’s Office, the Minister for Justice and Civil Liberties, Simon Hughes, and Google itself, the Committee recommends that the UK Government must continue to fight to ensure that the updated Regulation no longer includes any provision on the lines of the Commission’s ‘right to be forgotten’ or the European Parliament’s ‘right to erasure’."
"Consumers should be able to evaluate and compare the data practices of different services in order to make informed decisions about the apps they install. The number of readily available
privacy policies addressing the collection, use, and sharing of data is a step in the right direction. However, many disclosures used vague language, reserving broad rights to collect, use, and share
— making clear how data is collected, used, and shared.48 Further, they suggest that these app developers may not be evaluating whether they have a business need for the data they are
"Specifically, this report documents the effects of large-scale electronic surveillance on the practice of journalism and law, professions that enjoy special legal protections because they are
integral to the safeguarding of rights and transparency in a democracy. To document these effects, we interviewed 92 people, including 46 journalists and 42 lawyers, about their concerns and the ways in
which their behavior has changed in light of revelations of largescale surveillance. We also spoke to current and former senior government officials who have knowledge of the surveillance programs to
understand their perspective, seek additional information, and take their concerns into account in our analysis. Whether reporting valuable information to the public, representing another’s legal
interests, or voluntarily associating with others in order to advocate for changes in policy, it is often crucial to keep certain information private from the government. In the face of a massively
powerful surveillance apparatus maintained by the US government, however, that privacy is becoming increasingly scarce and difficult to ensure. As a result, journalists and their sources, as well as
lawyers and their clients, are changing their behavior in ways that undermine basic rights and corrode democratic processes."
"The research findings indicate that CMPs are effective at improving data protection compliance. […] The research confirmed that this positive impact was extended to ‘peer’ organisations,
where CMPs had a wider impact as a useful deterrent and an incentive to ‘get it right first time’. A substantial proportion of this sample said that they had reviewed or changed their data protection
practices and policies as a result of hearing about CMPs being issued to other organisations."
"This paper is intended to give an overview of the issues as we see them and contribute to the debate on big data and privacy. This is an area in which the capabilities of the technology and
the range of potential applications are evolving rapidly and there is ongoing discussion of the implications of big data. Our aim is to ensure that the different privacy risks of big data are considered
along with the benefits of big data - to organisations, to individuals and to society as a whole. It is our belief that the emerging benefits of big data will be sustained by upholding key data protection
principles and safeguards. The benefits cannot simply be traded with privacy rights."
"The information revealed by a person’s Internet activities paints an intimate and richly detailed portrait of the person’s life—often on a day-by-day or minute-by-minute basis. It is
precisely this deeply personal information that the government is seizing and searching. The Washington Post recently examined a sample of 160,000 Internet communications intercepted and retained by the
NSA. Even after significantly more filtering and minimization than is at issue here, the Post reported: ‘Many other files, described as useless by the analysts but nonetheless retained, have a startlingly
intimate, even voyeuristic quality. They tell stories of love and heartbreak, illicit sexual liaisons, mental-health crises, political and religious conversions, financial anxieties and disappointed
hopes. The daily lives of more than 10,000 account holders who were not targeted are catalogued and recorded nevertheless.’ The government conducts its domestic surveillance by seizing and searching
Internet communications as they flow through major fiber-optic network junctions on the Internet ‘backbone.’ Almost all ordinary Internet traffic travels at some point over the Internet backbone - high-
capacity, long-distance fiber-optic cables controlled by major Internet providers such as AT&T. The seizures at issue here occur on the junctions between AT&T and other providers on the
"Transitioning from our current energy infrastructure to a smart grid will be essential to meeting future challenges. One key component of the smart grid is advanced metering infrastructure (AMI). AMI allows for the grid to be run more effectively and efficiently by making granular near real-time data about customers’ energy usage available. Coupled with the input and innovation of third-party companies and researchers, the potential benefits of this technology are immense. But given the granularity of AMI data, some academics and consumer advocates are concerned that the technology could place customer privacy at risk. It is therefore essential that regulators appropriately tailor privacy protections to strike the proper balance between the innovative potential of AMI data and consumers’ privacy concerns. When possible, regulators should opt for regimes allowing for the protected sharing of granular AMI data with third parties."
"We need to be able to audit any and all data controllers and public authorities for compliance with information rights laws. People who steal others’ personal information need to face the
prospect of a prison sentence. And private contractors undertaking public functions should be no less transparent and accountable than their public sector equivalents. […] As well as having the powers
and the resources to do the job that is needed in this ‘Brave New World’ of both digital opportunities and digital threats, the Information Commissioner needs the guarantee of independence that comes from
a more formal relationship with Parliament than is the case at present. We value our involvement in Whitehall policy making, but to be an effective partner the ICO must be recognised as more than just
another nondepartmental public body."