The Privacy Projects http://theprivacyprojects.org Fri, 10 Apr 2015 02:58:54 +0000 en-US hourly 1 http://wordpress.org/?v=4.1.7 Phase III (2015) http://theprivacyprojects.org/systematic-government-access-project/phase-iii-2015 http://theprivacyprojects.org/systematic-government-access-project/phase-iii-2015#comments Thu, 09 Apr 2015 00:23:10 +0000 http://theprivacyprojects.org/?page_id=457 http://theprivacyprojects.org/systematic-government-access-project/phase-iii-2015/feed 0 Research Proposals http://theprivacyprojects.org/research-proposals http://theprivacyprojects.org/research-proposals#comments Thu, 09 Apr 2015 00:21:33 +0000 http://theprivacyprojects.org/?page_id=453 http://theprivacyprojects.org/research-proposals/feed 0 Phase II.5 (2014) http://theprivacyprojects.org/systematic-government-access-project/phase-ii-5-2014 http://theprivacyprojects.org/systematic-government-access-project/phase-ii-5-2014#comments Wed, 08 Apr 2015 23:47:33 +0000 http://theprivacyprojects.org/?page_id=430 This phase focused on addressing accountability in private-sector organizations when providing personal data to the government and in national security and law enforcement agencies when seeking such data from the private sector. Our goal was to identify specific steps to help enhance responsible stewardship of personal data in both public and private sectors through frank, constructive dialogue among senior government officials, business leaders, academic researchers, and privacy and civil liberties advocates. In this phase achieve this TPP funded two small workshops that were held in Montreal, Canada (May 9, 2014) and London, UK (May 30, 2014). The workshops were organized by Jennifer Stoddart (former Federal Privacy Commissioner of Canada), Marty Abrams (from the Information Accountability Foundation), Jim Dempsey (Center for Democracy and Technology), and Fred Cate (Institute for Information Policy Research).

]]>
http://theprivacyprojects.org/systematic-government-access-project/phase-ii-5-2014/feed 0
Phase II (2013-2014) http://theprivacyprojects.org/systematic-government-access-project/phase-ii-2013-2014 http://theprivacyprojects.org/systematic-government-access-project/phase-ii-2013-2014#comments Wed, 08 Apr 2015 23:46:01 +0000 http://theprivacyprojects.org/?page_id=428 On June 3, 2013, in London, as part of Phase II, TPP held a roundtable with industry, academics, and privacy advocates to review a second round of country reports and a draft paper outlining a human rights analysis of government systematic access powers. At the roundtable and during the TPP board meeting the following day, roundtable participants and TPP board members expressed desire to continue the inquiry, with an emphasis on transparency. However, there was no clear sense of whether to try to develop any consensus around the principles that should regulate government access demands.

Two days after the London roundtable, on June 5, the Washington Post and The Guardian newspaper began publishing a series of stories detailing surveillance activities of the US government, including a program under which the NSA demanded from telephone companies systematic disclosure, on a daily basis, of call detail records for all calls to, from and within the US. The newspapers also published online what appeared to be highly classified US government documents describing the legal and technical details of the telephony metadata program and other surveillance programs. The stories were followed by others, also based on leaked documents, describing systematic surveillance programs of the British government. German and French publications soon thereafter published stories stating in broad terms that German and French authorities also conducted intrusive electronic surveillance programs similar to those conducted by the US and the UK. It is expected that disclosures about US programs may continue, and the US government has sought to reclaim control over the debate by making its own disclosures, intended to show that the programs are lawful, carefully controlled, and effective. Among other things, the US government has extensively described the legal basis for its systematic access to telephony metadata.

The result from Phase II was a comparative analysis between the countries in the study and a website, hosted by CDT, to track systematic access developments in countries. In light of the Snowden disclosures and the increased public attention to the issue, the TPP board decided to continue to pursue the work in a shorter phase, dubbed “Phase II.5” to explore accountability.

]]>
http://theprivacyprojects.org/systematic-government-access-project/phase-ii-2013-2014/feed 0
Phase I (2011-2012) http://theprivacyprojects.org/systematic-government-access-project/phase-i-2011-2012 http://theprivacyprojects.org/systematic-government-access-project/phase-i-2011-2012#comments Wed, 08 Apr 2015 23:36:29 +0000 http://theprivacyprojects.org/?page_id=426 The summary report from Phase I of the inquiry concluded that demands were indeed growing, driven by a number of factors, but information about actual practices was fragmentary and laws were often so vague that it was difficult to assess government demands. All papers are available for free to the public at http://idpl.oxfordjournals.org/content/2/4.toc

Fred H. Cate, James X. Dempsey, and Ira S. Rubinstein – Guest Editorial – Systematic government access to private-sector data

  • Peter Swire – From real-time intercepts to stored records: why encryption drives the government to seek access to the cloud 

  • Jane Bailey – Systematic government access to private-sector data in Canada
  • Zhizheng Wang – Systematic government access to private-sector data in China
  • Ian Brown – Government access to private-sector data in the United Kingdom
  • Motohiro Tsuchiya – Systematic government access to private-sector data in Japan
  • Stephanie K. Pell – Systematic government access to private-sector data in the United States
  • Fred H. Cate and Beth E. Cate – The Supreme Court and information privacy
  • Dan Jerker B. Svantesson – Systematic government access to private-sector data in Australia
  • Omer Tene – Systematic government access to private-sector data in Israel 

  • Paul M. Schwartz – Systematic government access to private-sector data in Germany
  • Sunil Abraham and Elonnai Hickok – Government access to private-sector data in India
]]>
http://theprivacyprojects.org/systematic-government-access-project/phase-i-2011-2012/feed 0
Systematic Government Access Project http://theprivacyprojects.org/systematic-government-access-project http://theprivacyprojects.org/systematic-government-access-project#comments Thu, 02 Apr 2015 23:44:18 +0000 http://theprivacyprojects.org/?page_id=419 In 2011, The Privacy Projects (TPP) launched an ambitious initiative to (1) illuminate the expansion of government demands for systematic access to digital data held in the private sector in key countries in North America, Europe, and Asia; (2) survey the current legal constraints on that access; and (3) invite stakeholders from key providers and users of electronic data transmission and storage services to come together to discuss the challenge and strategies for addressing it. The goal of the project is to raise awareness about the issue among key industry stakeholders and to begin the process of developing strategies for responding to it.

Government access to private-sector data is not a new issue; it has long been addressed in the United States and other countries, especially in the context of the privacy issues it raises. What we understand to be distinctive about the TPP initiative is that it addresses systematic government access to such data and that it focuses more on the business-to-business issues, rather than consumer issues, raised by such access. This project launched in 2011 and has been ongoing in various phases since then. Since then, the team that TPP assembled has been remarkably productive:

  • 13 country reports by leading experts. Nine have already been published in the Oxford International Data Protection Law (IDPL) journal, and the other four are due out soon.
  • An overview and other papers from Phase I, also published in IDPL in November 2012.
  • 5 roundtables – Washington in April 2012; London in June 2013; Brussels in November 2013; Montreal in May 2014; and, London in May of 2014 – bringing together companies (both US-based and Europe-based), academics, and civil society (plus, in Brussels, DPAs and EU representatives).
  • A Phase II comparative study. 
  • Comparative charts and website presenting the results of the Phase I and II research.
  • Press and blogsphere

TPP’s work in this area has been ongoing and the project has identified several themes, which have become immensely more salient with the Snowden leaks:

  • Systematic access demands do appear to be growing, although the recent disclosures make it clear that governments are not only demanding stored data in bulk but also are tapping into cables to collect or filter large swaths of data as it moves over the Internet.
  • There is a profound lack of transparency about countries’ laws and practices. Relevant laws are at best vague, and government interpretations of them are often hidden, especially in the national security realm.
  • In particular, published laws and policies do not expressly address the unique challenges of bulk collection.
  • Plummeting data storage costs and enhanced analytical capabilities spur governments’ appetites to collect more and more data.
  • As Internet-based services have become globalized, surveillance has become trans-border, posing increased legal and reputational risks to businesses operating globally.
]]>
http://theprivacyprojects.org/systematic-government-access-project/feed 0
TPP Funded Research http://theprivacyprojects.org/published-research http://theprivacyprojects.org/published-research#comments Thu, 02 Apr 2015 23:43:54 +0000 http://theprivacyprojects.org/?page_id=417
  • Benefit Risk Analysis for Big data projects
  • OECD Guidelines in the Public Sector 2011
  • Data Privacy Day Retrospective 2010
  • The Privacy Projects-Paul Schwartz Global Data Flows 2009
  • ]]>
    http://theprivacyprojects.org/published-research/feed 0
    Our Promise http://theprivacyprojects.org/about/our-promise http://theprivacyprojects.org/about/our-promise#comments Tue, 22 Sep 2009 22:44:13 +0000 http://theprivacyprojects.org/?page_id=225 Privacy Promise

    The Privacy Projects bases all of its activities, communications, and business processes on the premise that personally-identifiable information, or PII, is critically important and requires both our respect and protection.

    Although TPP has a short history, our Directors include leading privacy professionals with long-standing reputations in maintaining personal data.  We have never lost, disclosed, or otherwise compromised personal information and we maintain reasonable and appropriate safeguards to continue that excellent record.  We remain accountable for our privacy promise; if you have questions or need more information, write to us at info@theprivacyprojects.com.

    PII Collection

    As all modern companies do, we collect personal information when individuals knowingly provide it; we do not collect any PII without first providing individuals an opportunity to understand what we are collecting, how we will use it, with whom we may share it and how we protect it.  Should you share your PII with us, we will safeguard it from all uses and disclosures that are outside the promises we made when we collected it.

    PII Use

    We use your PII to communicate with you for a variety of reasons, including keeping you informed about our research and educational activities.  You can contact us at anytime to request we not communicate with you; you can also ask us to delete your PII from our systems; we will comply immediately.

    PII Sharing

    We do not share your PII unless you request that we do.  There is an exception, which is standard procedure for all responsible companies, which is that we will share PII in the event we know of or perceive a reason to do so to comply with the law, to report suspected criminal activities, or to protect our safety and that of others.

    PII Safeguards

    We protect PII from unauthorized use, disclosure, loss, or corruption by limiting access to digital and physical copies, controlling our premises and equipment and deploying technologies designed to safeguard all of our confidential data.  Our personnel are trained to protect PII and exercise care for all PII under their control.

    PII Storage

    We store only the minimum PII needed to serve our clients, customers, and other parties.  All PII that is no longer needed is disposed of completely to prevent any unauthorized disclosure.

    Data Privacy Day 2010 Retrospective

    dpd-retro-cover-dpd-2010(web)

     

    The Privacy Projects Launch

     

    Global Data Flows Report

    Cross-border-Cover-FINAL

    ]]>
    http://theprivacyprojects.org/about/our-promise/feed 0
    Home http://theprivacyprojects.org/ http://theprivacyprojects.org/#comments Fri, 07 Aug 2009 21:13:32 +0000 http://theprivacyprojects.org/projects/?page_id=34

    About TPP

    TPP’s goal is to create ongoing momentum to update personal information handling policies, practices and tools to match the world-class technologies that power our networked world.  We believe that we can support advances in the ways organizations, including business and government, collect, store, use, share and manage personal information, encouraging more respect for the ‘digital human’ the data represents.  To this end, TPP sponsors research and facilitates informed dialog to promote practical solutions and policy frameworks that foster responsible information sharing while preventing, to the extent possible, inappropriate access to and use of personal information.

     

    ]]>
    http://theprivacyprojects.org/home/feed 0
    Contact Us http://theprivacyprojects.org/contact-us http://theprivacyprojects.org/contact-us#comments Fri, 07 Aug 2009 20:55:32 +0000 http://theprivacyprojects.org/projects/?page_id=29 info@theprivacyprojects.org

     

    ]]>
    http://theprivacyprojects.org/contact-us/feed 0