Adopting cloud computing can mean entrusting data to a third-party vendor. For agencies responsible for personally identifiable information or mission-critical applications, this raises a host of privacy concerns, chief among them the issue of data sovereignty and the question of determining appropriate government and commercial uses of private citizens’ data. This section of the SafeGov.org site analyzes the risks to privacy associated with cloud adoption and explores ongoing means to mitigate them.
Laurie Sullivan, Media Post, Friday, January 23, 2015
Dependency on cloud computing, outsourcing requirements and interconnected devices will eventually force the advertising industry to follow comprehensive security controls and practices to reduce the risk of data breaches. More than 90% of the 500 data breaches that occurred from January to June 2014 could have easily been prevented, per a report released Wednesday from The Online Trust Alliance (OTA).
Tracy Mitrano, Inside Higher Ed, Tuesday, January 20, 2015
On Friday, we learned that Google quietly signed the Student Privacy Pledge – almost a week after President Obama called them out by name to ask why not. That is a good thing. Why did it take so long? Hubris first. Google thinks itself above association with other companies when such association is not intrinsically within its business interest. Joining the Pledge when it was first announced three months ago would have seemed unseemly.
Safety, Privacy, and the Internet Paradox: Solutions at Hand and the Need for new Trans-Atlantic Rules
Microsoft Europe, Tuesday, January 20, 2015
Today at the Center for European Policy Studies, Brad Smith, general counsel and executive vice president, legal and corporate affairs, Microsoft, delivered remarks and participated in a panel discussion on the subject of Trust, data and national sovereignty: solutions for a connected world.
Sean Cavanagh and Michele Molnar, Education Week, Tuesday, January 20, 2015
After initially declining to sign up, technology giant Google has joined a growing number of companies committing to a "student privacy pledge" created by advocacy groups and endorsed by the White House. Google has come under heavy scrutiny for privacy practices that critics have feared would open the door to students' personal information being used for advertising purposes, and the company has revised its policies in the face of those questions. The privacy pledge is being sponsored by the Future of Privacy Forum, a Washington-based think tank that advocates for responsible data use, and the Software & Information Industry Association, a leading trade association, also headquartered in the nation's capital.
Sean Michael, WinBeta, Monday, January 19, 2015
The battle of big business versus big government is being fought among the clouds or at least among Microsoft’s international cloud servers. Microsoft’s director of cyber security and cloud strategy has shared a post titled ‘Privacy considerations in a cloudy world.’ The post highlights points regarding Microsoft’s cyber security made by their Chief Privacy Officer in a video (embedded below). Microsoft is amidst a battle with the government when it comes to protecting their user’s data. One of the key points was that “Microsoft does not provide any government with direct, unfettered access to customers’ data.” There’s a gray area when it comes to who has authority over data stored by Microsoft.
Friday, January 16, 2015
I have been fortunate to work with a number of young innovators lately. They ask me questions about things that are a blast to discuss. How do I reach my maximum potential market? What is the right price point for my device, and so on? The one thing I’ve noticed is that they aren’t concerned about the IP they have created. Recently, SafeGov posted a link to a WSJ article written by Michael Chertoff talking about the need for a rule of law protecting information. It got me thinking about the questions the young innovators have been asking me concerning what they are building.
Mary Madden, Pew Research Center, Friday, January 16, 2015
Pew Research Center has been studying Americans’ attitudes about their own personal information security and that of their families for years. Here are a few highlights: 91% of American adults say that consumers have lost control over how personal information is collected and used by companies. Americans express a broad loss of control over the way their personal data are managed by companies. Fully 91% of adults “agree” or “strongly agree” that “consumers have lost control over how personal information is collected and used by companies.” This includes 45% who “strongly agree” and 46% who “agree” that consumers have lost control.
Frank Pasquale, LA Times, Thursday, January 15, 2015
A Student Data Privacy Act would, if passed, prevent a growing ed-tech sector from using student data for ads. These are commendable initiatives. Corporations shouldn't be able to hide their data security failures. Students' privacy is important, too: They are particularly vulnerable to slick marketing efforts. But it's time for policymakers to aim higher. "Big data" creates problems that go well beyond traditional privacy concerns. A better student privacy act would focus not only on uses of data outside the education sector, but inside it as well. Students should not be ranked and rated by mysterious computer formulas.
Wednesday, January 14, 2015
Several months ago a group of privacy advocates and education software providers, with prominent support from the Obama administration, overcame their differences and agreed to a Student Privacy Pledge. The 12 commitments of this pledge make for a remarkably strong document that places important limits on how children’s data can be used by commercial firms. It comes at a time when interest and investment in education technology is booming as never before. Among the pledge’s key commitments...
Tracy Mitrano, Inside Higher Ed, Wednesday, January 14, 2015
The oft-quoted "sale of student data to third parties" might sidestep another great offense involving use of education records: profiling. Companies such as Google do not sell the information that it mines; it uses that data for its own core business purposes of targeted marketing, advertising, or other commercial incentives. No doubt, sale of personally identifiable information in the consumer arena is one of the most common and egregious of business practices in the global information economy. Student information is particularly problematic because it violates existing law (FERPA) and because no one can predict to what uses that data will be made in the future of a student's long life. In particular, one could see how sensitive information collected (gender, class, race, ethnicity) could be used down the road for unforeseen purposes. But the main point is this: it is not just sale but the use to which the company doing the mining will make of the data that must be included in the scope of the proposed legislation.