Saturday, March 29, 2008

Google trying to calm the waters over DoubleClick acquisition

Google is working with other companies to push consumer privacy legislation in the U.S. Congress and will work with the U.S. Federal Trade Commission to fine-tune online advertising principles the agency proposed in December, the company's top privacy executives said Wednesday.

In addition, Google is reaching out to privacy advocates in an effort to allay concerns about its acquisition of online advertising vendor DoubleClick, company officials said.

Privacy is of such concern for Google that it embeds privacy lawyers with product teams, Nicole Wong, Google's deputy general counsel, told reporters in Washington, D.C. Google, in its own products and in policy discussions, has focused on three privacy principles: transparency of privacy policies, security of data and user choice, and control over how data is used, she said.

"People don't like binary choices about how to use data," Wong said. "They want to be [online] on their own terms."

This week, Google hosted a meeting of the Consumer Privacy Legislative Forum, a group of companies focused on getting a consumer privacy bill passed in the U.S. Congress. The group, formed in 2006, doesn't expect legislation to pass this year, but is working toward consensus on privacy issues, said Jane Horvath, Google's senior privacy counsel. The group plans to run its ideas past privacy groups and the FTC before pushing for legislation, she said.

In addition, Google plans to file formal comments about the FTC's proposed privacy principles for online behavior advertising, added Peter Fleischer, Google's global privacy counsel. Among the FTC proposals: Web sites should provide clear and prominent statements that data is being collected to provide targeted ads, and companies should obtain consumer consent before using data in a different way from what the companies promised when they collected the data.

Google supports the FTC's work on the privacy principles, Fleischer said, but it will raise some questions when it files its comments. For example, the FTC has asked for comments on what constitutes "sensitive data" and whether it should prohibit the use of sensitive data

Friday, March 28, 2008

Washington makes RFID scanning a felony crime

From the east side of the state, we're glad to see that Washington passed what seems to be the nation's first law protecting consumer privacy regarding RFID scanning.

The new law, going into effect in July, makes it a Class C felony to maliciously scan someone's identification remotely without their knowledge and consent.

Washington State Governor Chris Gregoire signed the bill into law this week.

The bill's sponsor, Jeff Morris, said it's the first law of its kind in the United States. California is weighing similar measures.

Morris, a Democrat from Mount Vernon, said he will continue to consider additional measures to stop companies from spying on consumers without their consent for marketing purposes.

"This is just one small step to stake out some boundaries around our individual consumer rights before it's too late," he said while announcing the bill signing.

The law applies to RFID chips in identification cards, cell phones, and even running shoes, like those that Nike coupled with iPods so runners can log their mileage, pace, and calories burned.

Morris warned thieves could use RFID chips embedded in consumer products to scour a neighborhood using an RFID reader to find and target homes containing the most appealing products. He also said that police could use readers to obtain the identities of people in a mob situation, but he added that readers could capture innocent passersby as well.

Thursday, March 27, 2008

Not going out on a limb

This is an early-stage blog devoted to concerns over privacy. Particularly, it will look at how Web technology changes what our expectations of privacy are.

Pls. post suggestions or comments here.