Notice of Inquiry on Information Privacy and Innovation in the Internet Economy
Notice of Inquiry on Information Privacy and Innovation in the Internet Economy
Date:
April 23, 2010
Docket Number:
100402174-0175-01
Consumer Data Industry Association
Attached is the CDIA's comments regarding the NTIA/ITA/NIST notice published in the Federal Register, Vol. 75, No. 78/Friday, April 23, 2010 entitled "Information Privacy and Innovation in the Internet Economy.
Datran Media, LLC
Attached please find the comments of Datran Media regarding privacy and innovation in the internet economy.
Thank you.
Future of Privacy Forum
I am please to submit the attached submission of The Future of Privacy Forum in response to the Department's privacy NOI.
Thank you,
Christopher Wolf
Google Inc.
To Whom it May Concern:
Please see the attached comments of Google for filing in Docket No. 100402174-0175-01.
Cheers,
Will DeVries
--
Will DeVries | Policy Counsel | Google, Inc. | 202.346.1227 | wdevries@google.com
World Wide Web Consortium (W3C)
Dear Sirs,
please find attached comment from W3C Team to the Notice of Inquiry:
Information Privacy and Innovation in the Internet Economy.
Yours sincerly
Rigo Wenning
W3C Privacy Activity Lead
TechAmerica
To Whom It May Concern:
Please find attached TechAmerica’s comments submitted in reply to the Department of Commerce’s Internet Policy Task Force’s NOI entitled “Information Privacy and Innovation in the Internet Economy.â€
Thank you.
Christopher E. Wilson
Director and Counsel, E-Commerce & Telecommunications
TechAmerica
Self | Fred H. Cate
Go Daddy.com, Inc.
Martha R. Johnston
Director of Government Relations
GoDaddy.com
Data Foundry Inc
Dear NTIA:
Please find the attached comments of Data Foundry, Inc. for the Information Privacy and Innovation in the Internet Economy Notice of Inquiry (Docket No.
100402174-0175-01).
These comments were originally timely filed on June 14th, but, due to an error in the "to" field of the email submission, the message was not delivered. I just received a delivery failure notice from my email provider (which you can see below), so I am now resubmitting these comments. I hope that our comments can still receive the same attention and consideration had this error not occurred.
Respectfully,
Matthew A. Henry
PRISM International
PRISM (Professional Records and Information Services Management) International is a 501(c)(6) trade association headquartered in North Carolina and serving members in more than 60 countries. The members of PRISM International provide paper records management, data protection services, imaging and conversion services and confidential destruction services to multiple clients for profit. Approximately 650 member companies belong to PRISM International. PRISM International also maintains a secretariat office in Brussels.
Since 2008, PRISM International has been actively engaged with members of the European Parliament and European Commission regarding the transposition and implementation of the Data Retention Directive. This directive was put in place as an anti-terrorism measure and was perceived by some telcom companies and European ISPs as an unfunded mandate to retain transactional data beyond the time limit for ordinary business use.
In general terms, the European Union has been more sensitive on issues related to privacy than Americans as evidenced by the European-driven Safe Harbour provisions and recent regulatory action by Germany regarding Google data collection practices. The European Data Retention Directive attempts to strike a balance between the need for individual privacy through limiting retention periods for telcom and ISP transaction data, and law enforcement’s need to act quickly to trace the communication channels of terrorists. While the full effect of the directive’s transposition has not been felt as yet, (the ISP provisions have not yet gone into effect), the need for balancing individual privacy on the Internet does seem to be an issue of growing concern among Americans. (The recent backlash against the change in privacy settings by Facebook is a recent example).
The following is an excerpt from a white paper provided to the European Commission from PRISM International, which articulates some of the European privacy concerns.
“Because the directive establishes limits on the length of time data can be retained, citizens of EU Member States have expressed concerns that there is some type of verification of the destruction of data. These types of concerns seem to be increasing with each incident where retained data are inadvertently released. This includes data from governments. MEP Alvaro expressed this concern very clearly in a September, 2008 speech in Plenary where he said, "The Commission and Council are striving, with an incredible amount of activity, to take action in the field of the economic protection of personal data. When we see what is happening in the United Kingdom, Germany and other Member States, where there are cases of loss or theft of personal data administered by public authorities, we have just as urgent a need for action here. This is ultimately more than ever about citizens’ rights, as they are not able to prevent their government behaving in this way. With enterprises, the citizen is still able to choose a different one in case of doubt.â€
“MEP Alvaro’s point regarding a citizen’s choice in case of doubt is key. Even though telcom companies and ISPs use any and all means of verification that they have destroyed data, within the minds of some citizens there is likely to remain some question as to whether this has been done unless the data moves beyond the control of the organization and is housed with a third party. In this scenario it is possible to imagine a much higher threshold of verification. Moreover, access to this data can also be made more secure by encrypting the data prior to sending it to a third party for storage. Data outsourced in this way is stored by a company who does not have the means to access it (an encryption key). The data owner no longer has physical possession of the data and thus has no without a means of preserving the data past its point of expiration (without the direct intervention of law enforcement due to an active investigation or legal hold). This type of arrangement works very similarly to a separation of duties control in accounting. There must be cooperation between the vendor and the client in order to act. Aside from the added benefits of data security in this arrangement, we believe the additional layer of verification and transparency of data will probably be of the most benefit to telcom companies and the public.â€
Thank you for the opportunity to submit these comments.
Respectfully,
James E. Booth
Executive Director
Jim Booth
Executive Director
PRISM International
1418 Aversboro Rd. Suite 201
Garner NC 27529 USA
Voice: +1-919-771-0657
Fax: +1-919-771-0457
jim@prismintl.org
Department of Commerce | All Comments Combined
Attached is a PDF including all of the submitted comments. Comments can be navigated using the bookmarks tab.
Software & Information Industry Association
Please find attached the submission of the Software & Information Industry Association (SIIA) to the above referenced NOI.
Please do not hesitate to contact us if you have difficulty opening the attachment, have any questions, or need additional information.
Best,
Mark Bohannon
Coalition for Online Accountability
Please see attached comments of the Coalition for Online Accountability in response to the NOI published April 23, 2010. Please let me know if there are any questions or problems with the attachment.
Steven J. Metalitz, counsel to COA
Center for Democracy & Technology
To Whom It May Concern,
Attached are the comments of the Center for Democracy & Technology in response to the NTIA Internet Policy Taskforce's NOI on Information Privacy and Innovation in the Internet Economy.
Thanks,
Erica Newland
University of Cambridge, Computer Laboratory | Sören Preibusch
Dear Sir or Madam,
Please find my comments in the attachment as an HTML document (MD5 checksum db49eca8f575fff2e96184563b6ccf0d).
Many thanks,
Yours faithfully
Sören Preibusch
TRUSTe
Attached please find comments from TRUSTe on Information Privacy and Innovation in the Internet Economy in response to Docket No. 100402174-0175-01.
Please let me know should you have any questions.
Best regards,
Elizabeth Frazee
TWINLOGIC Strategies LLP
Self | Deirdre K. Mulligan
UNITED STATES DEPARTMENT OF COMMERCE
NATIONAL TELECOMMUNICATIONS AND INFORMATION ADMINISTRATION
In the Matter of
Information Privacy and Innovation Docket No. 100402174-0175-01
in the Internet Economy
COMMENTS OF Deirdre K. Mulligan
Online Trust Alliance
The Online Trust Alliance (OTA) hereby submits its comments to the Department of Commerce’s Notice of Inquiry, dated April 20, 2010. OTA is encouraged by the dialog regarding the evolving role and importance of privacy protections and the way in which it balances the impact to the vitality of online services and commerce. Balanced legislation and market based incentives are needed to provide a framework for legitimate businesses to follow which neither imposes an unreasonable burden, nor prevents aggressive enforcement towards bad actors.
OTA looks forward to continuing collaboration with the Department of Commerce on this and other initiatives and work streams including cybersecurity, protection of intellectual property and the free flow of information. Working together we can help ensure the vitality of online services and commerce
Craig
Craig D. Spiezle
Executive Director
Self | Edward Robert McNicholas
The attached personal comments are submitted for consideration as part of the Department’s comprehensive review of privacy policy and innovation in the Internet economy, pursuant to the Department of Commerce’s April 23, 2010, Notice of Inquiry.
Edward McNicholas, Esq.
ARMA International
Qwest | Qwest Communications International
See attached
United States Council for International Business
To whom it may concern,
Please find attached The United States Council for International Business submission in response to the Privacy NOI.
Regards,
Heather I. Shaw
Vice President, ICT Policy
U.S. Council for International Business
State Privacy and Security Coalition
Please see the attached Comments of the State Privacy & Security Coalition In the Matter of the Request for Comments on Information Privacy and Innovation in the Internet Economy.
Adrian B. Copiz
UCLA CENS | Katie Shilton & Deborah Estrin
Please find attached our comments in response to the National Telecommunications Administration's Notice of Inquiry on "Information Privacy and Innovation in the Internet Economy."
Sincerely,
Katie Shilton & Deborah Estrin, UCLA CENS
Information Law Institute, NYU School of Law | Ira Rubinstein
June 25, 2010
Office of Policy Analysis and Development
National Telecommunications and Information Administration
U.S. Department of Commerce
1401 Constitution Avenue, NW
Washington, DC 2023
Dear Colleagues:
I’m writing in response to the Notice of Inquiry re Information Privacy and Innovation in the Internet Economy. In particular, I’m writing to recommend that the Department of Commerce consider advocating for stricter laws governing the use of personal information combined with the provision of a Safe Harbor program. This is a regulatory strategy under which a federal statute explicitly recognizes differences in industry performance by treating safe harbor participants more favorably than non-participants. This approach builds upon the safe harbor program outlined in COPPA. Although COPPA’s safe harbor program was well intended, it suffers from a low rate of adoption due to a lack of regulatory flexibility and failure to sufficiently differentiate statutory compliance from program participation.
Properly implemented, a robust safe harbor program could afford the ideal environment to foster innovations in privacy protection while allowing as much flexibility as possible for industry innovation. Critical to the success of a new Safe Harbor program would be differential treatment between firms that chose to participate and those that do not. The DOC should promote what is sometimes referred to as a “co-regulatory†approach, with the right balance of carrots and sticks to incentivize businesses to participate while providing them the space and means to influence the regulatory process. Safe harbor benefits would be limited to firms demonstrating superior performance and would not be available to other covered entities that merely meet the default statutory requirements. This co-regulatory approach is more fully described in my article, “Privacy and Regulatory Innovation: Moving Beyond Voluntary Codes†which is available online at http://ssrn.com/abstract=1510275.
Thank you.
Sincerely,
Ira Rubinstein
Senior Fellow, Information Law Institute, NYU School of Law
Digital Due Process
Attached are the comments of the Digital Due Process coalition to the NTIA NOI "Information Privacy and Innovation in the Internet Economy" (Docket No. 100402174-0238-02).
Please contact me with any questions or concerns.
Thank you.
-
Harley Geiger
Policy Counsel
Salesforce.com
Please find attached the Salesforce.com response to the Department of Commerce NOI.
Daniel Burton
Senior Vice President, Global Public Policy
salesforce.com
University of Wyoming | Professor Robert Sprague
Hewlett Packard Company
Dear NTIA,
Please find attached HP's submission to the current Notice of Inquiry for Information Privacy and Innovation in the Internet Economy [Docket No. 100402174-0175-01].
We appreciate the opportunity to contribute our thoughts and ideas.
With best regards,
Larry Irving
Scott Taylor
American Civil Liberties Union
Please file the attached letter and supporting documentation from the ACLU in Docket No. 100402174–0175–01, RIN 0660–XA12, Information Privacy and Innovation in the Internet Economy.
Thank you,
Sandra Fulton
ACLU Washington Legislative Office
915 15th St., NW
Washington, DC 20005
sfulton@dcaclu.org
Centre for Information Policy Leadership
Docket No. 100402174-0238-02
RIN 0660-XA12
Information Privacy and Innovation in the Internet Economy
To Whom It May Concern,
Attached please find the submission of the Centre for Information Policy Leadership's comments in response to the Department of Commerce Notice of Inquiry dated April 23, 2010.
Please direct questions related to these comments to Martin Abrams (mabrams@hunton.com) or Paula Bruening (pbruening@hunton.com).
Sincerely,
Kiisha N. Jennings
Administrator
American Federation of Musicians of the United States and Canada | American Federation of Musicians
To Whom It May Concern:
Attached please find the American Federation of Musicians of the United States and Canada’s submission in the NTIA’s Information Privacy and Innovation in the Internet Economy NOI.
Thank you.
Network Solutions | A. Statton Hammock, Jr.
Microsoft Corporation
Dear Sirs and Madams:
Please find Microsoft Corporation’s submission for the Privacy NOI. Please do not hesitate to contact me should you have any further questions.
Kind regards,
Julie
Julie Inman Grant, CIPP
Director, Privacy and Internet Safety Outreach
Microsoft Trustworthy Computing (TwC)
Privacy, Accessibility, Geopol & Online Safety (PAGO)
Marketing Research Association
The Marketing Research Association (MRA) is pleased to submit the attached comments in response to Docket No. 100402174-0175-01, Information Privacy and Innovation in the Internet Economy.
Best,
LaToya Lang
Samuelson Law, Technology & Public Policy Clinic, University of California, Berkeley School of Law | Samuelson Law, Technology & Public Policy Clinic
Please file the attached letter of the Samuelson Law, Technology & Public Policy Clinic at UC Berkeley Law (ntia_letter_june_2010.pdf) and supporting documentation in Docket No. 100402174–0175–01, RIN 0660–XA12, Information Privacy and Innovation in the Internet Economy.
Thank you,
Chris Hoofnagle
Procter & Gamble Company
Dear Sir/Madam:
Attached is input to the Notice of Inquiry: Information Privacy and Innovation in the Internet Economy from the Procter & Gamble Company.
Please return confirm receipt.
Sandy Hughes
Financial Services Forum
Please find attached a submission from the Financial Services Forum to the Department of Commerce, National Telecommunications and Information Administration in response to its request for comments on its Information Privacy and Innovation in the Internet Economy.
Mark Schuermann
SVP, The Financial Services Forum
National Business Coalition
Attached are the comments of the National Business Coalition on the NOI. We regret the delay but wanted to submit our thoughts nonetheless.
Thank you,
Tom Boyd
Thomas M. Boyd
eBay Inc.
Please find attached eBay Inc’s comments to the Department of Commerce’s NOI on Information Privacy and Innovation in the Internet Economy, Docket No. 100402174-0175-01. If you have any questions please do not hesitate to contact me. Thank you for the opportunity to weigh in on this important issue.
Lauren Sholley
Manager of Federal Government Relations
eBay Inc.
NetChoice
Please accept comments from NetChoice in response to the Department’s NOI on Information Privacy and Innovation (attached).
Thank you very much for this opportunity to comment.
-Braden Cox
CTIA - The Wireless Association
Attached are CTIA - The Wireless Association's comments in response to the Department of Commerce's Information Privacy and Innovation in the Internet Economy Notice of Inquiry (Docket No. 100402174-0175-01).
Thank You
Shanée J. Meeks
Coordinator, Regulatory Affairs
IBM Corporation
Please find attached IBM's submission to the Commerce Department's Notice of Inquiry on Information Privacy and Innovation in the Internet Economy.
Please contact me if you have any questions. Thank you.
Walmart
Dear Dept of Commerce, if feasible we would like to replace the WMT submission to the NOI with the attached. The only difference is that we have added a date to the document. We apologize for the inconvenience.
Please contact me with any questions about the new submission, and Zoe Strickland if you have any questions or comments regarding its contents.
Thank you,
Stacy Killion, VP Assistant
Self | Dr. John H. Nugent
Dr. John H. Nugent, LLM, CPA, CFE, CFF, CISM, FCPA
Associate Professor
School of Management, CFO 503
Texas Woman’s University
Denton, TX 76204-5649
Cell Phone: 001-214-682-8025 (preferred number)
Email: jnugent@twu.edu
Email: jnugent@texoma.net
Email: drjnugent@yahoo.com
Verizon & Verizon Wireless
ALSO: Verizon Wireless, 1300 I Street NW, Suite 400-West, Washington, DC 20005
Visa Inc.
Attached please find the written comments of Visa Inc. regarding the Department of Commerce’s Notice of Inquiry in the Matter of Information Privacy and Innovation in the Internet Economy.
Nathan D. Taylor
International Association of Privacy Professionals
To Whom it May Concern,
On behalf of the International Association of Privacy Professionals (the “IAPPâ€), I am delighted to share a recent research report on the future of the privacy profession. The IAPP is the world’s largest association of people working in the emerging field of privacy, and now boasts over 7,000 members in 52 countries. The IAPP serves members through a robust combination of educational, networking and certification opportunities.
As an organization, the IAPP does not take positions on matters of public policy. However, to celebrate our 10th anniversary as an organization, the IAPP recently commissioned a study on the future of the privacy profession. This report provides a compelling picture of the evolution of the management of privacy within organizations. In many ways, this report points to the critical role that privacy professionals play in actually making privacy “happen†within the public and private sectors. We felt that the report may be valuable in the Department of Commerce’s current process.
Of particular note is the continued growth of the IAPP’s certification programs – the Certified Information Privacy Profession (CIPP). This designation remains the only broad-based privacy credential available and continues to grow in certified professionals every month. We now have over 3,000 CIPPs around the world.
I hope this report is helpful to your understanding of privacy and the privacy profession. Please do not hesitate to contact the IAPP if you have any further questions.
Sincerely,
J. Trevor Hughes, CIPP
Executive Director
IAPP
Intel Corporation
Attached please find the submission of Intel Corporation in response to Docket Number 100402174-0238-02 on Information Privacy and Innovation in the Internet Economy.
Thank you.
Brian Huseman
Intel Corporation
Synaptic Laboratories Ltd.
Thank you for making the call for input.
Please find the cover-letter to our submission attached to this email.
The cover-letter mentioned above lists the following 6 documents as additional input.
Benjamin Gittins
Chief Technology Officer
Synaptic Laboratories Limited