Presentation Material (Powerpoint)
Transcript of Presentation Material (Powerpoint)
![Page 1: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/1.jpg)
Looking AheadLooking AheadPrivacy, Laws, & Privacy, Laws, &
TechnologyTechnology
________________________________________________________________________________________
J. Trevor HughesJ. Trevor HughesInternational Association of Privacy ProfessionalsInternational Association of Privacy Professionals
![Page 2: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/2.jpg)
Emerging Regulatory IssuesEmerging Regulatory Issues
PrivacyPrivacy ID TheftID Theft SSNs SSNs SpamSpam TelemarketingTelemarketing GLBAGLBA FCRAFCRA HIPAAHIPAA Patriot ActPatriot Act
SecuritySecurity The Ugly StepchildThe Ugly Stepchild
A Look AheadA Look Ahead Emerging TechnologyEmerging Technology BiometricsBiometrics Data FluidityData Fluidity Data AggregationData Aggregation
![Page 3: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/3.jpg)
The Privacy StrataThe Privacy Strata
Technology Standards
Self Regulatory Standards
US Government
SSNs GLB HIPPA
The States (Legislatures, DOIs and AGs)
The Rest of the
World
The Rest of the
World
EUROPE EUROPE Canada Canada
![Page 4: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/4.jpg)
Show me the harm...Show me the harm...
Marketing Telemarketing SPAM Identity Theft
Harm to Public
![Page 5: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/5.jpg)
Identity TheftIdentity Theft
FTC Complaints:FTC Complaints: 2000: 31,0002000: 31,000 2001: 86,0002001: 86,000 2002: 162,0002002: 162,000 Top consumer fraud Top consumer fraud
complaint in 2002complaint in 2002 30% growth predicted 30% growth predicted
going forwardgoing forward
Average impact:Average impact: $1500$1500 175 hours of clean up175 hours of clean up credit disruptionscredit disruptions
42% of complaints 42% of complaints involve credit card involve credit card fraudfraud
Identity theft coverage now availableIdentity theft coverage now available
![Page 6: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/6.jpg)
Social Security NumbersSocial Security Numbers
California:California: Correspondence to residential addresses cannot Correspondence to residential addresses cannot
include a SSNinclude a SSN (Simitian bill) employers cannot use SSN for purposes (Simitian bill) employers cannot use SSN for purposes
other than taxesother than taxes
Feds:Feds: Proposals to limit use as college IDProposals to limit use as college ID
Looking ahead:Looking ahead: Restrictions on the use of SSNs as internal identifiersRestrictions on the use of SSNs as internal identifiers
May be used for verification of identity, accessing medical May be used for verification of identity, accessing medical files and credit reportsfiles and credit reportsMay not be used as an account numberMay not be used as an account number
![Page 7: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/7.jpg)
SPAMSPAM
Hotmail – 80% unsolicited Hotmail – 80% unsolicited bulk emailbulk email31 billion per day (2002)31 billion per day (2002)60 billion per day(2006)60 billion per day(2006)Dial up concerns (EU Dial up concerns (EU local call problems)local call problems)Work productivity/liability Work productivity/liability concernsconcernsDeliverability concernsDeliverability concernsChannel viability Channel viability concerns (the “900” concerns (the “900” phenomenon)phenomenon)
![Page 8: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/8.jpg)
Will the Cure Kill Email?Will the Cure Kill Email?
Legal Responses:Legal Responses: 26 states with anti-26 states with anti-
spam legislationspam legislation Can Spam Act in Can Spam Act in
Congress (expected to Congress (expected to pass this year)pass this year)
EU opt-in EU opt-in requirementsrequirements
Tech ResponsesTech Responses BlacklistsBlacklists Filtering by ISPsFiltering by ISPs Solution providersSolution providers
HabeusHabeus
Trusted SenderTrusted Sender
IronPortIronPort
BrightmailBrightmail
Aggressive filtering results in “false positives”(legitimate email being blocked)
![Page 9: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/9.jpg)
![Page 10: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/10.jpg)
Employee Email PrivacyEmployee Email Privacy
Blurring of work/home Blurring of work/home boundariesboundaries30% of ecommerce sales 30% of ecommerce sales generated from the generated from the workplaceworkplaceExtensive use of Extensive use of company email for company email for personal usepersonal useIssue: employer Issue: employer monitoring?monitoring?European v. US European v. US approachesapproaches
![Page 11: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/11.jpg)
TelemarketingTelemarketing
The “must have” The “must have” legislation for every up-legislation for every up-and-coming AGand-coming AGTCPA – allows for single TCPA – allows for single vendor opt-outvendor opt-outFTC’s 2001 gift to FTC’s 2001 gift to consumers: a national do consumers: a national do not call registry (call Billy not call registry (call Billy Tauzin)Tauzin)Telemarketing will Telemarketing will diminish as a sales diminish as a sales vehiclevehicle
![Page 12: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/12.jpg)
Fair Credit Reporting ActFair Credit Reporting Act
Reauthorization in 2003Reauthorization in 2003
Big issues:Big issues: Expand consumer privacy protections?Expand consumer privacy protections? Sunset state preemption?Sunset state preemption?
NAAG says “YES!”NAAG says “YES!”
Business community says “please, no!”Business community says “please, no!”
For insurers: beware of scope creep in FCRA For insurers: beware of scope creep in FCRA reauthorization (Sen. Shelby – GLBA did not go reauthorization (Sen. Shelby – GLBA did not go far enough; wants opt in for third party transfers)far enough; wants opt in for third party transfers)
![Page 13: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/13.jpg)
Layered Privacy NoticesLayered Privacy Notices
![Page 14: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/14.jpg)
SecuritySecurity
The Ugly Stepchild of PrivacyThe Ugly Stepchild of Privacy
![Page 15: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/15.jpg)
![Page 16: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/16.jpg)
![Page 17: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/17.jpg)
![Page 18: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/18.jpg)
![Page 19: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/19.jpg)
SecuritySecurity
Security AuditSecurity Audit Quickest, easiest way to get a snapshot of your security Quickest, easiest way to get a snapshot of your security
issuesissues
Develop a “Security Portfolio”Develop a “Security Portfolio” Internet/Acceptable use policiesInternet/Acceptable use policies E-mail policiesE-mail policies Remote access policiesRemote access policies Special access policiesSpecial access policies Data protection policiesData protection policies Firewall management policiesFirewall management policies Cost sensitive, appropriate architectureCost sensitive, appropriate architecture
Reassess, Audit, ReviseReassess, Audit, Revise
DefenseIn
Depth!
![Page 20: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/20.jpg)
SecuritySecurity
Protect Internally and Protect Internally and ExternallyExternally IIS Survey (2000) – IIS Survey (2000) –
68% of attacks are 68% of attacks are internalinternal
Protect Network AND Protect Network AND DataData Data is usually the Data is usually the
target of an attack, not target of an attack, not the “network”the “network”
![Page 21: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/21.jpg)
![Page 22: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/22.jpg)
![Page 23: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/23.jpg)
Security – What to do?Security – What to do?
Standards Emerge!Standards Emerge! Data encryption to the Data encryption to the
column levelcolumn level Role-based access Role-based access
control to the row levelcontrol to the row level Role-based access for Role-based access for
DBAsDBAs Transaction Transaction
auditabilityauditability
Pay now, or Pay Pay now, or Pay Later!Later!
![Page 24: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/24.jpg)
A look ahead...A look ahead...
![Page 25: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/25.jpg)
Emerging DynamicsEmerging Dynamics
Data FluidityData Fluidity PersonalizationPersonalization Persistent SurveillancePersistent Surveillance BiometricsBiometrics
Data AggregationData Aggregation Targeted messagingTargeted messaging
Geo PrivacyGeo Privacy
![Page 26: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/26.jpg)
Data Friction and FluidityData Friction and Fluidity
FRICTION FLUIDITY
Stone Tablets
Paper
Printing Press
Digital Data
Data Velocity
![Page 27: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/27.jpg)
PersonalizationPersonalization
As data becomes more As data becomes more fluid, personal targeting fluid, personal targeting becomes possiblebecomes possible
Privacy issues prevailPrivacy issues prevail
.NET (Microsoft), Liberty .NET (Microsoft), Liberty Alliance (Sun)Alliance (Sun)
Never entering your name, Never entering your name, password, address and password, address and credit card againcredit card again
Do we really want this?Do we really want this?
The rise of GUIDsThe rise of GUIDs
![Page 28: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/28.jpg)
![Page 29: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/29.jpg)
Personlization TodayPersonlization Today
Hello John Anderton...Hello John Anderton...
![Page 30: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/30.jpg)
![Page 31: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/31.jpg)
Data Fluidity for HealthcareData Fluidity for Healthcare
Smart CardsSmart Cards GenomeGenome Entire Medical RecordEntire Medical Record
HIPAA code setsHIPAA code setsCRM across all CRM across all lines/interaction lines/interaction pointspointsSingle interface Single interface solutions for solutions for customerscustomers
![Page 32: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/32.jpg)
Biometrics EverywhereBiometrics Everywhere
Biometric AttestationsBiometric Attestations Faceprints, eyeprints, Faceprints, eyeprints,
fingerprints, hand fingerprints, hand geometry, voice geometry, voice recognition, vein recognition, vein patterns, gait patterns, gait recognition, odor...recognition, odor...
![Page 33: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/33.jpg)
Face RecognitionFace Recognition
2001 Superbowl2001 Superbowl
AirportsAirports
Urban hot spotsUrban hot spots
Business campusBusiness campus
![Page 34: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/34.jpg)
Iris/Fingerprint RecognitionIris/Fingerprint Recognition
Airports (Vancouver Airports (Vancouver and Toronto)and Toronto)
SignaturesSignatures
High security High security buildingsbuildings
![Page 35: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/35.jpg)
Persistent Persistent SurveillanceSurveillance
““He’s been idented on He’s been idented on the Metro...”the Metro...”
![Page 36: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/36.jpg)
Data AggregationData AggregationData Silos Aggregation
Core Data
Inferred Data
Meta Data
Derivative Data
Personalization and Velocity
![Page 37: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/37.jpg)
![Page 38: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/38.jpg)
Geo PrivacyGeo Privacy
e911e911
Geo Targeted Geo Targeted Wireless ServicesWireless Services ““Smell that coffee? Smell that coffee?
Come in for a cup!”Come in for a cup!”
![Page 39: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/39.jpg)
Lessons to be LearnedLessons to be Learned
Data Becomes Much Data Becomes Much More FluidMore FluidData Management Data Management Becomes Much More Becomes Much More DifficultDifficultData Moves More QuicklyData Moves More QuicklySmart Companies will Smart Companies will Harness the Power of Harness the Power of Data Fluidity to Reduce Data Fluidity to Reduce Costs and Improve Their Costs and Improve Their Value Propositions Value Propositions
![Page 40: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/40.jpg)
The International Association of Privacy Professionalsis the nation’s leading association for privacy and securityprofessionals. It helps its members build and maintain privacyprograms while effectively navigating rapidly changingregulatory and legal environments.
Mission of IAPP
1. To promote privacy programs and safeguards – their introduction, development and maintenance.
2. To provide a forum for interaction and information exchange for our members.
3. To create high quality educational opportunities for those involved with privacy issues.
Phone: 800-266-6501 www.privacyassociation.org
![Page 41: Presentation Material (Powerpoint)](https://reader036.fdocuments.in/reader036/viewer/2022062319/5585050cd8b42ad71b8b5139/html5/thumbnails/41.jpg)
THANKS!THANKS!
J. Trevor HughesJ. Trevor Hughes
[email protected]@maine.rr.com
207 351 1500207 351 1500