Microsoft and Other Firms Pledge to Protect Student Data

Natasha Singer, New York Times,  Tuesday, October 07, 2014

The software industry is making moves to beef up privacy protections for students.The Software and Information Industry Association (SIIA) joined with the Future of Privacy Forum, a think tank, to announce a new pledge for companies that make products for students in kindergarten through 12th grade. Under the pledge, a handful of companies have promised not to sell student information or target their ads based on students’ behavior. Companies will also only use data for specific educational purposes and will impose limits on how long that information is held. A week after California enacted a landmark law restricting the ways education technology companies can use the information they collect about elementary through high school students, a group of leading industry players is pledging to adopt similar data protections nationwide. The 14 companies include: Microsoft; Houghton Mifflin Harcourt, the educational publishing house; Amplify, a developer of digital curriculums; and Edmodo, an online network for schools that allows teachers to assign homework and measure students’ progress. The pledge was developed by the Future of Privacy Forum, a think tank in Washington, in collaboration with the Software & Information Industry Association, a trade group.

Should Google Be a Signatory to Student Privacy Pledge?

Tracy Mitrano, Inside Higher Ed,  Tuesday, October 07, 2014

Google is not among the companies to sign the pledge, and that is no surprise. Anything that would challenge its business model, bring scrutiny to its algorithm, and openly admit that is continues to use data mining from enterprise contracts to improve its services is off corporate limits. The distinction lies here: the signatory companies are NOT advertising companies. They offer content and services that do not rely on data mining as the principle means to fuel their business model.

Google Ordered to Change Handling of User Data in Germany

Karin Matussek, Bloomberg,  Tuesday, September 30, 2014

Google Inc. was ordered by a German regulator to limit how it combines user data that could be used to find out customers’ personal preferences, including marital status or sexual orientation. The operator of the biggest Internet search engine was ordered to modify its privacy policies so users have the ability to determine how their data is used, Johannes Caspar, Hamburg’s privacy watchdog, said in an e-mailed statement today. The terms of Google’s 2012 privacy policy allow the Mountain View, California-based company to combine data it retrieves when customers use various services, including Gmail, Caspar said. “With that, one can compile detailed movement patterns, detect the social and financial status, and friendship, sexual orientation and the relationship status” of a person, the regulator said.

SafeGov Releases Results of Global Parents Surveys Relating to Student Online Privacy

Jeff Gould by Jeff Gould,
Wednesday, September 17, 2014

Surveys of nearly 5,500 parents in 11 countries around the world, including Europe, Asia and North America, show that parents have high hopes for the contribution that Internet applications can make to their children’s education, especially when it comes to acquiring skills relevant to the modern global economy. At the same time, the vast majority of parents worry that internet companies are tracking and profiling their children’s online activities at school for advertising purposes, and they want such practices banned. Specifically, parents want stronger government regulations against online data mining in schools that isn’t directly related to improving academic performance, and they want schools to forbid such practices. The findings are based on a series of surveys conducted between 2012 and 2014 for SafeGov aimed at capturing global parents’ views on the benefits and risks of proliferating in-school access to internet applications such as email, document creation and group collaboration.

Apple takes 'very different view' on customer privacy, Cook says

Steven Musil, CNET,  Monday, September 15, 2014

"Our business is not based on having information about you. You're not our product," Cook said. "Our products are these, and this watch, and Macs and so forth. And so we run a very different company. I think everyone has to ask, how do companies make their money? Follow the money. And if they're making money mainly by collecting gobs of personal data, I think you have a right to be worried. And you should really understand what's happening to that data, and the companies -- I think -- should be very transparent."

FNF 2014: Brussels privacy advocates summit to tackle surveillance, censorship, net discrimination

Kirsten Fiedler, EDRi,  Monday, September 15, 2014

Between 26 and 29 September, the annual Freedom not Fear (FNF) conference and barcamp will take place in Brussels. As every year, the action days are challenging the false dichotomy that better security comes at a price: the abandonment of our privacy rights.

Our Day in Court?

H. Bryan Cunningham by Bryan Cunningham, Cunningham Levy LLP
Friday, September 12, 2014

Something unusual happened in an Oakland federal court this summer. The U.S. Government, concerned that classified national security information had been disclosed in a courtroom crowded with reporters and spectators, asked the court to modify the public record, as though the words had never been said at all, but the government later decided no classified information had been disclosed, so the issue became moot. In a separate federal case, a private company asked another federal judge to remove from the public record possible trade secret information the company’s witness had publicly disclosed, even though a verbatim transcript of the statements had been published on the court’s website. That judge forcefully rejected the company’s attempt to make this information disappear. The parties to these two cases would differ about whether the judges adequately protected their interests in the specific case at issue. But both cases involved alleged intrusive mass surveillance of our private communications, the first by the National Security Agency (NSA) and the second by Google.

9/11 Vs. Snowden: My Students' Surprising Debate About Privacy And Government

Michael Murphy, Forbes,  Thursday, September 11, 2014

“If it means preventing another 9/11,” one student said, “I’m willing to give up some of my privacy.” A long, thoughtful debate about a personal need to encrypt versus the larger question of right-to-privacy continued. Whether it was a normal multi-perspective conversation in a journalism class, I don’t know, but the less-privacy-more-security side seemed to be in the majority.

Mobile Apps and Privacy for Federal Users: Drawing the Line on “App-Appropriate”

Julie Anderson by Julie Anderson, Civitas Group
Friday, August 15, 2014

The federal mobile device landscape is evolving at a rate faster than ever before. Budget realities have accelerated the adoption of federal telework initiatives and lowered agencies’ reluctance toward bring-your-own-device (BYOD) policies – due to promising cost savings coupled with the growing demand from employees. As a result, agencies today face the daunting task of overseeing a wider assortment of devices, operating systems, and applications – all of which require heightened security and privacy considerations. Within this realm, mobile apps are a promising contribution toward improving productivity, efficiency, and customer service in the federal workforce. Some agencies have already begun rolling out or approving mobile app tools for their employees to use for job-related functions. In addition, other agencies are leveraging public-facing apps to engage constituents such as emergency alerts or newsfeeds. But as agencies approve the use of apps hosted on common commercial market operating systems – such as Google’s Android or Apple’s iOS – how these larger consumer-focused companies set up or utilize application data should be of increasing concern. The federal shift to BYOD and mobile apps must not come at the expense of privacy.

How Should the Law Handle Privacy and Data Security Harms? (Part Four)

Daniel J. Solove by Daniel Solove, TeachPrivacy
Tuesday, July 22, 2014

In this post, I will discuss how the law should handle privacy and security harms. One potential solution is for the law to have statutory damages – a set minimum amount of damages for privacy/security violations. A few privacy statutes have them, such as the Electronic Communications Privacy Act (ECPA). The nice thing about statutory damage provisions is that they obviate the need to prove harm. Victims can often prove additional harm above the fixed amount, but if they can’t, they can still get the fixed amount.