Meaningful Privacy Protections for Mobile Services

Mobile environments present unique threats and challenges to privacy and security. This article takes a look at two main types of threats in such environments: signal interception and access to user information. It then examines four important recommendations made by EPIC to the mobile industry regarding the current state of privacy protection approaches. These recommendations are: 1) A notice-based privacy regime provides inadequate protection for consumers; 2) Privacy labels or icons suffer from many of the same flaws as traditional privacy notices; 3) The FTC’s conception of disclosure should include transparency, access and correction, in addition to notice; and 4) Explore the connection between disclosure and a broader regime of privacy [...]

Share

Privacy Engineering: Privacy-by-Policy vs. Privacy-by-Architecture

There are two main approaches to engineering privacy protection: privacy-by-policy and privacy-by-architecture. Privacy-by-policy relies on the Fair Information Practices and notice and choice. Privacy-by-architecture leverages privacy protective technologies. While they are normally considered dichotomous, privacy experts recommend a hybrid approach that integrates these two [...]

Share

Components of a Privacy Policy

Enterprise privacy policies and privacy programs are essential. While policies alone cannot prevent data breaches or misuse of personal information, they are a good step in ensuring transparency and privacy-friendly practices. A privacy policy should contain the following key components: notice; consumer choice; access and correction; security; and [...]

Share