May 2, Washington, DC - Leslie Harris will speak at the UNESCO conference 21st Century Media: New Frontiers, New Barriers.
Federal policymakers last week announced initiatives on two key challenges facing the Internet: consumer privacy and online identity. CDT is deeply involved in shaping the outcome of both issues.
Bipartisan Senate Bill Holds Promise for Internet Privacy
On April 12, Senators John Kerry (D-MA) and John McCain (R-AZ) introduced the first comprehensive consumer privacy bill the Senate has seen in more than ten years. While the bill is not perfect, its introduction moves the U.S. one step closer to the enactment of federal privacy protections. The U.S. embarrassingly behind the times in this area.
CDT has long advocated for a 21st century privacy law to fill the gaps left by existing sectorial privacy laws that cover areas like financial, health, telephone data, etc. The Kerry-McCain bill addresses the full range of Fair Information Practice Principles, which provide the best available source for defining consumer privacy rights. The bill is designed to support innovation by including flexible provisions allowing companies to work with the FTC and Commerce Dept. to develop industry-specific rules that make sense for both consumers and businesses. CDT will release its initial in-depth analysis of the bill next week.
National ID Strategy Envisions Trustworthy Web
Last Friday, the Administration released its ambitious National Strategy for Trusted Identities in Cyberspace (NSTIC). The Strategy presents a vision of an online identity eco-system where individuals can choose from a number of interoperable, secure, convenient and privacy-preserving identities. The approach is intended to promote a shift away from today's norm of numerous insecure usernames and passwords used and reused across the Web. The NSTIC is not a national ID program. In fact, it's not an ID "program" at all. It is an effort to encourage private sector leadership and innovation. As CDT's Leslie Harris comments in her post, the new strategy has made individuals its first priority. It envisions a framework that preserves anonymity and pseudonymity while improving security through federated identities so users do not have to disclose extensive personal data every time they want to use a new site.
Near Field Communication Poses New Privacy, Security Risks
Near Field Communication (NFC) allows mobile devices to communicate with nearby targets. Potential applications include mobile payment and local messaging. Android devices already include NFC capability; Microsoft, Sprint, Amazon and RIM have announced plans to incorporate NFC into new products. AT&T, T-Mobile and Verizon have announced mobile payment plans with Mastercard, Citigroup and other credit card companies.
CDT's Harley Geiger has examined some of the security and privacy issues this powerful technology poses. As he notes, the presence of payment card information on phones will make those devices a target for malicious attacks. The good news: smartphones can provide strong cryptography and authentication but makers have to build those capabilities into the phones. Another issue: how much control consumers will have over the information disclosed to merchants and third parties during an NFC transaction.
Much remains to be done in advance of extensive NFC rollout over the next few years. The pubic and private sectors, along with advocates like CDT, will have to develop guidelines for the design and application of this new technology. Good starting points include the FTC's 2010 Staff Report and CDT's RFID Deployment Best Practices.
Andrew McDiarmid provides an update on efforts in the House to repeal the FCC's Open Internet rules.
Leslie Harris offers thoughts on kids' privacy in online advertising.
CDT urges a federal appeals court to uphold a lower court ruling that YouTube is subject to the "notice and takedown safe harbor" provisions of the copyright law.
CDT fellow David Post discusses Thomas Jefferson's philosophical legacy and the Web.
Click to view this email in a browser
If you no longer wish to receive these emails, please reply to this message with "Unsubscribe" in the subject line or simply click on the following link: Unsubscribe
Center for Democracy & Technology
1634 I St.
Washington, District of Columbia 20006
Read the VerticalResponse marketing policy.