Archive for February, 2015

“Fox to Chickens: Let Me Help” Mocek on White House Consumer Privacy Bill of Rights 2015

Here’s Phil Mocek, Vice President of Seattle Privacy Coalition, on the draft Consumer Privacy Bill of Rights of 2015:

“The fox is proposing to the chickens that it protect them from the raccoons.

The draft Consumer Privacy Bill of Rights Act of 2015 aims to “establish baseline protections for individual privacy in the commercial arena” and to foster those through “enforceable codes of conduct.” These are worthy goals, and achieving them sounds like something the U.S. Federal Trade Commission should be working on.

A “consumer privacy bill of rights” is clearly intended to apply specifically to people who are consuming. The right to personal privacy needs protection regardless of whether people participate in the economy by producing or by consuming, and also if they do not participate at all.”

Read the rest on Phil’s blog….

Seattle Councilmembers speak up for privacy

Here’s the video from the Monday 2/23 Full Seattle City Council meeting where the resolution spelling out Seattle’s new Privacy Principles was passed. Extremely fitting and gratifying that this took place the day after Citizenfour won an Oscar.

I was heartened by the language we heard from councilmembers who spoke. It’s wonderful that they are so much better informed, more articulate, and just plain braver on this issue than they were two years ago. I loved hearing Councilmember Harrell talk about the city capturing IP addresses, and talking about how mind-boggling and intimidating it is, how much data the city collects.

Noteworthy comments and commitments here:

Harrell (38:13)
“I share and echo the concerns about whether privacy is a human right or just something that we grapple with when we need to…. I’m in complete agreement with some of the testimony that we heard this morning. We are a Human Rights City. We adopted the universal Universal Declaration of Human Rights which was established by the UN General Assembly after World War II, we embrace this notion that privacy as a right….”)

O’Brien (42:57)
“This is a good first step, there’s a lot of work to do, specifically around the issue of privacy as a human right, which will be in discussions as we move forward….”

Sawant: (43:54)
“Without real accountability and guidelines this will be an ongoing problem…the city has been wasting time and taxpayer money implementing equipment and then taking it down after public outcry…” (Fabulously, she mentions the $5 million cost of the cams and some other specifics that the other councilmembers tactfully avoided, nicely putting SPD right in the crosshairs of this issue, where they belong.)

While the written principles themselves are not terribly strong, this is great stuff coming from the dais. I look forward to pushing for more specificity, bigger goals, explicit discussions of auditing and enforcement as the City develops the Privacy statement and toolkit, due in August.

Notes on a Surveillance Society at Seattle Public Library

But first, briefly: Hooray, Seattle has Privacy Principles! Passed yesterday by council, the Resolution we’ve been talking about for the past two years is a real thing. More on this later.

Meanwhile: This Thursday, Pecha Kucha Seattle, in collaboration with the Seattle Public Library present PKN SEA vol. 58: Watch Me Now, Notes on a Surveillance Society, a series of 6-minute talks inspired by the following questions:

What does privacy mean in the digital age? To what extent do we understand the information ecosystems that surround us? To what extent is our world visible? What can we see and what do others see? What is the value of our information – individually and collectively? What is the price of convenience if privacy must be compromised to attain it? What does privacy mean in the age of smart phones, social media and cloud computing?

The event will bring together speakers from across the information ecosystem – including policy makers, technologists, advocates and others to discuss the complex issues surrounding privacy and surveillance in the digital world.

Speakers include Jan Bultmann (um, me) of Seattle Privacy Coalition, Jared Friend of ACLU, Jim Loter of SPL, Michael Mattmiller, CTO of Seattle, Ramez Naam, science fiction author and ethicist; Ryan Calo, of the UW’s Tech Policy Lab, Ben Krokower of CTTAB, Frank Catalano… — well, it’s a veritable rogues gallery. Please come, and if you can’t watch this page for a link to the event.

Full Council to vote on Privacy Principles resolution

If you haven’t had a chance to watch last week’s committee hearing on the proposed Privacy Principles, please take a moment — or, about 30 minutes, really, to do so.

http://www.seattlechannel.org/mayor-and-council/city-council/20142015-public-safety-civil-rights-and-technology-committee?videoid=x52171

It’s interesting and encouraging to see Councilmembers Harrell, Licata, and O’Brien all talk about about privacy, both as a data-management issue but also as a fundamental human right.

Our Response to City’s Proposed Privacy Principles

Following is the text of Seattle Privacy Coalition’s Board of Directors response to the City of Seattle concerning the proposed Privacy Principles that are scheduled for review by City Council’s Public Safety, Technology, and Human Rights committee on Wednesday, February 18, 2015, and for consideration by the full council on Monday, February 23, 2015.

We sent this letter to Ginger Armbruster and Michael Mattmiller of the City of Seattle Department of Information Technology, to Mayor Ed Murray, and to the Seattle City Council.

We’re writing to provide feedback from the Seattle Privacy Coalition on the Privacy Principles developed by the Privacy Advisory Board and slated to be presented to the Public Safety, Technology, and Human Rights committee tomorrow, and to the full city council on 2/23/2015.

First, thank you for your hard work and persistence in pulling this effort together. We are thrilled and grateful to see how quickly you’ve been able to move, and the high quality of the individuals you found to contribute input. Thank you so much.

Primarily, we call for expansion in the areas of enforcement and accountability, and in the right of individuals to review and correct information stored about them.

We also appreciate how you’ve addressed two of the three proposals we made to the city.

We eagerly look forward to seeing how you will address the third request: that is, for the creation of a Chief Privacy Officer position that stands outside of any single department and audits and maintains adherence to privacy commitments across the entire city.

We ask the city to explicitly recognize that privacy is a right, as laid out in international treaties such as the International Covenant on Civil and Political Rights, and recognized in recent UN General Assembly reports.  In this frame, we suggest that the principles should be written as principles, rather than as promises or action statements.  –SPC letter to City

For the immediate task: we’ve done our best to provide feedback on each proposed principle that will be useful and constructive. We have reviewed the principles with respect to the following categories: Collection, Notice/Transparency, Access and Correction, Use, Disclosure, Accuracy, Enforcement, and Oversight.

General feedback

While we are very pleased with the effort so far, we want to take advantage of this crucial initial phase to call for these principles to work harder and do more.

We ask the city to explicitly recognize that privacy is a right, as laid out in international treaties such as the International Covenant on Civil and Political Rights, and recognized in recent UN General Assembly reports.  In this frame, we suggest that the principles should be written as principles, rather than as promises or action statements.  We suggest specific wording changes below, all of which are intended to ensure that the
city consistently discusses privacy as a human right.

Primarily, we call for expansion in the areas of enforcement and accountability, and in the right of individuals to review and correct information stored about them.

Next, please find our specific recommended emendations.

“1. We value your privacy.

Keeping your personal information private is very important. We consider potential risks to the well-being of you and the public before collecting, using and disclosing your personal information.”

Naturally we are glad to know that city staff value our privacy, but it is our right to privacy that concerns us. We suggest the following language to underline the importance of this right:

The right to privacy underlies all other rights held dear by a free society. We respect and will defend your right to privacy.

Likewise, while it is a very good thing to know that city staff will assess potential risks to our well-being. Better and more relevant for this set of principles, however, would be a commitment to assessing the risks to our privacy.

We’d also love to see the following tweaks to make collection and use less of a foregone conclusion: “if we collect, use, or disclose information about you.”

“2. We collect and keep only what we need.

We only collect information that we need to deliver City services and keep it as long as we are legally required or there is a valid business purpose. When it is practical, we tell you when we are collecting this information.”

Many of us in the Seattle Privacy Coalition hail from the tech sector of private industry and for us valid business purposes does not sound like a phrase that belongs in a document concerning public institutions.

Too often, privacy is sacrificed for the business purpose of accruing revenue through, for example, the sale of information about customers from one business to another.

The city is not a business, and so business purpose strikes us as an undesirable way to evaluate the need for municipal government staff to retain information.

As an alternative approach, we suggest the following:

Government should collect and keep personal information only as necessary to deliver services and meet legal retention requirements.

An acceptable variation here might look something like this:

Superfluous collection or retention of personal information puts privacy at risk and creates liability for the City.

A few questions that come to mind with this section include:

When will it ever be practical to tell us that information we wish not to have collected is being collected?

Who defines “what we need?,” both for collection and retention? (The mayor? Department heads? The police union? The fusion center?)

“3. Using your information.

When appropriate, we make available information about the ways we use your personal information at the time we collect it. If possible, we will give you a choice about how we use your information.”

A principle (as opposed to a tactic) that addresses this issue might read something like this:

Public knowledge of how government uses personal information is essential for informed consent.

This proposed reframing of the principle points up the difficulties with the following text that elaborates upon it:

“If possible, we will give you a choice about how we use your information.”

We would prefer that this principle discuss ensuring consent, rather than offering us choices when convenient.

“4. We are accountable.

We manage personal information in a manner that is consistent with our commitments and as required by law. We protect your personal information by restricting improper access and by securing our computing resources from threats.”

This is all great stuff and we are glad to hear it. But again, we want to reword this statement of fact as a principle and strengthen some of the language. Here’s a restatement of what we think you’re working toward here:

Government staff should be personally accountable for inappropriate collection, retention, and use of personal information.

It would be useful to see a commitment to accountability here, and certainly, surely, improper access to personal information should be prevented, not restricted. Possible language might look like this: Accountability extends to situations where control of or access to private data is given to a third party or vendor as part of a professional or business relationship with the City of Seattle.

We propose that this would be an excellent place to commit to the principle of lead privilege – that is, that people working with data have the minimum about of access needed to do their jobs and no more – and to acknowledge that institutional transparency is important.

“5. Sharing information.

We follow federal and state laws about information disclosure whenever we work with outside governmental agencies to protect our community and in answering public disclosure requests. Business partners and contracted vendors who receive or collect personal information from us or for us to deliver City services must agree to our privacy requirements.”

In the spirit of stating a principle, we suggest: “Personal information should be shared with third parties only sparingly and cautiously.”

The explanatory language for this principle seems to raise more questions for us than it answers. For example, is the city following the law only when the collaborative work is done to protect the community? Does the city need to commit in its privacy principles to refraining from unlawful activity?

Are partners and vendors exempt from this agreement when they receive or collect personal information from the city for purposes other than the delivery of City services?

What is a business partner in this context? An alternate approach might be something like this:

“Third parties, including government agencies, businesses, and other private entities, who receive from us or collect for us personal information are legally required to abide by our privacy requirements.”

Ideally this would include the requirement of a signed statement of agreement from vendors, which is legally binding. Individuals should be able request this statement and sue on its basis to recover damages.

Finally, we’d like to see some language here about consent to or notification of sharing.

“6. Accuracy is important.

We work to maintain and use accurate personal information for City business. When practical, we will work to correct inaccurate personal information. We also instruct our partners and contracted vendors to follow the same guidelines.”

This principle would be a good place to commit to allowing the public to audit personal information and to providing a formal dispute resolution process. It would also be useful to commit to an audit process for vendors, and to specify who would be responsible for enforcing it.

For example:

“We work to maintain and use accurate personal information for City business. We will always try to correct inaccurate personal information whenever possible. We require our partners and contracted vendors to follow the same guidelines, enforced by the legal contracts we have with them.”

That was a lot of feedback, and we know it. Once again, we would like to express our appreciation for all your work, and our gratitude at having been given the opportunity to provide feedback.

We call for you to think even bigger. We ask that you state explicitly that the city will avoid accepting funding for or employing technologies of dragnet surveillance. That the city will work to prevent unlawful collection, use, and sharing of data by other government agencies.

We ask you, in fact, to commit to preserving space for dissent—which is lies at the heart of the democratic ideal.

Board of Directors, Seattle Privacy Coalition