Embed Size (px)
Citation preview
Digital Privacy
Alan Chapell @Chapell68PresidentChapell & Associates
2015 MITX DATA SUMMIT:“THE ART & SCIENCE OF PRIVACY”
Alan ChapellChapell & AssociatesJune 23rd, 2015
Key Privacy ConceptsCross Device AdvertisingThe EU’s opt-in dystopia
Working with privacy & legalRethinking data use rules
Agenda
Key Privacy Concepts
Privacy Rules assume some dysfunction and inconsistency
“Art and Science”
Fair Information Practice Principles
NoticeChoiceAccessSecurityRedress
Privacy Rules Depend
on the type of data
Data Types
Anonymous Data
Pseudonymous Data
Personal Data (“PII”)
Sensitive Personal Data (SS#, credit card)
Privacy Rules Depend
on the Jurisdiction
Low to mid-level standard
Mid-to-high enforcement
Sectoral Approach
Harm based approach - until recently
United States
High standard
Low level enforcement
Comprehensive Approach
Privacy as a fundamental right
European Union
Medium standard
mid-level enforcement
Comprehensive Privacy Law
Privacy as a right
Canada
Burgeoning standard
mid-level enforcement
Comprehensive Privacy Law
Privacy as a right
APAC
Burgeoning standard
low-level to nonexistent enforcement
And the rest….
Privacy Rules Depend
on the Use of the data
Spectrum of Data Use
Fraud Prevention
Product Development, First party ad targeting and customization
Market Research
Third Party Ad Targeting
Security
Privacy Rules Depend upon
who is the data owner
First PartyRelationship with consumerData Controller
Who ‘owns’ / controls the data
Service ProviderWorks under 1st PartyInvisible to consumerData ProcessorNo independent use
Third PartyWorks with 1st PartiesInvisible to consumerController / ProcessorSeparate use of data
Growth of Cross Device
Different Browsers, Different Policies
21
9%, 15% 21%, 16% 37%, 25% 30%, 40%
Cookie Policy:✓ Allows existing cookies to be read from any context
✗ Blocks all 3rd party cookies from being written
Impact of Policy:Allows first parties acting as 3rd parties to read cookies
Cookie Policy:✓ Allows cookies to be read and written to, so long as they already exist)
✗ might block new 3rd party cookies from being written
Impact of Policy:Allows 1st parties who are also 3rd parties.
Cookie Policy:✓ Allows 3rd party cookies to be read and written, regardless of context
Impact of Policy:Supports cookie-based targeting, data-retention, and opt-out
Cookie Policy:✓ Allows 3rd party cookies to be read and written, regardless of context
Impact of Policy:Supports cookie-based targeting, data-retention, and opt-out
Source: gs.statcounter.com
Global, US Global, US Global, US Global, US
Cross-Channel Targeting & Attribution
Cross-Channel Targeting & Attribution
New tracking technologies are necessary to address
multiple business challenges
Keys to being privacy-safe in a cross-device world
Notice / Transparency
Choice
Data Segment Retention
Notice / Transparency
• All data is YOUR data• YOUR data, YOUR responsibility• Good Faith Description• Who is working on your behalf?• Understand agencies / vendor practices
Notice / Transparency Considerations
Choice:
Where is it a requirement?Where is it a best practice?
Data Segment Retention
Even the kids know: the Internet is forever
Sunset your digital Segments
Precise Location
Auto-Intender
Income / Age Range
Frequent SN Sharer
Europe’s opt-in Dystopia
Günther OettingerEU Commiss ioner:digital economy & society
“The Americans are in the lead, they’ve got the data, the business models and so the power.”
The EU’s Solution:Higher Privacy Standards
• Privacy FAIL: – Creates incentives to collect MORE data
• Competition FAIL–Who is in the best position to obtain consent?
Affirmative Consent
The Care and Feeding of your Internal Privacy &
Legal Teams
• The Mindset of a privacy professional• Learning curve – even at tech companies• Culture of “NO”• Rarely do they (or you) want to be “first”• Bring outside help to translate from “tech”
to “marketing” to “privacy” speak
Privacy & Legal
New Thinking on Data Usage and Intellectual Property
• 2001 – Wild West• 2009 – Publisher and Advertiser “Own” • 2015 – Sliding Scale of data ownership– Community Pool• Ad Serving Optimization• Device Graph Data• Limited data Co-op (maybe)
Data Use Timeline
