Sunday, January 27, 2013

The War For Your Personal Data: Ediscovery, Privacy, Data Protection and Social Media Weekly Updates

 

Ediscovery, Privacy, Data Protection and Social Media Weekly Updates


Ediscovery, Privacy, Data Protection and Social Media Weekly Updates


Ediscovery, Privacy, Data Protection and Social Media Weekly Updates


Ediscovery, Privacy, Data Protection and Social Media Weekly Updates


Pictures, Online Tagging, Facial Recognition and Privacy: A Study by the CNIL

 
In a recent article, published by the Huffington Post, Isabelle Falque Perrotin, the President of the CNIL * , summarizes the findings of a study that the CNIL had commissioned on the use of photos in social media.
The study was conducted by TNS Sofres on a national sample of 1554 people age thirteen and up.
The CNIL had commissioned the study in light of the explosion of photo sharing on social media in recent years. For example, every day, more than 300 million photos are shared on Facebook alone. In conjunction with the development of facial recognition technologies and the searchabilty of online pictures, the stakes for privacy are high.
Here are some interesting numbers:
  • More than half of internet users take pictures with the primary purpose of publishing them online.
  • 58% of internet users publish pictures online, and the percentage rises to 86% among the 18-24 age group. 60% of the 18-24 age group admits searching for pictures of others online.
  • 89% of the 18-24 age group has used tagging. 41% of the same age group is worried about this practice.
  • 44% of internet users always ask permission of the photographed people before publishing a photo. (that leaves 56% who don’t).
  • 43% of internet users have been embarrassed by a picture published online. In the age group 18-24, this number rises to 61%. For 27% of that age group, the online publication of pictures already has had negative impacts in their personal lives.
  • 62% of internet users do not know who has access to their pictures, posted online.
  • Two out of three internet users declare to want the option of deleting their pictures at a later date, but three out of four realize that it might be difficult. Less than 1/3rd of internet users claim to understand the parameters that control the use of their pictures.

These numbers lead the CNIL to conclude that, in the absence of a clear understanding by the users of the parameters for the use of their pictures, the responsibility for the protection of privacy should not only lie with the user, but also with the platforms that publish those pictures. For example, these platforms should provide their users with clear tools to manage the life cycle and visibility of users’ pictures.
The lack of transparency in the area of online mechanisms regarding pictures echoes the general trend of lack of transparency by the largest internet players, which the CNIL has discovered for example on the occasion of its audit of Google.
The CNIL warns that, even though innovation often demands breaking with established rules, a stable business model nevertheless requires transparency of its policies and the trust of its platform’s users.
It cites the recent Instagram gaffe as an example that illustrates this point.

Advice for Internet Users:
The CNIL posted on its site a list of simple and practical data protection tools for pictures, posted online.
Some tips:
  • Pay attention to the privacy settings of the platform on which you post your pictures.
  • Use tagging with restraint and ask permission first.
  • Think twice before using the automatic synchronization tools offered by online platforms: you may want to automatically share some of the pictures you take with Facebook, but certainly not all of them. Automatic synchronization will lead to sharing of all pictures, now and in the future. Once shared, these pictures may be hard to retrieve. (For example, they may have been shared onward, without your knowledge).

These tips may sound basic to the sophisticated privacy professional, but it is this author’s opinion, based on her personal experience online, and now reinforced by the numbers provided by the CNIL’s study, that they are not superfluous.
Kudos to Isabelle Falque Perrotin for disseminating this important information on a popular publication such as the Huffington Post.

* La Commission Nationale de l’Informatique et des Libertés, the French Data protection Authority.

Ediscovery, Privacy, Data Protection and Social Media Weekly Updates


How EDiscoveryMap’s Monique Altheim Kept a Global Audience Informed in 2012 on Privacy, Ediscovery and Social Media




A short recap of EDiscoveryMap’s Monique Altheim‘s activities in 2012 to help keep her global readers informed and up to date in the areas of Privacy, Ediscovery and Social Media:
  •  She spoke on or moderated 11 panels at conferences, from Washington D.C. and  L.A. to Brussels, Belgium, Prague, Czech Republic and Punta del Este, Uruguay.
  • She attended another half a dozen conferences related to Privacy, Ediscovery, Social Media, Cloud and Big Data.
  • She posted daily updates on her LinkedIn, Google+ Page and Facebook Page. The Facebook Page reached readers from the U.S., Canada, Belgium, Brazil, United Kingdom, Mexico, Iran, Italy, New Zealand, Malaysia, Sweden, South Korea, Germany, Spain, Israel, Argentina, Congo, Jamaica and Netherlands. The Linkedin posts reached readers from the U.S., Canada, Belgium, Spain, France, U.K., Italy, Netherlands,Ireland,Austria,Bulgaria, Sweden, Hungary, Poland,Russia, Estonia,Czech Republic, Germany, Greece, Portugal,Norway, Switzwerland, Luxemburg,Finland, Ukraine, Estonia, Uzbekistan, Malta, Turkey, Cyprus, Israel, Saudi Arabia, Brazil, Columbia, Chile, Peru, Uruguay, Australia, New Zealand, Pakistan, India, China, Japan,Malaysia, Nepal,Singapore, Taiwan and Kenia.
  • She tweeted thousands of Privacy, Ediscovery and Social Media tweets via her three Twitter handles @moniquealtheim, @EDiscoveryMap and @EUdiscovery
  • She posted more than 80 blog posts on her blog EDiscoveryMap. The blog has a global readership from the U.S and Canada to Europe, Latin America, Asia and Africa. EDiscoveryMap reaches on average, viewers from about 55 countries worldwide.
  • She created and posted half a dozen power point presentations on her SlideShare site. The slides averaged, to date, about 7,000 views world wide.
  • She continued her daily publication of the EDiscovery and Data Protection Daily.
  • She created 10 privacy/ediscovey/social media related videos, which she uploaded on her EDiscoveryMap YouTube Channel.  Her privacy, ediscovery & social media videos were watched from the U.S, Canada, Israel, Morocco, Poland, Ireland, Ukraine, France, Germany, Belgium, Italy, Netherands, Czech Republic, Uruguay, South Korea, Hong Kong and India.
  • She co-authored the E-book “E-Discovery Legal Issues Guidebook”,  published by PenTest Magazine.
  • She updated her information sharing mobile app for iPhone/iPad and Android devices a few times, working on constantly perfecting it and also added a privacy policy to it. The app has been uploaded from the U.S. & Canada ,Europe, China, Japan, Taiwan, India, the Middle East and South America.
  • And finally, in a search for continuous improvement of her knowledge of privacy and data protection, she earned the additional certification of CIPP/E (Certfied Information Privacy Professional/Europe).
Wishing all a Happy 2013, and looking forward to continue to share information this coming year via old and new channels and platforms.

Ediscovery, Privacy, Data Protection and Social Media Weekly Updates


Ediscovery, Privacy, Data Protection and Social Media Weekly Updates


U.S. Ediscovery and Cross-Border Ediscovery 101 for Civil Law Practitioners

In a speech given at the 3rd Annual European Data Protection and Privacy Conference, in Brussels on 12/4/12, Viviane Reding addressed the reasons for the global interest in the European Commission’s proposed reforms to the EU Data Protection Regime:
“Why is there so much interest in our data protection reform?
…, because data protection is a global challenge. In a world where borders are increasingly blurred, and where data moves at the speed of light, the Union’s rules matter beyond its borders. Our debate is a precursor of future debates in other parts of the world. Many countries have a new generation of data protection laws in the making, in Asia, in Latin America, in Africa. In the U.S., the voices of reform are growing louder. All across the world, people are realising that good data protection rules are good for growth. This is at the heart of our own proposals here in Europe.”
But, while the EU may be leading the global data protection reform movement, there is no doubt in my mind that the US remains the leader in global data collection technologies.
The U.S. Ediscovery industry originated from the very broad Common Law requirement of “Disclosure” or “Discovery” in civil litigation. As digital data became the overwhelming source of data in most companies and organisations, “discovery” became “e-discovery”, the “e” standing for “electronic”. This obligation to disclose is practically non-existant in Civil Law systems.
According to a recent report published by Transparency Market Research, the global e-discovery market was worth USD 3.6 billion in 2010 and is expected to reach USD 9.9 billion in 2017, growing at a CAGR of 15.4% from 2010 to 2017. In the overall global market, the U.S. is expected to maintain its lead position in terms of revenue with 73% of global e-discovery market share in 2017. Another report, published by Research and Markets,  forecasts the Global eDiscovery market to grow at a CAGR of 15.56 % over the period 2011-2015.
The globalization of trade and data flows have lead to an increase in international litigation, with, in Common Law based jurisdictions, the accompanying need for global data collections to satisfy the Common Law “Duty to Disclose” in civil litigation.
Just as the EU Data Protection reform has caused undeniable ripple effects worldwide, the U.S. Edsicovery boom has had an impact on the global practice of law.
For example, at the recent LawTech Europe Congress 2012  held in Prague, CZ, on 11/12/12, I was impressed by the overwhelming interest expressed in U.S. based Ediscovery technologies for application in local internal and Government investigations in bribery, corruption and fraud allegations within EU companies, and, to a lesser extent, for application in cross-border ediscovery procedures.
It is in the particular case of cross-border ediscovery, conducted in the context of U.S. civil litigation, that the clashes between local, EU-style data protection regimes and the need for transfer of data to the U.S., are the most acute and problematic.
In order to solve this very complex problem, I believe, in line with the Sedona Conference‘s philosophy, that dialogue is of the utmost importance. In the case of U.S. cross-border ediscovery in the EU, this dialogue takes on the additional dimension of a dialogue between two vasltly different legal systems: the Common Law system of the U.S. and the Civil Law system of the majority of EU member states. These different legal systems are cause for many misunderstandings between EU and US legal practitioners. On the one hand, U.S. attorneys and judges need to become more familiar with the EU Data Protection regime, and on the other hand, the EU member states’ attorneys, in-house counsel and Data Protection Authorities (DPAs) need to become more familiar with U.S. ediscovery obligations.
In the past, I have explained basic EU Data Protection concepts to U.S. legal practitioners.
At the  LawTech Europe Congress 2012, I attempted to explain U.S. Ediscovery principles to an audience, consisting mainly of Civil Law practitoners.

 The Sedona Conference Working Group 6, of which I am an active member, has worked relentlessly to achieve a dialogue between the EU Data Protection Authorities and US attorneys, in-house counsel and Federal Judges. It has published The Sedona Conference International Principles on Discovery, Disclosure and Data Protection in December 2011, which is now open for public comment. The Principles were very well received by the Article 29 Working Party, the EU Data Protection Authorities’ Advisory Body, presided over by Jacob Kohnstamm.
It is the hope of The Sedona Conference that its International Principles will become accepted as best practices, as a code of conduct by U.S. litigants and Judges, as well as by EU member states’ DPAs.
To paraphrase Viviane Reding: ..because litigation is a global challenge. In a world where borders are increasingly blurred, and where data moves at the speed of light, U.S. ediscovery rules matter beyond their borders.

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...