PUBLICATIONS & RESOURCES

The OMB's Federal Enterprise Architecture Security and Privacy Profile mentioned in our article entitled "OMB Issues Guide to Security and Privacy" is available at http://cio.gov/documents/FEA%20Security%20Profile%20Phase%20IFINAL07-29-04.doc

*****

A new study, conducted by Pam Dixon of the World Privacy Forum, states that professional job search web sites are not the only ones violating privacy laws, even some internship and scholarship web sites may be breaking the rules in their collection of personal information. The study raises questions regarding possible privacy violations such as distribution of information to third parties and specifically cites web sites USAJOBS.gov, FastWeb.com and Eliyon.com. http://www.michigandaily.com/vnews/display.v/ART/2003/11/13/3fb320e3dc262

*****

The Information and Privacy Commissioner/Ontario and Deloitte & Touche have issued a joint report entitled "The Security-Privacy Paradox: Issues, Misconceptions, and Strategies." The report includes sections on the "Overlaps Between Security and Privacy," "The Economics of Privacy,""Are Privacy and Security One and the Same?," "Roadmap for Successful Strategies." Ordering information is available online at www.ipc.on.ca.

*****

Privacy Journal has published the latest supplement to its “Compilation of State and Federal Privacy Laws,” which shows a huge increase in state anti-spam and Do-Not-Call (DNC) telemarketing laws. According to Privacy Journal, a total of 34 states have passed new laws limiting bulk electronic-mail advertising. The Supplement notes 26 state laws requiring telemarketers to consult a state-maintained DNC list and shows additional state privacy laws prohibiting discrimination based on genetic testing or punishing ID theft. Ordering information for Privacy Journal's book and 2003 supplement is available by contacting 401-274-7861 or online at: http://www.privacyjournal.net

The Direct Marketing Association's 2002 Statistical Fact Book assesses the state of the multi-faceted direct marketing industry, including the impact of new technologies. The Fact Book aims to broaden awareness of the many aspects of the direct marketing industry and provide statistical support to help marketers become more effective. The Book is organized into the following broad categories:
* Direct Response Advertising,
* Market Applications,
* Media (including Interactive Media),
* Lists/Databases,
* Practical Management Information,
* International Direct Marketing, and
* The Economic Impact of Direct and Interactive Marketing.

The Fact Book provides some overall statistics about each particular category, such as average salary, in addition to almost 500 charts and their sources. Detailed Table of Contents and Topic and Source Contact Indexes make the 300+ page Fact Book easy to navigate. For more information, visit the Direct Marketing Association's Web site at: http://www.the-dma.org.

*****

Ernst & Young has created a P3P Dashboard to illustrate the current P3P-adoption rates of the top 100 and top 500 domains visited by U.S. Internet users. The Web sites chosen for review are based on the comScore Media Metrix "netScore" list of the top 500 most trafficked Web sites for July 2002. The P3P Dashboard also uses comScore's domain segmentation to report on adoption rates by the major categories of Web sites represented. The Dashboard indicates the level of P3P adoption by domain category and whether there was an increase in adoption in that category in the latest month. E&Y's first monthly report was issued in August 2002. The October 2002 results show that 26% of the top 100 Web sites and 18% of the top 500 Web sites are P3P enabled. By domain category, P3P adoption was found in 11% of the 27 Finance and Investing Web sites, 24% of the 33 Reference and Directories Web sites, and 17% of the six Health sites reviewed. Increases in P3P adoption from September occurred in the following categories:
* Business and Non-Profit
* Entertainment
* News/Information
* Shopping. E&Y presented the P3P Dashboard at the World Wide Web Consortium Future of P3P Workshop in November 2002. The October 2002 Dashboard and reports from previous months are available for download from: http://www.ey.com/global/content.nsf/US/AABS_-_TSRS_-_Services_-_Privacy.

*****

Lorrie Cranor, one of the authors of P3P, has recently published Web Privacy with P3P, to introduce the Platform for Privacy Preferences standard, encourage P3P adoption by Web sites, and educate consumers about online data privacy. Web Privacy with P3P is written for a widespread audience, including privacy advocates, webmasters, software developers and other technologists, policymakers, and individuals concerned about online privacy. The book is written in four parts:
* an introduction to the history and evolution of P3P and an overview of the current online privacy landscape
* guidance on P3P-enabling a Web site
* discussions of design issues relating to P3P vocabulary and software
* five appendixes with further technical details and additional resources. Additionally, a Web site has been created for Web Privacy at http://p3pbook.com. It contains electronic versions of many of the examples the book and a list of online resources. Published by O'Reilly & Associates, Inc., September 2002. 321 pp. ISBN: 0-596-00371-4. Ordering information is available at: http://www.oreilly.com/catalog/webprivp3p/.

*****

American Express' Consumer Affairs division has published a brochure to educate consumers about identity theft. Identity Theft: Reduce Your Risk lists the most common causes of identity theft, tips for preventing it, and the important steps to take once an identity theft occurs. The brochure is particularly helpful in that it includes phone, online, and, in some cases, mailing address contact information for the three major credit bureaus (Equifax, Experian, and Trans Union), federal government agencies and non-profit organizations that can provide additional information to consumers and assist identity theft victims. This contact information is also consolidated on a detachable rolodex card that consumers can file for future reference. Identity Theft: Reduce Your Risk was developed in cooperation with the Privacy Rights Clearinghouse, the Identity Theft Resource Center, and the Federal Trade Commission. For additional information or to request a brochure, write to: American Express Company Att: Donita Mitchell 801 Pennsylvania Avenue, NW, Suite 650 Washington, DC 20004.

*****

The Telemarketing Law Guide is a compilation of the laws and regulations that primarily govern the telemarketing industry. The one-volume loose-leaf reporter contains sections covering all 50 states, the District of Columbia, and the federal government. For each jurisdiction, the Guide opens with a general overview that explains what entities are covered by the jurisdiction�s telemarketing laws, what organizations those laws exempt, and other important details, such as registration requirements, time restrictions, and whether the state possesses a "do-not-call" list. The Guide goes on to include the text of the most important laws and regulations affecting the telemarketing industry. The Guide also contains sections on new legal developments affecting telemarketing, including the text of recent court cases, and on administrative decisions. Finally, subscribers receive quarterly updates, keeping them informed of changes and developments to laws affecting telemarketing. The Telemarketing Law Guide is published by CCH, a respected publisher well known for its tax and legal reference materials. Ordering information is available at: http://www.cch.com.

*****

The 2002 edition of Privacy Journal's Compilation of State and Federal Privacy Laws is a comprehensive resource that reflects the multiple and diverse privacy protections that are available at the state and federal levels in the U.S. As the nation's only single source of information about confidentiality statutes, the Compilation contains citations and descriptions of state and federal laws relating to privacy, surveillance and data collection. The laws are organized into categories, such as "Bank and Financial Records," "Social Security Numbers," and "Mailing Lists." For easy reference, a chart illustrates which states have laws applicable to each category and whether federal law applies. The Compilation is meant for a broad audience, including lawyers, policymakers, consumers, journalists and the business community. The 2002 edition features a new chapter on identity theft as well as new laws relating to genetic testing and video surveillance. The Compilation also includes the following:
* summaries of relevant sections of the Financial Modernization Act of 1999 (Gramm-Leach-Bliley Act), the Federal Law on Electronic Surveillance, and the Georgia and Maryland Identity Theft laws
* an appendix of Canadian federal and provincial privacy and confidentiality statutes
* charts of state and federal privacy laws, by category, from the 1978-1979, 1984-1985, and the 1992 Editions of the Compilation. Privacy Journal's "Ranking of States in Privacy" is based on this 2002 Compilation. Published by Privacy Journal in 2002, 106pp., ISBN: 0-930072-17-0. The state rankings and additional information about the Compilation of State and Federal Privacy Laws may be downloaded at: http://www.privacyjournal.net.

*****

As part of efforts to promote a "culture of security," the FTC has added an information security section to its Web site to provide information about computer security and safeguarding personal information. The site features "Dewie the e-Turtle," who always wears his 'security shell' when using the Internet. While primarily geared towards consumers and children, the site does contain a Business Information page, which includes tips on e-mail marketing, maintaining secure networks, and complying with the Gramm-Leach-Bliley Act and the Children's Online Privacy Protection Act. A special Resources section provides links to other government agency and non-profit Web sites that offer useful information regarding cybersecurity. The FTC's Consumer Information Security page may be accessed at: http://www.ftc.gov/bcp/conline/edcams/infosecurity/index.html.

*****

In its second edition, Web Security, Privacy & Commerce examines threats to consumer online security and privacy and discusses ways that users can protect themselves while using the Internet. Web Security was written by Simson Garfinkel with Gene Spafford and published by O'Reilly & Associates in January 2002. As use of the Internet has increased, particularly from an economic standpoint, so have the vulnerabilities of computers, networks, and the personal information that flows through them. Web Security, Privacy & Commerce speaks to three distinct audiences:
* ordinary Web users;
* individuals who operate the Web's infrastructure, or servers; and
* people who publish content on those servers. Flanking these discussions are introductions to Web technology and popular security programs and a collection of Appendixes, containing more technical and detailed descriptions of security technologies, such as P3P, and a list of network security resources. This book is useful for those who have a working familiarity with computers and the Internet but are not familiar with the details surrounding computer security. 756pp. Ordering information is available at www.oreilly.com.

*****

In October 2001, Bruce Kasanoff's Making It Personal: How to Profit from Personalization without Invading Privacy was published by Perseus Publishing. Targeted at members of the business community, Making it Personal discusses ways in which technology is changing the relationships between companies and individuals, both internally and externally. Kasanoff offers personalization as the new business model and the most effective way for businesses to protect privacy and manage the flood of personal data collected by new and powerful technology. Making It Personal gives the reader an overview of the privacy invasive practices of traditional firms, frames the debate over national data protection legislation, and promotes the principles of Fair Information Practices as a useful guide for companies working to respect the privacy of individuals. To underscore his belief that privacy is the natural byproduct of healthy business relationships, Kasanoff provides an additional set of guidelines to show companies how to go about earning the loyalty of customers and employees and why privacy is a valuable investment. 217pp. Ordering information is available at www.perseuspublishing.com.

*****

The May 2002 Edition of the Freedom of Information Act Guide & Privacy Act Overview, prepared by the U.S. Department of Justice, Office of Information and Privacy's attorney staff, is now available. Further information may be accessed at:http://www.usdoj.gov/04foia/index.html.

*****

John Wiley & Sons, Inc. has recently published two books that address privacy in the computing age. World Without Secrets: Business, Crime and Privacy in the Age of Ubiquitous Computing by Richard Hunter looks, in part, at the use of technology in such areas as data mining and law enforcement. Biometrics: Identity Verification in a Networked World by Samir Nanavati, Michael Thieme, and Raj Nanavati introduces biometrics and the growing use of authentication technologies in society. This book is aimed at helping professionals make informed decisions about the role that biometrics can play in their organizations. More information on both books is available at: http://www.wiley.com.

*****

Thompson Publishing Group, Inc. offers Workplace Privacy: Real Answers and Practical Solutions by David M. Safon, Esq. Though published in 2000, this resource is valuable in helping companies understand state and federal laws that address the competing rights of employer monitoring and employee privacy. For more information, e-mail service@thompson.com.

******

The National Consumer Law Center, a nonprofit corporation that assists consumers, advocates, and public policy makers nationwide, publishes a 16-title Consumer Credit and Sales Legal Practice Series, designed to be an attorney's primary practice guide and legal resource. The manuals are updated annually and are accompanied by a CD-Rom. The 1998 Fourth Edition and 2001 Supplement and CD-Rom of the Fair Credit Reporting Act manual are currently available for $110. For more information visit http://www.consumerlaw.org or call 617-523-8089.

*****

Social Law Library Web site provides research materials, training and services to the judiciary and practicing bar of Massachusetts. The Social Law Library is a member-managed, dues-supported legal research institution. The Web site features a Link of the Week, and the PrivacyExchange Web site was chosen for the week of February 4-10, 2002. Available at http://www.sociallaw.com/

*****

The DMA has established a Safe Harbor Program to assist those companies that wish to comply with the Safe Harbor enforcement requirements by providing an independent third-party dispute resolution mechanism. The program is available to DMA members and European consumers at no cost. The DMA has also developed educational materials for companies and consumers interested in finding out more about the Safe Harbor framework and the DMA Safe Harbor Program. For more information visit http://www.the-dma.org/safeharbor/

*****

The Health Insurance Association of America (HIAA) has published The
Health Insurance Primer: An Introduction to How Health Insurance Works.
For more information and to order this and other HIAA books, please call
1-800-828-0111.

*****

CardTech/SecurTech 2001 Conference Proceedings are available on the
CardTechnology Web site at http://www.ct-ctst.com/. To order a CD-ROM of
the full proceedings for $195, contact Liz Wenchel at 202-434-0309 or
liz.wenchel@tfn.com.

If you would like a new privacy publication or resource to appear in the
NewsFlash, please send an email, including the name of the publication
and contact information to mmason@pandab.org.

Return to News

鲜花