You Might be Interested In

The decision whether to undergo genetic testing is often highly personal and is usually prompted by a serious medical concern such as a family history of an inherited disease. Traditionally, such testing has been done in a medical setting by health care professionals, including genetic counsellors, who explain the science and ethics behind testing and help patients interpret the results.

Direct to consumer (DTC) genetic testing allows consumers, with as little effort as mailing a biological sample like saliva, to have their DNA analyzed by companies that promise to tell them if they are at risk for a particular disease.

Proponents suggest that DTC services increase access to genetic testing as well as confidentiality of the results, which can be kept out of an official health record. On the down side, the reliability and significance of the results may not match companies’ claims.  Privacy-wise, giving extremely sensitive personal information, such as a DNA sample, to companies that to-date are largely unregulated carries a myriad of risks. In a health care setting, confidentiality of personal information and security of samples are subject to strict controls. On the Internet, it’s another story. How do companies safeguard the sample and test results? Is the information disclosed to any third parties? Some companies make ”de-identified” information available to third parties for research purposes, in which case how reliable is the de-identification? And what happens to personal information if the company is sold or folds?

The debate about DTC genetic testing heated up recently as the U.S. Federal Drug Administration focussed its attention on the increasing availability of such services and whether they need to be regulated. In the U.K., the Human Genetic Rights Commission just published voluntary guidelines for companies selling the tests, including guidance on data protection as well as consent, stating “Informed consent can only be provided when a consumer has received sufficient relevant information about the genetic test to enable them to understand the risks, benefits, limitations and implications (including the implications for purchasing insurance) of the genetic tests.” In the interests of informed consent, the Federal Trade Commission advises consumers to check the privacy policies of online companies to see how they use personal information and whether they share it with marketers.

Here in Canada, in 2008, the Canadian Medical Association’s (CMA) General Council passed a resolution calling for the CMA to develop policy to advise on the development of a national system to oversee, organize and access genetic testing in Canada. In May 2010, the CMA proposed a national Regulatory Framework for Direct-to-Consumer Clinical Genetic Tests as a tool to highlight issues raised by these tests as an advocacy tool.

As well, in a recent study funded by the OPC, researchers at the University of Alberta’s Health Law Institute analysed the privacy policies of 32 DTC genetic testing companies against the fair information principles that underpin Canada’ private sector privacy law, PIPEDA.  Of the 32 company websites studied, fewer than half had privacy policies that addressed how biological samples and genetic test results are handled.

The report concludes with a list of privacy-related questions that consumers should consider before buying genetic tests over the Internet. “Consumers who seek answers to the questions – through careful review of company privacy policies and direct contact with companies – will be able to make a more informed choice about sending their personal information and genetic samples to a company.”

Admittedly, satisfying your curiosity about what health challenges may await you is very tempting. However, consumers should be aware that they may be getting more – and less –  than they bargained for.

Loyalty discounts, the power of recommendations, serendipitous encounters with friends and colleagues, recognition badges, and stalkers. I think that’s a fair summary of most commentary about the growth of location-enabled services and tools .

Location is just one piece of information that can be generated by most smart phones, but is the most relevant for a marketer eager to deliver precise and context-specific messages to a consumer on the move. It is also a highly useful data point for a social scientist trying to measure the flow of human migration and socioeconomic progress, as in the case of Nathan Eagle’s research in the slums of Kibera, Nairobi, Kenya.

Between June 2008 and June 2009, Eagle and his co-researcher evaluated the calls recorded by mobile phones across Kenya (with all callers’ identification replaced with unique hashed IDs) to focus on calls originating or ending in Kibera. Their research tracked between 53,000 and 74,000 calls a month and a total of 18,000 individual callers during the year.

What did this data reveal about individual mobile phone users? “With each call, we can infer a number of individual characters such as

• spatial data (by the location of the cell tower that transmitted the call),
• economic data (the average length of each call, the amount of pre-paid minutes an individual has put on their phone, the type of phone),
• an individual’s regional or tribal affiliation, and
• a radius of migration for groups of individuals (by the distance between locations of cell towers calls have been made from).”

A first indication from this research is that Kenyans only live in the Kibera slum for a mean of 1.559 months. This high rate of movement and population turnover “supports the theory that slums act as a filter as opposed to a sink where there is a large amount of flux within the slum population.”

Amy Wesolowski, Nathan Eagle, Parameterizing the Dynamics of Slums

Eagle’s work in Kenya is an extension of a research project originally conducted at MIT, where 100 students were provided with mobile phones for 265 days. The mobile phones were equipped with custom survey software that recorded data and prompted the students with questions when certain conditions were met.

How much data?

“From the studies, we gathered 370 megabytes of raw data, including short recordings from 667 calls, 56,000 movements, 10,000 activations of the phone, 560,000 interaction events with our applications, 29,000 records of nearby devices, and 5,000 instant messages.”

Thankfully, from a privacy advocate’s point of view, the researchers also had to struggle with (a limited number of) weak points in their data sets – instances when the participants didn’t bring their phone with them, consciously turned the phone off, or simply ignored it. I would like to think that some of this reflected a conscious effort to mediate information collection, but it was probably just fatigue or forgetfulness.

There was one significant distinction between the two projects: the active involvement and acknowledgement of the participants. In Cambridge, the participating students were walked through the information collection process, provided with details about the information that would be collected, and required to complete a consent form (.pdf).

M. Raento, A. Oulasvirta, N. Eagle, “Smartphones: An Emerging Tool for Social Scientists“, Sociological Methods Research 37:3, 426-454.

This is an important point when it comes to the collection of location data, especially when it is associated with other personal information: individuals want to know what is happening with their information, and would like some element of control over its use.

A recent and exhaustive examination of the 89 then-available location-sharing services (really, who can keep track?) by researchers from Carnegie Mellon University noted that “the willingness to share one’s location and the level of detail shared depends highly on who is requesting this information (or knowing who is requesting this information), and the social context of the request.”

Supplemental interviews confirmed that potential users had particular scenarios in mind when evaluating the benefits and risks of these services: scenarios that would best be addressed with more detailed privacy controls, rules and conditions (explained in detail in the paper):

• Blacklists
• Friends Only rules
• Granularity of controls
• Group-based rules
• Invisible status
• Location-based rules
• Network permissions
• Per request permission
• Time-based rules
• Time-expiring approval, or
• No restrictions

Janice Y. Tsai, Patrick Gage Kelley, Lorrie Faith Cranor, Norman Sadeh, Location-Sharing Technologies: Privacy Risks and Controls

Obviously, there are significant gaps in how personal privacy is protected when information is collected and analyzed in a large scale research project, a smaller experiment and within the context of online commercial services.

Do you know how your location information is used?  A recent survey commissioned by security company, Webroot, asked 1,645 social network users in the U.S. and UK who own location-enabled mobile devices about their use of location-based tools and services.  The survey found that 39 percent of respondents reported using geo-location on their mobile devices and more than half (55 percent) of those users are worried about their loss of privacy. 

A few notable concerns over security and privacy: 49 percent of women (versus 32 percent of men) were highly concerned about letting a would-be stalker know where they are and nearly half (45 percent) are very concerned about letting potential burglars know when they’re away from home (a very real risk outlined nicely by Pleaserobme.com)

The growing popularity of geo-location tools and services (including offerings by industry giants such as Twitter, Apple, Facebook and Google) means that location information is being collected on a colossal scale and the real and potential uses for this information are just starting to work themselves out – from iPhone photos tagged with GPS coordinates to location-based gaming platforms such as Scvngr that enable mobile users to create their own location-based games.

This increase in the collection and use of location information can also pose unique risks for users.  The survey summary notes that a surprising number of respondents engaged in behaviors such as sharing location information with people other than friends that could put them, and their private information, at risk.  A blogger recently wrote about her experience with location sharing gone wrong and Foursquare was recently blasted for unintentional data leakage via their popular location-based service. 

As we note in our recent submission to Industry Canada’s Digital Economy Consultation, good privacy practices can support innovation by reinforcing confidence in users that they have the right to control their personal information and that the technology they use is secure.  With location information, the usual privacy concerns abound and with each cool, new service that hits the market. How to communicate these risks to consumers is something that occupies a great deal of our time.  Dealing with the privacy concerns of location information during the design phase for new services would help businesses avoid expensive (both financial and reputational) after-the-fact privacy fixes and might even provide those privacy-friendly businesses with a significant competitive advantage

Louise is a central character in our upcoming Consumer Privacy Consultations – not because of her great hair, but because she’s engaged online the way many Canadians are…she buys clothing and books online, she updates her Facebook profile regularly, she’s got an iPhone.

She’s also our fictional case study for examining how our data travels as we engage with the online world – who’s got our data? What are they doing with it?

Below is just one of several scenarios we’ve developed to help ground our conversations during the consultation process. This one will be used during the Advertising panel this week in Toronto. As you read it, ask yourself:

Is Louise aware of how her information may be used when she searches for and buys materials at online bookstores?

How accurate is the advertising profile developed for Louise, given that she shares the computer with other members of her family including her nine-year-old brother?

How could Louise’s profile information be matched with publicly available information to draw inferences about her? What types of decisions are or could be made based on her profile information?  What are the risks of combining online and offline profiles? Or the risks involved in combining different online profiles, like Louise’s Facebook profile with the profile her favourite online bookstore has of her?

Louise is a stylish 21-year college student who likes to meet people and try new things. She is active online and does everything from buying trendy clothing and concert tickets to keeping up touch with friends through posting updates and photos to her Facebook page.  Now in her final year of college, Louise is starting to look for a job. She is putting herself through school by making jewellery and selling it online. She is also a collector of specialty comic books and belongs to an international network of comic book enthusiasts. Louise also has a younger brother, David, who is nine years old.

Louise bought some designer jeans at a store in her local mall with her credit card. She also had the clerk swipe her loyalty card.

When Louise arrived home, she signed into her new account at the store’s web site to learn more about the clothes she had carried into the changing room but not bought. In her excitement to see the store’s merchandise, she clicked through the site’s lengthy privacy policy.

In looking on the store’s web site for a blouse to go with her new jeans, Louise saw an advertisement for jewellery that really appealed to her, so she followed it. Louise felt comfortable at the small Canadian jewellery site because the style of the site was as though she were visiting a friend’s page.

She also liked the styles of jewellery on the site so she bought a necklace and clicked on the “Like” button to update her friends on her latest purchase. From there, she left the store site and searched for the listing of a concert and bought 2 tickets. After that, she checked the status of the online auction she was participating in to get a new specialty comic book.

After this, Louise updated her Facebook page to let her friends know about her purchases and to see who else would be attending the concert. From Facebook, she checked out her favourite online bookstore where she purchased a book that was recommended to her by another comic book expert.

We’re hoping to generate some discussion around Louise’s activities – join the discussion by commenting on our blog, or jumping into the Twitter-stream on Thursday (hashtag #priv2010). We also invite you to check out the live webcast.

Late yesterday, Canada’s privacy commissioner, along with data protection authorities from France, Germany, Israel, Italy, Ireland, Netherlands, New Zealand, Spain and the United Kingdom sent a letter to Google CEO Eric Schmidt to express their concerns about privacy issues related to Google Buzz.

Are we unfairly picking on Google? Because the privacy practices we mention in our letter are not Google’s alone – they are representative of an industry-wide habit of launching first, debugging later. But Google is a world leader, and a company that has shown it is not afraid of jumping into the data protection debate. We hope that our letter sends a message to others in the online world as well – your users care about their privacy.

The full letter and news release are available on our site, but here are some excerpts:

We are increasingly concerned that, too often, the privacy rights of the world’s citizens are being forgotten as Google rolls out new technological applications.  We were disturbed by your recent rollout of the Google Buzz social networking application, which betrayed a disappointing disregard for fundamental privacy norms and laws.  Moreover, this was not the first time you have failed to take adequate account of privacy considerations when launching new services….

It is unacceptable to roll out a product that unilaterally renders personal information public, with the intention of repairing problems later as they arise.  Privacy cannot be sidelined in the rush to introduce new technologies to online audiences around the world.

We’ve asked Google for a response, but we also want to know what you think. Let us know in the comments section, or join us via webcast and Twitter (hashtag #priv2010) at our first public consultation next Thursday, April 29.

Understanding how best to manage and protect personal information can be a difficult task for small businesses, so we hope our new mini-quiz will help to identify some issues that organizations need to be aware of.

Because the questions are randomly selected from a repository of questions, you can take the quiz over and over without it becoming repetitive. So take a moment and go through the quiz a few times! We have also linked the answers to related documents on our website so you can easily find out more information on that particular question.

Since there are always new privacy issues emerging, we hope to continue to update this quiz in the future and add new questions.  And we want feedback – this tool is meant for all of you, so let us know what issues you would like the quiz to cover.

Earlier this month, a rich subset of social media users and technology evangelists descended upon Austin, Texas for the annual SxSW interactive conference. Some see SxSW (South by SouthWest) as an early indicator of developing technology trends. Twitter, the popular microblogging service, broke out as a popular consumer application at the conference two years ago.

This year, the dominant trend seems to be locational services. The video embedded below was produced by a company called SimpleGeo: it uses a data visualization tool to demonstrate how attendees, performers and regular old Austinites were using various consumer locational services during the conference.
Obviously, there are many people who find these services useful, either to meet up with friends, create the opportunity to meet new friends, or simply brag about getting into the most exclusive parties and shows.

As an Office, we are interested in how information from these locational services might be integrated into larger efforts to collect and aggregate data about consumers’ behaviour and preferences.

We also like really cool data visualizations.

A recent research report titled Research Related to Privacy and the Use of Geospatial Information explores Canadian’s awareness of the uses of location (or geospatial) data and their concerns about privacy when it comes to sharing their location-linked personal information.

The research examined Canadian’s concerns with the privacy of their personal information generally, level of comfort with sharing location-linked personal information, level of awareness and use of location-tracking devices such as Global Positioning Systems (GPS) and use and comfort level with online mapping tools.

This report was commissioned by Natural Resources Canada through its GeoConnections initiative.  A couple of highlights…

It was confirmed that respondents had a very low general understanding of what “geospatial data” is and struggled when trying to define terms such as “location-based information” or “location-based personal information”.

The study found that generally speaking, respondents are concerned about the privacy of their personal information (with over 80% stating they are “concerned” or “very concerned”).

When it comes to sharing location-linked personal information, control over the information being shared and the overall purpose for sharing the information were the two key drivers of comfort.  Respondents felt most comfortable if they have a high degree of control over the sharing of their information and the reason for sharing their location-linked personal information was related to a public good such as enhanced public safety or improved health care.

And what made Canadians uncomfortable?  Canadians became uncomfortable when they had no control over the sharing of their location-linked personal information and when their location-linked personal information was being used for economic reasons or targeted marketing.

There was support for the role of Government in the regulation of geospatial information.  For example, with regard to individual’s real-time movements, over 68% of respondents thought it was important for the Government of Canada to regulate the collection and sharing of location-linked personal information.  The majority of respondents (74%) thought it was important for the Government of Canada to regulate images of private residences appearing on internet mapping tools.

Who do Canadians trust with their location-linked personal information?  Level of trust was highest for medical institutions (58%) followed by federal and provincial governments (46%).  Interestingly, trust levels for federal and provincial governments were somewhat higher than for municipal government (35%) – proponents of the smart grid may have a bit of work to do.

And who was trusted least?  Social networking sites (6%), which is curious considering the sheer volume of personal information we voluntary give up to these sites (including increasing amounts of location-linked personal information).

It is notable that this research was completed just prior to Google’s Streetview going live in Canada.  With the launch of Streetview and the ever growing availability of new, innovative and useful location-based services such as friend finders, local search and restaurant recommenders, it will be interesting to see whether geospatial information evolves into a top-of-mind privacy issue for Canadians.

On Data Privacy 2010 we’d like to take a moment to remind everyone that is the responsibility of both individuals and companies to make sure that personal information is safe.

If you own a company, or work for a big one: in the past, you may have had to ensure that your customers’ name and address information (and in some cases credit card and billing information) were safe. Now, many of you are providing technology and tools for your customers to put increasing amounts of personal information online. Does your company have the systems in place to safeguard this information? Do you give your customers the tools and options to control how their information is used?

If you are a user of new and cool technology: in the past a telephone was a telephone, a video game was a video game, a stuffed toy was simply that – a stuffed toy. Today, more and more toys and handheld tools come with the ability to go online. Do you understand how to enjoy your toys and gadgets without putting your personal information at risk?

If you are a parent or guardian, teacher, coach or caregiver: do the young people in your life understand how to use all these new toys and gadgets while keeping their personal information safe? Our office has recently made youth privacy a key priority. Today, we have posted some new resources to the Parents & Teachers section of our youth web site. The resources include information on 12 privacy issues (such as the importance of privacy settings and knowing who your friends are on social networking sites), along with ideas for generating discussion about each issue with young people. You can use these resources to start discussion about personal privacy and the importance of thinking about what you post on the Internet.

Regardless of which group you are in – if you need any information about how to keep personal information secure, visit our web sites – priv.gc.ca and youthprivacy.ca.

Here we go again! For the seventh year in a row, the Office of the Privacy Commissioner of Canada is launching its Contributions Program, which funds data privacy research and public awareness projects.

We’re very proud of the Contributions Program, partly because it’s considered one of the leading programs of its kind in the world. Since 2004, we’ve been using the Program to advance data privacy knowledge by funding major research projects, all of them led by Canadian researchers. And for the past two years, the Program has helped civil society organizations educate a growing number of Canadians about privacy.

We’re once again making $500,000 available to researchers and civil society organizations who want to apply for funding: $50,000 per project and $100,000 per organization. This year we’re especially interested in funding research projects into the impact of technology on privacy, a hot topic if there ever was one! As well, even though we prefer to fund projects that wrap up in the year the funding is provided (in this case, the 2010-11 fiscal year), we’re willing to fund projects that continue into the next fiscal year (projects ending after March 31, 2011).

Well, there you have it! If you are interested in privacy and feel you have a contribution to make (no pun intended) as a researcher or civil society organization, go ahead and apply. The 2010-11 application deadline is February 26, 2010.

For more information or to access our application form, go to our Web site at http://www.priv.gc.ca/resource/cp/p_index_e.cfm.