Electronic Discovery in the Cloud

Cloud Computing is poised to offer tremendous benefits to clients, including inexpensive access to seemingly limitless resources that are available instantly, anywhere. To prepare for the shift from computing environments dependent on dedicated hardware to Cloud Computing, the Federal Rules of Discovery should be amended to provide relevant guidelines and exceptions for particular types of shared data. Meanwhile, clients should ensure that service contracts with Cloud providers include safeguards against inadvertent discoveries and mechanisms for complying with the Rules. Without these adaptations, clients will be either reluctant or unprepared to adopt Cloud Computing services, and forgo their benefits

When Big Brother Privatizes: Commercial Surveillance, the Privacy Act of 1974, and the Future of RFID

RFID is a powerful new technology that has the potential to allow commercial retailers to undermine individual control over private information. Despite the potential of RFID to undermine personal control over such information, the federal government has not enacted a set of practicable standards to ensure that personal data does not become widely misused by commercial entities. Although some potential privacy abuses could be addressed by modifying RFID technology, this iBrief argues that it would be wise to amend the Privacy Act of 1974 so that corporations would have a statutory obligation to preserve individual anonymity and respect the privacy preferences of consumers

Group privacy management strategies and challenges in Facebook : a focus group study among Flemish youth organizations

A large body of research has studied young people’s privacy practices and needs in Facebook. Less is known about group privacy. In this study 12 focus groups were organized with a total of 78 adolescents and young adults of local Flemish youth organizations to discuss their privacy practices. Findings describe how different strategies are used to coordinate the group information flow. The study also shows how online group privacy management can be challenging because ‘implicit’ privacy rules need to be made ‘explicit’, personal boundaries may conflict with those of the group one belongs to and privacy turbulence is difficult to define

Health IT Legislation in the United States: Guidelines for IS Researchers

In this tutorial, I review the most pressing legal issues that health information systems (IS) professionals face and how health information technology (IT) legislation drive them. The issues I discuss include the confidentiality and security of electronic protected health information, meaningful use of health IT, health information exchanges, and information governance. I also provide directions for future research

The View From Here: User-Centered Perspectives on Social Network Privacy

A great deal of personal information is released in online social network profiles, and this information is increasingly being sought as evidence in criminal, administrative and civil legal proceedings. Determination of the admissibility of social network profile information rests in part on the issue of subjective expectations of privacy: to what extent do online social network participants expect privacy in their social network profiles? This question is examined through a combination of interviews and focus groups. The results suggest that Facebook as a whole is characterized as a space where participants construct and display a produced version of the self to a large and indeterminate social network. The common perspective is that information posted on social network profiles is selected for social broadcast, and further dissemination (beyond the online social network to which information is disclosed) is therefore both acceptable and to be expected. Although they would prefer profile access to be restricted to a broadly defined social network of friends and acquaintances, online social network participants do not in general expect to control the audience for their profiles, and they therefore typically include only information that ‘everyone’ can know in their online profiles. They thus require and exercise control over the content that is associated with their online profiles, and actions that undermine this control run contrary to privacy expectations

Privacy and the Digital Generation Gap: Myth and Reality

Over the past decade the demise of privacy has been repeatedly pronounced by renowned technology executives such as Mark Zuckerberg declaring privacy as passé and anachronistic- “so 20th century” - the concern of old people. However, there has been relatively little research into privacy perception and behaviour among different generations that may relate to how people navigate their private lives in online settings. Furthermore, recent research reveals the ways in which privacy concerns of young internet users are enacted, thus challenging overgeneralized claims of a clear-cut generation gap associated with online privacy. As information privacy problems are becoming thornier, unfounded statement voiced by stakeholders with vested interests should be put to one side. Instead, systematic research is needed to understand how privacy is perceived and managed by people of different age groups, and what measures can and should be taken to address current and future concerns of internet users across generations. We address these questions and account for the results using a representative sample from Israel

Privacy and Customer Data Quality: exploring the Issues

New privacy protection legislation has recently been enacted in Australia. The Privacy Amendment (Private Sector) Act 2000 regulates the way private sector organisations can collect, use, keep secure and disclose personal information. As such, it has required many organisations to change the ways in which they handle personal information. The ability of organisations to respond to the requirements of this new legislation is affected by the quality of their customer data. This paper explores the issues created by poor customer data quality for organisations as they adjust their business practices to meet the provisions of the new privacy legislation. A number of key issues emerge including managing large amounts of fragmented customer data, understanding what information is required for organisational activities, controlling use and disclosure across the organisation, keeping track of pre- and post- December 2001 data, and allowing anonymity when interacting with customers