Current Issue:


Archived Issues:

Mar 2012

Feb 2012

Jan 2012

Dec 2011

Nov 2011

Sep 2011

Aug 2011

Apr 2011

Mar 2011

Feb 2011

Jan 2011

Nov 2010

Sep 2010

Jul 2010

Jun 2010

May 2010

The Evolution of Web 2.0: Does this mean an end to privacy?

Perhaps we don’t like to admit it, but a large number of us are Web 2.0 enthusiasts. If we look back less than 10 years ago only a tiny fraction of personal information was electronically stored.  These days the situation is quite the opposite.  The connection of computers to the Internet has led to an unprecedented disclosure and exchange of personal information. Within seconds copious amounts of data and information can be shared around the world.  Because of the participatory nature of Web 2.0, it can help facilitate interactive and rapid communication and engagement between organizations and individuals all over the world.  In this issue we discuss Web 2.0 technologies and their risks and impacts to privacy and the protection of personal information.

While a core element of Web 2.0 technologies revolve around empowering individuals with a more meaningful and personal Internet experience, there are some challenges in protecting the privacy of individuals who are interacting through Web 2.0 applications.  For example, as more Web 2.0 features are added to websites and services, the risk of unwanted intrusions become very real and could lead to loss, misuse, unauthorized access, disclosure, alteration or destruction of personal information.  

Managing Privacy Risk

As individuals we, in most cases, govern the personal information that we choose to divulge.  However, organizations should be mindful when using Web 2.0 applications as a way to facilitate interactive and rapid communication and engagement between their partners and clients.  Organizations may use Web 2.0 applications for common uses such as: recruitment; risk and emergency communications; services to the public; client outreach and education; as a collaborative tool; and consultation.

Since personal information can be correlated in a way that uniquely identifies individuals, determining how the data will be use before it's collected is very important.  Therefore, organizations should consider the following key factors prior to deploying any Web 2.0 technologies. 

Use available privacy risk management tools

There are several tools available nowadays to manage privacy risk:  the Privacy Impact Assessment (PIA) is one example technique used to manage risks to privacy and the protection of personal information, and is recognized worldwide. 

Organizations should always implement the PIA process when introducing new, or changing current programs, services, or technologies where the collection of personal information is required.   The PIA process helps to evolve and shape a project's development and thus, ensures that privacy is “built in” at the beginning rather than “bolted on” at the end.

Privacy policies

Having a complete and transparent privacy policy is important so that users can be notified about how their information will be used and who they can contact should they wish to access, or correct their information, or to make a complaint. 

In essence privacy policies should express what information is collected, what it will be used for and how long the organization will retain it.  Matured or fully-developed policies may be multi-layered, but the core elements of the privacy policy must revolve around the collection, use, disclosure and retention of data.

Keep it offline!

The best way for organizations to avoid potential privacy risk is to minimize the information that is collected – meaning only collect what is absolutely necessary for the purpose. 

Implementing appropriate safeguards using privacy enhancing technologies are also key to reducing or eliminating the risk of contravening privacy principles and legislation; minimizing the amount of personal information/data held about individuals; and empowering  individuals to retain control of the information about themselves at all times.  Using privacy enhancing technologies is a cost-effective way for organizations to protect the privacy of individuals without the losing the functionality of the information system.

Need help?

As we all move further into the information age, the risks to privacy become much more challenging.  The Privacy Information Agency can assist your organization to assess your privacy-related needs.  Our Privacy Risk Management Experts work with you personally to ensure your organization's success in achieving compliance with relevant privacy legislation, regulations, organizational policy instruments, and best practices.

Please contact us for more information, or ask us for a Privacy Needs Analysis to determine what privacy risks are priorities in your organization.  We're here to help!

Dedicated to delivering world wise privacy expertise in Canada and abroad,

The Privacy Information Agency Team


BALANCING THE PUBLIC'S RIGHT TO KNOW
AND THE CORPORATE RIGHT TO NO.
Rave Reviews for PIA Inc.
PIA Inc managed our Privacy Audit project professionally and within very tight deadlines. The final report was concise, of high quality, met all of our project requirements and was delivered on time.
D. Pellmann, First Nations and Inuit Health Branch, Health Canada
  
Copyright © 2005 , PIA | Contact us at | Legal Stuff