Knowledge Transfer - Policy Deirdre K. Mulligan School of Law School of Information University of...
-
Upload
elmer-murphy -
Category
Documents
-
view
212 -
download
0
Transcript of Knowledge Transfer - Policy Deirdre K. Mulligan School of Law School of Information University of...
![Page 1: Knowledge Transfer - Policy Deirdre K. Mulligan School of Law School of Information University of California, Berkeley.](https://reader035.fdocuments.us/reader035/viewer/2022072014/56649e835503460f94b84973/html5/thumbnails/1.jpg)
Knowledge Transfer - Policy
Deirdre K. Mulligan
School of Law
School of Information
University of California, Berkeley
![Page 2: Knowledge Transfer - Policy Deirdre K. Mulligan School of Law School of Information University of California, Berkeley.](https://reader035.fdocuments.us/reader035/viewer/2022072014/56649e835503460f94b84973/html5/thumbnails/2.jpg)
Policy Audiences
• Colleagues and students• TRUST; other academics; other disciplines
• Policy makers• Legislative; regulatory; administrative• Federal; state; local
• Private Sector• Entities and individuals
• Technologists• Private and public sector
![Page 3: Knowledge Transfer - Policy Deirdre K. Mulligan School of Law School of Information University of California, Berkeley.](https://reader035.fdocuments.us/reader035/viewer/2022072014/56649e835503460f94b84973/html5/thumbnails/3.jpg)
Privacy Workshop
“Exploring the Privacy Implications of Trustworthy Systems” - October 2006
Two-day workshop for TRUST graduate students from Berkeley, Stanford, Cornell
Students and post docs presented their work to TRUST faculty and nationally-recognized privacy-policy experts
– Kevin Bankston, Electronic Frontier Foundation– Janlori Goldman, Health Privacy Project– Jim Dempsey, Center for Democracy
Workshop identified privacy issues within students’ research, and brainstormed on future interdisciplinary collaborations.
– Several papers resulted, additional joint work in progress
![Page 4: Knowledge Transfer - Policy Deirdre K. Mulligan School of Law School of Information University of California, Berkeley.](https://reader035.fdocuments.us/reader035/viewer/2022072014/56649e835503460f94b84973/html5/thumbnails/4.jpg)
Visual Privacy Symposium
“Unblinking: New Perspectives on Visual Privacy in the 21st Century”
Symposium discussed the implications of increased network surveillance, cameras in public places, and public policy responses to this technology
Participants included US and international experts in art, law, engineering, psychology, architecture, urban planning, sociology, human rights – Wiki, several forthcoming papers, collaborations
![Page 5: Knowledge Transfer - Policy Deirdre K. Mulligan School of Law School of Information University of California, Berkeley.](https://reader035.fdocuments.us/reader035/viewer/2022072014/56649e835503460f94b84973/html5/thumbnails/5.jpg)
Coding for Policy & Regulating Design
New reading group includes TRUST students Considers whether, when and how to embed
policy in technical systems Emboding Values in technical design Considering entry points available for
influencing technology design When technology design should be viewed as
policy-making Who should be responsible for identifying and
addressing
![Page 6: Knowledge Transfer - Policy Deirdre K. Mulligan School of Law School of Information University of California, Berkeley.](https://reader035.fdocuments.us/reader035/viewer/2022072014/56649e835503460f94b84973/html5/thumbnails/6.jpg)
Private Sector: understanding and creating incentives
Organizational Behavior Effects of Security Breach laws
– More information Absent legal requirement only 20% of firms will report serious breaches
(FBI/CSI 2005)– Broad reach -- electronic data– Privacy laws highly fragmented, sectoral, difficult to adjust– Security process focused lacking performance metrics.– Put a price tag on failure
Two studies underway– Theoretical, role of light-weight information disclosure as
regulation model can play in raising security investment and practices (comparison to environmental sector)
– Empirical analyzing breach type, relationship to consumer, remedial measures, disclosure practices. Which state provisions are more effective? Classifying breach types and feasible technology or policy solutions.
![Page 7: Knowledge Transfer - Policy Deirdre K. Mulligan School of Law School of Information University of California, Berkeley.](https://reader035.fdocuments.us/reader035/viewer/2022072014/56649e835503460f94b84973/html5/thumbnails/7.jpg)
Private sector controls 85% of critical infrastructure Research underway to understand private sector
officials (Chief Privacy Officers and Chief Security Officers) processes around privacy and security:
– Policy development and implementation– Investment decisions– Relation to reputation and risk management
Extent to which decisions are influenced by:– External factors
Market, law, standard setting orgs, insurance– Internal factors
Position, access, background– Technology
Availability, price, standards
Private Sector: understanding and creating incentives
![Page 8: Knowledge Transfer - Policy Deirdre K. Mulligan School of Law School of Information University of California, Berkeley.](https://reader035.fdocuments.us/reader035/viewer/2022072014/56649e835503460f94b84973/html5/thumbnails/8.jpg)
Government: managing policy-significant technology change
How have agencies identified and managed policy significant technological change?
Case studiesRFID Epassport Study
How does government approach shapeUnderstanding of security/privacy issues adoption of security/privacy mechanisms
Remotely available court records
Comparative (Germany/US)
Engagement with DHS, DOS, CA legRFIDVideo
Theoretical => practical
![Page 9: Knowledge Transfer - Policy Deirdre K. Mulligan School of Law School of Information University of California, Berkeley.](https://reader035.fdocuments.us/reader035/viewer/2022072014/56649e835503460f94b84973/html5/thumbnails/9.jpg)
Policy-makers
Federal Trade Commission– Participated in “Protecting Consumers in multiple sessions of the Next Tech-ade”– Presented at “Negative Options Workshop” regarding effect of “short-notices” for
consumers before installing software Department of Homeland Security
- Testified before DHS Security Data Privacy and Integrity Advisory Committee. - Ongoing work on video surveillance with DHS and PIAC- Upcoming nprm-related workshop on REAL ID- Policy framework for information and network security research
California Energy Commission– Held seminar for Commissioner Rosenfeld on security and privacy concerns re:
“demand response” energy systems– Working with CEC to facilitate their access to data for energy forecasting &
conservation in a way that protects privacy San Francisco, Fresno
– Video surveillance assessment and policy development Anti-spyware coalition
– Input into best practices– Input into litigation and enforcement
![Page 10: Knowledge Transfer - Policy Deirdre K. Mulligan School of Law School of Information University of California, Berkeley.](https://reader035.fdocuments.us/reader035/viewer/2022072014/56649e835503460f94b84973/html5/thumbnails/10.jpg)
Policy-makers, cont’d
Invited to testify before Senate Subcommittee on Terrorism, Technology & Homeland Security
Briefed House and Senate on TRUST – Offices of Senators Feinstein, Boxer, Rockefeller, Webb– Senate and House Committees on the Judiciary– Offices of Representatives Lofgren, Lee, Eschoo
Participated in the Congressional Internet Caucus’s “State of the Net” conference.
– This summer state of the net west– Workshops on social networking and privacy and behavioral
targeting Ongoing work with Federal and State legislatures Initial groundwork for TRUST researcher briefings at
FTC and with Internet caucus