Presented by Constantine Karbaliotis

Getting beyond privacy notices and consent.

• problems with privacy notices
• require legal approval
• Europe is tighter on notice
• no one reads privacy notices
• companies may have multiple privacy notices, multiple jurisdictions and languages to consider
• is notice dead? no one reads them
• notices are there for when something goes wrong and lawyers and judges read them
• more important to act reasonably
• people don’t read notices; they just get upset when you do something with their data which they feel is unreasonable
• increasingly moving to a concept of a social contract
• notice is a dated concept because it is pre-internet
• US economy very litigious
• everyone agrees that no one really reads privacy notices
• notice versus legal governing document
• US requires companies to provide notice, but companies indicate in notice that they’ll do anything they want with the data
• Canadian notices mostly just reiterate PIPEDA
• if privacy is a right, you can’t write a contract that alienates you from that right
• common language required for notice which is accessible
• how to instill trust in the company? Trustee seal?
• collection notices versus information usage notices
• people should know what information is being collected, how it’s used, and how you can stop the information from being collected
• “notice at the point of collection”