The California Office of Privacy Protection prepared the following document, 10 Big Challenges – 10 Big Years as part of their 10th anniversary. Congratulations! And thank you.
Nov. post from their Facebook page: Today the California Office of Privacy Protection celebrates its 10-year anniversary. To every single consumer, business leader, thinker, advocate, researcher, reader, privacy professional, teacher, student, community leader, colleague and family member who has walked this path with us – thank you. Go to www.privacy.ca.gov/ and see where you fit in.
10 Big Challenges – 10 Big Years
See how our work has touched your life since 2001
Identity theft: From dumpster diving to credit card skimming and social network sniffing, identity theft (regrettably) endures.
Identity thieves have victimized over one million Californians a year since we opened the Office. Our library of resources offers no-nonsense help: www.privacy.ca.gov/identity_theft.htm.
The Office’s summits on identity theft have brought together experts from law enforcement, technology companies and consumer advocacy groups to share strategies for combatting the crime. See the 2005, 2006 and 2007 summit reports: www.privacy.ca.gov/privacy_summit.htm.
Through a pilot project based in L.A. County, the Office has cleared identity theft-related problems from the credit records of over 100 foster children. The work will soon expand to other cities. See the project report: www.privacy.ca.gov/res/docs/pdf/Foster_Youth_Report_FINAL.pdf.
Data breach: California was the first state to enact a law requiring organizations to notify consumers when their personal information has been compromised.
When the California Legislature enacted an unprecedented data breach notification law in 2002, we jumped right in and wrote best practice recommendations to help California businesses and other organizations do the right thing. www.privacy.ca.gov/res/docs/pdf/COPP_Breach_Reco_Practices_6-09.pdf.
Our recommended practices inspired the International Association of Privacy Professionals to honor us with the 2009 HP-IAPP Privacy Innovation Award. As one of the judges explained, “There is no other state with the same level of outreach, experience and resources aligned to this topic [privacy].” www.privacyassociation.org/about_iapp/media/2007_10_24_iapp_unveils_winners_of_2007_hp-iapp_privacy_innovation_awards/.
Financial privacy: Californians tell financial institutions: “Ask me first!”
In 2003 California gave consumers more control over how their financial services companies share their personal information. Under the law (SB 1), institutions file a certain types of privacy notice with the Office. View them here: www.privacy.ca.gov/sb1.htm.
We offer good plain talk on your financial privacy rights here: CIS 2.
Childrens online safety: Answering the call for safe 21st century childhoods.
The Office’s coalition of businesses, law enforcement, educators and consumer privacy advocates is dedicated to safe online living for young people. Our special website is full of resources for parents and educators, on topics such as cyberbullying, social networking, and school acceptable use policies: www.cybersafety.ca.gov.
Health information privacy: Medical records are going digital. Good news for doctors, pharmacies, labs, and patients – but also some new privacy concerns.
The Office’s CIS 7 is the consumer’s guide to patient privacy in California: www.privacy.ca.gov/res/docs/pdf/cis7english.pdf.
Most recently, we published CIS 13 to help you decide before using one of the “personal health records” that some companies now offer online: www.privacy.ca.gov/res/docs/pdf/cis13phrs.pdf.
Cyber Security: We depend on the Internet for business, pleasure, and convenience. But it is an open network, which means it is insecure.
Cyber security is everyone’s job. In the arms race to protect our privacy and safety online, consumers have to stay alert and informed. Our CIS 12 gives consumers tools for the ongoing fight against viruses, hackers, and spies (oh my!): www.privacy.ca.gov/res/docs/pdf/cis_12_computer_security_10_10NEW.pdf.
REAL ID Act: The specter of a national identification card appeared in 2005 with the federal REAL ID Act.
The Department of Motor Vehicles (DMV) asked for our help with the privacy implications of the REAL ID Act. We joined the DMV’s working group and consulted with privacy and security experts inside and outside of government. In a 2011 report to the Legislature, the DMV noted: “California has positioned itself as one of the primary states to influence the review of the REAL ID Act and to address concerns related to federal funding; development of electronic verification systems; and the lack of privacy protection of personally identifiable information.” http://dmv.ca.gov/realid/real_id_qtr_rpt_2nd_qtr_2011.pdf.
Abandoned records: When a company goes out of business, its records (with your personal information) can turn up in storage facilities, alongside highways, or in dumpsters.
In 2009 the Office sponsored AB 1094, which amended the existing law on disposal of customer records to keep abandoned records containing personal information from falling into the wrong hands. The new law creates a safe harbor from civil suit to allow “legacy custodians” such as storage companies and landlords who end up in possession of abandoned records to dispose of them securely.
Social networking: We share news and photos with our far flung friends and family on social networks. But some risky practices can expose us to identity theft and other privacy harms.
In 2011, the Office published CIS 14 on the savvy use of social networking sites: www.privacy.ca.gov/res/docs/pdf/CIS14_Social_Networks_3_25_11.pdf.
The same year, we launched our own social media program on Facebook and Twitter. These are fun places where we offer background on privacy issues in the news, weekly Privacy Page Turner and Privacy Movie Picks, and features like the Privacy Dogs series on online tracking. Comment, like, share, and follow!
Mobile privacy: More of us every day are going to the web while on the move. How safe are smartphones and public Wi-Fi?
Many people haven’t fully recognized that their smart phones are little computers. They need the same types of security software that we use on our PCs to protect the treasure troves of personal information inside. Some of the nifty new apps that pop-up every day have flaws that can siphon off personal information. The Office is following the emerging issues of mobile privacy and sharing what we learn in our monthly web site Privacy Tips and on our Facebook page.
Visit the California Office of Privacy Protection Web site at www.privacy.ca.gov/.