[Global_industry_committee] Preliminary FTC Staff Report - Protecting Consumer Privacy in an Era of Rapid Change

Colin Watson colin.watson at owasp.org
Thu Feb 17 19:34:39 EST 2011

Thank you to everyone for their input to the response.  The privacy
working session at the summit was very productive and this encouraged
much more feedback and additional content.

The final response has now been submitted as a PDF, available from:


It's been a pleasure working with you on this - I met so many new
people with a passion for this topic.


Colin Watson
OWASP Global Industry Committee

On 17 December 2010 14:49, Colin Watson <colin.watson at owasp.org> wrote:
> I'm less certain about this...
>  Protecting Consumer Privacy in an Era of Rapid Change
>  A framework for businesses and policymakers
>  http://www.ftc.gov/os/2010/12/101201privacyreport.pdf
> but it is aimed at business, and OWASP has already been cited in this
> FTC document:
>  Protecting Personal Information: A Guide for Business
>  http://business.ftc.gov/documents/bus69-protecting-personal-information-guide-business
> The proposed framework is based on three principles, which have some
> relevant content:
> 1. Privacy by design
> 2. Simplified choice
> 3. Greater transparency
> In the first of these "data security" is listed as an example practice
> to build in.  This document also talks about a persistent mechanism to
> allow consumers to opt out of tracking - commentators elsewhere
> believe this might be a "Do Not Track" header added by the browser.  I
> think we need to be careful what constitutes tracking - behavioural
> advertising yes, but how about security event logging, incident
> response or even session management?
> Responses are being accepted until 31 January 2011.  Is it worth responding to:
> 1. if OWASP has something relevant to say, and
> 2. to keep OWASP on the radar as an organisation that engages with others
> ?
> Regards
> Colin Watson
> Global Industry Committee
> http://www.owasp.org/index.php/Global_Industry_Committee

More information about the Global_industry_committee mailing list