How PeopleSmart Thinks About Privacy
We just posted a new section on our site that talks about how we think about privacy at PeopleSmart. Our goal is to follow the law and make our products line up with social expectations for privacy. Since we just launched the page, we thought it'd be a good chance to summarize and introduce some of our thoughts. If you have any thoughts or suggestions, please comment below to let us know what you think.
More and more information about people is online. This can create privacy concerns. In the face of this uncertainty, we expect our legal and social expectations to predict how information is collected and used. But our expectations are often incorrect, making it harder to be rational when making privacy decisions. Helen Nissenbaum, a privacy expert and computer scientist at NYU explains the problem this way: "When the flow of information adheres to entrenched norms all is well; violations of these norms, however, often result in protest and complaint."
At PeopleSmart we consider how users feel when using our products. For example, we believe people expect to have control of their information. So we allow users to remove or manage their information and easily cancel memberships. Our products also how we put together our reports. In a criminal records check, we define the states searched, counties searched, databases searched (e.g., Statewide Felony, Misdemeanor and Traffic, etc.), and years searched. We only enable results on social networking sites like LinkedIn or Facebook when a user authenticates within a social networking site, but we never "scrape" data from these sites. We also protect our data by physically securing our servers and encrypting sensitive information.
Many laws deal with privacy. PeopleSmart complies with the FTC Policy Statement on Deception and Section 5 of the FTC Act--bans on deception and unfair practices--by clearly stating what information we have, and avoiding unfair or deceptive advertisements or claims about our products. We do not provide Fair Credit Reporting Act (FCRA) information; instead, we link to sites that provide FCRA information and explain how our information can be used. Beyond these laws, at least three privacy frameworks apply:
Courts, legislatures, and regulators can continue to apply laws with current and future technology in mind to improve privacy. The law could also be enforced in this way. In this vein, courts have held data brokers accountable for breaking the law, and the Supreme Court bolstered the Fair Credit Reporting Act (FCRA) by finding that a defendant violates the Act if they willfully fail to comply with it. The FTC has recently brought charges against companies that violated users' privacy and broke FCRA violations. Education is also a crucial part of this effort; privacy is complex, but we can make better decisions if we are informed. Businesses can lead the way by educating consumers and establishing best practices. The FTC has also shown exceptional energy and done important work by educating consumers, leading industry discussions, and protecting consumers. We commend their work.
To learn more, check out our new page on How We Think About Privacy or our Privacy Education page. These pages are still a work in progress, so we'll be releasing more content and features soon that align with our thinking on privacy. Check back soon to learn more, and please leave us a comment below with your thoughts and suggestions.
Our Philosophy On Privacy
More and more information about people is online. This can create privacy concerns. In the face of this uncertainty, we expect our legal and social expectations to predict how information is collected and used. But our expectations are often incorrect, making it harder to be rational when making privacy decisions. Helen Nissenbaum, a privacy expert and computer scientist at NYU explains the problem this way: "When the flow of information adheres to entrenched norms all is well; violations of these norms, however, often result in protest and complaint."
At PeopleSmart we consider how users feel when using our products. For example, we believe people expect to have control of their information. So we allow users to remove or manage their information and easily cancel memberships. Our products also how we put together our reports. In a criminal records check, we define the states searched, counties searched, databases searched (e.g., Statewide Felony, Misdemeanor and Traffic, etc.), and years searched. We only enable results on social networking sites like LinkedIn or Facebook when a user authenticates within a social networking site, but we never "scrape" data from these sites. We also protect our data by physically securing our servers and encrypting sensitive information.
Privacy Laws & Frameworks Applicable To PeopleSmart
Many laws deal with privacy. PeopleSmart complies with the FTC Policy Statement on Deception and Section 5 of the FTC Act--bans on deception and unfair practices--by clearly stating what information we have, and avoiding unfair or deceptive advertisements or claims about our products. We do not provide Fair Credit Reporting Act (FCRA) information; instead, we link to sites that provide FCRA information and explain how our information can be used. Beyond these laws, at least three privacy frameworks apply:
- The FTC consumer privacy framework recommends that users be permitted to correct and delete their information and calls for industry-led consumer education.
- The White House Consumer Privacy Bill of Rights calls for "transparency to individuals about how data about them is collected, used, and disseminated and the opportunity for individuals to access and correct data that has been collected about them."
- The Department of Homeland Security's Fair Information Practice Principles promote "mechanisms for appropriate access, correction, and redress" of personal information.
Improving Privacy In People Search
Courts, legislatures, and regulators can continue to apply laws with current and future technology in mind to improve privacy. The law could also be enforced in this way. In this vein, courts have held data brokers accountable for breaking the law, and the Supreme Court bolstered the Fair Credit Reporting Act (FCRA) by finding that a defendant violates the Act if they willfully fail to comply with it. The FTC has recently brought charges against companies that violated users' privacy and broke FCRA violations. Education is also a crucial part of this effort; privacy is complex, but we can make better decisions if we are informed. Businesses can lead the way by educating consumers and establishing best practices. The FTC has also shown exceptional energy and done important work by educating consumers, leading industry discussions, and protecting consumers. We commend their work.
To learn more, check out our new page on How We Think About Privacy or our Privacy Education page. These pages are still a work in progress, so we'll be releasing more content and features soon that align with our thinking on privacy. Check back soon to learn more, and please leave us a comment below with your thoughts and suggestions.
