The ability for individuals to interact online without sacrificing their personal privacy is a vital part of the Internet’s value, and is intimately related to its trustworthiness.

Privacy is about retaining the ability to disclose data consensually, and with expectations about the context and scope of sharing. Identifiability, linkability of data, and the mining of vast quantities of aggregated information all erode the individual’s ability to manage disclosure, context, and scope. Networks depend on the use of unique (and often identifying) numbers, and facilitate the instant global dissemination of information; increasingly, devices and applications gather and use geolocation data that builds up into a unique ‘track’ for each user. A growing commercial ecosystem based on targeted and behavioural advertising results in an inexorable financial pressure for service providers to exploit personal data. The privacy implications of the current Internet represent a significant and growing concern.

The Internet Society has dedicated outreach activities on identity and privacy. These are aimed at technology vendors and adopters, to encourage privacy-respecting technology deployment, and at policymakers and legislators to provide the necessary counter-balances to commercial expediency. We also aim to ensure that users are better informed about the benefits of good online privacy, so that they can make better privacy choices and make use of appropriate privacy-enhancing tools online.

Our work on privacy

The Internet Society works at the intersection of technology and policy supporting privacy standards (legal and technical) that are openly developed, transparent, globally-interoperable and user-centric.

Contributing to policy development

We contribute to the OECD‘s work on privacy and data protection through the Internet Technical Advisory Committee (ITAC) coordinated by the Internet Society. In 2013, the OECD revised the Guidelines on the Protection of Privacy and Transborder Flows of Personal Data.

The Internet Society (representing ITAC) also participated in the panel on Fostering Innovation in Privacy Protection at the OECD Conference on The Evolving Role of the Individual in Privacy Protection: 30 Years after the OECD Privacy Guidelines and the concluding session of the OECD Technology Foresight Forum 2012 Harnessing data as a new source of growth: Big data analytics and policies.

Please read ITAC’s speaking points.

The Internet Society also participates in APEC’s work on privacy in the APEC ESCG Data Privacy Subgroup (DPS) as an invited guest in the APEC Electronic Commerce Steering Group (ECSG).

In 2011, APEC leaders approved the APEC CBPR system, a voluntary accountability-based system designed to facilitate privacy-respecting tranborder data flows among participating APEC economies. The system applies the standards of the APEC Privacy Framework to cross-border data flows. APEC is currently undertaking a “stocktake” of the APEC Privacy Framework and working on a cross-border privacy standards for processors.

The Council of Europe Consultative Committee of the Convention for the protection of individuals with regard to automatica processing of personal data (T-PD) is leading the modernisation of Convention 108.

The Internet Society having been granted Observer status in the T-PD in October 2012, is contributing to the T-PD’s work regarding the Convention and other areas within its mandate. The Internet Society also participated in the CAHDATA ad-hoc committee as an Observer.

Internet protocols and standards

Internet Society staff participate in the:

  • W3C Privacy Interest Group (as co-chair) (a forum to monitor ongoing privacy issues that affect the Web, investigate potential areas for new privacy work, and provide guidelines and advice for addressing privacy in standards development)

and other technical fora where privacy issues are considered.

Global surveys on Internet Privacy

In response to an Internet Society survey in May 2010, Internet Society members from around the world provided information about emerging privacy challenges in their local region and suggestions to address those challenges. Please read our report.

In 2013, in response to a micro survey, Internet Society members and others provided their views as to what data should be protected online and how “personal data” should be defined. Please read our report.

In 2015, the Internet Society published the results of a survey on individuals’ needs and expectations regarding the ability to communicate online confidentially. Please read our report and blog post.

Internet technical workshops and symposia

In December 2010, the Internet Society participated in and jointly sponsored an Internet Privacy Workshop together with the Internet Architecture Board (IAB)Massachusetts Institute of Technology (MIT) and the World Wide Web Consortium (W3C). This workshop examined the approaches taken by developers of Internet technologies and explored paths for developing privacy-improving Internet technologies in a multistakeholder, consensus-driven environment. An outcome of that meeting was the creation of the IETF Privacy Directorate.

In May 2011, we co-chaired a W3C Workshop on Identity in the Browser to discuss how to modify the Web-browsing experience to effectively manage, access and share online identity and related personal data in a secure, privacy-respecting manner.

We are also very pleased to have been part of the program committee for the W3C Workshop on Web Tracking and User Privacy held in April 2011. An outcome of this workshop was the creation of the W3C Tracking Protection Working Group which seeks to standardize the technology and meaning of Do Not Track and Tracking Selection Lists.

In October 2011, the Internet Society participated in a Privacy Standards Experts Roundtable organised by the Organization for the Advancement of Structured Information Standards (OASIS).

We are also pleased to have participated in the program committee for the W3C Workshop on Do Not Track and Beyond held in Berkeley, California on 26-27 November 2012.

Internet governance workshops and discussions

The Internet Society and the Electronic Frontier Foundation (EFF) co-organised a multi-stakeholder workshop at the 2010 Internet Governance Forum (IGF) on The Future of Privacy.

At the 2011 IGF, the Internet Society participated in the panel for the main session on Security, Openness and Privacy. Please read the Internet Society’s opening statement.

In May 2012, the Internet Society conducted a roundtable at the WSIS Forum 2012 in Geneva – Data Privacy on a global scale: keeping pace with an evolving environment – with perspectives from the OECD, Council of Europe, UNECSO, APEC, the business community, civil society and the Internet technical community.

In June 2012, the Internet Society participated in a Council of Europe event alongside the 20th session of the Human Rights Council – The Right to Protection of Personal Data in the Digital Era. This was an excellent opportunity for human rights experts to delve into topical privacy issues and to consider the interplay between privacy and other human rights in the online environment.

The Internet Society co-organised three IGF workshops (Baku, November 2012) that covered privacy and identity issues:

At the WSIS+10 Review Event (Paris, February 2013), the Internet Society organised a session entitled “The new PII: Privacy Impacting Information” and participated as a panelist in a Special Internet Event Session organised by UNESCO on “Promoting Privacy and Freedom of Expression”.

In May 2013, the Internet Society organised a thematic workshop entitled “To be or not to be identified: Hamlet’s quandary in the digital era” at the WSIS Forum.

Privacy News

IoT Privacy for Policymakers: Solutions Need Informed Discussion
IoT Privacy for Policymakers: Solutions Need Informed Discussion Thumbnail
Privacy 19 September 2019

IoT Privacy for Policymakers: Solutions Need Informed Discussion

The consumer Internet of Things market is growing exponentially – one prediction suggests that people will be using 25...

OTA Analysis Finds Most Organizations Not Ready For New Privacy Regulations
Press Releases 17 September 2019

OTA Analysis Finds Most Organizations Not Ready For New Privacy Regulations

Reston, VA. – September 17, 2019 – The Internet Society’s Online Trust Alliance (OTA), which identifies and promotes security...

How “Fresh” is That Privacy Statement?
How “Fresh” is That Privacy Statement? Thumbnail
Privacy 27 August 2019

How “Fresh” is That Privacy Statement?

One of the best practices we advocate and measure in our Online Trust Audit is that privacy statements should...

Deep Dive: How Healthcare Organizations Practice Privacy and Security
Deep Dive: How Healthcare Organizations Practice Privacy and Security Thumbnail
Privacy 20 August 2019

Deep Dive: How Healthcare Organizations Practice Privacy and Security

In April, the Online Trust Alliance published the 11th annual Online Trust Audit assessing the security and privacy of...

The Capital One breach was preventable, experts say. Here’s what to do now.
Houston Chronicle Logo
In the News 5 August 2019

The Capital One breach was preventable, experts say. Here’s what to do now.

Houston Chronicle
Accessible, Clear, and Appropriate: An Open Letter to Amazon on Privacy Policies
Accessible, Clear, and Appropriate: An Open Letter to Amazon on Privacy Policies Thumbnail
Privacy 17 July 2019

Accessible, Clear, and Appropriate: An Open Letter to Amazon on Privacy Policies

With great power comes great responsibility. Online marketplaces, such as Amazon, are becoming increasingly common. But can consumers count...

Load More