The Death of Safe Harbor is the Ultimate VRM and UMA Legal Opportunity

Why? The Advocate General's opinion and the Court's decision both turn on the inability of Safe Harbor to prevent surveillance. NO permitted basis for data transfer prevents surveillance, not Model Clauses, not Binding Corporate Rules (BCRs). Logically, if probably not in immediate corporate and EU national practice, the only bulletproof basis for data transfer to the US is now the ever-so-revocable CONSENT, which presumes no fictitious protection from surveillance. See also: https://www.linkedin.com/pulse/good-morning-safe-harbor-dead-what-does-mean-... Your thoughts? Jon Neiditz Kilpatrick Townsend & Stockton LLP Suite 2800 | 1100 Peachtree Street NE | Atlanta, GA 30309-4528 office 404 815 6004 | cell 678-427-7809 | fax 770 234 6341 jneiditz@kilpatricktownsend.com | www.kilpatricktownsend.com ________________________________ Confidentiality Notice: This communication constitutes an electronic communication within the meaning of the Electronic Communications Privacy Act, 18 U.S.C. Section 2510, and its disclosure is strictly limited to the recipient intended by the sender of this message. This transmission, and any attachments, may contain confidential attorney-client privileged information and attorney work product. If you are not the intended recipient, any disclosure, copying, distribution or use of any of the information contained in or attached to this transmission is STRICTLY PROHIBITED. Please contact us immediately by return e-mail or at 404 815 6500, and destroy the original transmission and its attachments without reading or saving in any manner. ________________________________ ***DISCLAIMER*** Per Treasury Department Circular 230: Any U.S. federal tax advice contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties under the Internal Revenue Code or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein.

Yes, Jim, and for the world to work and data to keep flowing, there must therefore (as a matter of logic, not politics) be a new regime of contracts, i.e. not the Model Clauses, but contracts with the person at the center. Jon Neiditz Kilpatrick Townsend & Stockton LLP Suite 2800 | 1100 Peachtree Street NE | Atlanta, GA 30309-4528 office 404 815 6004 | cell 678-427-7809 | fax 770 234 6341 jneiditz@kilpatricktownsend.com<mailto:jneiditz@kilpatricktownsend.com> | My Profile<http://www.kilpatricktownsend.com/en/Who%20We%20Are/Professionals/N/NeiditzJonathanA16125.aspx> | vCard<http://www.kilpatricktownsend.com/_assets/vcards/professionals/NeiditzJonathanA.vcf> [cid:image005.png@01D1001F.EDA9A800]<https://www.linkedin.com/in/informationmanagementlaw> [cid:image006.png@01D1001F.EDA9A800] <http://www.twitter.com/jonneiditz> From: James Hazard [mailto:james.g.hazard@gmail.com] Sent: Tuesday, October 06, 2015 9:53 AM To: Neiditz, Jon Cc: WG UMA; ProjectVRM list Subject: Re: [WG-UMA] The Death of Safe Harbor is the Ultimate VRM and UMA Legal Opportunity Do you mean that consent of the person permits transfer of data, but consent is necessarily revocable and data must be destroyed? On Oct 6, 2015 3:40 PM, "Neiditz, Jon" <JNeiditz@kilpatricktownsend.com<mailto:JNeiditz@kilpatricktownsend.com>> wrote: Why? The Advocate General's opinion and the Court's decision both turn on the inability of Safe Harbor to prevent surveillance. NO permitted basis for data transfer prevents surveillance, not Model Clauses, not Binding Corporate Rules (BCRs). Logically, if probably not in immediate corporate and EU national practice, the only bulletproof basis for data transfer to the US is now the ever-so-revocable CONSENT, which presumes no fictitious protection from surveillance. See also: https://www.linkedin.com/pulse/good-morning-safe-harbor-dead-what-does-mean-... Your thoughts? Jon Neiditz Kilpatrick Townsend & Stockton LLP Suite 2800 | 1100 Peachtree Street NE | Atlanta, GA 30309-4528 office 404 815 6004<tel:404%20815%206004> | cell 678-427-7809<tel:678-427-7809> | fax 770 234 6341<tel:770%20234%206341> jneiditz@kilpatricktownsend.com<mailto:jneiditz@kilpatricktownsend.com> | www.kilpatricktownsend.com<http://www.kilpatricktownsend.com> ________________________________ Confidentiality Notice: This communication constitutes an electronic communication within the meaning of the Electronic Communications Privacy Act, 18 U.S.C. Section 2510, and its disclosure is strictly limited to the recipient intended by the sender of this message. This transmission, and any attachments, may contain confidential attorney-client privileged information and attorney work product. If you are not the intended recipient, any disclosure, copying, distribution or use of any of the information contained in or attached to this transmission is STRICTLY PROHIBITED. Please contact us immediately by return e-mail or at 404 815 6500<tel:404%20815%206500>, and destroy the original transmission and its attachments without reading or saving in any manner. ________________________________ ***DISCLAIMER*** Per Treasury Department Circular 230: Any U.S. federal tax advice contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties under the Internal Revenue Code or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org<mailto:WG-UMA@kantarainitiative.org> http://kantarainitiative.org/mailman/listinfo/wg-uma

Very much agree Jon, Personal data control, what is achieved through ‘real' consent, is required for many things - among them is managing commercial relationships with vendors. But, VRM, in my opinion, would not be the only core driver for change. I still think compliance, combined with customer experience, is going to be the market driver. Personal data does not need to be destroyed if access to it only needs to be revoked, i.e. with UMA. I wrote a piece on this in 2011 for Identity Trust discussing how data protection industry is destroying privacy and undermining national security (not only the individual). The long and short version being, volunteered personal information is much more valuable to organisations. Personal control over my data is the best method of transferring data internationally with compliance and high levels of customer experience. - Mark

+1 Mark. UMA enables data to be accessed by reference instead of by value and reduces the need to copy it. With UMA, authorization servers become the primary point of aggregation (as well as notice for transparency) and the need for data brokers and deletion problems is reduced. UMA shifts the discussion to control and transparency of surveillance and aggregation, and it scales to serve personal, family, local, virtual community, national, and international "clouds". Adrian On Tue, Oct 6, 2015 at 11:18 AM, Mark Lizar <mark@smartspecies.com> wrote:
-- Adrian Gropper MD PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/

FWIW: http://new.commonaccord.org/index.php?action=source&file=GHx/KantaraInitiative/EU-US/Form/Doc_v0.md On Tue, Oct 6, 2015 at 6:17 PM, Adrian Gropper <agropper@healthurl.com> wrote:
-- @commonaccord

I hope I'm posting in the right place: Eve suggested that I take a few minutes in the next legal working group to walk through how CommonAccord handles text. I could do mechanics, or could focus on an example. If an example, it could be one that Adrian and I are working on, but the recent decision throwing the EU-US personal data Safe Harbor into question seems an attractive opportunity. It allows starting from nothing, and an opportunity to use open source collaboration to create the documents of a new regime. The current regime, both both technical and textual, needs an upgrade. The textual part includes contracts, legislation, and the things in between such as model agreements and "my company's form." Traditionally, these have suffered from bottlenecks and procrustean compromises. Open source collaboration side steps the limitations. With that in mind, I made a little stub of a "Consent" to transfer of personal data. It started as a single sentence. It is now expressed as an agreement and has stubs of sections for a few of the topics covered. The goal is to show how pieces can be put together. It is a Socratic document - stubs as questions intended to evoke answers. I invite people to kick tires, suggest a full outline of provisions, section completions, or use cases. If even a few people have had an opportunity to have their suggestions integrated (I will add all comers - the data model permits even inconsistent variations), then we might have a richer conversation on Friday. In parallel, Adrian and I are making progress on the really important patient consent use case. Framework for Alice-originated consents: http://new.commonaccord.org/index.php?action=source&file=GHx/KantaraInitiative/EU-US/Form/Doc_v0.md On Tue, Oct 6, 2015 at 6:33 PM, James Hazard <james.g.hazard@gmail.com> wrote:
-- @commonaccord

Some “BLT continuum” observations about costs and benefits: To the extent that data is volatile and has a short “half-life”, data accessed gets more attractive to access by reference. (That’s why we tend to point to calendars rather than get snapshots of them.) Also, to the extent that data is resource-intensive or difficult to construct/collect/reconstruct oneself, it gets more attractive to access from a good “source of truth”. (A counterexample — I think — is that this is why if someone needs to know your blood type, they just test for it rather than going through the rigamarole of doing federated sign-in, data discovery, consented data access, blah blah blah.) A challenging counterexample about volatility is one’s genome. It’s really not very volatile, so once it’s out there…it’s really out there. This is where extracting a “purpose of use” agreement from the requesting party gets more and more attractive, and more enforceable agreements are more attractive than less enforceable ones. Eve
Eve Maler | cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl | Calendar: xmlgrrl@gmail.com

Hi Mark,
I'll throw in my thoughts: We need new economic model that incentives individual data-owners to "share" their personal data, where consent can be given & retracted. This is where UMA comes in. /thomas/ ________________________________________ From: wg-uma-bounces@kantarainitiative.org [wg-uma-bounces@kantarainitiative.org] on behalf of Eve Maler [eve@xmlgrrl.com] Sent: Tuesday, October 06, 2015 3:24 PM To: Adrian Gropper Cc: WG UMA; ProjectVRM list Subject: Re: [WG-UMA] The Death of Safe Harbor is the Ultimate VRM and UMA Legal Opportunity Some “BLT continuum” observations about costs and benefits: To the extent that data is volatile and has a short “half-life”, data accessed gets more attractive to access by reference. (That’s why we tend to point to calendars rather than get snapshots of them.) Also, to the extent that data is resource-intensive or difficult to construct/collect/reconstruct oneself, it gets more attractive to access from a good “source of truth”. (A counterexample — I think — is that this is why if someone needs to know your blood type, they just test for it rather than going through the rigamarole of doing federated sign-in, data discovery, consented data access, blah blah blah.) A challenging counterexample about volatility is one’s genome. It’s really not very volatile, so once it’s out there…it’s really out there. This is where extracting a “purpose of use” agreement from the requesting party gets more and more attractive, and more enforceable agreements are more attractive than less enforceable ones. Eve On 6 Oct 2015, at 6:17 PM, Adrian Gropper <agropper@healthurl.com<mailto:agropper@healthurl.com>> wrote: +1 Mark. UMA enables data to be accessed by reference instead of by value and reduces the need to copy it. With UMA, authorization servers become the primary point of aggregation (as well as notice for transparency) and the need for data brokers and deletion problems is reduced. UMA shifts the discussion to control and transparency of surveillance and aggregation, and it scales to serve personal, family, local, virtual community, national, and international "clouds". Adrian On Tue, Oct 6, 2015 at 11:18 AM, Mark Lizar <mark@smartspecies.com<mailto:mark@smartspecies.com>> wrote: Very much agree Jon, Personal data control, what is achieved through ‘real' consent, is required for many things - among them is managing commercial relationships with vendors. But, VRM, in my opinion, would not be the only core driver for change. I still think compliance, combined with customer experience, is going to be the market driver. Personal data does not need to be destroyed if access to it only needs to be revoked, i.e. with UMA. I wrote a piece on this in 2011 for Identity Trust discussing how data protection industry is destroying privacy and undermining national security (not only the individual). The long and short version being, volunteered personal information is much more valuable to organisations. Personal control over my data is the best method of transferring data internationally with compliance and high levels of customer experience. - Mark On 6 Oct 2015, at 14:53, James Hazard <james.g.hazard@gmail.com<mailto:james.g.hazard@gmail.com>> wrote: Do you mean that consent of the person permits transfer of data, but consent is necessarily revocable and data must be destroyed? On Oct 6, 2015 3:40 PM, "Neiditz, Jon" <JNeiditz@kilpatricktownsend.com<mailto:JNeiditz@kilpatricktownsend.com>> wrote: Why? The Advocate General's opinion and the Court's decision both turn on the inability of Safe Harbor to prevent surveillance. NO permitted basis for data transfer prevents surveillance, not Model Clauses, not Binding Corporate Rules (BCRs). Logically, if probably not in immediate corporate and EU national practice, the only bulletproof basis for data transfer to the US is now the ever-so-revocable CONSENT, which presumes no fictitious protection from surveillance. See also: https://www.linkedin.com/pulse/good-morning-safe-harbor-dead-what-does-mean-... Your thoughts? Jon Neiditz Kilpatrick Townsend & Stockton LLP Suite 2800 | 1100 Peachtree Street NE | Atlanta, GA 30309-4528 office 404 815 6004<tel:404%20815%206004> | cell 678-427-7809<tel:678-427-7809> | fax 770 234 6341<tel:770%20234%206341> jneiditz@kilpatricktownsend.com<mailto:jneiditz@kilpatricktownsend.com> | www.kilpatricktownsend.com<http://www.kilpatricktownsend.com/> ________________________________ Confidentiality Notice: This communication constitutes an electronic communication within the meaning of the Electronic Communications Privacy Act, 18 U.S.C. Section 2510, and its disclosure is strictly limited to the recipient intended by the sender of this message. This transmission, and any attachments, may contain confidential attorney-client privileged information and attorney work product. If you are not the intended recipient, any disclosure, copying, distribution or use of any of the information contained in or attached to this transmission is STRICTLY PROHIBITED. Please contact us immediately by return e-mail or at 404 815 6500<tel:404%20815%206500>, and destroy the original transmission and its attachments without reading or saving in any manner. ________________________________ ***DISCLAIMER*** Per Treasury Department Circular 230: Any U.S. federal tax advice contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties under the Internal Revenue Code or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org<mailto:WG-UMA@kantarainitiative.org> http://kantarainitiative.org/mailman/listinfo/wg-uma _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org<mailto:WG-UMA@kantarainitiative.org> http://kantarainitiative.org/mailman/listinfo/wg-uma _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org<mailto:WG-UMA@kantarainitiative.org> http://kantarainitiative.org/mailman/listinfo/wg-uma -- Adrian Gropper MD PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org<mailto:WG-UMA@kantarainitiative.org> http://kantarainitiative.org/mailman/listinfo/wg-uma Eve Maler | cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl | Calendar: xmlgrrl@gmail.com<mailto:xmlgrrl@gmail.com>

The whole concept of consent with regard to personal information (be it identified or de-identified) is problematic in a highly connected system with infinite memory. In this new world order (high connectivity and infinite storage), we need to shift from prior consent to transaction authorization. Consider what it means to grant prior consent to your genome. Your decision affects your ancestors and your descendants. The way that your genome will be interpreted a year from now is almost completely unknowable today and hence you cannot be informed of the consequences of that interpretation. The genome is not as extreme a case as it might seem. Any high-dimensional data about you and your family is subject to the same issues. We need to reconsider the cost/benefit of giving Facebook and Google and Surescripts and our favorite large research organization consent to any personal data aggregation whatsoever. UMA paves the path away from prior consent to transaction authorization. Adrian On Tue, Oct 6, 2015 at 3:45 PM, Thomas Hardjono <hardjono@mit.edu> wrote:
-- Adrian Gropper MD PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/

Adrian - I agree that a move from general "prior consent to transaction authorization" is right on target. The current consent practices are way too general and cover way too much for way too long. I wonder though - is there not also a need for a transaction type to consent and authorize a more general case of data sharing? Such consent would still need to be revocable (or it is not really consent) and revocation may result in effectively quitting the network or other system. But if the consent were "transaction by transaction" in larger connected networks of systems (thinking of financial, educational, workplace, etc networks. also perhaps hospital chains?) would we not end up in a different bnd of non-stop consent management? Or am I missing something? (evidently I'm not permitted to post to VRM... feel free to repost this) _ _ _ _ _ _ _ _ _ _ _ _ _ _ | Dazza Greenwood, JD | CIVICS.com, Founder & Principal | MIT Media Lab, Visiting Scientist | Vmail: 617.500.3644 | Email: dazza@CIVICS.com | Biz: http://CIVICS.com | MIT: https://law.MIT.edu | Me: DazzaGreenwood.com | Twitter: @DazzaGreenwood | Google+: google.com/+DazzaGreenwood | LinkedIn: linkedin.com/in/DazzaGreenwood | GitHub: github.com/DazzaGreenwood/Interface | Postal: P.O. Box 425845 Cambridge, MA 02142 | _ _ _ _ _ _ _ _ _ _ _ _ _ _ On Tue, Oct 6, 2015 at 3:58 PM, Adrian Gropper <agropper@healthurl.com> wrote:

In privacy it has always been a balancing, e.g.: “Revocation is not effective with respect to acts/omissions in reliance on the prior consent.“ But what does that mean in all these contexts, and how much variability must VRM and maybe UMA allow? Jon Neiditz Kilpatrick Townsend & Stockton LLP Suite 2800 | 1100 Peachtree Street NE | Atlanta, GA 30309-4528 office 404 815 6004 | cell 678-427-7809 | fax 770 234 6341 jneiditz@kilpatricktownsend.com<mailto:jneiditz@kilpatricktownsend.com> | My Profile<http://www.kilpatricktownsend.com/en/Who%20We%20Are/Professionals/N/NeiditzJonathanA16125.aspx> | vCard<http://www.kilpatricktownsend.com/_assets/vcards/professionals/NeiditzJonathanA.vcf> [cid:image005.png@01D10055.C231D180]<https://www.linkedin.com/in/informationmanagementlaw> [cid:image006.png@01D10055.C231D180] <http://www.twitter.com/jonneiditz> From: wg-uma-bounces@kantarainitiative.org [mailto:wg-uma-bounces@kantarainitiative.org] On Behalf Of Dazza Greenwood Sent: Tuesday, October 06, 2015 4:35 PM To: Adrian Gropper Cc: WG UMA; ProjectVRM list Subject: Re: [WG-UMA] The Death of Safe Harbor is the Ultimate VRM and UMA Legal Opportunity Adrian - I agree that a move from general "prior consent to transaction authorization" is right on target. The current consent practices are way too general and cover way too much for way too long. I wonder though - is there not also a need for a transaction type to consent and authorize a more general case of data sharing? Such consent would still need to be revocable (or it is not really consent) and revocation may result in effectively quitting the network or other system. But if the consent were "transaction by transaction" in larger connected networks of systems (thinking of financial, educational, workplace, etc networks. also perhaps hospital chains?) would we not end up in a different bnd of non-stop consent management? Or am I missing something? (evidently I'm not permitted to post to VRM... feel free to repost this) _ _ _ _ _ _ _ _ _ _ _ _ _ _ | Dazza Greenwood, JD | CIVICS.com, Founder & Principal | MIT Media Lab, Visiting Scientist | Vmail: 617.500.3644 | Email: dazza@CIVICS.com<mailto:dazza@CIVICS.com> | Biz: http://CIVICS.com | MIT: https://law.MIT.edu | Me: DazzaGreenwood.com | Twitter: @DazzaGreenwood | Google+: google.com/+DazzaGreenwood<http://google.com/+DazzaGreenwood> | LinkedIn: linkedin.com/in/DazzaGreenwood<http://linkedin.com/in/DazzaGreenwood> | GitHub: github.com/DazzaGreenwood/Interface<http://github.com/DazzaGreenwood/Interface> | Postal: P.O. Box 425845 Cambridge, MA 02142 | _ _ _ _ _ _ _ _ _ _ _ _ _ _ On Tue, Oct 6, 2015 at 3:58 PM, Adrian Gropper <agropper@healthurl.com<mailto:agropper@healthurl.com>> wrote: The whole concept of consent with regard to personal information (be it identified or de-identified) is problematic in a highly connected system with infinite memory. In this new world order (high connectivity and infinite storage), we need to shift from prior consent to transaction authorization. Consider what it means to grant prior consent to your genome. Your decision affects your ancestors and your descendants. The way that your genome will be interpreted a year from now is almost completely unknowable today and hence you cannot be informed of the consequences of that interpretation. The genome is not as extreme a case as it might seem. Any high-dimensional data about you and your family is subject to the same issues. We need to reconsider the cost/benefit of giving Facebook and Google and Surescripts and our favorite large research organization consent to any personal data aggregation whatsoever. UMA paves the path away from prior consent to transaction authorization. Adrian On Tue, Oct 6, 2015 at 3:45 PM, Thomas Hardjono <hardjono@mit.edu<mailto:hardjono@mit.edu>> wrote: Hi Mark,
I'll throw in my thoughts: We need new economic model that incentives individual data-owners to "share" their personal data, where consent can be given & retracted. This is where UMA comes in. /thomas/ ________________________________________ From: wg-uma-bounces@kantarainitiative.org<mailto:wg-uma-bounces@kantarainitiative.org> [wg-uma-bounces@kantarainitiative.org<mailto:wg-uma-bounces@kantarainitiative.org>] on behalf of Eve Maler [eve@xmlgrrl.com<mailto:eve@xmlgrrl.com>] Sent: Tuesday, October 06, 2015 3:24 PM To: Adrian Gropper Cc: WG UMA; ProjectVRM list Subject: Re: [WG-UMA] The Death of Safe Harbor is the Ultimate VRM and UMA Legal Opportunity Some “BLT continuum” observations about costs and benefits: To the extent that data is volatile and has a short “half-life”, data accessed gets more attractive to access by reference. (That’s why we tend to point to calendars rather than get snapshots of them.) Also, to the extent that data is resource-intensive or difficult to construct/collect/reconstruct oneself, it gets more attractive to access from a good “source of truth”. (A counterexample — I think — is that this is why if someone needs to know your blood type, they just test for it rather than going through the rigamarole of doing federated sign-in, data discovery, consented data access, blah blah blah.) A challenging counterexample about volatility is one’s genome. It’s really not very volatile, so once it’s out there…it’s really out there. This is where extracting a “purpose of use” agreement from the requesting party gets more and more attractive, and more enforceable agreements are more attractive than less enforceable ones. Eve On 6 Oct 2015, at 6:17 PM, Adrian Gropper <agropper@healthurl.com<mailto:agropper@healthurl.com><mailto:agropper@healthurl.com<mailto:agropper@healthurl.com>>> wrote: +1 Mark. UMA enables data to be accessed by reference instead of by value and reduces the need to copy it. With UMA, authorization servers become the primary point of aggregation (as well as notice for transparency) and the need for data brokers and deletion problems is reduced. UMA shifts the discussion to control and transparency of surveillance and aggregation, and it scales to serve personal, family, local, virtual community, national, and international "clouds". Adrian On Tue, Oct 6, 2015 at 11:18 AM, Mark Lizar <mark@smartspecies.com<mailto:mark@smartspecies.com><mailto:mark@smartspecies.com<mailto:mark@smartspecies.com>>> wrote: Very much agree Jon, Personal data control, what is achieved through ‘real' consent, is required for many things - among them is managing commercial relationships with vendors. But, VRM, in my opinion, would not be the only core driver for change. I still think compliance, combined with customer experience, is going to be the market driver. Personal data does not need to be destroyed if access to it only needs to be revoked, i.e. with UMA. I wrote a piece on this in 2011 for Identity Trust discussing how data protection industry is destroying privacy and undermining national security (not only the individual). The long and short version being, volunteered personal information is much more valuable to organisations. Personal control over my data is the best method of transferring data internationally with compliance and high levels of customer experience. - Mark On 6 Oct 2015, at 14:53, James Hazard <james.g.hazard@gmail.com<mailto:james.g.hazard@gmail.com><mailto:james.g.hazard@gmail.com<mailto:james.g.hazard@gmail.com>>> wrote: Do you mean that consent of the person permits transfer of data, but consent is necessarily revocable and data must be destroyed? On Oct 6, 2015 3:40 PM, "Neiditz, Jon" <JNeiditz@kilpatricktownsend.com<mailto:JNeiditz@kilpatricktownsend.com><mailto:JNeiditz@kilpatricktownsend.com<mailto:JNeiditz@kilpatricktownsend.com>>> wrote: Why? The Advocate General's opinion and the Court's decision both turn on the inability of Safe Harbor to prevent surveillance. NO permitted basis for data transfer prevents surveillance, not Model Clauses, not Binding Corporate Rules (BCRs). Logically, if probably not in immediate corporate and EU national practice, the only bulletproof basis for data transfer to the US is now the ever-so-revocable CONSENT, which presumes no fictitious protection from surveillance. See also: https://www.linkedin.com/pulse/good-morning-safe-harbor-dead-what-does-mean-... Your thoughts? Jon Neiditz Kilpatrick Townsend & Stockton LLP Suite 2800 | 1100 Peachtree Street NE | Atlanta, GA 30309-4528 office 404 815 6004<tel:404%20815%206004><tel:404%20815%206004> | cell 678-427-7809<tel:678-427-7809><tel:678-427-7809<tel:678-427-7809>> | fax 770 234 6341<tel:770%20234%206341><tel:770%20234%206341> jneiditz@kilpatricktownsend.com<mailto:jneiditz@kilpatricktownsend.com><mailto:jneiditz@kilpatricktownsend.com<mailto:jneiditz@kilpatricktownsend.com>> | www.kilpatricktownsend.com<http://www.kilpatricktownsend.com><http://www.kilpatricktownsend.com/> ________________________________ Confidentiality Notice: This communication constitutes an electronic communication within the meaning of the Electronic Communications Privacy Act, 18 U.S.C. Section 2510, and its disclosure is strictly limited to the recipient intended by the sender of this message. This transmission, and any attachments, may contain confidential attorney-client privileged information and attorney work product. If you are not the intended recipient, any disclosure, copying, distribution or use of any of the information contained in or attached to this transmission is STRICTLY PROHIBITED. Please contact us immediately by return e-mail or at 404 815 6500<tel:404%20815%206500><tel:404%20815%206500>, and destroy the original transmission and its attachments without reading or saving in any manner. ________________________________ ***DISCLAIMER*** Per Treasury Department Circular 230: Any U.S. federal tax advice contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties under the Internal Revenue Code or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org<mailto:WG-UMA@kantarainitiative.org><mailto:WG-UMA@kantarainitiative.org<mailto:WG-UMA@kantarainitiative.org>> http://kantarainitiative.org/mailman/listinfo/wg-uma _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org<mailto:WG-UMA@kantarainitiative.org><mailto:WG-UMA@kantarainitiative.org<mailto:WG-UMA@kantarainitiative.org>> http://kantarainitiative.org/mailman/listinfo/wg-uma _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org<mailto:WG-UMA@kantarainitiative.org><mailto:WG-UMA@kantarainitiative.org<mailto:WG-UMA@kantarainitiative.org>> http://kantarainitiative.org/mailman/listinfo/wg-uma -- Adrian Gropper MD PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org<mailto:WG-UMA@kantarainitiative.org><mailto:WG-UMA@kantarainitiative.org<mailto:WG-UMA@kantarainitiative.org>> http://kantarainitiative.org/mailman/listinfo/wg-uma Eve Maler | cell +1 425.345.6756<tel:%2B1%20425.345.6756> | Skype: xmlgrrl | Twitter: @xmlgrrl | Calendar: xmlgrrl@gmail.com<mailto:xmlgrrl@gmail.com><mailto:xmlgrrl@gmail.com<mailto:xmlgrrl@gmail.com>> -- Adrian Gropper MD PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org<mailto:WG-UMA@kantarainitiative.org> http://kantarainitiative.org/mailman/listinfo/wg-uma

Dazza asks below if we need "to consent a more general case of data sharing"? Conversely, do we have any cases where transaction authorization is impractical in a connected system? Off-hand, I can't think of any reasons for prior consent to sharing my personal data as opposed to asking my authorization server, which request would include a suggested token lifetime. Adrian On Tue, Oct 6, 2015 at 4:35 PM, Dazza Greenwood <dazza@civics.com> wrote:
-- Adrian Gropper MD PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/

+1 to Thomas' call for new economic models that appropriately incentivize good behavior for individually controlled consent management for personal data sharing. Economic models necessarily align behaviors with rewards, costs and/or risks that are quantifiable as money, otherwise they are not really economic. Rewards, costs and risks for the role of "individual data owners" have corollaries with each other role involved. Although a $5 incentive for party A may not be a direct $5 cost for party B, nonetheless, economic incentives have major interdependencies among all parties involved. To that point, I share for comment a rough draft book chapter on use of trust marks to manage aspects of personal data sharing and the flow of big data: https://github.com/CIVICS/Resources/wiki/Big-Data-and-Personal-Data-Trust-Ne... The focus is on re-identification risks but the rubric applies more generally. The piece describes some modular parts of a "Trust Network" approach to enable fair value exchange for sharing personal data and big data flows that are both effective and responsible. Perhaps systems of Trust Networks can replace the ill-fated Safe Harbor program by focusing on minimum set of common business practices, legal rules and technical capabilities that are measurable, reliable and relevant to user consent for sharing of personal data. _ _ _ _ _ _ _ _ _ _ _ _ _ _ | Dazza Greenwood, JD | CIVICS.com, Founder & Principal | MIT Media Lab, Visiting Scientist | Vmail: 617.500.3644 | Email: dazza@CIVICS.com | Biz: http://CIVICS.com | MIT: https://law.MIT.edu | Me: DazzaGreenwood.com | Twitter: @DazzaGreenwood | Google+: google.com/+DazzaGreenwood | LinkedIn: linkedin.com/in/DazzaGreenwood | GitHub: github.com/DazzaGreenwood/Interface | Postal: P.O. Box 425845 Cambridge, MA 02142 | _ _ _ _ _ _ _ _ _ _ _ _ _ _ On Tue, Oct 6, 2015 at 3:45 PM, Thomas Hardjono <hardjono@mit.edu> wrote:
participants (7)
-
Adrian Gropper
-
Dazza Greenwood
-
Eve Maler
-
James Hazard
-
Mark Lizar
-
Neiditz, Jon
-
Thomas Hardjono