In the mix...WSJ's "What They Know"; data potential in healthcare; and comparing the privacy bills in Congress

1.  The Wall Street Journal Online has a new feature section, ominously named, "What They Know." The section highlights articles that focus on technology and tracking.  The tone feels a little overwrought, with language that evokes spies, like "Stalking by Cellphone" and "The Web's New Gold Mine: Your Secrets."  Some of their methodology is a little simplistic.  Their study on how much people are "exposed" online was based on simply counting tracking tools, such as cookies and beacons, installed by certain websites.It is interesting, though, to see that the big, bad wolves of privacy, like Facebook and Google, are pretty low on the WSJ's exposure scale, while sites people don't really think about, like dictionary.com, are very high.  The debate around online data collection does need to shift to include companies that aren't so name-brand.2.  In response to WSJ's feature, AdAge published this article by Erin Jo Richey, a digital marketing analyst, addressing whether "online marketers are actually spies." She argues that she doesn't know that much about the people she's tracking, but she does admit she could know more:

I spend most of my time looking at trends and segments of visitors with shared characteristics rather than focusing on profiles of individual browsers. However, if I already know that Mary Smith bought a black toaster with product number 08971 on Monday morning, I can probably isolate the anonymous profile that represents Mary's visit to my website Monday morning.

3.  A nice graphic illustrates how data could transform healthcare. Are there people making these kinds of detailed arguments made for other industries and areas of research and policy?4.  There are now two proposed privacy bills in Congress, the BEST PRACTICES bill proposed by Representative Bobby Rush and the draft proposed by Representatives Rick Boucher and Cliff Stearns.  CDT has released a clear and concise table breaking down the differences between these two proposed bills and what CDT recommends.  Some things that jumped out at us:

• Both bills make exceptions for aggregated or de-identified data.  The BEST PRACTICES bill has a more descriptive definition of what that means, stating that it excepts aggregated information and information from which identifying information has been obscured or removed, such that there is no reasonable basis to believe that the information could be used to identify an individual or a computer used by the individual.  CDT supports the BEST PRACTICES exception.
• Both bills make some, though not sweeping provisions, for consumer access to the information collected about them.  CDT endorses neither, and would support a bill that would generally require covered entities to make available to consumers the covered information possessed about them along with a reasonable method of correction.  Some companies, including a start-up called Bynamite, have already begun to show consumers what's being collected, albeit in rather limited ways.  We at the Common Data Project hope this push to access also includes access to the richness of the information collected from all of us, and not just the interests asssociated with me.  It'll be interesting to see where this legislation goes, and how it might affect the development of our datatrust.