Symposium on Application Programming Interfaces & Privacy
On February 5, Len Cali, Senior Vice President, Global Public Policy, AT&T, hosted an in-depth discussion on Application Programming Interfaces (API), software functionality that currently enables two applications to communicate with one another, and the privacy issues associated with its use.
The event included keynote remarks from Thomas Norton, Executive Director, Fordham Center on Law and Information Policy (CLIP), and Florian Schaub, Assistant Professor, School of Information, University of Michigan.
A policy panel moderated by Sara Fischer, Axios, followed with participants: Danielle Coffey, Senior Vice President, Strategic Initiatives and Counsel, News Media Alliance; David LeDuc, Vice President, Public Policy, Network Advertising Initiative (NAI); Maureen K. Ohlhausen, Partner and Co-Chair, Antitrust Practice, Baker Botts; Michelle Richardson, Director of the Privacy & Data Project, Center for Democracy & Technology; John Verdi, Vice President of Policy, Future of Privacy Forum; and other industry and policy experts.
Speaker biographies are available here.
Download the APIs and Your Privacy paper here.
Presentation materials are available here.
Application Programming Interfaces, or APIs, have been at the core of many recent privacy headlines in the news media. APIs are basically software functionality – predefined protocols that enable different websites or applications to communicate and share information. APIs have an enormous impact on consumers’ online experience because APIs are used practically everywhere – in social media, online shopping, Internet search engines, games, shopping, news, video and music streaming, mapping, mobile payments, and more. And because APIs collect large amounts of personal information, their impact on consumer privacy is significant.
This week, the Policy Forum hosted both a keynote address and an in-depth panel discussion examining APIs and the privacy implications for consumers in the Internet ecosystem. At the Policy Forum’s Symposium on Application Programming Interfaces and Privacy, Thomas Norton, Executive Director of the Fordham Center on Law and Information Policy (CLIP), and Florian Schaub, Assistant Professor, School of Information, University of Michigan, delivered keynote remarks based on their recent white paper, APIs and Your Privacy. In addition, Sara Fischer of Axios moderated a policy panel discussion with leading industry experts, including Danielle Coffey, Senior Vice President, Strategic Initiatives and Counsel, News Media Alliance; David LeDuc, Vice President, Public Policy, Network Advertising Initiative (NAI); Maureen K. Ohlhausen, Partner and Co-Chair, Antitrust Practice, Baker Botts; Michelle Richardson, Director of the Privacy & Data Project, Center for Democracy & Technology; and John Verdi, Vice President of Policy, Future of Privacy Forum.
In their report, APIs and Your Privacy, Mr. Norton and Prof. Schaub describe how APIs function technologically and how APIs may generally be used by online services and applications. To determine what data web developers and advertisers may obtain about consumers, Mr. Norton and Prof. Schaub examined popular websites and apps that millions of consumers use in their everyday lives. The report concludes that APIs are essential and offer rich functionality for online consumer experiences, while at the same time noting that, because APIs collect large amounts of personal information, policymakers and consumers should consider their implications on privacy.
“There is no escaping them,” Mr. Norton noted. “Everything we do online is driven or facilitated by APIs.” Mr. Norton emphasized that consumers should consider both what explicit information companies can learn about them, but also what companies are able to learn “implicitly” based on a consumer’s use of products and services. Professor Shaub noted that, in light of recent scandals, many companies are tightening use of their APIs.
In the policy panel, Sara Fischer engaged the industry experts in a discussion that ranged from the challenges facing news outlets in the online era, to current developments in state and federal privacy legislation, to online advertising practices, to the impact of technological developments on antitrust policy. Michelle Richardson noted that, in light of the significant privacy events in the past eighteen months, consumers are catching up quickly on the issue of what personal information is created through their online activity. Both Maureen Ohlhausen and David LeDuc touched on the promise of self-regulation, transparency, and an industry Code of Conduct in balancing consumer privacy interests. Danielle Coffey highlighted how the news industry is tackling some of the privacy challenges in light of its special relationship with its audience. And in discussing the need for federal privacy legislation, John Verdi highlighted the “sectoral approach” used for privacy legislation and given that no single comprehensive federal privacy law exists today, how states are now seeking to fill the vacuum with patchwork legislative efforts to address privacy, data breaches, and disclosure practices.
At AT&T’s Policy Forum, we’re proud to provide another opportunity to cultivate further dialogue among academia, policymakers, and stakeholders on complex issues like consumer privacy. In this way, we hope to improve understanding of the issues among all stakeholders, and contribute to a meaningful discussion on workable, common sense solution