Privacy What Is It - PowerPoint PPT Presentation

1 / 22
About This Presentation
Title:

Privacy What Is It

Description:

Certain buildings or pieces of land: so most public places come with no ... Home/work distinction & public space/private space distinction ... – PowerPoint PPT presentation

Number of Views:56
Avg rating:3.0/5.0
Slides: 23
Provided by: zixu8
Category:

less

Transcript and Presenter's Notes

Title: Privacy What Is It


1
Privacy What Is It?
  • The rights and responsibilities that govern the
    acquisition, disclosure, and use of personal
    information.
  • Acquisition - from the individual, third party,
    legally or illegally, with or without the
    individuals awareness
  • Disclosure - to other people or entities
  • Use - storing, manipulating or evaluating
    personal information

2
Personal Information
  • Any type of information that is related to a
    persons private life or concerns, recorded in
    any form.
  • Can also be personally identifiable information
    (PII), which can be used to uniquely identify,
    locate or contact a person.
  • Not just content - but also events (a
    transaction) that may implicate a persons
    privacy.

3
Privacy-implicating Activities An Incomplete
List
  • Health Records and Medical Records
  • Financial transactions of all types - tax,
    banking, etc.
  • Subscriber Information -Telephones, Cable TV,
    Video Rentals, etc.
  • Communications of all kinds - Telephone Calls,
    emails, etc.
  • Credit History
  • Purchasing History - Direct, Phone, Internet
  • Student Records
  • Insurance Records
  • Employment Records
  • Judicial History - Driving record, civil and
    criminal cases, etc.
  • Internet Activities

4
We the Network
  • If our identity is simply reduced to a magstripe,
    what is the real me or the card?
  • The Net (1995) starring Sandra Bullock
  • We are all living under the big net!

5
The right of the people to be secure in their
persons, houses, papers, and effects, against
unreasonable searches and seizures, shall not be
violated, and no Warrants shall issue, but upon
probable cause, supported by Oath or affirmation,
and particularly describing the place to be
searched, and the persons or things to be seized.
- Fourth Amendment to the United States
Constitution
6
Privacy The Two-Part Test
  • ...the Fourth Amendment protects people, not
    places... Katz v. United States, 389 U.S. 347
  • Courts have used a two-part test to determine
    whether, at the time of the search, a defendant
    had a legitimate expectation of privacy in the
    place or things searched
  • Did the person actually expect some degree of
    privacy?
  • Is the person's expectation objectively
    reasonable -- that is, one that society is
    willing to recognize?
  • Katz v. United States, 389 U.S. 347 (1967)
    (Harlan, J., concurring)

7
Reasonable Expectation of Privacy
  • Over the years, court rulings has set the
    precedent that the key to understanding privacy
    issues is reasonable Expectation of Privacy.
  • These are the general criteria
  • General legal principles no privacy if behaviors
    or communications are knowingly exposed to public
    view.
  • Vantage point a point where anyone can see or
    hear what is going on
  • Certain buildings or pieces of land so most
    public places come with no expectation of privacy
    (some exceptions are public phone booths and
    restrooms)
  • Technological sophistication laws are constantly
    updated to adapt to new technological
    innovations.

8
Informed Consent
  • A process in which an individual agrees to
    participate after being given detailed
    information about the benefits and potential
    risks of his or her action.
  • The person must be advised about
  • Nature (and type) of information collected
  • Why and how it is going to be used
  • Risks
  • Freedom to withdraw

9
Opt-in vs. Opt-out
  • An opt-in policy requires a potential customer to
    self-select the information (services) they wish
    to subscribe to, and how the information can be
    used.
  • An opt-out policy specifies that information can
    be sent to customers without prior permission.
    But customers must be provided with the option to
    ask to be removed from the list.
  • In actual designing, an opt-in approach allows
    the users to select some empty boxes of actions
    to decide which type of information they want to
    receive, while an opt-out approach leaves all the
    boxes checked by default, and the users have to
    de-select them if they do not want to receive
    that particular type of communication.
  • The European Union is more inclined toward opt-in
    in its policy initiatives, while the United
    States is more toward opt-out.

10
Aspects of Privacy
  • Three Key Components
  • Autonomy/dignity
  • Ability to exercise control
  • Absence of surveillance
  • Different aspects
  • Information privacy collection, use and
    disclosure of identifiable personal information.
  • Communications privacy private information
    should be safely delivered to the intended party.
  • Privacy in public (and work) places electronic
    profiling (i.e., collecting a variety of in-depth
    information about an individual electronically)
  • Home/work distinction public space/private
    space distinction

11
Some Important Federal Privacy Laws
  • 2001 USA Patriot Act (USAPA)
  • 1999 Financial Modernization (Gramm-Leach-Bliley)
    Act
  • 1998 Childrens Online Privacy Protection Act
  • 1998 Telephone Anti-Spamming Amendments Act
  • 1992 Cable Act
  • 1991 Telephone Consumer Protection Act
  • 1988 Computer Matching and Privacy Act
  • 1988 Video Privacy Protection Act
  • 1986 Electronic Communications Privacy Act
  • 1984 Cable Communications Policy Act
  • 1978 Right to Financial Privacy Act
  • 1974 Education Privacy Act
  • 1974 Privacy Act
  • 1970 Fair Credit Reporting Act
  • 1970 Freedom of Information Act

12
Privacy Act of 1974
  • No agency shall disclose any record which is
    contained in a system of records by any means of
    communication to any person, or to another
    agency, except pursuant to a written request by,
    or with the prior written consent of, the
    individual to whom the record pertains....
  • Data records should be relevant and necessary
    to the purpose for which they are collected
  • Establish procedures to allow individuals to see,
    copy and amend records about themselves
  • Requires publishing notices describing all
    systems of records (no secret records)
  • Agency is required to make reasonable efforts to
    maintain accurate, relevant, timely and complete
    records about individuals
  • Information collected for one purpose MAY NOT be
    used for another purpose without notice to or the
    consent of the subject of record

13
The Computer Matching and Privacy Protection Act
of 1988
  • Federal agencies involved in computer matching
    programs are required to
  • Negotiate written agreements with the other
    agency or agencies participating in the matching
    programs
  • Obtain the relevant Data Integrity Boards'
    approval of the match agreements
  • Furnish detailed reports about matching programs
    to Congress and OMB (Office of Management and
    Budget)
  • Notify applicants and beneficiaries that their
    records are subject to matching and
  • Verify match findings before reducing,
    suspending, terminating, or denying an
    individual's benefits or payments.

14
Online Privacy Breaches
  • Online privacy can be compromised in three ways
  • When personal data is saved on a local computer
  • When the data is transported over the network
  • When the data is stored by a third party.

15
Web Browsing Privacy
  • Cookies
  • Many Web pages use cookiessmall text files that
    are stored on your hard drive by the Web server,
    typically the one hosting the Web page being
    viewedto identify return visitors and their
    preferences.
  • Web bugs
  • A Web bug is a very small (often 1 pixel by 1
    pixel) image on a Web page that transmits data
    about a Web page visitor back to the Web pages
    server. Web bugs are used extensively by
    DoubleClick and other Internet advertising
    companies.
  • Spyware
  • Any software installed without the users
    knowledge that secretly gathers information about
    the user and transmits it to advertisers.

16
Other Privacy Concerns
  • E-mail
  • Many people mistakenly believe that the e-mail
    they send and receive is private. Since it is
    transmitted over public networks, however,
    non-encrypted e-mail can be intercepted and read
    by someone else - easily.
  • Spams and Other Online Marketing Activities
  • More in later lectures.
  • Electronic Surveillance and Monitoring
  • This can happen in public places or the work
    place. We will come back to this later.

17
More Privacy Concerns
  • Invisible information gathering
  • Collection of personal information without the
    subjects knowledge
  • Data spillage
  • Inadvertent disclosure of personal information
    because of software design glitches or accidental
    operations.
  • Secondary use of personal information
  • Use of personal information for purposes other
    than that was originally intended.
  • Computer matching computer profiling.

18
Network Insecurity and Privacy Implications
  • There are programs that can track the keyboard
    movements at a remote PC.
  • Other programs can keep track of every type of
    log-on activity over the network.
  • A UC Berkeley study in 2005 found that an
    algorithm can successfully decipher up to 96
    percent of the characters typed by feeding the
    audio recording of key board typing. This can be
    a form of acoustical spying over the network.

19
Cell Phones Are Ubiquitous
  • More and more cell phone models have built-in
    Global Positioning System (GPS) capabilities.
  • So this makes tracking in real time a cell phone
    as easy as point and click.
  • ULocate is one of the commercial providers to
    offer tracking services.
  • The Federal Communications Commission (FCC) has
    released its E911 (Enhanced 911) standard to
    require that emergency callers be located within
    50 meters.
  • The National Emergency Number Association (NENA)
    recently approved the technical standard for VoIP
    E911 specifically targeting Internet phones.

20
Top Ten Ways to Protect Privacy Online
  • Look for privacy policies on the Web
  • Get a separate email account for personal email
  • Teach your kids that giving out personal
    information online means giving it to strangers
  • Clear your memory cache after browsing
  • Make sure that online forms are secure
  • Reject unnecessary cookies
  • Use anonymous remailers
  • Encrypt your email
  • Use anonymizers while browsing
  • Opt-out of third party information sharing
  • Extra! Use common sense
  • Source Center for Democracy and Technology

21
Identity Theft
  • Unauthorized access to a persons
  • Social Security Number (SSN)
  • Drivers License
  • Credit Card Number
  • Credit Reports
  • Passport Numbers
  • Birth Certificate
  • Resume

22
Identity Theft Consequences
  • Unauthorized access may affect you by
  • Accessing/Opening bank accounts
  • Using your credit cards
  • Limiting your ability to do commercial
    transactions
  • Impersonating you at the professional level
  • Committing criminal acts in your name
  • Stalking you
  • And worse yet, ruining your life!
Write a Comment
User Comments (0)
About PowerShow.com