Privacy and Cyberspace

1
Privacy and Cyberspace
2
Cybertechnology privacy concerns unique or
special?

• Amount of personal info obtainable
• Virtually limitless
• Speed of transmission
• Virtually instantaneous
• Duration of retention
• Indefinite
• Kind of information subject to transfer
• Transactions
• Inferences drawn from transaction patterns

3
Table 5-1 Three Theories of Privacy
4
Comprehensive account of privacy

• James Moor privacy in a situation means
  protection from intrusion, interference, and
  information access by others
• Situation flexible interpretation can be place,
  relationship, etc.
• Natural privacy isolation can be lost but not
  violated
• Normative privacy protected by conventional
  norms (laws and policies)

5
Privacy as a value

• Is it universal?
• Valued differently in different cultures
• Is it intrinsic?
• Fried instrumental yet necessary
• Moor expresses core value security
• Social value
• Essential for democracy
• Essential for autonomy

6
Data collection

• Voluntary vs. involuntary
• Voluntary census, surveys
• Surveillance and monitoring
• Wiretaps, your call may be recorded
• Security cameras
• Cruise card
• Keystroke capturing

7
Cookies

• File placed on users hard drive
• Not always consensual or known
• Collectible by third party ad agencies
• Browsers default to accepting cookies

8
Merging and matching

• Merging combining data from multiple databases
  to form composite
• Takes control of information away from individual
• Matching searching for data about individual
  from multiple databases
• Rights of innocent individuals violated

9
Data mining

• The automated extraction of hidden predictive
  information from databases
• Data not protected by privacy laws, often
  regarded as public
• Often makes use of data warehouse
• An aggregate of information does not violate
  privacy if its parts, taken individually, do
  not.

10
Controversies of data mining

• Conclusions based on discovered patterns
• Inferences not always valid
• Data used in ways not explicitly authorized

11
Techniques for Manipulating Personal Data
12
Mining the web

• Data mined from personal and non-commercial web
  sites
• Search engines and metasearch engines used to
  discover patterns

13
Privacy in public

• Non-public personal information confidential,
  very personal
• Public personal information public knowledge
  about an individual
• Electronic footprints
• Deliberations recorded items considered but not
  purchased, for example
• Many users unaware of data collection

14
Search engines can find

• Information in public records
• Information in commercial databases
• Information in web sites
• Information in discussions (newsgroups)
• Information in web-based e-mail?

15
Public records and computers

• Why were public records made public in the first
  place?
• Property/tax info needs to be accessible to
  government agencies
• Is the internet a public space? Is it space at
  all?
• Should public records be put online?

16
Privacy-enhancing tools (PETs)

• Anonymizer, Crowds, Onion Routing, PGP
• E-commerce privacy policies
• User community on their own when it comes to
  PETs
• Browsers default to accepting cookies
• Presume in favor of privacy?

17
Principle of informed consent

• Person should know how data will be used and
  agree to that use
• Does consent for primary use imply consent for
  secondary uses?
• Who owns the data?
• Can a person be adequately informed about
  complex uses of information
• What about unanticipated future uses?
• Presumed consent, not informed consent

18
Privacy for sale

• Are less affluent people more inclined to sell
  information?
• Should privacy be sellable, especially if its a
  human right?
• Should the wealthy have more privacy than the
  disadvantaged?

19
Industry self-regulation and privacy laws

• W3C and P3P
• TRUSTe
• U.S. Very little privacy protection in legal
  statutes
• Privacy Act of 1974
• EU Directive on Data Protection