cs4020 privacy l. grewe what we will cover privacy and computer technology “big brother is...

35
CS4020 Privacy Privacy L. Grewe

Post on 22-Dec-2015

217 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

CS4020

PrivacyPrivacy

L. Grewe

Page 2: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

What We Will CoverWhat We Will Cover

• Privacy and Computer Technology

• “Big Brother is Watching You”

• Privacy Topics

• Protecting Privacy

• Communications

Page 3: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Privacy and Computer Privacy and Computer TechnologyTechnology

Key Aspects of Privacy:

• Freedom from intrusion (being left alone)

• Control of information about oneself

• Freedom from surveillance (being tracked, followed, watched)

Page 4: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Privacy and Computer Privacy and Computer Technology (cont.)Technology (cont.)

New Technology, New Risks:

• Government and private databases

• Sophisticated tools for surveillance and data analysis

• Vulnerability of data

Page 5: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Privacy and Computer Privacy and Computer Technology (cont.)Technology (cont.)

Terminology:• Invisible information gathering -

collection of personal information about someone without the person’s knowledge

• Secondary use - use of personal information for a purpose other than the one it was provided for

Page 6: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Privacy and Computer Privacy and Computer Technology (cont.)Technology (cont.)

Terminology (cont.):• Data mining - searching and analyzing

masses of data to find patterns and develop new information or knowledge

• Computer matching - combining and comparing information from different databases (using social security number, for example, to match records)

Page 7: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Privacy and Computer Privacy and Computer Technology (cont.)Technology (cont.)

Terminology (cont.):

• Computer profiling - analyzing data in computer files to determine characteristics of people most likely to engage in certain behavior

Page 8: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Privacy and Computer Privacy and Computer Technology (cont.)Technology (cont.)

Principles for Data Collection and Use:

• Informed consent

• Opt-in and opt-out policies

• Fair Information Principles (or Practices)

• Data retention

Page 9: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Privacy and Computer Privacy and Computer TechnologyTechnology

Discussion QuestionsDiscussion Questions• Priv.1) Have you seen opt-in and opt-out

choices? Where? How were they worded?

• Priv.2) Were any of them deceptive?

• Priv.3) What are some common elements of privacy policies you have read?

• POST answers on blackboard

Page 10: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

"Big Brother is Watching "Big Brother is Watching You"You"

Databases:• Government Accountability Office

(GAO) - monitors government's privacy policies

• Burden of proof and "fishing expeditions"

• Data mining and computer matching to fight terrorism

Page 11: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

"Big Brother is Watching "Big Brother is Watching You" (cont.)You" (cont.)

The Fourth Amendment, Expectation of Privacy and Surveillance Technologies:

• Weakening the Fourth Amendment

• Supreme Court decisions and expectation of privacy

– Modern surveillance techniques are redefining expectation of privacy

Page 12: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

"Big Brother is Watching "Big Brother is Watching You" (cont.)You" (cont.)

• The Fourth Amendment, Expectation of Privacy and Surveillance Technologies (cont.):

• The USA Patriot Act and national security letters– No court order or court oversight needed– 2003-2005 report found "widespread and

serious misuse" of the FBIs national security letter authorities

Page 13: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

"Big Brother is Watching "Big Brother is Watching You" (cont.)You" (cont.)

Video Surveillance:

• Increased presence of video cameras in public spaces.

• Security cameras tradeoffs:

– Increased security

– Decreased privacy

Page 14: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

"Big Brother is Watching "Big Brother is Watching You" (cont.)You" (cont.)

Discussion QuestionsDiscussion Questions• Priv.4) What data does the

government have about you?

• Priv.5) Who has access to the data?

• Priv.6) How is your data protected?

• POST your answers on blackboard.

Page 15: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Diverse Privacy TopicsDiverse Privacy Topics

Marketing

• Targeted marketing uses:– Data mining (collection of information about users)

– Paying for consumer information (pay other companies for information about their consumers).

– Data firms and consumer profiles (3rd party firms who’s sole purpose is user data collection and profiling).

Page 16: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Diverse Privacy Topics Diverse Privacy Topics (cont.)(cont.)

Location Tracking:• Global Positioning Systems (GPS) -computer or

communication services that know exactly where a person is at a particular time

• Cell phones and other devices are used for location tracking – have built-in GPS sensors.

• Pros and cons– Could use information to direct users to things they desire (e.g.

directions)– Could be used to send direct/local advertising they don’t want to see– Applications to track location of children with their phone.

Page 17: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Diverse Privacy Topics Diverse Privacy Topics (cont.)(cont.)

Stolen and Lost Data happens….:

• Hackers

• Physical theft (laptops, thumb-drives, etc.)

• Requesting information under false pretenses

• Bribery of employees who have access

Page 18: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Diverse Privacy Topics Diverse Privacy Topics (cont.)(cont.)

What We Do Ourselves:• Personal information in blogs and online profiles

– Is this private or in public – domain to use this information– Who can use this…can an employer look at this information and reject

an applicant …how about a university?

• Pictures of ourselves and our families• File sharing and storing• Is privacy old-fashioned?

– Young people put less value on privacy than previous generations. Is this a generational idea?

– May not understand the risks

Page 19: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Diverse Privacy Topics Diverse Privacy Topics (cont.)(cont.)

Public Records: Access vs. Privacy:• Public Records - records available to general

public (bankruptcy, property, and arrest records, salaries of government employees, etc.)

• Identity theft can arise when public records are accessed

• How should we control access to sensitive public records?

Page 20: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Diverse Privacy Topics Diverse Privacy Topics (cont.)(cont.)

National ID System:

• Social Security Numbers….Problems:

– Too widely used

– Easy to falsify

Page 21: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Diverse Privacy Topics Diverse Privacy Topics (cont.)(cont.)

National ID System (Cont.):• A new national ID system - Pros

– would require the card (a physical card)– harder to forge– have to carry only one card

• A new national ID system - Cons– Threat to freedom and privacy– Increased potential for abuse– What happens with theft of card?

Page 22: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Diverse Privacy Topics Diverse Privacy Topics (cont.)(cont.)

Children:• Internet and Children:

– Not able to make decisions on when to provide information– Vulnerable to online predators

• A Solution: Parental monitoring– Software to monitor Web usage– Web cams to monitor children while parents are at work– GPS tracking via cell phones or RFID

Page 23: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Diverse Privacy TopicsDiverse Privacy TopicsDiscussion QuestionsDiscussion Questions

• Priv.7) Is there information that you have posted to the Web that you later removed? Why did you remove it? Were there consequences to posting the information?

• Priv.8) Have you seen information that others have posted about themselves that you would not reveal about yourself?

• POST answers on blackboard

Page 24: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Protecting PrivacyProtecting PrivacySolutions of both Technology and Market

practices• Privacy enhancing-technologies for consumers

– Encryption• Technology to “disguise” the information during transmission• Public-key cryptography

• Privacy in the Market:– Company tools and policies for protecting

data

Page 25: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Protecting Privacy (cont.)Protecting Privacy (cont.)• Solution – Theories of Rights

– Warren and Brandeis published famous law review article The Right to Privacy.

• People often quote this work in reference to privacy rights.

– Judith Jarvis Thomson, "The Right to Privacy," Philosophy & Public Affairs, 4.4 (1975): 295. Discusses problems with Warren and Brandeis publication.

• First, it appears to be too broad. This means that it counts as violations of privacy things that intuitively are not. As Judith Thomson observes:

• If I hit Jones on the head with a brick I have not let him alone. Yet, while hitting Jones on the head with a brick is surely violating some right of Jones's, doing it should surely not turn out to violate his right to privacy. Else, where is this to end? Is every violation of a right a violation of the right to privacy?

• In other respects, however, the theory appears to be too narrow. This means that it fails to count as violations of privacy things that intuitively are. Thomson again writes:

• The police might say, "We grant that we used a special X-ray device on Smith, we grant we trained an amplifying device on him so as to be able to hear everything he said; but we let him strictly alone, we didn't even go near him- our devices operate at a distance."

Page 26: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Protecting Privacy (cont.)Protecting Privacy (cont.)Rights and laws / Legislation:

• Regulation– Companies and Market sectors may be self-regulated or

government regulated with regards to privacy.– Example – The Medical Field is regulated by the

government passed “Health Insurance Portability and Accountability Act (HIPAA)”

• Regulates who has access to medical records/info.• HIPPA.org• HIPPA regulations

Page 27: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Protecting Privacy (cont.)Protecting Privacy (cont.)

Contrasting Viewpoints:

• Free Market View– Let the market (companies, etc) determine

privacy rights– Advantages:

• Freedom of consumers to make voluntary agreements• Diversity of individual tastes and values• Response of the market to consumer preferences• Usefulness of contracts• Flaws of regulatory solutions

Page 28: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Protecting Privacy (cont.)Protecting Privacy (cont.)Contrasting Viewpoints (cont.):

• Consumer Protection View– Consumers should be protected by given

rights.– Advantages:

• Uses of personal information clearly understood and pre-determined.

• Consumers need protection from their own lack of knowledge, judgment, or interest

• May avoid costly and disruptive results of errors in databases• May decrease ease with which personal information leaks out

Page 29: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Protecting Privacy (cont.)Protecting Privacy (cont.)

Privacy Regulations in the European Union (EU):

• Data Protection Directive (called the Directive 95/46/EC

on the protection of individuals with regard to the processing of personal data and on the free movement of such data)

– More strict than U.S. regulations– Abuses still occur– Puts requirements on businesses outside the EU

Page 30: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Protecting PrivacyProtecting PrivacyDiscussion QuestionDiscussion Question

• Priv.9) How would the free-market view and the consumer protection view differ on errors in Credit Bureau databases?

• Priv.10) Who is the consumer in this situation?

• POST your solutions on blackboard

Page 31: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Communication & PrivacyCommunication & Privacy

Wiretapping and E-mail Protection:

• Telephone• 1934 Communications Act prohibited interception of

messages• 1968 Omnibus Crime Control and Safe Streets Act

allowed wiretapping and electronic surveillance by law-enforcement (with court order)

• E-mail and other new communications• Electronic Communications Privacy Act of 1986 (ECPA)

extended the 1968 wiretapping laws to include electronic communications, restricts government access to e-mail

Page 32: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Communication (cont.)Communication (cont.)

Designing Communications Systems for Interception:

• Communications Assistance for Law Enforcement Act of 1994 (CALEA)

• Telecommunications equipment must be designed to ensure government can intercept telephone calls

• Rules and requirements written by Federal Communications Commission (FCC)

Page 33: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Communication (cont.)Communication (cont.)

Secret Intelligence Gathering:• The National Security Agency (NSA)

• Agency involved in US national security issues and policies.

• Foreign Intelligence Surveillance Act (FISA) established oversight rules for the NSA

• prescribing procedures for the physical and electronic surveillance and collection of "foreign intelligence information" between "foreign powers" and "agents of foreign powers" (which may include American citizens and permanent residents engaged in espionage and violating U.S. law:

• Secret access to communications records

Page 34: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

Communication (cont.)Communication (cont.)

More Government Regulations ……Encryption Policy:

– Government ban on export of strong encryption software in the 1990s (removed in 2000)

– Pretty Good Privacy (PGP)

Page 35: CS4020 Privacy L. Grewe What We Will Cover Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Communications

CommunicationCommunicationDiscussion QuestionsDiscussion Questions

• Priv.11) What types of communication exist today that did not exist in 1968 when wiretapping was finally approved for law-enforcement agencies?

• Priv.12) What type of electronic communications do you use on a regular basis?

• Post your answers on blackboard.