privacy ect 582 robin burke. outline homework #6 privacy basics relationship to security privacy...
TRANSCRIPT
Privacy
ECT 582
Robin Burke
Outline
Homework #6 Privacy
basicsrelationship to securityprivacy policies and requirements
Homework #6
Privacy
Privacy is the interest that individuals have in sustaining a 'personal space', free from interference by other people and organizations.
– Roger Clarke
Forms of privacy
privacy of the person privacy of personal behavior privacy of personal
communications privacy of personal data
Person
Bodily privacy Issues
compulsory immunizationcompulsory drug testingcompulsory sterilisationabortion
Behavior
Issuessexual orientationpolitical activismreligionI-Pass
Relatedmedia privacy
Communication
Issueswiretappingencryption
Data
Information privacy Issues
availability of personal datacontrol over collected information
Competing interests
intra-personalinformation privacy vs access to credit
inter-personalbehavior privacy vs health risk
organizationalbody privacy vs insurance risk
Privacy protection
Balancingprivacy interestother interests
Contextpartiesinterestsissues
Privacy in E-Commerce
Means data privacy Questions
what information is collected about visitors to a site?
what is done with that information?how are users informed of possible
uses of their data?
Surveillance
Personal surveillancetracking an individual
Mass surveillancetracking a large group
When using personal datadataveillance
E-commerce data
Transactions Site registration info
often included email address Site visitations Browsing history Platform info
from browser headers
Dataveillance techniques
Front-end verification linking data in an application form against
data in other systems Computer matching
merging of data from separate information systems creating a merged profile
Profiling identifying characteristics of "interesting"
individuals in advance searching databases for matches
Identification
weaker than authentication relationship between a system and an
individual to be recognized An entity may have many identities
same business multiple contacts same business multiple brandnames same individual multiple email addresses same individual different user ids
Identity
Anonymousdata is not associated with any
individual Personally-identified
data is associated with identifying user information
Spectrum
Totally private site accepts only e-cash delivers goods to pre-arranged dropoff points
Totally invasive site installs trojan horse which downloads
sensitive data data correlated with user's activites online
and offline data sold to anybody and everybody
Issues
Need to knowthe system shouldn't collect more
information than is necessary for a transaction
Third partiesdisclosure to one organization should
not mean disclosure to the world Technical disclosure
interaction leaks technical information
Anonymization
Services exist to "anonymize" web interactionsssl connection to proxy serverproxy server emits web requestsproxy server gets responses and
encrypts back to userproxy server may alter content
• handling cookies & web bugs• modifying request headers
The data trail
Personal data transaction records are essential to business
relationships especially to next-generation e-commerce
services like personalization also evaluating web site quality and features
Problem these records have to most potential for
privacy problem
Psuedonymity
Pseudonomousdata is associated with a consistent
persona• not directly linked to an individual
Exampleschat-room personaeBay user name
Benefits
Provide stable identityremoved by anonymizers
Allow for personalized services Good fit for "multi-role" lives Lower privacy risk But
idea not widely supported in e-commerce
Legal framework for privacy
Children's privacyCOPPA
Self-regulationprivacy seal
Fair information practices
Guidelines from the FTC Notice Choice Access Security
Notice
Consumers should be given clear and conspicuous notice of an entity's information practices before any personal information is collected from them
Should consist of what data will be collected who is collecting data who will get the data how the data will be collected how the data will be used how the data will be protected whether data is mandatory or optional
Choice
Consumers should be given options as to how any personal information collected from them may be used for purposes beyond those necessary to complete a contemplated transaction.
Secondary usesplacement on a (e)mailing listtransfer to third partyusability evaluation
Access
An individual's ability both to access data about him or herself and to contest that data's accuracy and completeness.
Difficult to implementesp. authentication
Least popular
Security
Protection of personal information against unauthorized access, use, or disclosure, and against loss or destruction.
COPPA
Guidelines become mandatory for children under 13
Required posted privacy policy parental consent
• except for email addresses in some conditions
re-verify consent when policy changes allow parental review of collected data allow parent opt-out
Privacy seals
TRUSTe BBBOnLine Privacy CPA WebTrust Entertainment Software Ratings
Board
TRUSTe
Non-profit consortium Process
privacy policyself-assessment
• http://www.truste.org/webpublishers/Self_Assessment_v8.html
remote audit of web siteannual review
BBBOnLine Privacy
Offered by Better Business BureauMust be a BBB member
Similar process to TRUSTe
CPA WebTrust
Franchise available to CPAs licensed by WebTrust
Differenceson-site auditsemi-annual review
(They also do Certification Authorities)
ESRB Privacy
For game sites Process similar to TRUSTe
on-site auditquarterly anonymous reviewquarterly anonymous spot-checks
Final exam
Submit via COL 9 pm 11/20 No late exams!