the impact of computer technology
DESCRIPTION
Privacy and Personal Information. The Impact of Computer Technology. Computers are not needed for the invasion of privacy. Computers simply make new threats possible and old threats more potent. Privacy can mean: Freedom from intrusion. Control of information about oneself. - PowerPoint PPT PresentationTRANSCRIPT
1
The Impact of Computer Technology
Computers are not needed for the invasion of privacy.
Computers simply make new threats possible and old threats more potent.
Privacy can mean:• Freedom from intrusion.• Control of information about oneself.• Freedom from surveillance.
Privacy and Personal Information
2
The Impact of Computer Technology
Invisible Information Gathering
Examples:• Satellite surveillance.• Caller ID.• 800- or 900-number calls.• Web-tracking data; cookies.• Peer-to-peer monitoring.• Others…
Q: Recall an example of invisible information gathering about you.
3
4
5
6
7
8
9
Talking caller-id - £32.95
10
0-800-1-558000
Suara Konsumen - ????•Sabun•Pasta gigi•Susu•Ticket•Human Body ???•….
11
Cookies ?
12
cookie theft
cookie sniffingcross-site scriptingcookie poisoning
13
14
The Impact of Computer Technology Profiling
Using data in computer files to predict likely behaviors of people. Some examples:• Businesses engage in
profiling to determine consumer propensity (kecenderungan) toward a product or service.
• Government agencies use profiling to create descriptions of possible terrorists.
Q: How might profiling be used with your personal information?
15
The Impact of Computer Technology
Monitoring and Tracking
Examples:• GPS (global positioning
system).• Cell-phones.• Blackboxes in automobiles.• Other wireless appliances.
16
More Examples
•Traffic Monitor Camera can be used to check vehicles, persons•Face recognition for unwelcome people
17
Consumer Information
Consumer DatabasesGathering Information:
• Warranty cards.• Purchasing records.• Membership lists.• Web activity.• Change-of-address forms.• Much more…
Q: Recall ways in which you have contributed to consumer databases.
18
Consumer Information
Consumer Databases (cont’d)
Limiting Collection, Use, Sharing, and Sale of Personal Data:
• Consumers can take measures to restrict the use of their personal information.
• Some information sharing is prohibited by law.
• Some information sharing is prohibited by published, privacy policies.
19
Consumer Information
Marketing: Using Consumer Information• Trading/buying customer lists.• Telemarketing.• Data Mining.• Mass-marketing.• Web ads.• Spam (unsolicited e-mail).
20
Return-Path: <[email protected]>
Delivered-To: [email protected]
Received: (qmail 24785 invoked by uid 1008); 18 Mar 2008 08:35:18 +0700
Received: from 118.36.196.97 by pasopati (envelope-from <[email protected]>, uid 1002) with qmail-scanner-1.25st (clamdscan: 0.91.2-exp/6275. perlscan: 1.25st. Clear:RC:0(118.36.196.97):. Processed in 1.394319 secs); 18 Mar 2008 01:35:18 -0000
Received: from unknown (HELO oiemqj) (118.36.196.97) by 0 with SMTP; 18 Mar 2008 08:35:17 +0700
Subject: q Rep|icaWATCH - Rep|icaRolexWatches, BuyRep|icaWatches with FREE Warranty. tsan sglqy
Bcc: <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>
Reply-To: "Wilford Brock" <[email protected]>
X-Sender: <[email protected]>
Sender: [email protected]
Message-Id: <[email protected]>
From: "Wilford Brock" <[email protected]>
Date: Mon, 17 Mar 2008 19:45:28 -0700
Content-Type: text/plain; charset="iso-8859-2"
Content-Transfer-Encoding: 8bit
X-Qmail-Scanner-1.25st: added fake MIME-Version header
Mime-Version: 1.0
21
** We add 100 Latest Arrival 2008 models Watches **/// Safe & guaranteed shopping \\\
/// Inquiries answered in 24 hours \\\/// Over 1360 Models to choose from \\\
Swiss QualityReplicaMany World famous LUXURY BRANDS
Free 1 year Warranty on all Watches http://rzrza.efnoreason.com
l16h5t72g 4c40 772r ayjnxu9y
22
More Privacy Risks
Social Security Numbers (SSNs)
Appear in:• Employer records.• Government databases.• School records.• Credit reports.• Consumer applications.• Many other databases.
Q: What are the risks of using SSNs as identifiers?
23
More Privacy Risks
National ID Card SystemIf implemented, the card could
contain your:• Name.• Address.• Telephone number(s).• Photo.• SSN.
Q: What other personal information should a national ID card contain?
24
More Privacy Risks
National ID Card System
If implemented, the system could allow access to your:
• Medical information.• Tax records.• Citizenship.• Credit history.• Much more…
25
26
27
More Privacy Risks
Personal Health and Medical Information
Data can include:• History of substance abuse.• Treatment for sexually
transmitted disease.• Extent of psychiatric help
received.• Any suicide attempt(s).• Diagnosis of diseases
(diabetes, angina, cancer, etc.).
• Use of prescribed medicines.
• Much more…
28
More Privacy Risks
Public RecordsAvailable in paper form and/or online:
• Bankruptcy.• Arrest.• Marriage-license
application.• Divorce proceedings.• Property ownership.• Salary (if employed by state
or federal government).• Wills and Trusts.• Much more…
Q: How should access to public records be controlled?
29
Protecting Privacy: Education, Technology, and Markets
EducationMust include awareness of:
• How the technology works.• How the technology is being used.• The risks brought on by the technology.• How to limit unwanted use of personal information.• Applicable state and federal laws and regulations.
Q: How do you limit unwanted use of your personal information?
30
Protecting Privacy: Education, Technology, and Markets
TechnologyEnhance privacy using:
• Cookie disablers.• Opt-in/opt-out options.• Anonymous Web services.• P3P (Platform for Privacy Preferences).• ‘Good’ passwords.• Audit trails.
Q: What privacy-enhancing technology do you use regularly?
31
Protecting Privacy: Education, Technology, and Markets
Market ResponseMarkets can protect your privacy by:
• Using trusted third parties.• Adhering to established privacy policies.• Purchasing consumer information directly from the consumer.• Developing and selling privacy-enhancing technologies and
services.
Q: Have you read the privacy policies at Web sites you frequent?
32
Protecting Privacy: Law and Regulation
Philosophical ViewsSamuel Warren & Louis Brandeis:
• Individuals have the right to prohibit publication of personal facts and photos.
Judith Jarvis Thompson:• No distinct right to privacy.• Privacy rights result from rights to our property, body, and
contracts.
Transactions:• Transactions have two parties, often with conflicting
preferences about privacy.
33
Protecting Privacy: Law and Regulation
Contrasting ViewsFree-market View
• The parties of a transaction are viewed as equal.• Truth in information gathering.• Strong reliance on contracts.• Freedom of speech and commerce.
Consumer-Protection View• The parties of a transaction are viewed differently.• More stringent consent requirements required by law.• Strong limitations on secondary uses of information required
by law.• Legal restrictions on consumer profiling.
Q: How should the privacy of consumer transactions be regulated?
34
Protecting Privacy: Law and Regulation
Contracts and RegulationsBasic Legal Framework:
• Enforce agreements and contracts.• Publish privacy policies.• Set defaults for situations not in contract.
Requiring Specific Consent policies:• Adhere to informed consumer consent.• Use opt-in policies.
Legal Regulations:• Determine effectiveness, direct and hidden costs, and any loss
of services or inconvenience.
Q: Recall a situation where you exchanged personal information for some benefit.
35
Protecting Privacy: Law and Regulation
Contracts and Regulations (cont’d)
Ownership of personal data. Can an individual own:• Facts (e.g. marriage license in public records)?• Personal information (e.g. your date of birth)?
Freedom of speech• Prohibiting communication of information may violate the ???
Amendment.
Q: When does protecting privacy conflict with freedom of speech?
36
Protecting Privacy: Law and Regulation
EU (European Union) Privacy RegulationKey points:
• Limited collection of personal data.• Data must be up-to-date and destroyed when no longer
needed.• Consent for sharing data is required.• Sensitive data (e.g. religion) can only be provided with
consent.• Notify consumers about the collection and intended purpose of
data.• Restricted access and sharing of criminal convictions.
Q: Can the EU’s privacy regulations work in the US? Indonesia ?