1 / 22

Legal Aspects of Electronic Privacy

Legal Aspects of Electronic Privacy. CSCI 327. Workplace Privacy. you have essentially no right to privacy in the workplace. US v EU. EU privacy is a human right The GDPR broadly protects personal information US privacy is insured via market pressure and industry self regulation

edwinscott
Download Presentation

Legal Aspects of Electronic Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Legal Aspects of Electronic Privacy CSCI 327

  2. Workplace Privacy • you have essentially no right to privacy in the workplace

  3. US v EU • EU • privacy is a human right • The GDPR broadly protects personal information • US • privacy is insured via market pressure and industry self regulation • targeted regulations in specific domains Cyberethicsby Richard Spinello

  4. European Union Directive on Privacy Adopted by EU Parliament in 1995 Article 1: "to protect fundamental rights and freedom of natural persons, and in particular the right to privacy with respect to the processing of personal data." Article 6: data must be: • processed fairly and lawfully • collected for specified, explicit, and legitimate purposes • accurate and kept up to date Article 7: only process data when data subject has provided his/her consent Cyberethicsby Richard Spinello

  5. G D P RGeneral Data Protection Regulation Enforcement Began May 25, 2018 Data cannot be used to identify a subject without additional information stored separately. No personal data may be processed unless the processor has received an unambiguous and individualized affirmation of consent. The data subject has the right to revoke this consent at any time. A processor of personal data must clearly disclose any data collection, declare the lawful basis and purpose for data processing, and state how long data is being retained and if it is being shared with any third parties or outside of the EEA. Data subjects have the right to request a portable copy of the data collected by a processor in a common format Data subjects have the right to have their data erased under certain circumstances.

  6. US Privacy Laws Fair Credit Reporting Act - 1970 • credit reports only shared • by written request by the individual • by court order • for legitimate 3rd party uses FERPA - 1974 Cable Communication Policy Act - 1984 • cable companies can not collect or disseminate info about your viewing habits Video Privacy Protection Act - 1988 • video stores cannot disclose the list of videos you rented Driver's Privacy Protection Act - 1994 • a state cannot sell your driver's license info Children's Online Privacy Protection Act - 1998 • web sites cannot collect data on children under age 13 HIPPA - 2001 Cyberethicsby Richard Spinello

  7. Is your right to privacy protected by the U.S. Constitution? • No. Well, maybe. ... • 1st Amendment • Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or … • 14th Amendment • No State shall deprive any person of life, liberty, or property, without due process of law. • 9th Amendment • The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.

  8. 4th Amendment The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

  9. Olmstead v. United States • Olmstead ran a bootleg operation • prohibition officers tapped his phone via the basement without a warrant • they did not enter his apartment • in 1928, Supreme Court ruled Olmstead's rights were not violated

  10. Federal Communications Act of 1934 • illegal to intercept and reveal wire communications without a warrant • FBI still wiretapped phones during WWII for national security purposes

  11. Katz v United States • without a warrant, police placed a bug on the outside of a public phone booth used by Katz to make illegal bets • In 1967, the US Supreme Court ruled Katz's rights were violated. • Katz reasonably thought his conversation was private, hence the recording was an illegal search and seizure • the 4th amendment protects people, not places • the 4th amendment governs seizure of tangible items, as well as recording of oral statements

  12. "reasonable expectation of privacy" • what society recognizes as reasonable, not your idea of reasonable • Reasonable: • your home or hotel room • public restroom • Unreasonable: • garbage left on street • normal aerial surveillance • smells coming from your car

  13. Wiretaps … • 1968 - Crime Control and Safer Streets Act • wiretap warrants require probable cause • annual report of wiretaps submitted to congress • 1972 - US Supreme Court • warrantless wiretaps illegal, even regarding national security • 1994 - Communication Assistance for Law Enforcement Act • telecom companies must design their digital systems to be tap-able

  14. Electronic Communications Privacy Act • enacted in 1986 • ECPA was an amendment to Title III of the Omnibus Crime Control and Safe Streets Act of 1968, which was primarily designed to prevent unauthorized government access to private electronic communications. • Title I of ECPA protects electronic communications while in transit. • Title II of the ECPA, protects messages stored on computers. • Title III prohibits the use of pen register and/or trap and trace devices to record dialing, routing, addressing, and signaling information used in the process of transmitting wire or electronic communications. http://en.wikipedia.org/wiki/Electronic_Communications_Privacy_Act

  15. NSA and FISA • Starting during WWII, the Signal Security Agency monitored all telegrams entering and leaving the US • The program was later used to • fight organized crime • war on drugs • monitor anti-Vietnam war groups • NSA ended that program in 1975 • Foreign Intelligence Surveillance Act of 1978 (FISA) • warrant required with 72 hours if "US person" involved • amended by Patriot Act in 2001 to include terrorism • warrantless wiretaps of US citizens ended in 2007 • replaced by Protect America Act of 2007, which expired • replaced by FISA Amendments Act of 2008 • granted immunity to telecoms that had helped the NSA

  16. Patriot Act Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) • allows officials to track emails without showing probable cause • allows roving surveillance for intelligence (not just crime investigation), tapped device does not have to be owned by the suspect • search warrants no longer have to be served • warrants for records do not require probable cause • …

  17. Patriot Act Contents • Numerous amendments to existing laws • E.g. FERPA • Universities may supply student info to law enforcement without student consent or notification • requires warrant related to terrorism • Monitoring of Foreign Students

  18. Total Information Awareness • In January 2002, DARPA created the Information Awareness Office (IAO) • In February 2003, IAO began the Total Information Awareness program • program director was Admiral Poindexter, who had been convicted of lying to Congress and destroying documents during Iran-Contra

  19. US v JonesJanuary 23, 2012 • By a vote of 9 to 0: • "the Government’s attachment of the GPS device to the vehicle, and its use of that device to monitor the vehicle’s movements, constitutes a search under the Fourth Amendment." • The justices split 5-4 on the reasoning and the breadth of the ruling in opinions written by justices Scalia and Alito: • Scalia argued that the appropriate ground for resolving Jones' case centered around the government's physical trespass on a private citizen's "effect" (his car), • Alito argued that the majority opinion leaves open too many questions by avoiding the inevitable reasonable expectation of privacy inquiry that other cases will surely present. Furthermore, Alito predicted that the narrow grounds used for deciding the case may not apply to many of the future Fourth Amendment cases, where the police need not commit a physical trespass to use electronic surveillance to gather information. http://en.wikipedia.org/wiki/United_States_v._Antoine_Jones

  20. BCA agreed to FBI terms on secret cellphone tracking By Abby Simons -- (Minneapolis MN) Star Tribune -- December 5, 2014 Minnesota’s top law enforcement agency agreed to terms set by the FBI to resist any attempts by the public to gain information about controversial cellphone-tracking technology, according to documents obtained by the Star Tribune. … In a heavily redacted 2012 contract signed by then-Assistant BCA Superintendent David Bjerga, the agency agreed to “immediately notify the FBI” of any request for information concerning the device’s manufacturer, Florida-based Harris Corp., under the Freedom of Information Act (FOIA), or under judicial, administrative or legislative requests. Any court orders directing the BCA to reveal information about Harris Corp. “will immediately be provided to the FBI in order to allow sufficient time for the FBI to intervene to protect the equipment/technology and information from disclosure and potential compromise,” the contract reads.

  21. Based on Vague Tip, the Feds can Surveil Anyone by Cora Currier, The Intercept, Jan 31, 2017https://theintercept.com/2017/01/31/based-on-a-vague-tip-the-feds-can-surveil-anyone/ At its lowest level of investigative activity, on the basis of vague tips or broad intelligence interests, the FBI can follow people with airplanes, examine travel records, and analyze links between email, phone, and other records collected by intelligence agencies. Assessments allow agents to look into tips or leads that don’t meet the standard for opening an investigation, which requires specific information or allegations of wrongdoing — an “articulable factual basis” for suspicion, as FBI rules put it. In an assessment, by contrast, an agent just needs to give an “authorized purpose” for their actions. … When assessments were made an official category in the last months of the George W. Bush administration, civil liberties advocates warned that the change erodedlimits imposed on the bureau after the abuses of J. Edgar Hoover’s FBI came to light in congressional investigations in the 1970s. Those limits set high standards for the FBI’s investigations, requiring them to be tied to evidence of wrongdoing and adding layers of oversight. Advocates now say that the standard for opening an assessment is just too low, allowing for enormous amounts of information to be collected and retained even when nothing turns up.

  22. Question • Your Analysis? • does the government have too much or too little ability to conduct surveillance

More Related