1 / 20

IS 376: Information Privacy

IS 376: Information Privacy. Dr. Kapatamoyo October 17, 2013. Today’s Themes. Amount : of personal information that can be gathered. Speed: at which personal information can be transmitted. Duration: of time that the information can be retained.

hubert
Download Presentation

IS 376: Information Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IS 376: Information Privacy Dr. Kapatamoyo October 17, 2013

  2. Today’s Themes • Amount: of personal information that can be gathered. • Speed: at which personal information can be transmitted. • Duration: of time that the information can be retained. • Kind: of information that can be acquired and exchanged.

  3. Perspectives on Privacy • Discussions of privacy revolve around the notion of ACCESS, • where access means either physical proximity to a person or • knowledge about that person. • There is conflict between a person that wants to restrict ACCESS to them by creating a “a zone of inaccessibility” (Edmund Byrne) and outsider who wants to gain access. • Privacy is a social arrangement that allows individuals to have some level of control over who is able to gain access to their physical selves and their personal information.

  4. Harms and Benefits of Privacy • Harms. • Most wrong doing takes place under cover of privacy (Ferdinand Shoeman). • Nuclear families cannot share personal issues hence too much pressure on some (Edmund Leach). • Outsiders fail to acknowledge a dysfunctional family or abuse until someone is injured. • Benefits. • Socialization and individuation are both necessary steps for a person to reach maturity/blossom (Morton Levine). • Privacy is recognition of each person's freedom (Jeffry Reiman, Stanley Benn). • Privacy lets us be ourselves (Charles Sykes). • Privacy lets us remove our public persona (Gini Graham).

  5. Is There a Natural Right to Privacy? • Born out English Common Law tradition: • “a man’s home is his castle.” No one – not even the King – can enter without permission, unless there is PROBABLE CAUSE of criminal activity.

  6. “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.” The Fourth Amendment

  7. Privacy – What Is It? • The rights and responsibilities that govern the ACQUISITION, DISCLOSURE, and USE OF PERSONAL INFORMATION. • Acquisition - from the individual, third party, legally or illegally, with or without the individual’s awareness. • Dataveillance (Roger Clarke): surveillance, data monitoring and data recording techniques by use of computer technologies. • Disclosure- to other people or entities • Use- storing, manipulating, or evaluating personal information

  8. Aspects of Privacy • The Three Aspects are • Freedom from intrusion • Control of personal information • Freedom from surveillance

  9. Kinds of Privacy • Different aspects: • Information privacy: collection, use and disclosure of personally identifiable information (PII). • Communications privacy: private information should be safely delivered to the intended party. • Privacy in public (and work) places: electronic profiling (i.e., collecting a variety of in-depth information about an individual electronically) • Home/work distinction & public space/private space distinction.

  10. Personal Information • Any type of information that is related to a person’s private life or concerns, recorded in any form. • Can also be personally identifiable information (PII), which can be used to uniquely identify, locate or contact a person. • Not just content - but also events (a transaction) that may implicate a person’s privacy.

  11. Privacy-Implicating Activities:An Incomplete List • Health and Medical Records • Financial transactions of all types - tax, banking, etc. • Subscriber Information -Telephones, Cable TV, Video Rentals, etc. • Communications of all kinds - Telephone Calls, emails, etc. • Credit History • Purchasing History – • Direct, Phone, Internet • Records • Student • Insurance • Employment Records • “Judicial History” - Driving record, civil and criminal cases, etc. • Internet Activities

  12. Reasonable Expectation of Privacy • Over the years, court rulings has set the precedent that the key to understanding privacy issues is reasonable “Expectation of Privacy.” • These are the general criteria: • General legal principles: no privacy if behaviors or communications are knowingly exposed to public view. • Vantage point: a point where anyone can see or hear what is going on. • Certain buildings or pieces of land: so most public places come with no expectation of privacy (some exceptions are public phone booths and restrooms). • Technological sophistication: laws are constantly updated to adapt to new technological innovations.

  13. Informed Consent • A process in which an individual agrees to participate after being given detailed information about the benefits and potential risks of his or her action. • The person must be advised about: • Nature of information collected • Why and how it is going to be used • Risks • Freedom to withdraw

  14. Opt-in vs. Opt-out • Opt-in: • Potential customer to self-select the information (services) they wish to subscribe to, and how the information can be used. • Opt-out: • Information can be sent to customers without prior permission. But customers must be provided with the option to ask to be removed from the list.

  15. Some Important Federal Privacy Laws • 2004: Fair Education Rights and Privacy Act • 2001: USA Patriot Act (USAPA) [reauthorized in 2006 with amendments] • Authorizes Feds to subpoena records from providers. • 2000: Children’s Online Privacy Protection Act • 1998: Children’s Online Privacy Protection Act • 1998: Telephone Anti-Spamming Amendments Act • 1994: Communications Assistance for Law Enforcement (CALEA) • 1974: Privacy Act

  16. Privacy Act of 1974 • “No AGENCY shall disclose any record which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains....” • Data records should be “relevant and necessary” to the purpose for which they are collected • Establish procedures to allow individuals to see, copy and amend records about themselves • Requires publishing notices describing all systems of records (no secret records) • Agency is required to make reasonable efforts to maintain accurate, relevant, timely and complete records about individuals • Information collected for one purpose MAY NOT be used for another purpose without notice to or the consent of the subject of record

  17. USA Patriot Act 2001 Four principal categories: • Provides feds. and Intel. agencies greater authority to monitor communications. • Gives Sec. of Treasury greater powers to regulate banks, preventing money laundering. • Makes it more difficult for terrorists to enter USA. • Defines new crimes and penalties for terrorist activity. Does this by: • Extends jurisdiction of court-ordered “wiretaps” to entire country. • Allows for roving surveillance/dataveillance. • Law enforcement do not need a warranty to intercept communications if they have permission from owner of computer systems (e.g. ISP).

  18. Online Privacy Breaches • Online privacy can be compromised in three ways: • When personal data is saved on a local computer; • When the data is transported over the network; • When the data is stored by a third party.

  19. Illinois State Law • HB 1633 signed by the governor in June 2005 (effective Jan. 1, 2006) • Very similar to the law passed in California, making IL the second state to require companies to notify customers in case of security breach. • Any data collector doing business in the state of Illinois that is involved in a security breach must notify customers in the “most expedient time possible” and “without unreasonable delay.” • Security breach -- unauthorized acquisition of computerized data that may compromise the security, confidentiality, or integrity of personal data. • Methods of notification include writing, electronic correspondence (e.g. radio and TV), or substitute notice (e-mail, company website, and state-wide media • Penalties include lawsuits brought by the Illinois Attorney General against violators, fines, and individual legal actions to recover actual damages, punitive damages, and in egregious cases, plus attorneys fees.

  20. Cell Phone Location • More and more cell phone models have built-in Global Positioning System (GPS) capabilities. • So this makes tracking in real time a cell phone as easy as point and click. • The Federal Communications Commission (FCC) has released its E911 (Enhanced 911) standard to require that emergency callers be located within 50 meters. • The National Emergency Number Association (NENA) recently approved the technical standard for VoIP E911 specifically targeting Internet phones.

More Related