1 / 71

Chapter 5: Privacy

Chapter 5: Privacy. Ethics for the Information Age Third Edition by Michael J. Quinn. Chapter Overview (1/2). Introduction Perspectives on privacy Disclosing information Ways information becomes public U.S. legislation Public records. Chapter Overview (2/2).

shea
Download Presentation

Chapter 5: Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Chapter 5: Privacy Ethics for the Information AgeThird Edition by Michael J. Quinn

  2. Chapter Overview (1/2) • Introduction • Perspectives on privacy • Disclosing information • Ways information becomes public • U.S. legislation • Public records

  3. Chapter Overview (2/2) • Covert government surveillance • U.S. legislation authorizing wiretapping • Data mining • Identity theft • Encryption

  4. Introduction • Information collection, exchange, combination, and distribution easier than ever • More information access  less privacy • Trade-offs • Privacy vs. need for credentials • Privacy vs. desire for free expression • Privacy vs. safety / security

  5. Defining Privacy • Privacy related to notion of access • Access • Physical proximity to a person • Knowledge about a person • Edmund Byrne: Privacy is a “zone of inaccessibility” • Edward Bloustein: Privacy violations are an affront to human dignity • Too much individual privacy can harm society • Where to draw the line?

  6. Harms of Privacy • Cover for illegal or immoral activities • Burden on the nuclear family • Hidden dysfunctional families • Ignored people on society’s fringes

  7. Benefits of Privacy • Individual growth • Individual responsibility • Freedom to be yourself • Intellectual and spiritual growth • Development of loving, trusting, caring, intimate relationships

  8. Is There a Natural Right to Privacy? • Morton Levine: Property rights Privacy rights • Third Amendment to U.S. Constitution • Samuel Warren and Louis Brandeis: Yes • Judith Jarvis Thomson: “Privacy rights” overlap other rights • Stanley Benn and Jeffrey Reiman: Privacy is a prudential right

  9. Privacy and Trust • Modern life more private • Challenge: living among strangers • Remedy: establishing reputations • Ordeal, such as lie detector test or drug test • Credential, such as driver’s license, key, ID card, college degree • Establishing reputation is done at the cost of reducing privacy

  10. Disclosing Information • Public record: information for public access • Public information: information revealed to an organization that has right to share it • Personal information: undisclosed information • Types of disclosures • Voluntary • Involuntary • Statutory

  11. Ways Information Becomes Public • Rewards or loyalty programs • Body scanners • Digital video recorders • Automobile “black boxes” • Enhanced 911 service • RFIDs • Implanted chips • Cookies • Spyware

  12. Public Information • Rewards or loyalty programs • Replaced by club cards • Members only discounts • Information is tracked individually • Rewards are tailored to card holder • Critics claim member prices are the same as those at non-membership stores • Therefore, non-members pay more

  13. U.S. Legislation • Fair Credit Reporting Act • Fair and Accurate Credit Transactions Act • The Family Education Rights and Privacy Act • Employee Polygraph Protection Act • Video Privacy Protection Act • Financial Services Modernization Act • Children’s Online Privacy Protection Act • Health Insurance Portability and Accountability Act

  14. Fair Credit Reporting Act • http://www.ftc.gov/os/statutes/fcra.htm • Promotes accuracy and privacy of information used by credit bureaus • Major credit bureaus: Equifax, Experian, Trans Union • Negative information kept only 7 years • Exceptions • Bankruptcies: 10 years • Criminal convictions: indefinitely

  15. Fair and Accurate CreditTransactions Act • Passed in 2004 • Requires three major credit bureaus to provide consumers a free copy of their credit report every 12 months • Not automatic: consumers must request credit reports • Provisions to reduce identity theft

  16. Family Education Rights and Privacy Act (FERPA) • http://www.ed.gov/policy/get/guid/fpcs/ferpa/index.html • Rights given to • Students 18 years and older • Parents of younger students • Rights include • Reviewing educational records • Requesting changes to erroneous records • Preventing release of records without permission

  17. Employee Polygraph Protection Act • Passed in 1988 • Prohibits private employers from using lie detector tests under most conditions • Cannot require test for employment • Exceptions • Pharmaceutical companies and security firms may give test to certain classes of employees • Employers who have suffered a theft may administer tests to reasonable suspects • Federal, state, and local governments exempt

  18. Video Privacy Protection Act • http://assembler.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00002710----000-.html • Video Privacy Protection Act • Prompted by Bork nomination hearing • Videotape service providers cannot disclose rental records without consumer’s written consent • Rental stores must destroy personal information related to rentals within a year of when it is no longer needed • Videotape service providers cannot disclose rental records without consumer’s written consent • Rental stores must destroy personal information related to rentals within a year of when it is no longer needed

  19. Financial Services Modernization Act • Also called Gramm-Leach-Bliley Act of 1999 • Creates “financial supermarkets” offering banking, insurance, and brokerage services • Privacy-related provisions • Privacy policies must be disclosed to customers • Notices must provide an opt-out clause • Companies must develop procedures to protect customers’ confidential information

  20. Children’s Online Privacy Protection Act • http://www.ftc.gov/bcp/conline/pubs/buspubs/coppa.htm • Reduces amount of public information gathered from children • Online services must gain parental consent before collecting information from children 12 and under • Intent is to prevent contact with children • How do we prove identities?

  21. Health Insurance Portability and Accountability Act • http://www.hhs.gov/ocr/hipaa • Limits how doctors, hospitals, pharmacies, and insurance companies can use medical information • Health care providers need signed authorization to release information • Health care providers must provide patients with notice describing how they use medical information

  22. Examples of Public Records • Census records • Internal Revenue Service records • FBI National Crime Information Center 2000

  23. Census Records • Census required to ensure every state has fair representation • Number of questions steadily rising • Sometimes Census Bureau has broken confidentiality requirement • World War I: draft resistors • World War II: Japanese-Americans

  24. Internal Revenue Service Records • Much personal information on tax forms • Some IRS employees have misused access to IRS records • IRS has also misplaced tapes and diskettes containing records

  25. FBI National Crime Information Center 2000 • NCIC • Collection of databases related to various crimes • Contains > 39 million records • Successes • Helps police solve hundreds of thousands of cases every year • Helped FBI tie James Earl Ray to assassination of Dr. Martin Luther King, Jr. • Helped FBI apprehend Timothy McVeigh for bombing of federal building in Oklahoma City

  26. Criticisms of the NCIC • Erroneous records have led to false arrests • Police have arrested innocent people with same name as someone in NCIC database • FBI has used NCIC to keep records of people not suspected of any crime • Corrupt law-enforcement employees have sold information and altered records • Some law-enforcement employees illegally access the NCIC

  27. OneDOJ Database • Database being constructed by U.S. Department of Justice • Gives state and local police officers access to information provided by five federal law enforcement agencies • Incident reports • Interrogation summaries • Other information not available through NCIC • Criticisms • OneDOJ gives local police access to information about people who have not been charged with a crime • There is no way to correct misinformation in raw police reports

  28. Code of Fair Information Practices • No secret databases • People should have access to personal information in databases • Organizations cannot change how information is used without consent • People should be able to correct or amend records • Database owners, users responsible for reliability of data and preventing misuse

  29. Privacy Act of 1974 Falls Short • Applies only to government databases • Only covers records indexed by a personal ID • No federal employee responsible to enforcing Privacy Act provisions • Allows agencies to share records with other agencies

  30. 4th Amendment to U.S. Constitution “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”

  31. Wiretaps and Bugs • Omstead v. United States  wiretapping OK • Federal Communications Act • Nardone v. United States  wiretapping not OK • FBI continues secret wiretapping • Katz v. United States  bugs not OK

  32. Operation Shamrock • Continuation of World War II interception of international telegrams • National Security Agency (1952) • Expanded to telephone calls • Kennedy • Organized crime figures • Cuba-related individuals and businesses • Johnson and Nixon • Vietnam war protesters • Nixon • War on drugs

  33. Carnivore Surveillance System • Created by FBI in late 1990s • Monitored Internet traffic, including email exchanges • Carnivore = Windows PC + “packet-sniffing” software • Captured packets going to/from a particular IP address • Used about 25 times between 1998 and 2000 • Replaced with commercial software

  34. Covert Activities after 9/11 • September 11, 2001 attacks on World Trade Center and Pentagon • President Bush authorized new, secret, intelligence-gathering operations inside United States

  35. National Security Administration Wiretapping • President Bush signed presidential order • OK for NSA to intercept international phone calls & emails initiated by people inside U.S. • No search warrant required • Number of people monitored • About 500 people inside U.S. • Another 5,000-7,000 people outside U.S. • Two al-Qaeda plots foiled • Plot to take down Brooklyn bridge • Plot to bomb British pubs and train stations

  36. TALON Database • Created by U.S. Department of Defense in 2003 • Supposed to contain reports of suspicious activities or terrorist threats near military bases • Reports submitted by military personnel or civilians • Reports assessed as “credible” or “not credible” by military experts • Reports about anti-war protests added to database • Many of these reports later deleted from database • In 2007 new Under Secretary of Defense for Intelligence recommended that TALON be terminated

  37. U.S. Legislation Authorizing Wiretapping • Title III • Electronic Communications Privacy Act • Communications Assistance forLaw Enforcement Act • USA PATRIOT Act

  38. Title III • Part of Omnibus Crime Control and Safe Streets Act of 1968 • Allows a police agency with a court order to tap a phone for up to 30 days • In 1972 U.S. Supreme Court again rejected warrantless wiretapping, even for national security

  39. Electronic Communications Privacy Act • Passed by Congress in 1986 • Allows police to attach two kinds of surveillance devices to a suspect’s phone line • Pen register: displays number being dialed • Trap-and-trace device: displays caller’s phone number • Court order needed, but prosecutors do not need to show probable cause • Allows police to do roving wiretaps (following suspect from phone to phone)

  40. Communications Assistance for Law Enforcement Act • http://assembler.law.cornell.edu/uscode/html/uscode18/usc_sup_01_18_10_I_20_119.html • Passed in 1994 • Designed to ensure police can still do wiretapping as digital networks are introduced • FBI asked for new abilities, such as ability to intercept digits typed by caller after phone call placed

  41. Communications Assistance for Law Enforcement Act • Federal Communications Commission included these capabilities in its guidelines to phone companies • Privacy-rights advocates argued that new capabilities went beyond Congress’s intent

  42. USA PATRIOT ACT • Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 • http://thomas.loc.gov/cgi-bin/query/D?c107:4:./temp/~c107fEmBJW:: • Enacted in response to 11 September 2001 attacks • Amended more than 15 existing laws

  43. USA PATRIOT Act • Provisions • Greater authority to monitor communications • Greater powers to regulate banks • Greater border controls • New crimes and penalties for terrorist activity • Critics say Act undermines 4th Amendment rights • Pen registers on Web browsers • Roving surveillance • Searches and seizures without warrants • Warrants issued without need for showing probable cause

  44. Patriot Act Successes • Charges against 361 individuals • Guilty pleas or convictions for 191 people • Shoe-bomber Richard Reid • John Walker Lindh • More than 500 people removed from United States • Terrorist cells broken up in Buffalo, Seattle, Tampa, and Portland (“the Portland Seven”)

  45. Patriot Act Failure • March 11, 2004 bombings in Madrid Spain • FBI makes Brandon Mayfield a suspect • Claims partial fingerprint match • Conducts electronic surveillance • Enters home without revealing search warrant • Copies documents and computer hard drives • Spanish authorities match fingerprint with an Algerian • Judge orders Mayfield released • FBI apologizes • Civil rights groups: Mayfield was targeted for his religious beliefs

  46. Patriot Act Renewal • Patriot Act renewed in 2006 • Nearly all provisions made permanent • Four-year sunset clause on two provisions • Roving wiretaps • FBI ability to seize records from financial institutions, libraries, doctors, and businesses with approval from secret Foreign Intelligence Surveillance Court

  47. Data Mining • Data mining • Searching for patterns or relationships in one or more databases • Way to generate new information • Secondary use: information collected for one purpose used for another purpose • Information about customers is a valuable commodity

  48. Famous Data Mining Examples • Marketplace: Households • IRS audits • Syndromic Surveillance System • Telecommunications records database • Total Information Awareness

  49. Marketplace: Households • Lotus Development Corporation developed CD with information on 120 million Americans • Planned to sell CD to small businesses that wanted to create mailing lists based on various criteria, such as household income • More than 30,000 consumers complained to Lotus about invasion of privacy • Lotus dropped plans to sell CD

  50. IRS Audits • IRS uses computer matching and data mining to look for possible income tax fraud • Computer matching: matching tax form information with information provided by employers, banks, etc. • Data mining: searching through forms to detect those that appear most likely to have errors resulting in underpayment of taxes

More Related