1 / 16

The Broader Picture

The Broader Picture. Laws Governing Hacking and Other Computer Crimes Consumer Privacy Employee Workplace Monitoring Government Surveillance Cyberwar and Cyberterror Hardening the Internet Against Attack. Figure 12-2: Consumer Privacy. Introduction

cardillo
Télécharger la présentation

The Broader Picture

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Broader Picture • Laws Governing Hacking and Other Computer Crimes • Consumer Privacy • Employee Workplace Monitoring • Government Surveillance • Cyberwar and Cyberterror • Hardening the Internet Against Attack

  2. Figure 12-2: Consumer Privacy • Introduction • Scott McNealy of SUN Microsystems: “You have zero privacy now. Get over it!” • But privacy is strong in European Union countries and some other countries

  3. Figure 12-2: Consumer Privacy • Credit Card Fraud and Identity Theft • Widespread Concern (Gartner) • One in 20 consumers had suffered credit card number theft in 2002 • One in 50 consumers had suffered identity theft in 2002 • Only about a fifth of this is online, but online theft is growing the most rapidly

  4. Figure 12-2: Consumer Privacy • Credit Card Fraud and Identity Theft • Carders steal credit card numbers • Many merchants fail to protect credit card numbers • Carders test and sell credit card numbers • Merchants also suffer fraud from consumers and carders • Identity theft: Set up accounts in person’s name • Victim may not discover identity theft until long afterward

  5. Figure 12-2: Consumer Privacy • Tracking Customer Behavior • Within a website and sometimes across websites • Some information is especially sensitive (health, political leanings, etc.) • Access to data and analysis tools are revolutionizing the ability to learn about people

  6. Figure 12-2: Consumer Privacy • Tracking Customer Behavior • What consumers wish for • Disclosure of policies • What information will be collected? • How the information will be used by the firm collecting customer data? • Whether and with whom the information will be shared

  7. Figure 12-2: Consumer Privacy • Tracking Customer Behavior • What consumers wish for • Ability of consumer to see and correct inaccurate personal information • Limiting collection and analysis to operational business needs • Limiting these needs • Opt in: No use unless customer explicitly agrees

  8. Figure 12-2: Consumer Privacy • Corporate Responses • Privacy disclosure statements • TrustE certifies corporate privacy behavior • Platform for Privacy Preferences (P3P); Standard format for privacy questions • Federal Trade Commission • Enforces privacy statements • Imposes fines and required long-term auditing • Does not specify what should be in the privacy statement

  9. Figure 12-2: Consumer Privacy • Corporate Responses • Opt out: Customer must take action to stop data collection and sharing • No opt: No way to stop data collection and sharing • Passport and Liberty Alliance • Identity management services • Register once, giving personal information • Give out to merchants selectively

  10. Figure 12-2: Consumer Privacy • Consumer Reactions • Checking privacy disclosure statements (rare) • Not accepting cookies (rarer) • Anonymous websurfing services (extremely rare)

  11. Figure 12-2: Consumer Privacy • U.S. Privacy Laws • No general law • Health Information Portability and Accountability Act (HIPPA) of 1996 • Protects privacy in hospitals and health organizations • Focuses on protected information that identifies a patient

  12. Figure 12-2: Consumer Privacy • U.S. Privacy Laws • Gramm-Leach-Bliley Act (GLBA) of 1999 • Protects financial data • Allows considerable information sharing • Opt out can stop some information sharing

  13. Figure 12-2: Consumer Privacy • U.S. Privacy Laws • Children’s Online Privacy Protection Act of 1998 • Protects the collection of personal data from children under 13 • Applies in child-oriented sites and any site that suspects a user is under 13 • No protection for older children • Registration for Kids.US domain is controlled • State privacy laws vary widely

  14. Figure 12-2: Consumer Privacy • International Laws • European Union Charter of Fundamental Rights • Right to protection of personal information • Personal information must be processed for specific legitimate purposes • Right to see and correct data • Compliance overseen by independent authority

  15. Figure 12-2: Consumer Privacy • International Laws • E.U. Data Protection Directive of 1995 • Opt out with opt in for sensitive information • Access for review and rectification • Independent oversight agency • Data can be sent out of an EU country only to countries with “adequate” protections

  16. Figure 12-2: Consumer Privacy • International Laws • Safe harbor • Rules that U.S. firms must agree to follow to get personal data out of Europe • Are GLBA rules to be considered in financial industries? E.U. is resisting.

More Related