1 / 21

“Informational Privacy” privacy notes, set 2

“Informational Privacy” privacy notes, set 2. CS 340. Buying a Batman toy, in 1970 & 2010. Information as a commodity. Current technology makes it feasible, practical and worth economic sense to gather more information about each and every purchase. This information has value to

corbett
Télécharger la présentation

“Informational Privacy” privacy notes, set 2

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. “Informational Privacy”privacy notes, set 2 CS 340

  2. Buying a Batman toy, in 1970 & 2010

  3. Information as a commodity • Current technology makes it feasible, practical and worth economic sense to gather more information about each and every purchase. • This information has value to • Manufacturers • Merchants • Similar sellers • Other customers • From Nonchalant to Outrage • Double click • Facebook

  4. Privacy and Cyberspace Are any privacy issues unique to cyber-technology? • Spokeo.com Privacy concerns have been exacerbated by cyber-technology in at least four ways, i.e., by the: • amount of personal information that can now be collected; • speed at which personal information can now be transferred and exchanged; • duration of time in which personal information can now be retained; • kind of personal information (such as transactional information) that can be acquired.

  5. Misc. Ex. of Disclosing Information • Reward & loyalty programs • Using a search engine • 3rd party cookies • networked affiliates sharing clickstream data • Body scans • DVRs • Spyware • biometrics • Blackboxes • Enhanced 911 • RFID & implanted chips • Online shopping: • The ToySmart case

  6. Who owns info about a transaction?The Toysmart Case • Background: Toysmart.com was an online toy seller.  Although it entered the market early, it never became profitable, and the company filed for bankruptcy in 2000.  In order to pay off as much debt as possible, the company began to sell assets, both physical and intangible.  One intangible asset was the customer data that they had collected through the course of operations.  Near the end of their operations, Toysmart published a privacy policy and acquired a TRUSTe seal.  (As a TRUSTe company several provisions were req: Toysmart only used the data to personalize shopping experience, and would not share data with 3rd party.)

  7. Toysmart Cont’d • Consumer data included: • names • addresses • billing info • purchases • shopping pref • family information (children's names and bdays and wish list toys) Toysmart put their data up for sale.  Toysmart was sued by the FTC which claimed that the attempt to sell consumer data violated the COPPA.

  8. Toysmart concluded • Results: Toysmart agreed not to share OR sell this information as a stand-alone asset. • Only would give to a court approved qualified buyer AND • Consumers would have to opt in • Toysmart would destroy data that violated COPA • More info: • http://www.ftc.gov/opa/2000/07/toysmart2.htm • Truste.org

  9. What we do to ourselves • Use of: • Texting: • http://blog.nielsen.com/nielsenwire/online_mobile/u-s-teen-mobile-report-calling-yesterday-texting-today-using-apps-tomorrow/ • social network • Youtube • Blogs • genealogy sites • Child events, strangers & pedophiles • Idea of privacy as old-fashioned

  10. Profiling definition • “the gathering, assembling, and collating of data about individuals in databases which can be used to identify, segregate, categorize and generally make decisions about individuals known to the decision maker only through their computerized profile.” • Objective: • Better targeted advertising

  11. Profiling: Transactions that disclose info: • Consider the information about us that can be acquired from our commercial transactions in a bank or in a store. • The privacy of users who navigate the Web solely for recreational purposes is also at risk. • Personal data about a user’s interests can be acquired by organizations whose need for this information is not always clear. • A user’s personal data acquired via his/her online activities can be sold to third parties.

  12. Sara BaaseA Gift of Fire: Disclosing information: • In privacy analysis "(t)he critical point is whether the user is told and thus can make an informed choice” • Secondary use of information occurs when information is used "for a purpose other than the one for which it was supplied.“

  13. The danger of Re-identification • Re-identification: identifying the individual from a set of anonymous data • Identification based on searches performed. • Self, hobbies, cars, sports teams, health

  14. Data mining • searching and analyzing masses of data to find patterns and develop new info • Computer matching: combining info from different db using an identifier each has in common • Computer profiling: analyzing data to determine common characteristics of people likely to engage in a behavior. Uses: • Find new customers • ID terror suspects

  15. Privacy As consumers: • Most European countries have specific laws and regulations aimed at protecting an individual’s (consumer) privacy. • In the US, historically consumer privacy has relied on • social norms and • market forces • laws are typically a last resort or response to an event • highly reactive and unsystematic

  16. Misc. Privacy Laws • Fair Credit Reporting Act, 1970 • Right to Financial Privacy Act, 1978 • Cable Communications Policy Act, 1984 • Video Protection Privacy Act, 1988 • Driver’s Protection Privacy Act, 1994 • Children’s Online Privacy Protection Act (COPPA), 1998 • Info on kids under 13 • Financial Services Modernization Act, 1999 • Health Insurance Portability and Accountability Act (HIPAA), 2001

  17. Disclosure of Information • “Private” information that becomes a part of the public record • Examples: • 911 calls become part of the public record • Urban Meyer’s wife’s call after the SEC game • http://www.youtube.com/watch?v=HfMFeQYDznY • Compare & Contrast this with HIPAA, dr. & patient confidentiality, hospital policies • Marriage, birth, death, divorce, wills • Government Databases of info: ranging from tax info, census, NCIC • Public record

  18. 1974 Privacy Act Codified 5 principles related to gov’t handling of information: • Notice/Awareness • Choice/Consent • Access Participation • Integrity/Security • Enforcement/Redress • http://www.ftc.gov/reports/privacy3/fairinfo.shtm

  19. Limitations of the Privacy Act From William PetrocelliLow Profile: How to avoid the Privacy Invaders: • Applies only to gov’t db not private ones • Applies only to records that use a personal identifier (name, number) • No agency is in charge of enforcement, individual agencies choose what is exempt • Inter-agency sharing of info for “routine use”

  20. Patriot Act • Provided: • More monitoring authority for law enforcement and intelligence agencies • aims at Internet use and email • created nationwide system for search warrants and wire tapping • Allows for roving surveillance • Expands search warrant exceptions • Sec. of Treasury has greater powers related to banks to prevent foreign money laundry • Admission to US harder for • Codified new crimes and punishments • Act has been subject to lots of criticism because of the privacy concerns it impacts • Act is subject to periodic renewal

  21. TSA machines

More Related