Download
privacy n.
Skip this Video
Loading SlideShow in 5 Seconds..
Privacy PowerPoint Presentation

Privacy

126 Vues Download Presentation
Télécharger la présentation

Privacy

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Privacy

  2. Historically, have consumers been concerned about their privacy? • millions of consumers choose to have their phones listed in their last name only (to avoid revealing their gender) • tens of millions more (30% of households!) choose to have an unlisted phone number • others use private mailbox services to avoid revealing where they live

  3. Today we live in an "information economy" • can check credit card and bank balances on the phone or by computer • can pay bills over the phone or by computer • can order gifts or clothes or airplane tickets online • can borrow $20,000 from a complete stranger and drive home a new car

  4. Convenience comes at a cost: there's a lot more personal information out there than ever Why should we be concerned about it? Misuse of the information can result in 1. Risks to physical security • sexual predators use the internet to identify children • women may not want their address known to potential stalkers

  5. 2. Risks to economic security • unauthorized charges to credit card • unauthorized withdrawals from bank/investment accounts • viruses that attack our computers • identity theft

  6. 3. Unwarranted intrusions into our personal lives • telephone calls disrupt our home and work lives • spam litters our computers with solicitations • some including pornography and other objectionable goods or services

  7. Internet Privacy

  8. Ziff-Davis Media, Inc. (August, 2002) • company's online security system failed due to a coding error • allowed anyone surfing the internet to access about 12,000 subscription orders for the magazine Gaming Monthly. • many had used credit cards to pay for their subscriptions • a number reported that their accounts were used fraudulently • information remained easily available for about a month before "good samaritans" who viewed the material alerted subscribers via e-mail.

  9. Double-Click (March, 2000) What are “cookies”? • files created by an internet site to store information on your computer • your preferences when visiting that site (e.g., airline itineraries) • a record of the pages you looked at within the site

  10. Good news: cookies only contain information that the user volunteers and cannot infiltrate a user's hard drive and siphon personal information • E.g., credit card numbers • Bad news: cookies can also store personally identifiable information that can be used to contact you • name • e-mail address • home or work address • telephone number

  11. Cookies permit advertisers to target customers whose previous visits to web sites might suggest an interest in its goods or services. • For example, if you check out the Celtics home page a couple of times, the next time you open a search engine you might encounter an ad from a sporting goods store that sells Celtics clothing

  12. DoubleClick handles advertising for about 1,500 web sites • initially it claimed it would only use "anonymous profiling" when collecting data on individuals. • However, DoubleClick in fact used "pseudonymous" tracking • i.e., when it placed cookies on consumers' computers, it assigned each cookie a unique number • this would permit the company to merge the information with consumers' names if it wished • but which it had not yet done when this controversy arose.

  13. Examples of the kinds of information the DoubleClick kept that had privacy implications included • health inquiries • travel plans • the names of videos in which the consumer showed an interest • information could, in theory, be useful to video stores to pitch movies or travel companies to pitch a vacation • could also be used to the consumer's detriment • e.g., when applying for insurance

  14. Privacy advocates feared DoubleClick would sell this information to telephone and mail-based direct marketers, health organizations, insurance companies, etc. • After a number of states and the FTC opened privacy investigations, DoubleClick agreed not to link personally identifiable information to anonymous user activity across web sites

  15. some consumer advocates argue that the law should go further • Propose that web sites should be prohibited from placing cookies on consumers' computers without express permission • an "opt in" provision

  16. The advertising industry has set up several web sites that allow computer users to "opt out" of having their personal data collected and profiled when they visit commercial internet sites. • Network Advertising Initiative

  17. Financial Privacy

  18. Financial institutions (banks, insurance companies, securities firms) collect substantial personal ("non-public") information, including • names, addresses and phone numbers • bank and credit card account numbers • income • credit histories • social security numbers

  19. In the 1990's privacy advocates became concerned when financial institutions began selling customer account information to third parties (e.g., telemarketers) for purposes of marketing non-financial services • Discount buying clubs • Roadside assistance • Credit card loss protection • Dental plans • Often kept a percentage of sales

  20. In 1999 Congress passed the "Gramm-Leach-Bililey Financial Modernization Act“ (GLBA) • The Act applies to all "financial institutions," including companies that offer financial products or services, like loans, financial or investment advice, or insurance

  21. 1. Affiliation • GLBA repealed Glass-Steagall Act • depression-era law that prohibited banks, securities firms, and insurance companies from affiliating

  22. 2. Privacy • GLBA requires financial institutions to protect information collected about individuals • key provisions require them to: • disclose to customers their policies and practices for protecting the privacy of non-public personal information • provide customers annually an opportunity to opt out of having information shared with non-affiliated third parties • e.g., telemarketers

  23. notice must offer a reasonable way for the consumer to express choice to opt out • Generally done by providing consumer with either • toll-free telephone number; or • detachable form with a pre-printed address

  24. Vermont's Rules on Financial Privacy • Vermont law provides greater protection for consumers than does the federal law • rules adopted by Vermont's Department of Banking, Insurance, Securities and Health Care Administration (BISHCA) use an opt-in provision • financial institutions must obtain a consumer's consent before private financial and health information can be sold to or shared with other companies

  25. BISHCA's rule was challenged by five insurance industry trade groups on First Amendment grounds • February, 2004 a Vermont trial court rejected the challenge to the law • Court referred to financial companies as "high volume traffickers of consumers' intimate personal information"

  26. 3. Pretexting • "Information brokers" (also known as individual reference services) gather public information about consumers • addresses, licenses, aliases, listed phone numbers • also gather non-public information • unlisted phone numbers, credit card numbers, social security numbers • sell the information.

  27. services provide numerous benefits • help law enforcement do their job • help lawyers find witnesses • help consumers find lost relatives • help collection agencies find debtors

  28. Problem is that the availability of this information • increases risks of crimes such as identity theft • thwarts consumers' efforts to protect their privacy (Americanada ad) • inaccurate information can result in problems • Florida election results

  29. some information brokers called banks and other financial institutions, under the pretext of being a customer • obtained the customer's account numbers and balances and other personal information • GLBA makes it a crime to engage in pretexting

  30. Credit Reporting • consumers’ credit reports contain significant amounts of personal information • credit card numbers • social security numbers • bank account numbers • federal Fair Credit Reporting Act (FCRA) and Vermont's Fair Credit Reporting Act (VFCRA) provide for the accuracy and privacy of consumer credit reports

  31. FCRA assures privacy by limiting who has access to a credit report • credit reports can only be used or collected for one of the following five “permissible purposes” • for credit • for employment • for insurance • to a governmental agency (e.g., for a license or other benefit) • to a person with a legitimate business need for the information in connection with a transaction with the consumer

  32. credit reporting agencies generally require the user of the report to certify the purpose for which the report is going to be used. • may also check user's references, visit its place of business, etc. • credit reporting agency must disclose on the report the identity of all parties receiving the information • files must be made available to consumers • free if the request comes within 30 days of denial of credit

  33. VFCRA further protects privacy by • requiring that the consumer give permission before his or her credit report can be accessed • allowing Vermont consumers to receive a copy of their report once a year free of charge

  34. Radio Frequency Identification (RFID) System • What is RFID? • What are some of the current uses of RFID systems? • What are some possible future uses of RFID systems? • What are the privacy concerns related to the use of RFID systems?