Privacy and personal information

A Gift of Fire, 2ed Chapter 2: Privacy and Personal Information 1
Social, Legal, and Ethical Issues for Computers and the Internet
Privacy & Personal Information

A Gift of Fire
Privacy and Personal Information
The Impact of Computer Technology
“Big Brother is Watching You”
Consumer Information
More Privacy Risks
Protecting Privacy: Education, Technology, and Markets
Protecting Privacy: Law and Regulation

Computers are not needed for the invasion of
privacy.
Computers simply make new threats possible
and old threats more potent.
Privacy can mean:
• Freedom from intrusion-being left alone.
• Control of information about oneself.
• Freedom from surveillance (followed, watched, eavesdropped upon).

Invisible Information Gathering
Examples:
• Satellite surveillance.
• Caller ID.
• 800- or 900-number calls. Or Pizza Hut!
• Web-tracking data; cookies. Peer-to-peer monitoring.
– Spyware such as Gator, BonziBUDDY, and Comet Cursor is often
surreptitiously bundled with freeware and shareware software that users
download from the Internet, and is commonly found in popular peer-to-
peer programs, such as KaZaa, BearShare, AudioGalaxy, and others. In
the most malicious cases, spyware can perform non-marketing
operations, all hidden to the user, including data collection for industrial
espionage purposes.
• Others…
Q: Recall an example of invisible information gathering about
you.

Secondary Use
Using information for a purpose other than the one for which it
was obtained. A few examples:
• Sale (or trade) of consumer information to other businesses.
• Credit check by a prospective employer.
• Government agency use of consumer database.
Q: Recall an occasion when a secondary use of your personal information was
made.

Computer Matching
Combining and comparing information from more than one
database (usually matching SS# to records). Some examples:
• Sharing of government agencies’ databases to detect fraud by recipients
of government programs.
• Creating consumer dossier from various business databases.
Q: Recall an example of computer matching that has appeared in the news.

Profiling
Using data in computer files to predict likely behaviors of
people. Some examples:
• Businesses engage in profiling to determine consumer propensity
toward a product or service.
• Government agencies use profiling to create descriptions of possible
terrorists.
Q: How might profiling be used with your personal information?

Monitoring and Tracking
Examples:
• GPS (global positioning system).
• Cell-phones.
• Blackboxes in automobiles. (monitoring speed and where traveled)
• Other wireless appliances.
• Google Map….type your address in Google—see what happens
Q: What is the impact of GPS-equipped childrens’ wrist watches.

Federal Government Databases
Purpose:
• Determine eligibility for jobs and programs.
• Reduce waste.
• Detect fraud.
• Law enforcement.
Regulations:
• Privacy Act of 1974.
• Computer Matching and Privacy Protection Act of 1988.
Q: Which government databases contains your personal information?

4th
Amendment
Expectation of Privacy:
• Government’s rights are limited.
• Government must have probable cause to search private premises or
seize documents.
Privacy Challenges:
• New sensing and surveillance technologies enable the government
access to private premises without physical entry.
• New technologies provide the government with access to huge amounts
of personal data in business databases.
• Courts allow some searches and seizures of computers without search
warrants.
Q: Has technology strengthened or weakened the spirit of the 4th
Amendment?

Consumer Databases
Gathering Information:
• Warranty cards.
• Purchasing records.
• Membership lists.
• Web activity.
• Change-of-address forms.
• Much more…
Q: Recall ways in which you have contributed to consumer databases.

Consumer Databases (cont’d)
Limiting Collection, Use, Sharing, and Sale of Personal Data:
• Consumers can take measures to restrict the use of their personal
information.
• Some information sharing is prohibited by law.
• Some information sharing is prohibited by published, privacy policies.
Q: What measures do you take to limit consumer information gathered
about you?

Marketing: Using Consumer Information
• Trading/buying customer lists.
• Telemarketing.
• Data Mining. (Spyware)
• Mass-marketing.
• Web ads.
• Spam (unsolicited e-mail).
Q: How are children affected by marketers using consumer information?

Credit Bureaus
Uses of consumer information:
• Evaluate credit risk of applicant.
• Marketing.
Regulation:
• FCRA (Fair Credit Reporting Act)
• Self-regulated by privacy principles.
Q: If you are denied credit, what are your rights based on the FCRA?

More Privacy Risks
Social Security Numbers (SSNs)
Appear in:
• Employer records.
• Government databases.
• School records.
• Credit reports.
• Consumer applications.
• Many other databases.
Be careful giving out your SSN…identity theft problems.
Q: What are the risks of using SSNs as identifiers?

More Privacy Risks
National ID Card System
If implemented, the card could contain your:
• Name.
• Address.
• Telephone number(s).
• Photo.
• SSN.
Q: What other personal information should a national ID card contain?

More Privacy Risks
National ID Card System
If implemented, the system could allow access to your:
• Medical information.
• Tax records.
• Citizenship.
• Credit history.
• Much more…
Kind of scary…”Let me see your papers.”
Q: Are the benefits of a national ID system greater than the risks?

More Privacy Risks
Personal Health and Medical Information
Data can include:
• History of substance abuse.
• Treatment for sexually transmitted disease.
• Extent of psychiatric help received.
• Any suicide attempt(s).
• Diagnosis of diseases (diabetes, angina, cancer, etc.).
• Use of prescribed medicines.
• Much more…
Q: Why would marketers want access to your medical information?

More Privacy Risks
Public Records
Available in paper form and/or online:
• Bankruptcy.
• Arrest.
• Marriage-license application.
• Divorce proceedings.
• Property ownership.
• Salary (if employed by state or federal government).
• Wills and Trusts.
• Much more…
Q: How should access to public records be controlled?

Protecting Privacy: Education,
Technology, and Markets
Education
Must include awareness of:
• How the technology works.
• How the technology is being used.
• The risks brought on by the technology.
• How to limit unwanted use of personal information.
• Applicable state and federal laws and regulations.
Q: How do you limit unwanted use of your personal information?

Technology
Enhance privacy using:
• Cookie (files a web site; stores it on each visitor’s computer) disablers.
• Opt-in (Consumer must check if they want info)/opt-out (consumer
must check if they don’t want info) options.
• Anonymous Web services. Anonymizer.com…surf the web
anonymously
• P3P (Platform for Privacy Preferences). (automatically protect people’s
privacy when they use the web…users choose the amount of info to give
out)
Audit trails-keep track of who sees what. (system keeps track of each user
that accesses each type of data)
Q: What privacy-enhancing technology do you use regularly?

Market Response
Markets can protect your privacy by:
• Using trusted third parties.
• Adhering to established privacy policies.
• Purchasing consumer information directly from the consumer.
• Developing and selling privacy-enhancing technologies and services.
Q: Have you read the privacy policies at Web sites you frequent?

Philosophical Views
Samuel Warren & Louis Brandeis:
• Individuals have the right to prohibit publication of personal facts and
photos.
Judith Jarvis Thompson:
• No distinct right to privacy.
• Privacy rights result from rights to our property, body, and contracts.
Transactions:
• Transactions have two parties, often with conflicting preferences about
privacy.
Q: How should rights to information about transactions between two parties
be assigned?

Contrasting Views
Free-market View
• The parties of a transaction are viewed as equal.
• Truth in information gathering.
• Strong reliance on contracts.
• Freedom of speech and commerce.
Consumer-Protection View
• The parties of a transaction are viewed differently.
• More stringent consent requirements required by law.
• Strong limitations on secondary uses of information required by law.
• Legal restrictions on consumer profiling.
Q: How should the privacy of consumer transactions be regulated?

Contracts and Regulations
Basic Legal Framework:
• Enforce agreements and contracts.
• Publish privacy policies.
• Set defaults for situations not in contract.
Requiring Specific Consent policies:
• Adhere to informed consumer consent.
• Use opt-in policies. (not opt-out)
Q: Recall a situation where you exchanged personal information for some
benefit.

Contracts and Regulations (cont’d)
Ownership of personal data. Can an individual own:
• Facts (e.g. marriage license in public records)?
• Personal information (e.g. your date of birth)?
Freedom of speech
• Prohibiting communication of information may violate the 1st
Amendment.
Q: When does protecting privacy conflict with freedom of speech?

EU (European Union) Privacy Regulation
Key points:
• Limited collection of personal data.
• Data must be up-to-date and destroyed when no longer needed.
• Consent for sharing data is required.
• Sensitive data (e.g. religion) can only be provided with consent.
• Notify consumers about the collection and intended purpose of data.
• Restricted access and sharing of criminal conviction.
Q: Can the EU’s privacy regulations work in the US?

Privacy and personal information

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (6)

Similar to Privacy and personal information

Similar to Privacy and personal information (20)

More from Uc Man

More from Uc Man (20)

Recently uploaded

Recently uploaded (20)

Privacy and personal information