Transcript Gift of Fire

A Gift of Fire
Third edition
Sara Baase
Chapter 2: Privacy
Original Slides prepared by Cyndi Chie and Sarah Frye
Adapted for use in LSU course CSC-1200 “Ethics in Computing”
What We Will Cover
•
•
•
•
•
Privacy and Computer Technology
“Big Brother is Watching You”
Privacy Topics
Protecting Privacy
Communications
2
Privacy and Computer
Technology
Key Aspects of Privacy:
• Freedom from intrusion (being left
alone)
• Control of information about oneself
• Freedom from surveillance (being
tracked, followed, watched)
3
Privacy and Computer
Technology (cont.)
Privacy Threats:
• Intentional, institutional use
– Law Enforcement, Tax collection
•
•
•
•
Unauthorized Release by Insiders
Theft of information
Leakage from negligence
Our own actions
– Intentional or unintentional
4
Privacy and Computer
Technology (cont.)
New Technology, New Risks:
• Government and private databases
– Easier access of government documents
• Sophisticated tools for surveillance and
data analysis
– Cameras, GPS, cell phones
• Vulnerability of data
5
Privacy and Computer
Technology (cont.)
Example: Search Query Data
• Search engines store search histories
– to improve their algorithms
– for marketing
• Possible to retrieve private information
– Health and psychological problems
– Addictions: gambling, alcoholism, drugs
– Financial status: bankruptcy
6
Privacy and Computer
Technology (cont.)
• Google Incident (2006)
– federal government subpoena to provide 2 months
of user search queries, in response to court
challenges for Child Online Protection Act
(COPA) – finally provided only 50,000 URLs
• AOL incident (2006)
– Employee posted anonymous search queries to
improve search algorithms
– 20,000,000 searches from 650,000 people
– Easy to identify people: searches for local sports
teams, their car model, etc
7
Privacy and Computer
Technology (cont.)
Terminology:
• Invisible information gathering
- collection of personal information about someone
without the person’s knowledge
- unauthorized software, Cookies, ISP providers,
supermarket cards
• Secondary use
– use of personal information for a purpose other
than the one it was provided for
– Examples: sell data to marketers, give data to IRS
8
Privacy and Computer
Technology (cont.)
Terminology (cont.):
• Data mining
– searching and analyzing masses of data to find
patterns and develop new information or
knowledge
• Computer matching
– combining and comparing information from
different databases (using social security number,
for example, to match records)
9
Privacy and Computer
Technology (cont.)
Terminology (cont.):
• Computer profiling
– analyzing data in computer files to determine
characteristics of people most likely to engage in
certain behavior
– Businesses find new consumers
– Government detects fraud and crime activities
Note: data mining, computer matching, and computer profiling are
secondary uses of information
10
Privacy and Computer
Technology (cont.)
Principles for Data Collection and Use:
• Informed consent
• Opt-in and opt-out policies
• Fair Information Principles (or Practices)
• Data retention
11
Privacy and Computer
Technology (cont.)
Fair Information Principles (or Practices):
–
–
–
–
–
–
–
Inform about personally identifiable information
Collect only data needed
Offer opt-out from email, advertising, etc
Stronger protection of sensitive data
Keep data only as long as needed
Maintain accuracy of data
Policies for responding to law enforcement
12
Privacy and Computer
Technology
Discussion Questions
• Have you seen opt-in and opt-out
choices? Where? How were they
worded?
• Were any of them deceptive?
• What are some common elements of
privacy policies you have read?
13
"Big Brother is Watching
You"
George Orwell’s dystopian novel “1984”:
• Written in 1949
• Big Brother = Oceania government
• Watches everyone via “telescreens” in
homes and public places
• Little crime, little political dissent
• No love, no freedom
Modern analog:
• Dataveillance = “data surveilance”
14
"Big Brother is Watching
You" (Cont.)
Government Databases:
• Government agencies collect many
types of information
• Ask business to report about consumers
• Buy personal information from sellers
• Main publicized reason: data mining
and computer matching to fight
terrorism
15
"Big Brother is Watching
You" (Cont.)
Sample Government Data Records:
tax, medical (medicare, medicaid),
marriage/divorce, welfare, school,
motor vehicle, voter registration,
books checked out, firearm permits,
loan applications, bankrupcy,
arrests
16
"Big Brother is Watching
You" (Cont.)
Private information can be used to:
• Arrest people
• Jail people
• Seize assets
Important: High standards for privacy
protection by government
17
"Big Brother is Watching
You" (Cont.)
Privacy Act of 1974:
• Main law about federal gov. use of data
• Restricts kept records to “relevant and
necessary”
• Publish record systems
• People can access and correct records
• Procedures for database security
• Prohibit disclosure of information
without consent
18
"Big Brother is Watching
You" (cont.)
Government Accountability Office (GAO):
• Congress’s “watchdog agency”
• Examines problems of Privacy Act
• 1996 study:
– Whitehouse maintained secret database with
200,000 people records with ethnic and political
info
• ChoicePoint:
– Private company that sells data to government
– Owns billions of records (telephone, liens, deeds,19
divorce, …)
"Big Brother is Watching
You" (cont.)
Burden of Proof and “fishing expeditions”
• Millions of crime suspects are searched
in government databases
• Shift from presumption of innocence to
presumption of guilt
• Computer software characterizes
suspects
20
"Big Brother is Watching
You" (cont.)
Data mining and computer matching to
fight terrorism
• After 9/11 people resisted privacy
intrusion by government
• CAPPS (Computer Assisted Passenger
Prescreening) – implemented by airlines
• Extreme CAPPS II and Total
Information Awareness – never
implemented
21
"Big Brother is Watching
You" (cont.)
The Fourth Amendment:
“The right of the people to be secure in their
persons, houses, papers, and effects, against
unreasonable searches and seizures, shall not be
violated, and no Warrants shall issue, but upon
probable cause, supported by Oath or affirmation,
and particularly describing the place to be
searched, and the persons or things to be seized.”
Protects right to privacy
22
"Big Brother is Watching
You" (cont.)
Weakening the Fourth Amendment:
• Fourth amendment requires “probable
cause” to search private property
• Two problems:
– Personal information may not be at home and
private offices
– Government can search our home from distance
without our knowledge
• USA PATRIOT ACT eased collection of
23
private information
"Big Brother is Watching
You" (cont.)
“Noninvasive but deeply revealing”
searches:
• Satellite imaging
– Catch illegal crops
– Catch property improvements for tax purposes
• TSA (Transportation Security
Administration)
– X-ray machines
– response to ACLU complaints: blur body parts,
discard images
24
"Big Brother is Watching
You" (cont.)
Supreme court decisions (expectation of
privacy):
• Olmstead v. United States (1928):
– Allowed wiretaps on telephone lines
– Fourth amendment applies only to physical
intrusions and material processions
• Katz v. United States (1967):
– Reversed wiretap decision
– Fourth amendment “protects people, not places”
even in public locations
25
"Big Brother is Watching
You" (cont.)
USA Patriot Act (2001):
• Antiterrorism law
• National security letter (NSL)
– Before 2001 FBI required a NSL to access private
records of foreign power (telephone, email, ISP);
NSLs issued by high authority FBI agents
– After 2001 any FBI field agent can issue NSL on
anyone (foreign power or not)
– 2003-2005 report found "widespread and serious
misuse" of the FBIs national security letter
authorities (143,000 NSLs)
26
"Big Brother is Watching
You" (cont.)
Video Surveillance, Security cameras
– Increased security
– Decreased privacy
Examples:
• 2001 Super Bowl, Tampa, Florida: computer
system scanned faces of 100,000 fans; little
success
• 4,000,000 surveillance cameras in Britain;
helped identify terrorists in 2005 subway
attacks
27
"Big Brother is Watching
You" (cont.)
Discussion Questions
• What data does the government have
about you?
• Who has access to the data?
• How is your data protected?
28
Diverse Privacy Topics
Marketing, Personalization and Consumer
Dossiers:
• Targeted marketing
– Data mining
credit cards, supermarkets
– Paying for consumer information
Free-PC, Google Gmail
– Data firms and consumer profiles
• ChoicePoint, Acxiom (have public records,
property, marriage, divorce, bankruptcy)
29
Diverse Privacy Topics
(cont.)
• Credit records
– Experian, Equifax, Transunion
• Bill-paying history, lawsuits, bankruptcies, liens
• Problems: sold information, mailing lists, errors
– Fair Credit Reporting Act (FCRA) 1970
• First law to establish regulation
• Flaw: allows legitimate business access
(involving consumers)
• Amended 1996, 2003
30
Diverse Privacy Topics
(cont.)
Location Tracking:
• Global Positioning Systems (GPS) computer or communication services
that know exactly where a person is at a
particular time
• Cell phones and other devices are used
for location tracking
• RFID (Radio Frequency Identification)
– Passports, credit cards, consumer products
31
Diverse Privacy Topics
(cont.)
• Pros:
– Navigation, stolen vehicle tracking,
accident emergency location
• Cons:
– Loss of privacy
– Security problems (RFID)
– Consumer moving patterns
32
Diverse Privacy Topics
(cont.)
Stolen and Lost Data:
• Hackers, Spyware, Physical theft
(laptops, thumb-drives, etc.)
–
–
–
–
TJX lost 40 million consumer records
Time Warner 600,000 employee records
Millions of consumer records from Acxiom
UC 800,000 student records (SSN, address)
33
Diverse Privacy Topics
(cont.)
• Requesting information under false
pretenses
– Pretexting: pretend to be a legitimate business
– Usually from phone
– Sell data to others
• Bribery of employees who have access
34
Diverse Privacy Topics
(cont.)
What We Do Ourselves:
• Personal information in blogs and online
profiles
• Pictures of ourselves and our families
• File sharing and storing
• Is privacy old-fashioned?
– Young people put less value on privacy
than previous generations
– May not understand the risks
35
Diverse Privacy Topics
(cont.)
Public Records: Access vs. Privacy:
• Public Records
– records available to general public (bankruptcy,
property, and arrest records, salaries of
government employees, etc.)
• Identity theft can arise when public records
are accessed
– Arizona Maricopa County - first county to post
records online; Has highest rate of identity theft
– Campaign donation records, flight plans, …
• How should we control access to sensitive
public records?
36
Diverse Privacy Topics
(cont.)
National ID System:
• Social Security Numbers (SSN)
– Too widely used
• Used until recently to identify students in
Universities
– Easy to falsify
• SSN cards are very unreliable
• Easy to replicate
37
Diverse Privacy Topics
(cont.)
National ID System (Cont.):
• A new national ID system - Pros
– would require one card
– harder to forge
– REAL ID Act (2005): standards for driver licenses
• A new national ID system - Cons
– Threat to freedom and privacy
– Increased potential for abuse
38
Diverse Privacy Topics
(cont.)
Children:
• The Internet
– Not able to make decisions on when to provide
information
– Vulnerable to online predators
– COPPA - Children’s Online Privacy Protection Act
(2000): rules for children under 13; requires
consent from parents to collect information
• Parental monitoring
– Software to monitor Web usage
– Web cams to monitor children while parents are at
work
– GPS tracking via cell phones or RFID
39
Diverse Privacy Topics
Discussion Questions
• Is there information that you have
posted to the Web that you later
removed? Why did you remove it? Were
there consequences to posting the
information?
• Have you seen information that others
have posted about themselves that you
would not reveal about yourself?
40
Protecting Privacy
Technology and Markets:
• Privacy enhancing-technologies for
consumers
• Encryption
– Public-key cryptography
• Business tools and policies for
protecting data
41
Protecting Privacy (cont.)
Rights and laws:
• Theories
– Warren and Brandeis
• Privacy is a right by itself (not covered by other
rights)
• E.g. exposure of personal information that does
not violate other laws (Libel, Slander,
Defamation) is a violation
– Thomson
• Privacy is protected by other rights
• i.e. freedom from violence, freedom to form
contracts
– Both agree that privacy is protected by consent
and agreements
42
Protecting Privacy (cont.)
• Transactions
– may reveal privacy
– Simple example: Joe buys five pounds of
potatoes from Maria
• Joe’s crop has failed
• Joe is unpopular
• Both have incentives to keep transaction
private
• Ownership of personal data (copyright laws)
• Regulation
– Health Insurance Portability and
Accountability Act (HIPAA)
• Protects privacy of medical insurers
43
Protecting Privacy (cont.)
Rights and laws: Contrasting Viewpoints:
• Free Market View
– Freedom of consumers to make voluntary
agreements
– Diversity of individual tastes and values
– Response of the market to consumer
preferences
– Usefulness of contracts
– Flaws of regulatory solutions
44
Protecting Privacy (cont.)
Rights and laws: Contrasting Viewpoints (cont.):
• Consumer Protection View
– Uses of personal information
– Costly and disruptive results of errors in
databases
– Ease with which personal information leaks
out
– Consumers need protection from their own
lack of knowledge, judgment, or interest
45
Protecting Privacy (cont.)
Privacy Regulations in the European
Union (EU):
• Data Protection Directive
– More strict than U.S. regulations
– Abuses still occur (more than USA)
– Puts requirements on businesses
outside the EU
46
Protecting Privacy
Discussion Question
• How would the free-market view and the
consumer protection view differ on
errors in Credit Bureau databases?
• Who is the consumer in this situation?
47
Communication
Wiretapping and E-mail Protection:
• Telephone
– 1934 Communications Act prohibited interception
of messages
– 1968 Omnibus Crime Control and Safe Streets Act
allowed wiretapping and electronic surveillance by
law-enforcement (with court order)
• E-mail and other new communications
– Electronic Communications Privacy Act of 1986
(ECPA) extended the 1968 wiretapping laws to
include electronic communications, restricts
government access to e-mail
48
Communication (cont.)
Secret Intelligence Gathering:
• The National Security Agency (NSA)
– Foreign Intelligence Surveillance Act
(FISA) established oversight rules for
the NSA
• Secret access to communications
records
– AT&T secret room of NSA (current issue)
– Explores patterns of communications
49
Communication (cont.)
Designing Communications Systems for
Interception:
• Communications Assistance for Law
Enforcement Act of 1994 (CALEA)
– Telecommunications equipment must be
designed to ensure government can
intercept telephone calls
– Rules and requirements written by
Federal Communications Commission
(FCC)
50
Communication (cont.)
Encryption Policy:
• Government ban on export of strong
encryption software in the 1990s (removed
in 2000)
– Initially restrictions for encryption software
and research publications
– Federal court ruling: First Amendment
protects computer software (similar to speech)
51
Communication (cont.)
• Pretty Good Privacy (PGP)
– Email encryption program (1990’s)
– Zimmerman (creator) was under threat of
indictment
– Irony: Government was using PGP
52
Communication
Discussion Questions
• What types of communication exist
today that did not exist in 1968 when
wiretapping was finally approved for
law-enforcement agencies?
• What type of electronic communications
do you use on a regular basis?
53