Transcript Spring 2015 * privacy set 2

Spring 2015 – privacy set 2
Privacy in the Age of Internet of Things
CS 340
My own personal privacy is an
extremely important issue to me.
Strongly agree
Agree
Neutral
Disagree
Strongly disagree
0%
0%
sa
gr
ee
di
St
ro
ng
ly
Di
sa
gr
ee
0%
Ne
ut
ra
l
0%
Ag
re
e
ag
re
e
0%
St
ro
ng
ly
A.
B.
C.
D.
E.
REVIEW: Solove’s Taxonomy of Privacy
Problems
What kinds of problems are raised in:
• Katz (phone booth)?
• Griswold (birth control)?
• Kyllo (thermal camera)?
• Caballes (drug dog)?
• Warshack (email on server)?
• Jones (GPS tracker)?
• Riley & Wurie (cell phone contents at arrest)?
Opinion: What is the biggest threat to
your privacy?
A. My employer/family
B. Hackers
C. Companies that make
products
D. Companies I shop with
E. Government
F. Facebook or social
media companies
0%
0%
0%
0%
0%
Ha
at
ck
m
er
a
s
Co
ke
m
p
ro
pa
du
ni
es
ct
s
Is
h
o
Fa
p
ce
w
bo
ith
G
ok
ov
er
or
nm
so
en
cia
t
lm
ed
ia
...
th
ni
es
Co
m
pa
M
y
em
pl
oy
er
/f
am
ily
0%
If we looked, what could we learn from …
• The last 100 expenses on your credit/debit card
•
•
•
•
•
The last 100 checks that you wrote
The last 100 phone calls that you made
The last 100 text messages that you sent/received
The last 100 email messages that you sent/read
The cell phone towers that were utilized to complete your last
100 phone calls (or text messages)
• The last 100 web sites that you visited
• The last 100 lab and blood tests your doctors ran
• The last 100 times you appeared on one of UA’s surveillance
cameras
Are you sharing your location on your phone?
A. Yes, I have location services on
in all areas
B. Only with the camera
C. Only with a select group of
friends
D. Only in the mobile web
browser or on select apps
E. I have no idea
F. No, I have no location services
enabled
nd
s
br
ow
ha
se
ve
r.
Ih
.
no
av
lo
e
ca
no
tio
id
n
ea
se
rv
ice
s.
..
r ie
w
No
,I
m
ob
ile
th
e
in
On
ly
eb
of
f
ca
m
er
a
se
le
ct
a
ith
w
gr
ou
p
th
e
ith
w
On
ly
On
ly
Ye
s,
Ih
av
e
lo
ca
tio
n
se
rv
ice
so
n
..
0% 0% 0% 0% 0% 0%
Smart Phones and Privacy
Geotagging
• Example
• Iknowwhereyourcatlives.com
• Aggregates photos tagged “cat” &
shared publically
• How and why the creator made
the site:
• http://motherboard.vice.com/rea
d/this-guy-is-cyberstalking-theworlds-cats-in-the-name-ofprivacy
Do you use any store loyalty or rewards
cards?
A. Yes
B. No
0%
No
Ye
s
0%
Buying a Batman toy, in 1975 & 2015
Information as a commodity
• Current technology makes it feasible, practical and worth economic
sense to gather more information about each and every purchase.
• This information has value to
•
•
•
•
Manufacturers
Merchants
Similar sellers
Other customers
Privacy concerns are not new
• Existed before computers
• Paper files, wire taps, phone taps, spies
• Technology has two major impacts on privacy
• New technologies
•
•
•
•
Databases (data storage)
Imaging systems (new data)
Sensors, monitors (new data)
Web & the Internet (data access)
• Issues of scale
• Large data stores
• Small mistakes may have a large impact
Privacy and Cyberspace
Are any privacy issues unique to cyber-technology?
• Spokeo.com
Privacy concerns have been exacerbated by cyber-technology in at least four ways,
i.e., by the:
1.
2.
3.
4.
amount of personal information that can now be collected;
speed at which personal information can now be transferred and exchanged;
duration of time in which personal information can now be retained;
kind of personal information (such as transactional information) that can be acquired.
FTC chairwoman Ramirez at CES 2015
• “[The Internet of Things] has the potential to provide enormous
benefits for consumers, but it also has significant privacy and security
implications.”
• Internet of Things (IoT) concerns
1. Ubiquitous data collection
2. Potential for unexpected uses of consumer data
3. Heightened security risks
• See http://techcrunch.com/2015/01/08/ftc-iot-privacy-warning/
Profiling definition
• “the gathering, assembling, and collating of data about individuals in
databases which can be used to identify, segregate, categorize and
generally make decisions about individuals known to the decision
maker only through their computerized profile.”
• Objective:
• Better targeted advertising
Sara Baase A Gift of Fire:
Disclosing information:
• In privacy analysis "(t)he critical point is whether the user is told and
thus can make an informed choice”
• Secondary use of information occurs when information is used "for a
purpose other than the one for which it was supplied.“
The danger of Re-identification
• Re-identification: identifying the individual from a set of anonymous
data
• Identification based on searches performed.
• Self, hobbies, cars, sports teams, health
• Mentioned by Ramirez in her CES speech
• See the 2006 AOL release of user data (towards the bottom)
• http://epic.org/privacy/reidentification/
Data mining
• searching and analyzing masses of data to find patterns and develop
new info
• Computer matching: combining info from different db using an identifier each
has in common
• Computer profiling: analyzing data to determine common characteristics of
people likely to engage in a behavior. Uses:
• Find new customers
• ID terror suspects
Technology has increased
0%
0%
0%
0%
Ki
n
nf
or
m
at
d
io
of
n
in
th
f
at
or
Sp
m
...
ee
a
d
tio
at
n
w
re
hi
co
ch
rd
in
ed
fo
ca
n
Ho
be
w
a.
lo
..
ng
in
fo
is
ke
Al
pt
lo
ft
he
ab
ov
e
0%
Am
ou
nt
of
i
A. Amount of information
that can be collected
B. Kind of information
recorded
C. Speed at which info
can be accessed
D. How long info is kept
E. All of the above
Which of the following terms means identifying
an individual from a set of anonymous data?
Profiling
Secondary Use
Chunking
Data mining
Re-identification
0%
nt
ifi
ca
tio
n
id
e
Re
-
Da
ta
m
in
g
un
ki
n
Ch
Us
0%
in
g
0%
e
0%
Se
co
nd
ar
y
in
g
0%
Pr
of
il
A.
B.
C.
D.
E.
Nest Integration into Automobiles & Fitness
Bands
Side question: What company owns Nest?
Do you have a Smart Tv?
A. Yes, it’s great
B. Yes, but I don’t use the
features
C. No
fe
at
ur
es
th
e
it ’
s
Ye
s,
bu
tI
do
n’
t
us
e
Ye
s,
0%
No
0%
gr
ea
t
0%
Samsung’s Smart TV privacy policy
“Samsung may collect and your device may
capture voice commands and associated texts so
that we can provide you with Voice Recognition
features and evaluate and improve the features.
Please be aware that if your spoken words
include personal or other sensitive information,
that information will be among the data
captured and transmitted to a third party
through your use of Voice Recognition.
If you do not enable Voice Recognition, you will
not be able to use interactive voice recognition
features, although you may be able to control
your TV using certain predefined voice
commands. While Samsung will not collect your
spoken word, Samsung may still collect
associated texts and other usage data so that
we can evaluate the performance of the feature
and improve it.”
http://gizmodo.com/samsungs-smart-tv-privacy-policy-raises-accusations-of1684534051/1686683931/+seanhollister
How Target Figured Out
a Teen Girl Was Pregnant Before Her Father Did…
• Unscented lotion, vitamins, soap, cotton
balls
=
PREGNANCY PREDICTION SCORE
Target starts sending coupons timed to
specific pregnancy stages.
•
http://shopping.yahoo.com/news/target-figured-teen-girl-pregnant000000163.html
• ““My daughter got this in the mail!” he
said. “She’s still in high school, and you’re
sending her coupons for baby clothes and
cribs? Are you trying to encourage her to
get pregnant?”
• Later… “I had a talk with my daughter,” he
said. “It turns out there’s been some
activities in my house I haven’t been
completely aware of. She’s due in August. I
owe you an apology.”
Read this article:
• http://www.nytimes.com/2012/
02/19/magazine/shoppinghabits.html?pagewanted=2&_r=
2&hp&pagewanted=all
Excerpts from the Target article
• “Also linked to your Guest ID is demographic information
like your age, whether you are married and have kids,
which part of town you live in, how long it takes you to
drive to the store, your estimated salary, whether you’ve
moved recently, what credit cards you carry in your wallet
and what Web sites you visit. Target can buy data about
your ethnicity, job history, the magazines you read, if
you’ve ever declared bankruptcy or got divorced, the year
you bought (or lost) your house, where you went to
college, what kinds of topics you talk about online,
whether you prefer certain brands of coffee, paper towels,
cereal or applesauce, your political leanings, reading
habits, charitable giving and the number of cars you own.”
• “One study from Duke University estimated that habits,
rather than conscious decision-making, shape 45 percent
of the choices we make every day”
PAY ATTENTION TO:
• Chunking
• Habit & Febreze as a reward
• Life events and the vulnerability of marketing
intervention
Cast your vote for creepiest example of the
day:
Iknowwhereyourcatlives
Spokeo
Re-identification of data
Samsung tvs are listening
Target’s pregnancy predictor
Sp
id
ok
en
eo
tif
ic a
tio
Sa
n
m
of
su
da
ng
ta
tv
sa
Ta
rg
re
et
lis
’s
te
pr
ni
eg
ng
na
nc
y
pr
ed
ic t
or
Re
-
w
he
re
yo
ur
ca
t li
ve
s
0% 0% 0% 0% 0%
Ik
no
w
A.
B.
C.
D.
E.