A Gift of Fire, 2edChapter 2: Privacy and Personal Information1 PowerPoint ® Slides to Accompany A...

A Gift of Fire, 2ed Chapter 2: Privacy and Personal Information 1

PowerPoint® Slides to Accompany

A Gift of Fire: Social, Legal, and Ethical Issues for Computers

and the Internet(2nd Edition)

by Sara Baase

San Diego State University

PowerPoint slides created by Sherry Clark

Copyright 2003 Prentice Hall


A Gift of Fire

Privacy and Personal InformationThe Impact of Computer Technology

“Big Brother is Watching You”

Consumer Information

More Privacy Risks

Protecting Privacy: Education, Technology, and Markets

Protecting Privacy: Law and Regulation


The Impact of Computer Technology

Computers are not needed for the invasion of privacy.

Computers simply make new threats possible and old threats more potent.

Privacy can mean:• Freedom from intrusion.• Control of information about oneself.• Freedom from surveillance.



Invisible Information GatheringExamples:

• Satellite surveillance.• Caller ID.• 800- or 900-number calls.• Loyalty cards.• Web-tracking data; cookies.• Peer-to-peer monitoring.• Others…

Q: Recall an example of invisible information gathering about you.



Secondary UseUsing information for a purpose other than the one for

which it was obtained. A few examples:• Sale (or trade) of consumer information to other businesses.• Credit check by a prospective employer.• Government agency use of consumer database.

Q: Recall an occasion when a secondary use of your personal information was made.



Computer MatchingCombining and comparing information from more than

one database. Some examples:• Sharing of government agencies’ databases to detect fraud by

recipients of government programs.• Creating consumer dossiers from various business databases.

Q: Recall an example of computer matching that has appeared in the news.



ProfilingUsing data in computer files to predict likely behaviors

of people. Some examples:• Businesses engage in profiling to determine consumer

propensity toward a product or service.• Government agencies use profiling to create descriptions of

possible terrorists.

Q: How might profiling be used with your personal information?



Monitoring and TrackingExamples:

• GPS (global positioning system).• Cell-phones.• Blackboxes in automobiles.• Other wireless appliances.

Q: What is the impact of GPS-equipped childrens’ wrist watches.



Federal Government DatabasesPurpose:

• Determine eligibility for jobs and programs.• Reduce waste.• Detect fraud.• Law enforcement.

Regulations:• Privacy Act of 1974.• Computer Matching and Privacy Protection Act of 1988.

Q: Which government databases contains your personal information?



4th AmendmentExpectation of Privacy:

• Government’s rights are limited.• Government must have probable cause to search private

premises or seize documents.

Privacy Challenges:• New sensing and surveillance technologies enable the

government access to private premises without physical entry.• New technologies provide the government with access to huge

amounts of personal data in business databases.• Courts allow some searches and seizures of computers without

search warrants.

Q: Has technology strengthened or weakened the spirit of the 4th Amendment?



Consumer DatabasesGathering Information:

• Warranty cards.• Purchasing records.• Membership lists.• Web activity.• Change-of-address forms.• Much more…

Q: Recall ways in which you have contributed to consumer databases.



Consumer Databases (cont’d)

Limiting Collection, Use, Sharing, and Sale of Personal Data:• Consumers can take measures to restrict the use of their

personal information.• Some information sharing is prohibited by law.• Some information sharing is prohibited by published, privacy

policies.

Q: What measures do you take to limit consumer information gathered about you?



Marketing: Using Consumer Information• Trading/buying customer lists.• Telemarketing.• Data Mining.• Mass-marketing.• Web ads.• Spam (unsolicited e-mail).

Q: How are children affected by marketers using consumer information?



Credit BureausUses of consumer information:

• Evaluate credit risk of applicant.• Marketing.

Regulation:• FCRA (Fair Credit Reporting Act)• Self-regulated by privacy principles.

Q: If you are denied credit, what are your rights based on the FCRA?


More Privacy Risks

Social Security Numbers (SSNs)Appear in:

• Employer records.• Government databases.• School records.• Credit reports.• Consumer applications.• Many other databases.

Q: What are the risks of using SSNs as identifiers?


More Privacy Risks

National ID Card SystemIf implemented, the card could contain your:

• Name.• Address.• Telephone number(s).• Photo.• SSN.

Q: What other personal information should a national ID card contain?


More Privacy Risks

National ID Card SystemIf implemented, the system could allow access to your:

• Medical information.• Tax records.• Citizenship.• Credit history.• Much more…

Q: Are the benefits of a national ID system greater than the risks?


More Privacy Risks

Personal Health and Medical InformationData can include:

• History of substance abuse.• Treatment for sexually transmitted disease.• Extent of psychiatric help received.• Any suicide attempt(s).• Diagnosis of diseases (diabetes, angina, cancer, etc.).• Use of prescribed medicines.• Much more…

Q: Why would marketers want access to your medical information?


More Privacy Risks

Public RecordsAvailable in paper form and/or online:

• Bankruptcy.• Arrest.• Marriage-license application.• Divorce proceedings.• Property ownership.• Salary (if employed by state or federal government).• Wills and Trusts.• Much more…

Q: How should access to public records be controlled?



EducationMust include awareness of:

• How the technology works.• How the technology is being used.• The risks brought on by the technology.• How to limit unwanted use of personal information.• Applicable state and federal laws and regulations.

Q: How do you limit unwanted use of your personal information?



TechnologyEnhance privacy using:

• Cookie disablers.• Opt-in/opt-out options.• Anonymous Web services.• P3P (Platform for Privacy Preferences).• ‘Good’ passwords.• Audit trails.

Q: What privacy-enhancing technology do you use regularly?



Market ResponseMarkets can protect your privacy by:

• Using trusted third parties.• Adhering to established privacy policies.• Purchasing consumer information directly from the consumer.• Developing and selling privacy-enhancing technologies and

services.

Q: Have you read the privacy policies at Web sites you frequent?



Philosophical ViewsSamuel Warren & Louis Brandeis:

• Individuals have the right to prohibit publication of personal facts and photos.

Judith Jarvis Thompson:• No distinct right to privacy.• Privacy rights result from rights to our property, body, and

contracts.

Transactions:• Transactions have two parties, often with conflicting

preferences about privacy.

Q: How should rights to information about transactions between two parties be assigned?



Contrasting ViewsFree-market View

• The parties of a transaction are viewed as equal.• Truth in information gathering.• Strong reliance on contracts.• Freedom of speech and commerce.

Consumer-Protection View• The parties of a transaction are viewed differently.• More stringent consent requirements required by law.• Strong limitations on secondary uses of information required

by law.• Legal restrictions on consumer profiling.

Q: How should the privacy of consumer transactions be regulated?



Contracts and RegulationsBasic Legal Framework:

• Enforce agreements and contracts.• Publish privacy policies.• Set defaults for situations not in contract.

Requiring Specific Consent policies:• Adhere to informed consumer consent.• Use opt-in policies.

Legal Regulations:• Determine effectiveness, direct and hidden costs, and any loss

of services or inconvenience.

Q: Recall a situation where you exchanged personal information for some benefit.



Contracts and Regulations (cont’d)

Ownership of personal data. Can an individual own:• Facts (e.g. marriage license in public records)?• Personal information (e.g. your date of birth)?

Freedom of speech• Prohibiting communication of information may violate the 1st

Amendment.

Q: When does protecting privacy conflict with freedom of speech?



EU (European Union) Privacy RegulationKey points:

• Limited collection of personal data.• Data must be up-to-date and destroyed when no longer

needed.• Consent for sharing data is required.• Sensitive data (e.g. religion) can only be provided with

consent.• Notify consumers about the collection and intended purpose of

data.• Restricted access and sharing of criminal convictions.

Q: Can the EU’s privacy regulations work in the US?

A Gift of Fire, 2edChapter 2: Privacy and Personal Information1 PowerPoint ® Slides to Accompany A...

Documents

Transcript of A Gift of Fire, 2edChapter 2: Privacy and Personal Information1 PowerPoint ® Slides to Accompany A...