Mark D. Rasch Director, Privacy and Security Consulting CSC – [email protected] #bridgeconf.
-
Upload
poppy-garrison -
Category
Documents
-
view
214 -
download
1
Transcript of Mark D. Rasch Director, Privacy and Security Consulting CSC – [email protected] #bridgeconf.
Privacy and Security for Marketing
Mark D. RaschDirector, Privacy and Security Consulting
CSC – [email protected]
#bridgeconf
John Wannamaker
“Half the money I spend on advertising is wasted. The trouble is, I don’t know which half.”
Goals of Marketers Obtain comprehensive, accurate and timely
data about possible customers that includes:◦ Purchasing habits and predictions◦ Profile (race, age, orientation, income) that might
influence purchasing◦ Information about readiness to buy◦ Location information
3
Secret Goal of Marketers NOT to sell to customer BUT
◦ To get customer to sell to others!
Thus, social marketing, Google, Facebook, etc.
4
Don’t Be Evil?
Google’s new privacy policy effective March 1, 2012
“if you’re signed in, we may combine information you’ve provided from one service with information from other services”
5
Goog 411
Free directory assistance 1-800-GOOG411 Business listings AND
connection and direction What does Google collect?
6
Location Data + Desire The Holy Grail of
Marketing◦ Knowing WHO wants to
buy◦ WHAT they want to buy◦ WHEN they are ready to
buy and◦ WHERE they are going to
buy
7
Location Data
From apps From IP address From databases
◦ Public Databases◦ Social Networking
From technology◦ Cell phone◦ EZ Pass◦ OnStar
From Surveillance
8
US v. Antoine Jones Government put GPS
transmitter on car No warrant (actually
exceeded scope of warrant)
Monitored all activities for 28 days
No expectation of privacy?
9
Supreme Court (January 24, 2012) Majority (Scalia) – Placing Device on Car is trespass, and a “search and seizure” under 4th Amendment – warrant likely required.
Concur – Sotomayor – agrees that there was trespass but would go much further – even reexamine Smith v. Maryland
Alito (w/Ginsburg, Breyer & Kagan) – no trespass, harm was in monitoring
10
Stingray
Spoof cell tower Obtain ESN and signal strength Learn location No warrant, no subponea In use now US v. David
Rigmaiden
11
Footpath Monitors cell phone of
customers Determines location of
customers as they travel through the mall
“ping” cell phone for location data
In use in UK – claim that data is publicly disclosed
12
18 USC 3127 “pen register” records or decodes dialing,
routing, addressing, or signaling information (not content)
“trap and trace device” captures the incoming electronic or other impulses which identify the originating number or other dialing, routing, addressing, and signaling information reasonably likely to identify the source of a wire or electronic communication, provided, however, that such information shall not include the contents of any communication;
13
Who Knows WHERE You Are? OnStar
AT&T/Verizon/Sprint (as cell provider) AT&T/Verizon/Sprint (as data provider) Google (for maps, etc.) EZ Pass Red Light/Speeding/License
Recognition Parking Meters Video Surveillance/Facial Recognition
14
Who ELSE knows where you are?
Location aware applications
Intermediaries Data Collectors ISP’s Other third parties
15
What Do Marketers Want?
Surfing activity? Purchasing Activity? Social Networks? Interactions with others?
◦ Stores◦ Hospitals◦ Insurance◦ Others?
16
Where Does Consumer Data Go?
17
Source: The Future of Privacy Forum - http://www.futureofprivacy.org/2008/11/26/where-does-your-data-go-before-you-even-click/
Amazon Kindle Fire Browser is “cloud
optimized” Means ALL data travels
through Amazon cloud services unencrypted
So, Amazon knows everything you look at, purchase, etc.
No limit on use/sale of that data
Behavioral Targeting Activities
19
Source: TRUSTe Whitepaper: Online Behavioral Advertising: A Checklist of Practices That Impact Consumer Trust
Facial Recognition Marketing
Facial Recognition for targeting
Target ads based on identity or attributes
Coke Zero Facial Profiler – why are they doing this?
20
Privacy remains extremely important to a majority of individuals.
21
Source: TRUSTe/TNS 2009 Study: Consumer Attitudes About Behavioral Targeting
Are you familiar with the term “behavioral targeting”?
22
Source: TRUSTe/TNS 2009 Study: Consumer Attitudes About Behavioral Targeting
When I am online, I am aware that my browsing information
may be collected by a third party for advertising purposes.
23
Source: TRUSTe/TNS 2009 Study: Consumer Attitudes About Behavioral Targeting
CMU Augmented Reality Experiment
August 2011 – Prof. Alessandro Acquisti, Ralph Gross, Fred Stuzman
Collected images of people walking around on campus
Used public databases
24
Augmented Reality
Image of SubjectProcess Image
(digital)
Compare Image to ALL images online
(Facebook, campus, etc.)
25
Publicly available with off the shelf facial recognition
Augmented Reality
Identify Subject
Identify Subjects’ Interests
Obtain Detailed
Information
26
Publicly available with off the shelf facial recognition
But wait… there’s more… With JUST the image of
the passer-by, could obtain subjects’◦ Name, address, telephone
number◦ Photos of friends, house,
neighbors, associates◦ Court records, license info.,
mortgage and assessment◦ Social Security Number!◦
27
NORA
Harmonizes data Looks for patterns Links databases Finds non-obvious
patterns Acts on patterns
28
Sorrell v. IMS Health, Inc. Facts
◦ Drug companies use “detailing”◦ Vermont statute regulates “prescriber-identifying
information.” Without consent: Pharmacy can’t sell it (for marketing?) Pharmacy can’t allow it to be used for marketing Drug company can’t use it in marketing
◦ Drug companies and data miners both sue Similar Maine and N.H. statutes upheld Second Circuit strikes down Vermont’s
Sorrell v. IMS Health, Inc. Heightened scrutiny
◦ The creation and dissemination of information are speech
◦ This content-based restriction is like a ban on selling cookbooks, lab results, train schedules
◦ Detailers can’t do their job (speech) without this commodity (information); like banning a trade magazine from buying ink
Privacy Principles Respect Privacy Data Subjects have a right to know what is
being collected Opt in/Opt Out Protect Data Data Accuracy Don’t be creepy…
31
Personal data should not be processed at all, except when certain conditions are met. These conditions fall into three categories: transparency, legitimate purpose and proportionality.
Basic Principles of Privacy
The data subject has the right to be informed when his personal data is being processed. The controller must provide his name and address, the purpose of processing, the recipients of the data and all other information required to ensure the processing is fair.
when the data subject has given his consent when the processing is necessary for the performance of or the entering
into a contract when processing is necessary for compliance with a legal obligation when processing is necessary in order to protect the vital interests of the
data subject processing is necessary for the performance of a task carried out in the
public interest or in the exercise of official authority vested in the controller or in a third party to whom the data are disclosed
processing is necessary for the purposes of the legitimate interests pursued by the controller or by the third party or parties to whom the data are disclosed, except where such interests are overridden by the interests for fundamental rights and freedoms of the data subject. The data subject has the right to access all data processed about him. The data subject even has the right to demand the rectification, deletion or blocking of data that is incomplete, inaccurate or isn't being processed in compliance with the data protection rules. (art. 12)
Transparency
Personal data can only be processed for specified explicit and legitimate purposes and may not be processed further in a way incompatible with those purposes.
Legitimate purpose
Personal data may be processed only insofar as it is adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed. The data must be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that data which are inaccurate or incomplete, having regard to the purposes for which they were collected or for which they are further processed, are erased or rectified; The data shouldn't be kept in a form which permits identification of data subjects for longer than is necessary for the purposes for which the data were collected or for which they are further processed. Member States shall lay down appropriate safeguards for personal data stored for longer periods for historical, statistical or scientific use.
When sensitive personal data (can be: religious beliefs, political opinions, health, sexual orientation, race, membership of past organizations) are being processed, extra restrictions apply.
The data subject may object at any time to the processing of personal data for the purpose of direct marketing.
Proportionality
Don’t be evil Transparency is good Privacy can be your friend (and respect for
privacy can be to) In the end, MOST people don’t care that
much… A soldier will fight long and hard for a bit of
colored ribbon. Napoleon Bonaparte
In Summary
For more information…
Mark D. RaschDirector, CyberSecurity and Privacy Consulting, CSC3160 Fairview Park Drive, Room 305Falls Church, Virginia 22042Tel: +1 301 547-6925 Fax +1 240 [email protected]
37