Upload
clinton-walters
View
42
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Impact of Computers on Society. 2. Privacy and Personal Information. Is Your Privacy Being Invaded?. Wear a tinfoil hat to protect yourself! A few people seriously believe(d) this! - PowerPoint PPT Presentation
Citation preview
Is Your Privacy Being Invaded? Wear a tinfoil hat to protect yourself! A few people seriously believe(d) this! Although a tinfoil hat will not protect you
from a computer, ensuring personal privacy is an important issue in today’s society.
At some time in their lives, most people feel that their privacy has been compromised.
J. Edgar Hoover In 1950 J. Edgar Hoover, then director of the
FBI, proposed imprisoning 12,000 “disloyal” Americans on a list he had been compiling for years. “The index now contains approximately twelve thousand individuals,
of which approximately ninety-seven per cent are citizens of the United States,” he wrote.
“In order to make effective these apprehensions, the proclamation
suspends the Writ of Habeas Corpus,” it said. New York Times, December 23, 2007
Maryland State Police Recently the Maryland State Police admitted to surveillance of groups such
as PETA, anti-war and anti-abortion protesters, and Amnesty International, beginning in 2005. At first the state claimed that those listed did not even have the right to review the files kept on them.
The Washington Post chronicled the story as it unfolded:
October 8, 2008 October 9, 2008 October 18, 2008 January 4, 2009
Privacy Can Mean Freedom from Intrusion – being left alone
Control of Information about Oneself
Freedom from Surveillance Being followed Being watched Being eavesdropped upon
Privacy versus Confidentiality Privacy – concerns personal information that
one cannot be compelled to reveal about oneself
Confidentiality – concerns information that has been entrusted to others with the understanding that it will not be revealed without permission
Guaranteed? Privacy is not guaranteed by the Constitution.
It is implied in the 4th Amendment (freedom from unreasonable search and seizure).
Privacy is implied by the Declaration of Independence.
Americans have the unalienable rights to life, liberty, and the pursuit of happiness, and freedom from unreasonable search…
I’ll see you in court! The right to privacy has been upheld by some
court decisions. Roe v. Wade (1973) There is a right to privacy in
the first trimester of pregnancy but less so in the second and third trimesters
Lawrence et al. v. Texas: sodomy law struck down
Hiibel vs. Sixth District Court: can a person refuse to identify himself prior to arrest?
Then, What is the Problem? We need to give up some privacy in society to
make it possible to interact with others.
To a certain extent we can choose how much privacy we are willing to give up.
Sometimes that choice is limited.
Privacy Problems With increasing frequency we are forced to reveal more than
we wish. Individuals, organizations, businesses, and government
collect and exchange information about us, often without our knowledge or permission.
Recently some have been concerned by Facebook’s storing and trading data. Facebook stores huge amounts of personal data on members and non-members Hoover would be envious!
A Chilling Effect “He knows!!” Necking at lunch SLAPP suits What do you have to hide?
Suppose someone monitored every web site you visit on the Internet? Suppose there were a camera in the parking lot at work or school? In your front yard? In your living room? In the bedroom? In the bathroom?
Observation causes subtle changes in behavior This is true in physics experiments, as well as with people
More Privacy Problems “If you don’t have anything to hide…” recently has
taken on political overtones.
Giving up freedom to defend freedom can result in no freedom.
"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." - Benjamin Franklin
What is Personal Information? Any information from which a living
individual can be identified, including… Deeds, contracts, wills, divorces, legal documents Public records Law enforcement Banking, brokerage, other financial information Purchase information Medical records, tests, treatments Travel documents, EZ-Pass
And also . . . Educational records Drivers’ and professional licenses Biometric data Membership rosters Rentals and leases Website logs, ISP logs, web sites, photos Cellular phone records, including GPS Example: the CVS Medication “Reminder” And more . . . .
What does this have to do with computers? Where is all that data stored? How is all that data retrieved? How is all that data manipulated and
interpreted? How is all that data shared?
Computers
Privacy Act of 1974 Restricts data in federal records to what is
“relevant and necessary” Requires federal agencies to notify the public in
the Federal Register A more useable source of info? Data.gov Allows people to access their records and to
correct errors Requires procedures to protect DB security Prohibits disclosure without consent
Computer Matching and Privacy Protection Act of 1988 Requires a review process before doing computer
matching Can be circumvented by purchasing large amounts
of data from the private sector Example: LexisNexis Example: Reed Elsevier (bought LexisNexis) Example: MIB (Medical Information Bureau) Example: Medical Database Problems The ChoicePoint leak exposes 145K records (2005)
Erosions of the 4th Amendment USA Patriot Act of 2001 loosened restrictions
on wiretapping and surveillance FBI may obtain credit information without a
court order Law enforcement may obtain medical records
without court order Extended by Obama for four more years
(May, 2011)
Privacy Act Problems Restrictions apply only to federal government Enforcement has been lax Lack of oversight, checks and balances Information is often outdated or inaccurate Difficult to write legislation in such a rapidly
evolving situation Passed hurriedly
A Legal Vacuum No federal laws govern the use of
surveillance camera video Unless it includes sound Dispute over videotaping police A hodge-podge of state and local laws There are extensive, clear laws in the UK UK laws link criminal justice, local police,
camera industry, Home Office (like our DHS)
What is a Database? A relational database contains information stored
in tabular format on a computer system Rows Columns Primary key uniquely identifies each row Multiple tables Foreign keys help match tables to each other
Because of the keys, DB’s can easily be matched, summarized, compared
Examples of Databases Supermarket “club” cards Medical and insurance databases Sex offender registry Google and other search engines Online searches of public records Automated Fingerprint ID Systems AFIS National Crime Information Center
The Universal Key: Your SSN Intended in 1936 for Social Security Administration
only Required as an identifier for federal records in 1943 Used by IRS in 1961 In 1976 state and local agencies allowed to use SSN Required in 1988 to get birth certificate In 1996 may be used for occupational and marriage
licenses Detailed SSA timeline of SSN policy and law.
SSN Flaws Not unique Social Security cards are easy to forge Frequently not verified by the requestor Information supplied by applicant was
frequently not verified Have been used in many situations when they
should not be
Fishing Expeditions Made possible in part by the SSN Can be based on vague suspicion and
uncorroborated tips A presumption of guilt rather than innocence Frequently involve searches of data of people
not under suspicion The problem of “inference” – computer
matching, computer profiling
Telecom records are a big problem Contents of calls and emails are protected by the first
and fourth amendments Courts have ruled that metadata are not protected
Records of calls, email messages, browser histories May be subject to “data mining”
This was the legal justification the Bush administration used in directing the NSA to sift through telecom records without a warrant.
Web Search Data When you Google a topic, both the search terms and
information about the searcher are saved. These searches may later be analyzed for summary purposes. But they also can be traced back to individuals. Google’s Chrome browser has had problems. The federal government subpoenaed Google for two months
of user queries and URL’s in an attempt to respond to court challenges of the Child Online Protection Act (COPA).
Businesses routinely use data mining to seek out new customers.
Principles of Data Collection and Retention (in an ideal world) Collect only necessary information Inform people when and why data are being
collected Offer a convenient way to opt out Provide a convenient means for correcting errors Provide for updating information Establish clear security and access rules Do not use data for purposes other than the purpose
for which they were collected Provide for timely disposal of data
A National ID Card What would it be used for? Passports, permission to work, health care? Smart cards or biometric data Help reduce fraud Prevent illegal aliens Could be used to match virtually anything
about the individual What about voter ID?
To Obtain a Real ID You Need… Birth certificate Documentation of legal residency status Social Security number Documentation of name and legal residence Digitized images of documents to be stored in individual state
databases To date 16 states have passed legislation opposing Real ID A few states such as California and North Carolina have
already taken steps to implement the requirements Read more about it: c|net—National ID Cards on the Way?
A National ID Card? Con
Privacy advocates argue that the standards amount to a de facto national ID card
It would be fairly simple to link the state databases Implementation will be expensive and potentially
troublesome or offensive to citizens
Pro Technically a voluntary program Needed to prevent terrorism Will help control illegal immigration
Your Credit Report Obtain your free personal credit report from one of the three major credit
reporting companies: Equifax, Experian, TransUnion Because the companies want you to pay, they originally made it difficult
to locate and use the free site. To learn about the Fair Credit Reporting Act , go to http://www.epic.org/privacy/fcra/
Now you can easily get a report from https://www.annualcreditreport.com/ (Type into your browser)
This site is safe. The data are protected by https encryption. Be prepared to print out your full report, with the exception of the three-
digit credit score. Unfortunately, federal credit reporting law does not require credit
reporting companies to give the score to you for free. More info from the Federal Trade Commission
Freeze your credit Most states allow you to freeze your credit No new accounts can be opened State, not federal, laws govern freezes Consumers Union guide to state laws Not 100% secure because a thief could use existing
account numbers Credit cards Bank accounts Brokerage accounts Credit bureau can still use your info for marketing
Opt Out/Opt In Opt out (or in) for preapproved credit offers Often “affinity cards” from organizations By phone: 888-567-8688 Internet: http://www.optoutprescreen.com/ USPS:
TransUnion P.O. Box. 505 Woodlyn, PA 19094-0505