Upload
jennifer-coral-hamilton
View
213
Download
0
Tags:
Embed Size (px)
Citation preview
Outline for Tonight Legal Topics - Part 1
SPAM Software Warranties Software Copyrights and Patents Intellectual Property Laws
Privacy - Part 2privacy from your employerprivacy from businessesprivacy from the government
Initial Questions Is privacy a right?
inalienable right? e.g. life, liberty, pursuit of happiness
legal (civil) right? e.g. right to vote, no taxation without representation
not a right
What do privacy rights have to do with business?
Types of Privacy
Freedom from Unwarranted Intrusion
Freedom from Interference in One's Personal Affairs
Control over the Flow of Personal Information
Tech's Impact on Privacy
duration of data storage
variety of data that can be shared
amount of data gathered
speed of data movement
Workplace PrivacyWorkplace Privacy
you don't have many workplace privacy rights
City of Ontario, California v. Quon et al. US Supreme Court, June 17, 2010 supervisors of public employees can read their
employees' text messages on government issues devices
Is online shopping different from in-store shopping?
Q: Does online shopping give you more or less privacy?
more privacy - your neighbors will not see you less privacy - online shopping gives the company much more
info about you
Q: Is the data the company gathers different? online, they know every item you looked at, how long you
spent looking, etc
Sources of Personal Data phone book public records credit card statements web cookies rewards programs spyware TiVo RFID …
Data Mining definition: searching through databases to discover patterns and relationships
usually used for prediction
example: company XYZ operates toll booths and collects data about which car
IDs pass and when company ABC buys XYZ's data and data from credit card companies.
ABC now knows the addresses of frequent drivers along with credit limits
ABC sells this secondary data to banks "We see that your car has 100,000 miles. Need a car loan?"
Info Security
How safe is that cookie data?
Example: Toysmart.com privacy statement said that the personal info
of users would not be sold or exchanged
the company went bankrupt in 2000
Toysmart sold its assets, including the customer database
DoubleClick.comDoubleClick.com gathers data from cookies from banners placed
on a large number of web sites
DC can cross-reference data to build profiles of individual users
cookie data can be used to manage which ads individuals see and how many times the ads are seen. For example, using frequency capping, as I surf from
website to website they can make sure I only see the same car ad 10 times per day
In 1999, DC announced that it planned to purchase Abacus Direct for $1.7B, a consumer database company containing the names, addresses, phone numbers, etc of 90% of American Households.
Google bought DoubleClick for $3.1B in cash in April 2007. congress held hearings to investigate the privacy and monopoly
implications of the merger Microsoft complained about this creating a monopoly
ChoicePoint to pay $15M to settle chargesThe data warehouser will settle charges that it failed to protect
consumers' personal financial information, the FTC says.January 26, 2006
WASHINGTON (Reuters) - ChoicePoint Inc. has agreed to pay $15 million to settle charges that it failed to adequately protect consumers' personal financial information, the Federal Trade Commission said Thursday.
The company has agreed to pay a $10 million civil penalty, provide $5 million to compensate consumers, and take steps to better safeguard personal information so it is used only for legitimate purposes, the agency said.
The company last year admitted that more than 163,000 personal records had been compromised, the agency said.
The FTC charged ChoicePoint illegally gave credit histories to people who were not authorized to obtain them and failed to have reasonable procedures to verify the identities of those who requested the information and how the data was to be used.
The company also made false and misleading statements about its privacy policies, the FTC charged.
Is your right to privacy protected by the U.S. Constitution?
No. Well, maybe. ... 1st Amendment
Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or …
14th Amendment No State shall deprive any person of life, liberty, or property, without
due process of law.
9th Amendment The enumeration in the Constitution, of certain rights, shall not be
construed to deny or disparage others retained by the people.
44thth Amendment AmendmentThe right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Katz v United States without a warrant, police placed a bug on the
outside of a public phone booth used by Katz to make illegal bets
In 1967, the US Supreme Court ruled Katz's rights were violated. Katz reasonably thought his conversation was private,
hence the recording was an illegal search and seizure the 4th amendment protects people, not places the 4th amendment governs seizure of tangible items,
as well as recording of oral statements
Electronic Communications Privacy Act enacted in 1986 ECPA was an amendment to Title III of the Omnibus Crime
Control and Safe Streets Act of 1968, which was primarily designed to prevent unauthorized government access to private electronic communications. Title I of ECPA protects electronic communications while in transit.
Title II of the ECPA, protects messages stored on computers.
Title III prohibits the use of pen register and/or trap and trace devices to record dialing, routing, addressing, and signaling information used in the process of transmitting wire or electronic communications.
http://en.wikipedia.org/wiki/Electronic_Communications_Privacy_Act
NSA and FISAForeign Intelligence Surveillance Act of 1978 (FISA)
warrant required with 72 hours if "US person" involved
amended by Patriot Act in 2001 to include terrorism warrantless wiretaps of US citizens ended in 2007
replaced by Protect America Act of 2007, which expired
replaced by FISA Amendments Act of 2008 granted immunity to telecoms that had helped the NSA
Patriot Act
allows officials to track emails without showing probable cause
allows roving surveillance for intelligence (not just crime investigation), tapped device does not have to be owned by the suspect
search warrants no longer have to be served warrants for records do not require probable
cause …
Uniting and Strengthening America by Providing Appropriate Tools Required to
Intercept and Obstruct Terrorism (USA PATRIOT)