Privacy & Cyberspace

CSCI102 - Systems

ITCS905 - Systems

MCS9102 - Systems

2

Privacy in Cyberspace?

• Amount of personal information that can be gathered

• The speed at which personal information can be transmitted

• The duration of time that information can be retained

• The kind of information that can be transferred

3

What is Personal Privacy?

• All-or-nothing

or • dilutable?

• Freedom from physical intrusion• Freedom from interference in one’s personal affairs• Access to & control of personal information

4

Types of Privacy

• Accessibility privacy

– “being free from intrusion”US constitution 4th amendment – freedom from unreasonable intrusion or seizures by the government

– “right to inviolate personality”

• Response to the camera

– Focus on the harm that can be caused to a person or their possessions

5

Types of Privacy

• Decisional Privacy

– Freedom from interference in one’s personal affairs

– No interference in making personal decisions

• Eg: Not denied access to information about birth control

• Eg: “right to die”

• Informational privacy

– One’s right to control access to and the flow of one’s personal information

6

Comprehensive Account of Privacy• James Moor (1997)

– “an individual has privacy in a situation if in that particular situation the individual is protected from intrusion, interference, and information access by others”

• Situation is vague

– allowing for ‘zones’, ‘activities’ or ‘relationships’

7

Comprehensive Account of Privacy• Naturally private vs. Normatively private

• Having privacy

– Where natural means may lose privacy, but it is not violated

• vs having a right to privacy

– Contexts where the meriting of protection is established

8

Why is Privacy Important?

• Valued for its own sake? – intrinsic value (essential)

– (cf: happiness)

• Valued as a means to an end – instrumental worth (contingent)

– (cf: money)

9

A Universal Value?

• Cultural variations in the value of privacy• An Intrinsic Value?

– Fried (1990) argued privacy was both intrinsic & instrumental … contingent to achieve an end, but essential to achieve those ends

• A Social Value?– Essential for democracy? (Westin 1967)

– If privacy is an individual value, it is outweighed by issues that benefit a group or society as a whole

– If privacy contributes to the greater social good, then it is closer in worth to competing social values

10

Gathering Personal Data

• Cybertech allows data collection about individuals without their knowledge

11

Gathering Personal Data: Dataveillance Techniques• Data surveillance & data recording (Roger Clark 1988)

• Mail interception & phone-tapping predate cybertech• Also video cameras & human investigator

• Cybertech however provides an invisible supervisor

• In early terminal based mainframe systems, people feared government dataveillance, now however corporate entities (employers) are probably more feared

12

Gathering Personal Data: Internet Cookies• Files on websites that are sent to, and

retrieved from, browsers; to collect information about browsing habits

• Data collected is stored on the user’s hard-disk and can by accessed by a website when next visited. Can occur without a users consent or knowledge

13

Gathering Personal Data: Internet Cookies• PRO: allows customised services• CON: a clear privacy invasion

– Normally a cookie only reports to the site that sent it

– Some services can retrieve other site’s cookies

• DoubleClick – banner advert service that appears on many sites, but can collate results from any site carrying that banner

• Should the default setting for browsers be “cookies enabled”?

14

Exchanging Personal Data

• Merging Computerised Records

– Seemingly innocent and nonthreatening data collected in one place can become dangerous if combined with data collected elsewhere

– Double Click tried to buy the Abacus Corp, which held marketing info incl. names & telephone numbers

15

Exchanging Personal Data

• Matching Computerised Records

– Cross-checking two or more previously unrelated databases

– Consider Goverment agencies and others

• BSAA able to obtain details of business holders

• “minimise government waste”?

• Nothing to fear if you’ve done nothing wrong?

– Privacy is a legal right

– Legal rights are not absolute

– Violating the law forfeits legal rights______________________________

– Criminals forfeit right to privacy

16

Mining Personal Data

• Data mining is the indirect gathering of information through analysis of implicit patterns discoverable in data

• Can generate new & non-obvious classification & categories

• Current laws do not address the use of data-mined information

17

Data Mining Practices and Privacy Concerns• Privacy laws cover personal data that is:

– Explicit in databases

– Confidential in nature

– Exchanged between or across databases

• But not situations where information is:

– Implicit in the data

– Non-confidential in nature

– Not exchanged between databases

18

Data Mining Practices and Privacy Concerns

• Data-mined information = ‘new’ facts, relations etc

• Often assumed to be public in nature

• Consider online agents etc which analyse e-commerce trends to modify product placement etc.

19

Protecting Personal Privacy in Public

• NPI: Non-Public Personal Information

– Medical & financial records etc

• PPI: Public Personal Information

– Place of work, car you drive, school you attended etc.

– PPI tends to have little or no protection

20

Protecting Personal Privacy in Public

• In a physical shop they may record what you actually buy

• In an online shop they can record every move you make, build a profile and sell it!

21

Protecting Personal Privacy in Public

• Should business be able to ‘own’ information about us and then sell it as they see fit?

• Old legal rule: “anything put by a person in the public domain becomes public information” – should this hold in the face of data mining and profiling?

22

Search Engines

• Content search allows search for instances of names

• Many email lists and discussion boards are archived

23

Accessing Personal Records

• Pre cybertech, PPI was available to costly to gather and analyse. Now it is cheap and easy to gather and analyse

• Should all ‘public’ information be made available on the Internet?

– Does the government have no right to withhold public information from analysis on the Internet?

24

Privacy Enhancing Tools (PET)

• E-comm sector lobbying for self-regulation & voluntary controls, but privacy advocates want more powerful legislation

• PET is a compromise

– Set of tools used by individuals,

• Eg: encryption (incl. PGP)

• Eg: Anonymizer.com

• Eg: Crowds

– Not always usable for e-commerce

25

User Education About PET

• No requirement for online entrepreneurs to advise users of PET options, or to make such tools available

• PETs not bundled with mainstream OSs or appls

• Judith deCow (1997) suggests we should “presume in favour of privacy” and develop ways to “allow individuals to determine for themselves how and when that presumption should be overridden”

26

PET & Informed Consent

• Informed consent is the traditional model for disclosure of personal data

• Online activities do not always adhere the principle

– You may willingly reveal personal data for one purpose, but have no knowledge of any secondary purposes

27

PET & Informed Consent

• Does the online vendor now ‘own’ the data and have the right to use it in any way or sell it etc.?

• What sort of informed consent can apply to data mining where unexpected linkages and facts can emerge afterwards?

• Currently the software industry operates largely on ‘presumed consent’

28

PET & Social Equity

• Users should be empowered to choose when to disclose

• Some sites offer financial incentives to participate in data gathering – discounts etc

– Is this fair for low-income users?

• Is it right that people can negotiate or barter away their rights? What if privacy is a morel and/or human right?

• Could we see a “privacy rich – privacy poor” divide?

29

Industry Self-Regulation

• PETs may not be sufficient but alternatives to legislation may still exist

– Industry standards

– Self-regulation

• W3C announced P3P in 1997

– Platform for privacy preferences

– Allows browser set privacy options to be set in advance

• Doesn’t impact on the use made of details that are released

– Negotiation agent & trust engine technologies

• TRUSTe – a self-regulatory branding system

30

Privacy Laws & Data-Protection Principles• Many countries considering strong

privacy legislation

• US lags far behind the Europeans in this regard

• Euro legislation centres on processing and flow rather than on recording & storage