Test Your Tech Test Your Tech The dangers of phishing include Identity theft is: A. Sharp hooks and nightcrawlers. A. Your sister borrowing your makeup, your shoes, and your boyfriend. B. Credit-card fraud at a look-alike Web site that mimics your bank that mimics your bank. B. Someone using your name, address, Someone using your name address B social security number, driver's license C. High mercury content in fish from polluted number, and credit card number at your oceans. expense. C. Retiring from your job or your kids leaving home. 2 D.A. Clements, UW Information School 1 D.A. Clements, UW Information School Announcements Video Lab 10 is due by 10pm tonight Relational databases and tables Read ch 13 (first half) by today D.A. Clements, UW Information School 3 D.A. Clements, UW Information School 4 FIT 100–Fluency with Information Technology Privacy What’s different about digital privacy? Shhh, It's a Secret So many databases So easy to link them up Digital Privacy D.A. Clements D.A. Clements, UW Information School 5 D.A. Clements, UW Information School 6 1
Privacy: Video Whose Information Is It? What is privacy? Examine a transaction of Pizza Palace buying Dating for Total Dummies Information linking the purchase with the customer How can the information be used? Book merchant collecting information is ordinary business practice Book merchant sending advertisements to customer is ordinary business practice What about merchant selling information to other businesses? 13-8 7 D.A. Clements, UW Information School D.A. Clements, UW Information School Modern Controlling the Use of Albert Waters, Nez Perce 1906 Devices and Privacy Information Modern devices make it Spectrum of control spans four main possibilities: possible to violate people's No uses . Information should be deleted when the store is privacy without their 1. finished with it knowledge knowledge Approval or Opt-in . Store can use it for other purposes pp o a o Opt S o e ca use o o e pu poses 2. with customer's approval In 1890, Brandeis wrote that Objection or Opt-out . Store can use it for other purposes if 3. customer does not object individuals deserve "sufficient No limits . Information can be used any way the store 4. safeguards against improper chooses Fifth possibility is internal use —store can use information to circulation" of their images 5. continue conducting business with you 13-9 13-10 D.A. Clements, UW Information School D.A. Clements, UW Information School A Privacy Definition Fair Information Practices OECD (Organization of Economic Cooperation Privacy: The right of people to choose freely and Development) in 1980 developed the under what circumstances and to what extent standard eight-point list of privacy principles. they will reveal themselves, their attitude, and their behavior to others Limited Collection Principle 1. Q Quality Principle li P i i l 2. Threats to Privacy: Government and Purpose Principle 3. business Use Limitation Principle 4. Voluntary Disclosure: We choose to reveal Security Principle 5. information in return for real benefits (doctor, Openness Principle 6. Participation Principle credit card company) 7. Accountability Principle 8. 13-11 13-12 D.A. Clements, UW Information School D.A. Clements, UW Information School 2
Comparing US Laws Protecting Privacy Privacy Across the Atlantic U.S. has not adopted OECD principles Privacy Act of 1974 covers interaction with government China does not protect privacy Interactions with business: European Union has European Data Electronic Communication Privacy Act of 1986 Protection Directive (OECD principles) Video Privacy Protection Act of 1988 Telephone Consumer Protection Act of 1991 EU Directive requires data on EU citizens to Driver's Privacy Protection Act of 1994 be protected at same standard even after it Health Insurance Privacy and Accountability Act of 1996 leaves their country These all deal with specific business sectors—not an omnibus solution 13-13 13-14 D.A. Clements, UW Information School D.A. Clements, UW Information School Privacy Principles : A Privacy Success Story European Union Two points of disagreement between FTC Do-Not-Call List (US) and OECD (Europe): Telemarketing industry's "self-policing" Opt-in/Opt-out mechanism required individuals to write a When can an organization use information it collects for letter or pay an on-line fee to stop letter or pay an on line fee to stop one purpose, for a different purpose? telemarketing calls Opt-out is US standard except for highly sensitive data; Opt-in is European standard US government set up Do-Not-Call List. Compliance/Enforcement Over 107,000,000 households are on the US has "voluntary compliance," EU has offices to control list and telemarketing industry has largely data collapsed 13-15 13-16 D.A. Clements, UW Information School D.A. Clements, UW Information School The Cookie Monster The Cookie Monster (Cont'd) Cookie : Record containing seven fields of Browser options: information that uniquely identify a customer's Turn off cookies session on a website. Cookie is stored on customer's hard drive. Ask each time a server wants to set a cookie cookie Abuse: Third-party cookie Accept all cookies Third party advertisers on web site enter client/server relationship with customer as page loads Advertiser can set cookies, and can access cookies when user views other websites that advertiser uses 13-17 13-18 D.A. Clements, UW Information School D.A. Clements, UW Information School 3
Identity Theft Americans do not enjoy the Security Principle Those who hold private information are obliged to maintain its privacy against unauthorized access and other hazards Identity theft is the crime of posing as someone else for fraudulent purposes Using information about person like credit card numbers, social security numbers 13-19 13-20 D.A. Clements, UW Information School D.A. Clements, UW Information School Managing Your Privacy Managing Your Privacy (cont'd) Purchase up-to-date anti-virus/anti-spyware Patronize reputable companies for music, software software, etc. Adjust your cookie preferences to match your Be skeptical comfort level comfort level Stay familiar with current assaults on privacy Read the privacy statement of any website you Lobby for US adoption of Fair Information give information to Practices Review protections against phishing scams 13-21 13-22 D.A. Clements, UW Information School D.A. Clements, UW Information School Video Managing Your Privacy Purchase up-to-date anti-virus/anti-spyware Avoid ID entity Theft software Adjust your cookie preferences to match your comfort level comfort level Read the privacy statement of any website you give information to Review protections against phishing scams D.A. Clements, UW Information School 23 13-24 D.A. Clements, UW Information School 4
Managing Your Privacy (cont'd) Patronize reputable companies for music, software, etc. Be skeptical Stay familiar with current assaults on privacy Lobby for US adoption of Fair Information Practices 13-25 D.A. Clements, UW Information School 5
Recommend
More recommend
