Marc Langheinrich: Privacy in Ubiquitous Computing 5/29/2010 Today‘s Menu PRIVACY IN UBIQUITOUS PRIVACY IN UBIQUITOUS � Understanding Privacy � Technical Approaches COMPUTING � Definitions � Challenges 1. History and legal aspects 1. Location privacy Marc Langheinrich 2. Motivating privacy 2. RFID privacy University of Lugano (USI), Switzerland 14 A Privacy Definition � “The right to be let alone.“ � Warren and Brandeis, 1890 (Harvard Law Review) � “Numerous mechanical � “Numerous mechanical devices threaten to make Privacy in Ubiquitous Computing good the prediction that UNDERSTANDING PRIVACY ’what is whispered in the closet shall be proclaimed from the housetops’“ Image source: http://historyofprivacy.net/RPIntro3-2009.htm Technological Revolution, 1888 Information Privacy � “The desire of people to choose freely under what circumstances and to what extent they will expose th themselves, their attitude and their l th i ttit d d th i behavior to others.“ � Alan Westin, 1967 Privacy And Freedom, Atheneum Dr. Alan F. Westin George Eastman 1854-1932 18 Image Source: Wikipedia; Encyclopedia Britannica (Student Edition) 1
Marc Langheinrich: Privacy in Ubiquitous Computing 5/29/2010 Privacy Facets Privacy Invasions � Bodily Privacy � When Do We Feel that Our Privacy Has Been Violated? � Strip Searches, Drug Testing, … � Perceived privacy violations due to crossing of “privacy borders“ � Territorial Privacy � Privacy Boundaries � Privacy Of Your Home, Office, … 1. Natural � Communication Privacy 2. Social � Phone Calls, (E-)mail, … 3. Spatial / temporal � Informational Privacy 4. Transitory � Personal Data (Address, Hobbies, …) Gary T. Marx MIT 20 Privacy Borders (Marx) � Natural � Physical limitations (doors, sealed letters) � Social � Group confidentiality (doctors, colleagues) Privacy in Ubiquitous Computing � Spatial / Temporal 1. HISTORY AND LEGAL ISSUES � Family vs. work, adolescence vs. midlife � Transitory � Fleeting moments, unreflected utterances 21 Privacy Law History Fair Information Principles (FIP) � Drawn up by the OECD, 1980 � Justices Of The Peace Act (England, 1361) � “Organisation for economic cooperation & development“ � Sentences for Eavesdropping and Peeping Toms � Voluntary guidelines for member states � „The poorest man may in his cottage bid defiance to � Goal: Ease transborder flow of goods (and information!) � Goal: Ease transborder flow of goods (and information!) all the force of the crown. It may be frail; its roof may � Eight Principles shake; … – but the king of England cannot enter; all his 1. Collection Limitation 5. Security Safeguards forces dare not cross the threshold of the ruined 2. Data Quality 6. Openness tenement“ 3. Purpose Specification 7. Individual Participation � William Pitt the Elder (1708-1778) 4. Use Limitation 8. Accountability � First Modern Privacy Law in the German State Hesse, 1970 � Core principles of modern privacy laws world-wide Source: Robert Gellman „Fair Information Practices: A Basic Histroy“, http://bobgellman.com/rg-docs/rg-FIPshistory.pdf See also http://www.oecd.org/document/18/0,3343,en_2649_34255_1815186_1_1_1_1,00.html 23 2
Marc Langheinrich: Privacy in Ubiquitous Computing 5/29/2010 Laws and Regulations US Public Sector Privacy Laws � Federal Communications Act, 1934, 1997 (Wireless) � Privacy laws and regulations vary widely � Omnibus Crime Control and Safe Street Act, 1968 throughout the world � Bank Secrecy Act, 1970 � US has mostly sector-specific laws , with relatively � Privacy Act, 1974 Privacy Act, 1974 minimal protections minimal protections � Right to Financial Privacy Act, 1978 � Self-Regulation favored over comprehensive privacy laws � Privacy Protection Act, 1980 � Fear that regulation hinders e-commerce � Computer Security Act, 1987 � Europe has long favored strong, omnibus privacy laws � Family Educational Right to Privacy Act, 1993 � Often single framework for both public & private sector � Electronic Communications Privacy Act, 1994 � Privacy commissions in each country (some countries have � Freedom of Information Act, 1966, 1991, 1996 national and state commissions) � Driver’s Privacy Protection Act, 1994, 2000 25 26 US Private Sector Laws EU Privacy Law � EU Data Protection Directive 1995/46/EC � Fair Credit Reporting Act, 1971, 1997 � Sets a benchmark for national law for processing personal � Cable TV Privacy Act, 1984 information in electronic and manual files � Video Privacy Protection Act, 1988 y � Expands on OECD Fair Information Practices: � Expands on OECD Fair Information Practices: � Health Insurance Portability and Accountability Act, 1996 � no automated adverse decisions � Children’s Online Privacy Protection Act, 1998 � minimality principle � retention limitation � Gramm-Leach-Bliley-Act (Financial Institutions), 1999 � special provisions for “sensitive data” � Controlling the Assault of Non-Solicited Pornography And � compliance checks Marketing Act (CAN-SPAM), 2003 � Facilitates data-flow between Member States and restricts export of personal data to „unsafe“ non-eu countries 27 28 National Implementation EU Privacy Law � EU Data Protection Directive 1995/46/EC � Directive(s) Transcribed Into National Law(s) � Sets a benchmark for national law for processing personal � Fines for countries that fail to meet deadline information in electronic and manual files � National Laws Can Be Stricter Than Directive � Expands on OECD Fair Information Practices: � Expands on OECD Fair Information Practices: � Directive only sets baseline privacy level � no automated adverse decisions � Still 27+3 national regimes (EU+EEA)! � minimality principle � retention limitation � Data Protection Commissioner Oversight � special provisions for “sensitive data” � Significantly different powers in each country: some only � compliance checks „advise“, others can block legislation � Facilitates data-flow between Member States and restricts export of personal data to „unsafe“ non-EU countries EEA: European Economic Area (Norway, Lichtenstein, Iceland) EFTA: European Free Trade Association (EEA+Switzerland) 30 3
Marc Langheinrich: Privacy in Ubiquitous Computing 5/29/2010 Related EU Directives � Telecommunications Directive 97/66/EC � Added specific rules for telecommunications systems � Privacy & Electronic Comm. Directive 2002/58/EC � Updates 97/66 to cover „electronic communications“ Privacy in Ubiquitous Computing � Data Retention Directive 2006/24/EC 2. MOTIVATING PRIVACY � Adds provisions for retaining {call, email, Web}-logs � Data must be stored for 6-24 months � Member states can go beyond what 2006/24 mandates See, e.g., https://wiki.vorratsdatenspeicherung.de/Transposition for current status of transposition Why Privacy? The NTHNTF-Argument � “A free and democratic society requires respect � „If you’ve got nothing to hide, for the autonomy of individuals, and limits on you’ve got nothing to fear” the power of both state and private organizations to intrude on that autonomy… UK Gov’t Campaign Slogan for CCTV (1994) privacy is a key value which underpins human privacy is a key value which underpins human � Assumption dignity and other key values such as freedom of association and freedom of speech…“ � Privacy is (mostly) about hiding (evil/bad/unethical) secrets � Preamble To Australian Privacy Charter, 1994 � Implications � “All this secrecy is making life harder , more � Privacy protects wrongdoers (terrorists, child molesters, …) expensive, dangerous and less serendipitous“ � Peter Cochrane, Former Head Of BT Research � No danger for law-abiding citizens � “You have no privacy anyway, get over it “ � Society overall better off without it! � Scott McNealy, CEO Sun Microsystems, 1995 36 37 Dec. 2009 “But I’ve Got Nothing to Hide!” Do you? � Arson Near Youth House Niederwangen, CH � At scene of crime: Tools from supermarket chain � Court ordered disclosure of all 133 consumers who bought items on their supermarket loyalty card (8/2004) � (Arsonist not yet found) � “Give me six lines written by the most honorable of men, and I will find an excuse in them to hang him” Armand Jean du Plessis, 1585-1642 (a.k.a. Cardinal de Richelieu) 4
Recommend
More recommend
