Download Rights claims and obligations

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
Document related concepts

Information security wikipedia , lookup

Mass surveillance wikipedia , lookup

Robbins v. Lower Merion School District wikipedia , lookup

Internet privacy wikipedia , lookup

Information privacy law wikipedia , lookup

Do Not Track legislation wikipedia , lookup

Privacy International wikipedia , lookup

Transcript 
Seating plan for today
Front of room
Front 3 rows: Last name ends in A..H
Middle N rows: Last name ends in I..Q
Back 3 rows: Last name ends in R..Z
Back of room
Privacy
CS 4001
What is Privacy?
CS 4001B
Summer, 2003
Privacy
CS 4001
Contents
•
What are rights (continued)
– Rights claims and obligations
– “Sidebar”: Hohfeld in cyberspace
•
What is privacy?
– Activity: Privacy vs. freedom of expression
– “Sidebar”: conceptual metaphors for abstract ideas
• Privacy and security metaphors used in policies
•
Fair Information Practices: privacy by design
– Activity: Consumer information
•
The right to be let alone
– Activity: Definining Spam
Privacy
CS 4001
Contents
•
What are rights (continued)
–
•
What is privacy?
–
•
Privacy and security metaphors used in policies
Fair Information Practices: privacy by design
–
•
Activity: Privacy vs. freedom of expression
“Sidebar”: conceptual metaphors for abstract ideas
–
•
Rights claims and obligations
Activity: Consumer information
The right to be let alone
–
Privacy
CS 4001
Activity: Definining Spam
What is a right?
• Inherent in being human?
– “Human rights” vs. “nonsense on stilts”
• Right to do/right to demand
– Negative vs. positive
– Rights as shorthand for mutual
obligation/permission relationships
• Rights claims
• Can we develop a logic of rights or
obligations
– “Deontic” logic for policy enforcement
Privacy
CS 4001
•
Claim(i,j,A)
–
Hohfeld & Krogh on rights
I have a claim from them that A
•
–
I’m entitled that data about me
be accurate
•
Liberty(i,j,A)
–
•
I am empowered by them to see
to it that A (but it’s up to me
whether I do).
Immunity(i,j,A)
–
They grant me A as an immunity
Govt. is obliged not to do
anything that leads to my not
being protected from selfincrimination
Privacy
CS 4001
I have no right to happiness
(but I’m not forbidden it either)
Duty(i,j,A)
–
I have a duty to them to A
• Eckerd is obliged to store the
data securely
•
Power(i,j,A)
–
•
•
I’m free to A (if I want to)
We can decide to use the data
you give us, but we don’t
have to
NoRight(i,j,A)
Disability(i,j,A)
–
•
Obligation to refrain from
“seeing to it that not A”
Liability(i,j,A)
–
I am liable to them for A
• Or “They are not obliged to
refrain from requiring A of
me”
Privacy is...
• Security
• Autonomy
• Property
• Privacy =
• Privacy =
• Privacy =
Confidentiality
Privacy
CS 4001
“The right to
be let alone”
Freedom
from
intrusion
Slipperiness of concepts
• Perhaps we mean too many different
things?
• Perhaps we cannot formalize (and
therefore enforce through code) unless we
restrict application?
• Perhaps we need to understand how
people really think about abstract
concepts like privacy?
Privacy
CS 4001
Contents
•
What are rights (continued)
– Rights claims and obligations
•
What is privacy?
– Activity: Privacy vs. freedom of expression
•
“Sidebar”: conceptual metaphors for abstract ideas
– Privacy and security metaphors used in policies
•
Fair Information Practices: privacy by design
– Activity: Consumer information
•
The right to be let alone
– Activity: Definining Spam
Privacy
CS 4001
Some grounded metaphors
(Lakoff & Johnson)
•
important = big
•
state = place
•
difficulty = burden
•
action = self-propulsion
•
more = up
•
purpose = destination
•
type of = inside
•
purpose = desired thing
•
similar = near
•
cause = force
•
degree = position
•
relationship = enclosure
•
arch. = phys. struct.
•
control = be above
•
help = support
•
know = see
•
time = motion
•
understand = grasp
•
change = motion
•
see = touch
Privacy
CS 4001
Intrusion is movement
inside
My information
Unwelcome intrusion
Privacy
CS 4001
Access/Intrusion is
movement inside
Regardless of whether Eckerd uses your information,
we will store it securely and will not allow it to be
accessed or used by any person or entity not affiliated
My information
with Eckerd Corporation, other than under the conditions
described below...
Access
Privacy
CS 4001
Disclosure is movement
away
My PC
My credit card number
Privacy
CS 4001
Hacker’s PC
Disclosure is movement
away
In addition, we may ask you if you would like to receive information about
health care issues or other products and services. If you indicate that you
would, we may also use your personal identifying information to: ... or (2)
create customer lists or other data summaries which may be shared with the
companies
within the J.C. Penney family of companies.
Company
Personal information
Privacy
CS 4001
Other parties
Retraction is movement
back
You may remove your personal identifying information from our records.
If you have submitted personal identifying information to Eckerd, and you
wish to have it removed from our records, please tell us by sending an
e-mail to us at the following address:…
Company
In addition, if you have given consent for Eckerd or other members of the
J.C. Penney family of companies to contact you, and you decide that you
do not wish to be contacted any further, please e-mail us to let us know.
Your request will be processed with all reasonable speed. You will be notified
when the removal has been completed.
Personal information
Privacy
CS 4001
Other parties
Disclosure is social
exchange
Disclosed information
Information
Subject
Privacy
CS 4001
Service in return
Business/
Govt.
Disclosure is social
exchange
Disclosed information
If you do send personal identifying information to Eckerd,
we may use it for reasonable business purposes
without further consent from you or obligation to you.
Information
Subject
Privacy
CS 4001
Service in return
Business/
Govt.
Disclosure is social
exchange
Disclosed information
In addition, we may ask you if you would like to receive
information about health care issues or other products and
services. If you indicate that you would, we may also use
your personal identifying information to: (1) contact you
about Eckerd programs and/or to seek additional input
from you regarding your experiences with Eckerd;
Information
Subject
Privacy
CS 4001
Service in return
Business/
Govt.
Rights and obligations are
magnitudes
Privacy
CS 4001
Rights and obligations are
magnitudes
Confidential pharmacy information will not be used by Eckerd, Express
Pharmacy Services, or Eckerd Health Services, except for those limited
purposes currently permitted under state and federal law, such as for
review by a treating physician, for purposes of processing payment,
pursuant to subpoena or court order, or to provide you with health
information that you may find useful, and the like.
Privacy
CS 4001
Contents
•
What are rights (continued)
– Rights claims and obligations
•
What is privacy?
– Activity: Privacy vs. freedom of expression
•
“Sidebar”: conceptual metaphors for abstract ideas
– Privacy and security metaphors used in policies
•
Fair Information Practices: privacy by design
– Activity: Consumer information
•
The right to be let alone
– Activity: Definining Spam
Privacy
CS 4001
Fair Information Principles
• Notice and awareness
• Choice and consent
• Adequate security and integrity
• Access and participation
• Enforcement and/or redress
• Related concepts:
– Anonymity and pseudonymity
– Proximity and locality
Privacy
CS 4001
Fair Information Practices (1)
• Openness and transparency
– No secret record keeping
• Individual participation
– subject can access & challenge
• Collection limitation
– Data collection proportional and not excessive given
purpose
• Data quality
– Data relevant to purposes and kept up to date
Privacy
CS 4001
Fair Information Practices (2)
• Use limitation
– For specific purpose
– By authorized personnel
• Reasonable security
– Adequate safeguards given data’s sensitivity
• Accountability
– Record keepers accountable for compliance
Privacy
CS 4001
Privacy-relevant Properties of
Ubiquitous computing (contrast
Mgt. Info. Sys.)
• Ubiquity
• (=> accountability, choice)
• Invisibility
• (=> secrecy/choice)
• Sensory augmentation
• (=> use limitations)
• Memory amplification
• (=> use limitations)
Privacy
CS 4001
Contents
•
What are rights (continued)
– Rights claims and obligations
•
What is privacy?
– Activity: Privacy vs. freedom of expression
•
“Sidebar”: conceptual metaphors for abstract ideas
– Privacy and security metaphors used in policies
•
Fair Information Practices: privacy by design
– Activity: Consumer information
•
The right to be let alone
– Activity: Definining Spam
Privacy
CS 4001
Points to take away…
• Concepts aren’t clear
– Morality/legality of rights as logic vs. concepts of
privacy as metaphors
• Privacy isn’t just security
– Rights over information use, accuracy, personal
representation, freedom from intrusion
• Privacy conflicts with other rights
– If it is a right
• Privacy by design imposes big information management
requirements on systems
• Spam, Spam, Spam, Spam…
Privacy
CS 4001
For next time…
• Read chapter on encryption
– We will be concerned mainly with privacy
from Government
• Especially law-enforcement uses of personal
information
– And Government-mandated privacy policy
• Especially healthcare records under HIPAA
Privacy
CS 4001
Related documents
Merenje koncentracije i trzisne moci privrednih
Merenje koncentracije i trzisne moci privrednih
Computer Science 9616a, Fall 2011 Project Description Your project
Computer Science 9616a, Fall 2011 Project Description Your project
Misc. Privacy Topics (concluding)
Misc. Privacy Topics (concluding)
Computer Science 9616b, Fall 2016 Project Description Your project
Computer Science 9616b, Fall 2016 Project Description Your project
Lecture for Chapter 2.3 (Fall 09)
Lecture for Chapter 2.3 (Fall 09)
Privacy Statement - Handprints and Footsteps
Privacy Statement - Handprints and Footsteps
HIPPA Compliance Form
HIPPA Compliance Form
Donor Privacy Policy
Donor Privacy Policy
Innovative Applications of Artificial Intelligence Techniques in
Innovative Applications of Artificial Intelligence Techniques in
Brian O - Omega Dental Group
Brian O - Omega Dental Group