Download Chapter 5

Chapter 5:
Privacy
Ethics for the Information Age
Forth Edition
by
Michael J. Quinn
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
Chapter Overview
•
•
•
•
•
•
•
•
•
•
•
Introduction
Perspectives on privacy
Disclosing information
Ways information becomes public
U.S. legislation
Public records
Covert government surveillance
U.S. legislation authorizing wiretapping
Data mining
Identity theft
Encryption
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
1-2
5-2
Introduction
• Information collection, exchange,
combination, and distribution easier than
ever
• More information access  less privacy
• Trade-offs
– Privacy vs. need for credentials
– Privacy vs. desire for free expression
– Privacy vs. safety / security
1-3
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-3
Defining Privacy
• Privacy related to notion of access
• Access
– Physical proximity to a person
– Knowledge about a person
• Edmund Byrne: Privacy is a “zone of
inaccessibility”
• Edward Bloustein: Privacy violations are an
affront to human dignity
• Too much individual privacy can harm society
– Ex: a group that facilitates business among its
members, not helping the whole siciety.
• Where to draw the line?
1-4
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-4
Harms of Privacy
• Cover for illegal or immoral activities
• Burden on the nuclear family
– To care for all its members
• Hidden dysfunctional families
– We don’t know about pain caused by family
violence because of privacy.
• Ignored people on society’s fringes
– Poor, mentally ill people.
1-5
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-5
Benefits of Privacy
•
•
•
•
Individual growth (maturity)
Individual responsibility
Freedom to be yourself
Intellectual and spiritual growth
– Shut out the rest of the world to focus our
thoughts without interruption.
• Development of loving, trusting, caring,
intimate relationships
– Close relationships
1-6
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-6
Is There a Natural Right to Privacy?
• Morton Levine: Property rights (Home) 
Privacy rights
– I own my home, no body should interfere
• Privacy is a prudential right
– Ex: Telemarketing and the Do Not Call Registry
1-7
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-7
Privacy and Trust
• Modern life more private
– In the past there was greater emphasis on community
• Challenge: living among strangers
– We know little about neighbors
– BUT we must trust people to some extent
– Ex: taxi driver, teachers, bank loans
• Remedy: establishing reputations
– Ordeal, such as lie detector test or drug test
– Credential, such as driver’s license, key, ID card,
college degree
• Establishing reputation is done at the cost of
reducing privacy
1-8
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-8
Disclosing Information
• Public record: information for public access
– Ex: birth certificates
• Public information: information revealed to an
organization that has right to share it
– Ex: Telephone directory
• Personal information: undisclosed information
– Ex: religion, wealth
• Types of disclosures
– Voluntary :
– Involuntary : body and luggage search at airport
– Statutory : Record of arrests and convicted persons
• Cameras on streets
1-9
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-9
Ways Information Becomes Public
• Rewards or loyalty programs (shopping cards)
• Body scanners (to choose clothes that fit you)
• Digital video recorders (Sells info about viewing
habits)
• New Automobile “comes with black boxes like
airplanes”
• Enhanced 911 service (Track locations of cell phones)
• RFIDs (Tags on products – aspirin or pants)
• Implanted chips (RFID tag contains name and
address for patients and children)
• Cookies (a file on your PC placed by a web server to
monitor your visit to a Web site
• Spyware: a program to monitor your surfing on the net
1-10
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-10
Public Records
Examples of Public Records
• Census records
– Many ways to use these records
• Internal Revenue Service records
– Income, tax, assets, organization you give
charity for, medical expanses, …etc.
• FBI National Crime Information Center
2000
– Stolen items, missing persons and guns,
wanted persons, criminal histories, suspected
terrorists.
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
1-11
5-11
Census Records
• Census required to ensure every state has
fair representation
• Number of questions steadily rising
• Sometimes Census Bureau has broken
confidentiality requirement
– World War I: provided names and addresses
of young draft resistors
– World War II: used info. About JapaneseAmericans
• Round them up and send them to arrest camps.
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
1-12
5-12
Internal Revenue Service Records
• Much personal information on tax forms
• Some IRS employees have misused
access to IRS records
• IRS has also misplaced tapes and
diskettes containing records
1-13
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-13
FBI National Crime Information
Center 2000
• NCIC
– Collection of databases related to various crimes
– Contains > 39 million records
• Successes
– Helps police solve hundreds of thousands of
cases every year
– Helped FBI tie James Earl Ray to assassination of
Dr. Martin Luther King, Jr.
– Helped FBI apprehend Timothy McVeigh for
bombing of federal building in Oklahoma City
1-14
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-14
Criticisms of the NCIC
• Erroneous records have led to false arrests
• Police have arrested innocent people with same
name as someone in NCIC database
• FBI has used NCIC to keep records of people not
suspected of any crime
– Ex opponents to Vietnam War
• Corrupt law-enforcement employees have sold
information to private investigators and deleted
or altered records
• Some law-enforcement employees illegally
access the NCIC (Ex: to search for babysitters)
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
1-15
5-15
OneDOJ Database
• Database being constructed by U.S. Department of
Justice
• Gives state and local police officers access to
information provided by five federal law enforcement
agencies
– Incident reports
– Interrogation summaries
– Other information not available through NCIC
• Criticisms
– OneDOJ gives local police access to information about
people who have not been charged with a crime
– There is no way to correct misinformation in raw police
reports
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
1-16
5-16
Code of Fair Information Practices
Has the following principles:
• No secret databases
• People should have access to personal
information in federal databases
• Organizations cannot change how
information is used without consent
• People should be able to correct or amend
records
• Database owners are responsible for
reliability of data and must prevent misuse
1-17
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-17
Wiretaps and Bugs
• Wiretaps: relates to interception of
telephone conversations
• Bugs are hidden microphones used for
surveillance
• Wiretapping and bugs are not legal
• FBI continues secret wiretapping
1-18
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-18
Operation Shamrock
•
•
•
•
•
Operation Shamrock was a covert, domestic
intelligence gathering operation that monitored
telegraph communications.
Expanded to telephone calls
Kennedy
–Organized crime figures “watch list”
–Individuals and companies doing business with
Cuba
Johnson and Nixon
–Vietnam war protesters
Nixon
–War on drugs
–Monitoring phone calls
1-19
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-19
Carnivore Surveillance System
• Created by FBI in late 1990s
• Monitored Internet traffic, including email
exchanges
• Carnivore = Windows PC + “packet-sniffing”
software
• Captured packets going to/from a particular IP
address
• Used about 25 times between 1998 and 2000
• Replaced with commercial software
1-20
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-20
Covert Activities after 9/11
• September 11, 2001 attacks on World
Trade Center and Pentagon
• President Bush authorized new, secret,
intelligence-gathering operations inside
United States
1-21
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-21
National Security Administration
Wiretapping
• President Bush signed presidential order
– OK for NSA to intercept international phone
calls & emails initiated by people inside U.S.
– No search warrant required
• Number of people monitored
– About 500 people inside U.S.
– Another 5,000-7,000 people outside U.S.
• Two al-Qaeda plots foiled
– Plot to take down Brooklyn bridge
– Plot to bomb British pubs and train stations
1-22
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-22
TALON Database:
Threat And Local Observation Notice
• Created by U.S. Department of Defense in 2003
• Supposed to contain reports of suspicious
activities or terrorist threats near military bases
• Reports submitted by military personnel or
civilians
• Reports assessed as “credible” or “not credible”
by military experts
• Reports about anti-war protests added to
database
• Many of these reports later deleted from
database
• In 2007 TALON was terminated
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
1-23
5-23
Data Mining
• Data mining
– Searching for patterns or relationships in one or more
databases
– Way to generate new information by combining facts
found in multiple transactions
– Way to predict future events
• Secondary use: information collected for one
purpose used for another purpose
– Ex: Collaborative filtering is used to predict future
preference of a person comparing to other people
transactions (renting from a video store)
• Information about customers is a valuable
commodity
1-24
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-24
Data Mining Examples –
Marketplace: Households
• Lotus Development Corporation developed
CD with information on 120 million
Americans
• Planned to sell CD to small businesses
that wanted to create mailing lists based
on various criteria, such as household
income
• More than 30,000 consumers complained
to Lotus about invasion of privacy
• Lotus dropped plans to sell CD
1-25
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-25
Data Mining Examples –
IRS Audits
• IRS uses computer matching and data mining
to look for possible income tax fraud
• Computer matching: matching tax form
information (filled by a person) with
information provided by employers, banks,
etc.
• Data mining: searching through forms to
detect those that appear most likely to have
errors resulting in underpayment of taxes
1-26
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-26
Data Mining Examples –
Syndromic Surveillance System
• Created by New York City
• Analyzes more than 50,000 pieces of
information every day
– 911 calls
– Visits to emergency rooms
– Purchases of prescription drugs
• Looks for patterns that might indicate an
epidemic, bioterrorism, or an
environmental problem
1-27
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-27
Data Mining Examples –
Telecommunications Records Database
•
•
•
•
•
•
•
•
Created by National Security Agency after 9/11
Contains phone call records of tens of millions of Americans
NSA analyzing calling patterns to detect terrorist networks
Phone records voluntarily provided by several major
telecommunications companies
USA Today revealed existence of database in May 2006
Several dozen class-action lawsuits filed
August 2006: Federal judge in Detroit ruled program illegal
and unconstitutional
July 2007: U.S. Court of Appeals overturned ruling, saying
plaintiffs did not have standing to bring suit forward
1-28
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-28
Ownership of Transaction Information
• Who controls transaction information?
– Buyer?
– Seller?
– Both?
• Opt-in: consumer must explicitly give
permission for the organization to share
info with another organization.
– Preferred by privacy advocates
• Opt-out: consumer must explicitly forbid an
organization from sharing info
– Preferred by direct marketing
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
1-29
5-29
Identity Theft : Background
• Identity theft: misuse of another person’s
identity to take actions permitted to the owner
• Credit card fraud #1 type of identity theft
• Ease of opening financial accounts contributes
to problem
– Because information brokers on the Web are selling
IDs (license, SSN, Credit cards)
• 10 million victims in 2004 alone
• Average loss: $5,000 per victim
1-30
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-30
Gaining Access to Information
• Mailboxes
• Lost or stolen wallets
• Dumpster diving (looking old bills, bank
statements, …etc)
• Shoulder surfing (while people are filling forms)
• Skimmers (wedges)
– Credit card readers attached to ATM machines
• Phishing
– Gathering financial info through spam asking you to visit
a web site and the update personal info (fake Paypal)
1-31
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-31
Encryption
• Process of transforming a message in
order to conceal its meaning
• Valuable tool for maintaining privacy
1-32
Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley
5-32