Download Privacy

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Document related concepts

Nonlinear dimensionality reduction wikipedia, lookup

Transcript
Privacy in computing
Material/text on the slides from
Chapter 10
Textbook: Pfleeger.
What is privacy?
• How would you define it?
• What do you think its aspects are?
– Three key aspects:
• Controlled disclosure.
• Sensitive data
• Affected subject.
Computer Related Privacy Problems
• Data collection: what issue do you see?
• No informed consent:
– Examples: real age.
• Loss of control: class discussion.
– Example: posting on a blog.
• What are the ramifications vs. writing a letter?
• Ownership of data.
Computer Related Privacy Problems
• Data collection: what issue do you see?
• No informed consent:
– Examples: real age.
• Loss of control: class discussion.
– Example: posting on a blog.
• What are the ramifications vs. writing a letter?
• Ownership of data.
Protections provided
• Privacy Policies;
– First step: fair information policies:
• Regulate these;
–
–
–
–
–
–
–
–
Collection of information.
Data quality.
Purpose specification (use of information)
Use limitation.
Security safeguards.
Openness.
Individual participation.
Accountability.
U.S privacy laws
– Are usually applied to individual data types:
– HIPAA
– Financial organizations: Gramm-Leach-Bliley Act
(GLBA)
– Important in Radford: Federal Educational Rights and
Privacy Act (FERPA).
• Somethings are not clear: example class
discussion.
U.S govt. websites.
• Privacy laws controlled by the FTC.
• Address 5 factors:
–
–
–
–
Notice (must be informed)
Choice
Access (contest accuracy of data collected)
Security. (data collectors must secure against
unauthorized use).
– Enforcement (sanctions on noncompliance)
• In 2002, the US e-government act.
What about commercial
websites?
• Federal trade comission can prosecute for
deceptive practices. (e.g., false advertising)
– E.g., JetBlue and the DOD.
Other issues with Privacy.
• Anonymity.
– Issues with anonymity.
• Multiple identities (online id)
How to protect against privacy
loss?
How to protect against privacy
loss?
• Get/give as little data as possible.
• Data anonymization.
• Audit trail: record who has accessed what
data.
• Security and controlled access
• Training, quality, Restricted usage, data left
in place.
• Policy.
Issues in Computer Security:
Data mining and privacy.
• Government data mining.
• Privacy preserving data mining:
– Data mining is “extracting hidden patterns from
large amounts of data”
– Solutions to preserve privacy:
• Remove id information. Doesn’t work.
– E.g., Sweeney’s report: > 87% US population can be
identified by: 5 digit zip code, gender and date of birth.
• Data perturbation. Example. Needs to be done
carefully.
Privacy on the web
• Think about this:
– On the web: every word you speak (blog) can
be read
– Someone selling something may have ads on
their site for something else.
– Identity of the other person may not be known!
• Some issues on the web are protected.
– Can you name them?
Privacy on the web
• Credit card payments are protected.
– But not necessarily private.
– Paypal etc.. May solve the privacy issues.
• Site and portal registrations:
– Beware of “we will enhance your browsing experience”
– Using email as id on some sites. Issues?
• Third party ads.
• Contests and offers: Free Iphones!
Privacy issues
• Cookies:
– Be-aware
• Third party cookies. E.g., Double Click and online profiling.
• Adware
• Web-bug.
• Spyware: keystroke loggers.
Email security
• Interception of email.
– Can be encrypted using PGP or S/MIME
– Email monitored legallly.
• Anonymous E-mail and remailers
– Sending anonymous emails.
• Spoofing and spamming.
Impact on Emerging technologies
• RFID tags
– RFID and privacy issues:
• Consumer products. How can this be exploited?
– RFID in individuals.
• Electronic voting
– Privacy issues.
• VoIP and Skype
– Privacy issues.