Privacy CSC385 Kutztown University Fall 2009 Oskars J. Rieksts.

Slides:

Advertisements

Similar presentations

Legal & Regulatory Compliance. Overview What types of information should be included? What issues or problems might there be? What benefits could be obtained?

Advertisements

Data Protection Billy Hawkes Data Protection Commissioner Irish Human Rights Commission 20 November 2010.

Data Protection Information Management / Jody McKenzie.

The Data Protection (Jersey) Law 2005.

Privacy and the Right to Know Grayson Barber, Esq. Grayson Barber, LLC.

PRIVACY A Consumer Reporting Agency Perspective. Collect and Sell Information on People Credit Bureaus – Equifax, Experian & TransUnion – are CRA’s But.

Identity Management In A Federated Environment Identity Protection and Management Conference Presented by Samuel P. Jenkins, Director Defense Privacy and.

Privacy No matter how exemplary your life is, there are things you want to keep to yourself © 2004, Lawrence Snyder.

Slides prepared by Cyndi Chie and Sarah Frye A Gift of Fire Third edition Sara Baase Chapter 2: Privacy.

1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.

Lecture to Carleton University, Center for European Studies, December 1, 2010.

Institute of Information Systems, Humboldt University, 2006· Privacy Engineering Sarah Spiekermann & Lorrie Faith Cranor DIMACS Workshop, Rutgers University.

Personal Data Privacy and The Internet by Stephen Lau Privacy Commissioner for Personal Data, Hong Kong SAR at the Joint Conference of the OECD, HCOPIL,

Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.

Data Protection: The Law. EU & Irish Legislation Data Protection Directive 95/46/EC Electronic Privacy Directive 2002/58/EC EUROPOL etc Data Protection.

Taking Steps to Protect Privacy A presentation to Hamilton-area Physiotherapy Managers by Bob Spence Communications Co-ordinator Office of the Ontario.

Data Protection Overview

An overview of the Data Protection Act Legal framework The Data Protection Act 1998 came into force in March 2001, replacing the Data Protection.

Slides prepared by Cyndi Chie and Sarah Frye A Gift of Fire Third edition Sara Baase Chapter 2: Privacy.

The Social Context of Computing Foundation Computing Never underestimate the power of human stupidity.

Test Your Tech The dangers of phishing include A. Sharp hooks and nightcrawlers. B. Credit-card fraud at a look-alike Web site that mimics your bank. C.

Chapter 17 Shhh, It's a Secret: Privacy and Digital Security.

Privacy: Understanding the Needs, Policy, and Approach Owen Greenspan Director Law and Policy Program.

6th CACR Information Security Workshop 1st Annual Privacy and Security Workshop (November 10, 2000) Incorporating Privacy into the Security Domain: Issues.

Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.

RISING DATA FLOW- OUT OF CONTROL? ARTHUR POBER, ED.D.

Slides prepared by Cyndi Chie and Sarah Frye1 A Gift of Fire Third edition Sara Baase Chapter 2: Privacy.

CSE/ISE 312 Privacy (Part 1). What We Will Cover Privacy risks and principles 4 th Amendment, expectations, and surveillance Business and social sectors.

Privacy CSC385 Kutztown University Fall 2009 Oskars J. Rieksts.

Created by, Author Name, School Name—State FLUENCY WITH INFORMATION TECNOLOGY Skills, Concepts, and Capabilities.

Slides prepared by Cyndi Chie and Sarah Frye1 A Gift of Fire Third edition Sara Baase Chapter 2: Privacy.

The European influence on privacy law and practice Nigel Waters, Pacific Privacy Consulting International Dimension of E-commerce and Cyberspace Regulation.

Data Protection Act AS Module Heathcote Ch. 12.

Privacy Professional Practice for Computer Science Guest Lecture, 05 March 2007 Philippa Lawson Director, Canadian Internet Policy & Public Interest Clinic.

IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.

Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.

What is personal data? Personal data is data about an individual which they consider to be private.

© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Ch 8 Privacy Law and HIPAA.

The right item, right place, right time. DLA Privacy Act Code of Fair Information Principles.

Why the Data Protection Act was brought in  The 1998 Data Protection Act was passed by Parliament to control the way information is handled and to give.

A Gift of Fire Third edition Sara Baase Chapter 2: Privacy.

BC Public Libraries November, 2008 Privacy Principles.

IT Applications Theory Slideshows By Mark Kelly Vceit.com Privacy Laws.

Malcolm Crompton APEC Information Privacy Framework: review, impact, & progress APEC Symposium on Information Privacy Protection in E Government & E Commerce.

PROTECTION OF PERSONAL DATA. OECD GUIDELINES: BASIC PRINCIPLES OF NATIONAL APPLICATION Collection Limitation Principle There should be limits to the collection.

An Introduction to the Privacy Act Privacy Act 1993 Promotes and protects individual privacy Is concerned with the privacy of information about people.

Information Technology & Ethics. Impact The impact of IT on information and communication can be categorized into 4 groups: privacy, accuracy, property,

Jody Blanke, Professor Computer Information Systems and Law 1.

Personal data protection in research projects

HIPAA Overview Why do we need a federal rule on privacy? Privacy is a fundamental right Privacy can be defined as the ability of the individual to determine.

APEC Privacy Framework “The lack of consumer trust and confidence in the privacy and security of online transactions and information networks is one element.

A Gift of Fire Third edition Sara Baase Chapter 2: Privacy Slides prepared by Cyndi Chie and Sarah Frye.

DON Code of Privacy Act Fair Information Principles DON has devised a list of principles to be applied when handling Protected Personal Information (PPI).

Protection of Personal Information Act An Analysis on the impact.

Privacy and the Law.

Michael Spiegel, Esq Timothy Shimeall, Ph.D.

Data Protection: The Law

Privacy principles Individual written policies

Issues of personal data protection in scientific research

Data Protection: EU & International

IT Applications Theory Slideshows

Data Protection The Current Regime

Data Protection Legislation

State of the privacy union

OECD Guidelines Collection Limitation: should be limited to personal data, obtained by lawful and fair means, and (where appropriate) with knowledge and.

Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .

General Data Protection Regulations 2018

IAPP TRUSTe SYMPOSIUM 9-11 JUNE 2004

Privacy Principles Melinda Clarke.

IT and Society Week 2: Privacy.

Presentation transcript:

Privacy CSC385 Kutztown University Fall 2009 Oskars J. Rieksts

2009Kutztown University2 Notes on Privacy Based on Lawrence Snyder Based on Lawrence Snyder Fluency in Information Technology Fluency in Information Technology Augmented with my notes Augmented with my notes See also: topics/privacy/notes.html See also: topics/privacy/notes.html topics/privacy/notes.html topics/privacy/notes.html

2009Kutztown University3 Outline Privacy basics Privacy basics Threats to privacy Threats to privacy Personal information control Personal information control FIP principles FIP principles Privacy practices Privacy practices Cookies Cookies Cryptography Cryptography Data mining Data mining

2009Kutztown University4 Privacy Basics Definition – “The right of people to choose freely under what circumstances and to what extent they will reveal themselves to others.” – p. 481 Definition – “The right of people to choose freely under what circumstances and to what extent they will reveal themselves to others.” – p. 481 Rieksts: Privacy is the cornerstone of selfhood Rieksts: Privacy is the cornerstone of selfhood Modern devices & privacy Modern devices & privacy Chief Justice, Louis Brandeis Chief Justice, Louis Brandeis

2009Kutztown University5 Basis of Privacy Conflict Modern life requires Modern life requires Revelation of information Revelation of information  Financial transactions  Applications  Medical services  Etc.

2009Kutztown University6 Basic Privacy Issue Ownership of information Ownership of information Related IT ownership issue Related IT ownership issue  Your machine  Contents of your machine  Files  Software

2009Kutztown University7 Threats to Privacy Criminal element Criminal element  Identity theft  Cyber-stalking  Organized crime Business & industry Business & industry  Marketing  Employment

2009Kutztown University8 Threats to Privacy Enemies of public safety Enemies of public safety Governments Governments  Totalitarian regimes  Overzealous public servants Social engineers Social engineers

2009Kutztown University9 Spectrum of Personal Information Control The lens The lens  Transaction produces information Basic categories Basic categories  No uses  Opt-In or Approval  Opt-Out or Objection  Internal use only  No limits

2009Kutztown University10 Storage & Use beyond transactional necessity No uses No uses  Delete information  Upon completion of transaction Opt-In Opt-In  Permission must be requested  Explicit approval required

2009Kutztown University11 Storage & Use beyond transactional necessity Opt-Out Opt-Out  S&U is OK  Unless specifically objected to Internal use only Internal use only  S&U OK  Only for business itself No limits No limits

2009Kutztown University12 FIP Principles FIP = fair information practices FIP = fair information practices Standard 8 point list Standard 8 point list Developed in 1980 by OECD Developed in 1980 by OECD OECD = Organization of Economic Cooperation and Development OECD = Organization of Economic Cooperation and Development

2009Kutztown University13 Eight FIP Principles Limited Collection Limited Collection Quality Quality Purpose Purpose Use Limitation Use Limitation Security Security Openness Openness Participation Participation Accountability Accountability

2009Kutztown University14 Limited Collection Principle Limits to data collected Limits to data collected Collection by Collection by  Fair means  Lawful means Knowledge & consent required Knowledge & consent required  If possible  When appropriate

2009Kutztown University15 Quality Principle Relevance Relevance  Data must be relevant  to collection purpose Data must be Data must be  Accurate  Complete  Up to date

2009Kutztown University16 Purpose Principle Purpose of collection stated Purpose of collection stated Use limitation Use limitation  Use limited to..  stated purpose

2009Kutztown University17 Use Limitation Principle Data not to be disclosed Data not to be disclosed No use for other purposes No use for other purposes Unless.. Unless..  Consent given by individual  Authority granted by law

2009Kutztown University18 Security Principle Data controller must.. Data controller must.. Exercise reasonable security measures Exercise reasonable security measures

2009Kutztown University19 Openness Principle Data collection policies & practices.. Data collection policies & practices.. Open to the public Open to the public Public knowledge of.. Public knowledge of..  Existence of data  Kind of data  Purpose/use of data  Identity & contact information of  Data controller

2009Kutztown University20 Participation Principle Individual able to determine.. Individual able to determine..  Whether data controller has information  What the information is Denial of access can be challenged Denial of access can be challenged Information can be challenged Information can be challenged

2009Kutztown University21 Accountability Principle Data controller accountable.. Data controller accountable.. for FIP Principles compliance for FIP Principles compliance

2009Kutztown University22 Privacy Practices – EU European Union European Union A ccepts OECD FIP principles A ccepts OECD FIP principles Has European Data Protection Directive Has European Data Protection Directive EU citizen protection standard EU citizen protection standard  Extends beyond EU borders

2009Kutztown University23 Privacy Practices – U.S.A. Sectoral approach Sectoral approach Freedom of Information Act – 1966 Freedom of Information Act – 1966 Privacy Act of 1974 (wrt government) Privacy Act of 1974 (wrt government) Electronics Communication Privacy Act – 1986 Electronics Communication Privacy Act – 1986 Video Privacy Protection Act – 1988 Video Privacy Protection Act – 1988 Telephone Consumer Protection Act – 1991 Telephone Consumer Protection Act – 1991 Drivers Privacy Protection Act – 1994 Drivers Privacy Protection Act – 1994

2009Kutztown University24 Freedom of Information Act – Links Use search engine :: FOIA and/or Freedom of Information Act Use search engine :: FOIA and/or Freedom of Information Act

2009Kutztown University25 Privacy Act of 1974 – Links Check it out with your browser Check it out with your browser

2009Kutztown University26 Electronic Communications Privacy Act Check it out with your browser Check it out with your browser Efforts to update Efforts to update

2009Kutztown University27 Video Privacy Protection Act Check it out with your browser Check it out with your browser

2009Kutztown University28 Telephone Consumer Protection Act Check it out with your browser Check it out with your browser

2009Kutztown University29 Driver Privacy Protection Act Check it out with your browser Check it out with your browser

2009Kutztown University30 Privacy Advocacy EPIC EPIC  Electronic Privacy Information Center Privacy Rights Clearninghouse Privacy Rights Clearninghouse Electronic Frontier Foundation Electronic Frontier Foundation