Welcome! The objective of this 43 slide presentation is to: 1. Identify privacy issues associated with technology. 2. Evaluate current technology practices regarding privacy issues and participate in discussions addressing the current situations encountered. 3. Communicate in writing your knowledge, thoughts and positions about privacy issues in the 8 red PP questions in the presentation. Please view and study this presentation in “Slide Show”. Answer and submit the Lesson’s participation points (marked as red PP in presentation). Mod 3.2 Privacy and Theories & 8 PP1

Privacy concerns affect many aspects of an individual’s life – from commerce to healthcare to work. We have categories such as: 1. consumer privacy, 2. medical/healthcare privacy, 3. employee/workplace privacy.  Privacy issues involving technology affect each of us, whether or not we have ever owned or even used a networked computer.  Consider the information about us that can be acquired from our commercial transactions in a bank or in a store. Mod 3.2 Privacy and Theories & 8 PP2

 The privacy of users who navigate the Web solely for recreational purposes is also at risk.  Personal data about a user’s interests can be acquired by organizations whose need for this information is not always clear.  A user’s personal data acquired via his/her online activities can be sold to third parties. Mod 3.2 Privacy and Theories & 8 PP3

Privacy concerns have been exacerbated in at least four ways, i.e., by the: 1. amount of personal information that can now be collected; 2. speed at which personal information can now be transferred and exchanged; 3. duration of time in which personal information can now be retained; 4. kind of personal information (such as transactional information) that can be acquired. Mod 3.2 Privacy and Theories & 8 PP4

Privacy is a concept that is difficult to define. We sometimes speak of an individual’s privacy as something that can be:  lost,  diminished,  intruded upon,  invaded,  violated,  breached.  Privacy is sometimes viewed as an "all-or- nothing" concept (i.e., something that one either has (totally) or does not have).  Privacy is also sometimes viewed as something that can be diminished (i.e., as a repository of personal information that can be eroded gradually). Mod 3.2 Privacy and Theories & 8 PP5

Three classic theories have tended to view privacy in terms of either: 1. non-intrusion, 2. non-interference, 3. control over/restricting access to one’s personal information. Mod 3.2 Privacy and Theories & 8 PP6

The non-intrusion theory views privacy as either:  being let alone,  being free from government intrusion. This view is also sometimes referred to as accessibility privacy. Mod 3.2 Privacy and Theories & 8 PP7

The rationale for the non-intrusion theory can be found in both:  the Fourth Amendment to the U.S. Constitution (i.e., search and seizure);  a seminal article on the right to privacy by Warren and Brandeis in the Harvard Law Review (1890). Mod 3.2 Privacy and Theories & 8 PP8

 The non-interference theory views privacy as freedom from interference in making decisions.  This theory emerged in the 1960s, following the Griswold v. Connecticut U.S. Supreme Court case in  This view of privacy is also sometimes referred to as decisional privacy. Mod 3.2 Privacy and Theories & 8 PP9

 Many people wish to control who has access to their personal information.  Many also wish to set up zones that can restrict access to their personal data.  Informational privacy concerns arose because of issues involving personal information in computer databases. Mod 3.2 Privacy and Theories & 8 PP10

non-intrusionAccessibility Privacy Privacy is defined in terms of one's physically "being let alone," or freedom from intrusion into one's physical space. non-interferenceDecisional Privacy Privacy is defined in terms of freedom from interference in one's choices and decisions. control over/restricting access to one’s personal information Information al Privacy Privacy is defined as control over the flow of one's personal information, including the transfer and exchange of that information. Mod 3.2 Privacy and Theories & 8 PP11

 James Moor (2004) framed a theory of privacy that incorporates key elements of the three classic theories: ◦ non-intrusion, ◦ non-interference, ◦ control over/restricted access to personal information.  According to Moor: …an individual has privacy in a situation if in that particular situation the individual is protected from intrusion, interference, and information access by others. Mod 3.2 Privacy and Theories & 8 PP12

 A key element in Moor’s definition is his notion of a situation, which can apply to a range of contexts or “zones.”  A situation can be an “activity,” “relationship,” or the “storage and access of information” in a computer or on the Internet. Moor distinguishes between “naturally private” (descriptive) and “normatively private” situations required for having:  (a) natural privacy (in a descriptive sense);  (b) a right to privacy (in a normative sense). Mod 3.2 Privacy and Theories & 8 PP13

Using natural/normative privacy distinction, we can further differentiate between a:  loss of privacy, and a  violation of privacy. Mod 3.2 Privacy and Theories & 8 PP14

 Scenario 1: Someone walks into the computer lab (at 11:30 PM when no one else is around) and sees you. ◦ Here, your privacy is lost but not violated.  Scenario 2: Someone peeps through the keyhole of your apartment door and sees you using a computer. ◦ Your privacy is not only lost but is violated. Mod 3.2 Privacy and Theories & 8 PP15

 What kind of value is privacy?  Is privacy something that is valued for its own sake – i.e., an intrinsic value?  Is it valued as a means to an end, in which case it has only instrumental worth? PP1. Why is Privacy Important? Mod 3.2 Privacy and Theories & 8 PP16

 Privacy does not seem to be valued for its own sake, and thus is not an intrinsic value.  But privacy also seems to be more than an instrumental value because it is necessary (rather than merely contingent) for achieving important human ends. Mod 3.2 Privacy and Theories & 8 PP17

 Judith DeCew (2006) notes that privacy acts as a “shield” by providing for freedom and independence.  Privacy also shields us from pressures that preclude self- expression and the development of relationships.  DeCew believes that the loss of privacy leaves us vulnerable and threatened because we are likely to become: more conformist, and less individualistic.  Privacy also protects (i.e., shields) us from: ◦ scrutiny, ◦ interference, ◦ coercion, ◦ pressure to conform. PP2. Explain what “shield” you think is appropriate for the last computer program you developer for a specific user. Mod 3.2 Privacy and Theories & 8 PP18

(1) data-gathering techniques used to collect and record personal information, often without the knowledge and consent of users. (2) data-exchanging techniques used to transfer and exchange personal data across and between computer databases, typically without the knowledge and consent of users. (3) data-mining techniques used to search for patterns implicit in large databases in order to generate consumer profiles based on behavioral patterns discovered in certain groups. PP3. Explain in your own words how data mining can threaten privacy. Mod 3.2 Privacy and Theories & 8 PP19

 One’s physical movements while shopping at a department store are monitored by video cameras.  Motorists are subject to highway surveillance because of scanning devices such as E-ZPass.  The number of "clickstreams" – i.e., key strokes and mouse clicks – entered by a Web site visitor can be monitored and recorded. Mod 3.2 Privacy and Theories & 8 PP20

 “Cookies” are files that Web sites send to and retrieve from the computers of Web users.  Cookies technology enables Web site owners to collect data about those who access their sites.  With cookies, information about one’s online browsing preferences can be “captured” whenever a person visits a Web site.  The data recorded via cookies is stored on a file placed on the hard drive of the user's computer system.  The information can then be retrieved from the user's system and resubmitted to a Web site the next time the user accesses that site. Mod 3.2 Privacy and Theories & 8 PP21

 The exchange of data typically occurs without a user's knowledge and consent.  Many Web sites that use cookies maintain that they are performing a service for repeat users of a Web site by customizing a user's means of information retrieval.  Some also point out that, because of cookies, they are able to provide a user with a list of preferences for future visits to that Web site.  Some privacy advocates argue that activities involving the monitoring and recording an individual's activities while visiting a Web site violates privacy.  Some also worry that information gathered about a user via cookies can eventually be acquired by or sold to online advertising agencies. Mod 3.2 Privacy and Theories & 8 PP22

 RFID (Radio Frequency IDentification) consists of a tag (microchip) and a reader.  The tag has an electronic circuit, which stores data, and antenna that broadcasts data by radio waves in response to a signal from a reader.  The reader contains an antenna that receives the radio signal, and demodulator that transforms the analog radio into suitable data for any computer processing that will be done.  RFID transponders in the form of “smart labels” make it much easier to track inventory and protect goods from theft or imitation.  RFID technology also poses a significant threat to individual privacy. Mod 3.2 Privacy and Theories & 8 PP23

 Critics worry about the accumulation of RFID transaction data by RFID owners and how that data will be used in the future.  In 2004 roughly 40 million Americans carry some form of RFID device every day.  Privacy advocates note that RFID technology has been included in chips embedded in humans, which enables them to be tracked.  Like Internet cookies (and other online data gathering and surveillance techniques), RFID threatens individual privacy.  Unlike cookies, which track a user’s habits while visiting Web sites, RFID technology can track an individual’s location in the off-line world.  RFID technology introduces concerns involving “locational privacy.” PP 4. Explain in your own words how data gathering can threaten privacy. Mod 3.2 Privacy and Theories & 8 PP24

 As of 2005, cell phone companies are required by the FCC to install a GPS (Global Positioning System) locator chip in all new cell phones.  This technology, which assists 911 operators, enables the location of a cell phone user to be tracked within 100 meters.  Privacy advocates worry that this information can also be used by the government to spy on individuals. Mod 3.2 Privacy and Theories & 8 PP25

 Computer merging is a technique of extracting information from two or more unrelated databases and incorporating it into a composite file.  Computer merging occurs whenever two or more disparate pieces of information contained in separate databases are combined. Mod 3.2 Privacy and Theories & 8 PP26

Suppose that you voluntarily give information about yourself to three different organizations, by giving information about your: 1. income and credit history to a lending institution in order to secure a loan; 2. age and medical history to an insurance company to purchase life insurance; 3. views on certain social issues to a political organization you wish to join. Each organization has a legitimate need for information to make decisions about you, for example:  insurance companies have a legitimate need to know about your age and medical history before agreeing to sell you life insurance;  lending institutions have a legitimate need to know information about your income and credit history before agreeing to lend you money to purchase a house or a car. PP 5. Explain in your own words how this practice can threaten your privacy.  Mod 3.2 Privacy and Theories & 8 PP27

 Suppose that information about you in the insurance company's database is merged with information about you in the lending institution's database or in the political organization's database.  When you gave certain information about yourself to three different organizations, you authorized each organization to have specific information about you.  However, it does not follow that you thereby authorized any one organization to have some combination of that information. Mod 3.2 Privacy and Theories & 8 PP28

 Computer matching is a variation of computer merging.  Matching is a technique that cross-checks information in two or more databases that are typically unrelated to produce "matching records" or "hits.“  In federal and state government applications, computerized matching has been used by various agencies and departments to identify:  potential law violators;  individuals who have actually broken the law or who are suspected of having broken the law (welfare cheats, deadbeat parents, etc.). Mod 3.2 Privacy and Theories & 8 PP29

 Income tax records could be matched against state motor vehicle registration records (looking for individuals reporting low incomes but owning expensive automobiles).  Consider an analogy in physical space where your mail is matched (and opened) by authorities to catch criminals suspected of communicating with your neighbors. Mod 3.2 Privacy and Theories & 8 PP30

 Some who defend matching argue: If you have nothing to hide, you have nothing to worry about.  Others use the following kind of argument: 1.Privacy is a legal right. 2.Legal rights are not absolute. 3.When one violates the law (i.e., commits a crime), one forfeits one's legal rights. 4.Therefore, criminals have forfeited their right to privacy. Mod 3.2 Privacy and Theories & 8 PP31

 At Super Bowl XXXV (January 2001), a facial-recognition technology was used to scan the faces of individuals entering the stadium.  The digitized facial images were instantly matched against images contained in a centralized database of suspected criminals and terrorists.  This practice was, at the time, criticized by many civil-liberties proponents. Mod 3.2 Privacy and Theories & 8 PP32

Consider a hypothetical scenario involving Lee, a 35-year old executive: ◦ Lee applies for a car loan; ◦ Lee has an impeccable credit history;  A data-mining algorithm “discovers” that Lee belongs to a group of individuals likely to start their own business and also likely to declare bankruptcy; Lee is denied the loan based on data mining. Mod 3.2 Privacy and Theories & 8 PP33

Data Merging A data-exchanging process in which personal data from two or more sources is combined to create a "mosaic" of individuals that would not be discernable from the individual pieces of data alone. Data Matching A technique in which two or more unrelated pieces of personal information are cross- referenced and compared to generate a match or "hit," that suggests a person's connection with two or more groups. Data Mining A technique for "unearthing" implicit patterns in large databases or "data warehouses," revealing statistical data that associates individuals with non-obvious groups; user profiles can be constructed from these patterns. Mod 3.2 Privacy and Theories & 8 PP34

 Non-Public Personal Information (or NPI) refers to sensitive information such as in one’s financial and medical records.  NPI enjoys some legal protection.  Many privacy analysts are now concerned about a different kind of personal information called Public Personal Information (or PPI).  PPI is non-confidential and non-intimate in character, and is not legally protected. Mod 3.2 Privacy and Theories & 8 PP35

 Search facilities can be used to acquire personal information about individuals.  Search engines can be used to:  stalk individuals (as in the Amy Boyer case);  reveal which Web sites you have visited (as in the Google vs. Bush Administration case where users’ search requests were subpoenaed by the U.S. Government). Mod 3.2 Privacy and Theories & 8 PP36

 What are public records, and why do we have them?  In the past, one had to go to municipal buildings to get public records.  In the Amy Boyer case, would it have made a difference if Youens had to go to a municipal building to get records? Mod 3.2 Privacy and Theories & 8 PP37

 Privacy advocates argue for stronger privacy legislation.  E-commerce groups oppose strong privacy laws and lobby instead for voluntary industry self-regulation.  Do Privacy Enhancing Tools, or PETs, provide a compromise solution? Mod 3.2 Privacy and Theories & 8 PP38

 PETs are tools that users can employ to protect:  (a) their personal identity, while navigating the Web;  (b) the privacy of communications (such as ) sent over the Internet. Mod 3.2 Privacy and Theories & 8 PP39

(1) educating users about the existence of these tools; (2) adhering to the principle of informed consent when using these tools; (3) addressing issues of social equity. PP6. How are Users supposed to find about PETs? Mod 3.2 Privacy and Theories & 8 PP40

Privacy laws and data-protection principles in Europe and the U.S. include the:  European Union (EU) 1995 Privacy Directive;  U.S. Privacy Act of 1974, and  HIPAA (Health Insurance Portability and Accountability Act). Comprehensive Privacy Proposals  strong legislation;  a privacy oversight commission;  industry self-regulation. Mod 3.2 Privacy and Theories & 8 PP41

 1. preserving anonymity of data when at all possible;  2. establishing fair procedures for obtaining data, requiring that proposed collections of data have both relevance and purpose;  3. specifying the legitimate conditions of authorized access. PP 7. What is your privacy expectation in the two “situation” below: 1. when you are viewed in the lab working vs. 2. when you are at home working and viewed from the keyhole Mod 3.2 Privacy and Theories & 8 PP42

PP 8 -What are the three classical theories of Privacy? Give an example of each privacy being lost. Please submit the eight answers to your PP at the end of class or into D2L Dropbox. Thanks! Mod 3.2 Privacy and Theories & 8 PP43