Jim Loter Director of Information Technology

Slides:

Advertisements

Similar presentations

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.

Advertisements

I Choose Privacy! Intellectual Freedom: Addressing the Privacy Issue in the Academic Library.

Confidentiality and HIPAA

Privacy Laws & Higher Education. Agenda 1.Five Privacy Laws a.FERPA b.HIPAA c.GLB d.FACTA Disposal Rule e.CAN-SPAM 2.Overview of the Laws a.What does.

 Original Intent: ◦ Act passed in 1996 with two main goals: 1.Ensure individuals would be able to maintain their health insurance between jobs (the “portability”

Interaction of RFID Technology and Public Policy Presentation at RFID Privacy MIT 15 TH November 2003 By Rakesh Kumar

Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.

Identity Theft & Data Security Concerns Are You Meeting Your Obligations to Protect Customer Information? Finance & Administration Roundtable February.

Privacy Policy Workshop M. Ryan Calo, Center for Internet and Society, Stanford Law School Mali Friedman, Covington & Burling LLP, San Francisco Office.

USA PATRIOT Act and Libraries Eric Johnson & Rodney Clare Jackman Sims Memorial Library.

Protecting Library Users' Privacy in a Digital Age Swedish Library Association May, 2014 Barbara Jones, American Library Association.

Research Development for Android Coopman Tom. What is Android?  Smartphone operating system  Google  Popular  ‘Easy to develop’  Open-Source  Linux.

1 GRAND VALLEY STATE UNIVERSITY FAMILY EDUCATIONAL RIGHTS & PRIVACY ACT (FERPA) TRAINING OFFICES OF THE REGISTRAR AND UNIVERSITY COUNSEL JANUARY 20, 2009.

Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.

1 The Engineer as a Professional Privacy. 2 After reading the articles please answer the following questions. 1) Is privacy a concern that engineers have.

Institute of Information Systems, Humboldt University, 2006· Privacy Engineering Sarah Spiekermann & Lorrie Faith Cranor DIMACS Workshop, Rutgers University.

TRAIN Policies An Overview Karen K. Ngowe, MA, MI-TRAIN Administrator Phone:

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Service Organization Control (SOC) Reporting Options and Information

Outsourcing Louis P. Piergeti VP, IIROC March 29, 2011.

Confidentiality, Consents and Disclosure Recent Legal Changes and Current Issues Presented by Pam Beach, Attorney at Law.

ALIVE: Module 4 ETHICS IN THE REAL WORLD Where does ethical behavior start/stop and legal requirements begin.

KET ENCYCLOMEDIA STUDENT ACCOUNT CHANGES

BusinessAllstars.com 1 BusinessAllstars.com Presents Copyright © 2004 by Gainbridge Associates All right reserved This material may not be used or reproduced.

7-Oct-15 Threat on personal data Let the user be aware Privacy and protection.

Part 6 – Special Legal Rights and Relationships Chapter 35 – Privacy Law Prepared by Michael Bozzo, Mohawk College © 2015 McGraw-Hill Ryerson Limited 34-1.

Federated or Not: Secure Identity Management Janemarie Duh Identity Management Systems Architect Chair, Security Working Group ITS, Lafayette College.

Privacy in computing Material/text on the slides from Chapter 10 Textbook: Pfleeger.

IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.

Lesson Title: Privacy Overview Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This.

Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.

Customer Interface for wuw.com 1.Context. Customer Interface for wuw.com 2. Content Our web-site can be classified as an service-dominant website. 3.

Patron Privacy Issues Cindy Cunningham – OHSU. Overview Balancing demands (academic environment) Privacy in Libraries System Privacy  Vendor  Institution/Library.

Policies for Information Sharing April 10, 2006 Mark Frisse, MD, MBA, MSc Marcy Wilder, JD Janlori Goldman, JD Joseph Heyman, MD.

Sears Privacy Policy & Security information Shaina Lacher.

ECT 455/HCI 513 ECT 4 55/HCI 513 E-Commerce Web Site Engineering Legal Issues.

Personalization versus Privacy Ramnath K. Chellappa Raymond G. Sin Chanhong Min.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

How to Manage Risk. This is the process involves the process for any application from a: Individual Cardholder Company or Corporate cards Merchants Any.

Protecting your search privacy A lesson plan created & presented by Maria Bernhey (MLS) Adjunct Information Literacy Instructor

7/7/20161 The Public Sector Equality Duty for Schools in England Jonathan Timbers – Policy Manager, PSED Team, Equality and Human Rights Commission.

Visibook is instant, simple, and dynamic appointment booking We're headquartered in San Francisco, California "Visibook is awesome. My entire studio was.

Juvenile Legislative Update 2013 Confidentiality of Records and Interagency Sharing of Educational Records.

Buying and Selling Real Property CHAPTER THIRTY-ONE.

Facebook privacy policy

Surveillance around the world

Walter Fletcher, Jeff Noles, Tiffany Russell, Shalonda Witcher

Corporate Booking Tools

"Our vision is to be earth's most customer-centric company; to build a place where people can come to find and discover anything they might want to buy.

Michael Spiegel, Esq Timothy Shimeall, Ph.D.

Shavonne Henry, Nikia Clarke, David Heymann, Brandon Knight

Legal and Ethical Issues in E-Commerce

Service Organization Control (SOC)

KET ENCYCLOMEDIA STUDENT ACCOUNT CHANGES

PERSONAL DATA PROTECTION ACT 2010

Cyber Issues Facing Medical Practice Managers

Big Data Considerations

Move this to online module slides 11-56

2016 Annual CPNI Training CPNI & PI Awareness Beth Slough,

Protecting Your Credit

Current Privacy Issues That May Affect Your Credit Union

Prepared by the Office of the Registrar

THE 13TH NATIONAL HIPAA SUMMIT HEALTH INFORMATION PRIVACY & SECURITY IN SHARED HEALTH RECORD SYSTEMS SEPTEMBER 26, 2006 Paul T. Smith, Esq. Partner,

Privacy and Information Quality

Student Privacy in the age of big data

What does that have to do with me?

Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.

Colorado “Protections For Consumer Data Privacy” Law

Privacy Principles Melinda Clarke.

IT and Society Week 2: Privacy.

Presentation transcript:

Jim Loter Director of Information Technology The Seattle Public Library @jimloter

& privacy personalization The tension between in public libraries (confidentiality) & personalization in public libraries

An individual’s ability to personally control information about him/herself

The treatment of information that an individual has disclosed in a relationship of trust with the expectation that it will not be divulged to others without permission.

Privacy is the right to open inquiry without having the subject of one’s interests examined or scrutinized by others. Confidentiality exists when a library is in possession of personally identifiable information about users and keeps that information private on their behalf.

Protects the confidentiality of borrower records as part of its commitment to intellectual freedom Requests for information and materials Loan transactions Online activity The Library will keep patron records confidential and will not disclose this information except as necessary for the proper operation of the Library, upon consent of the user, pursuant to subpoena or court order, or as otherwise required by law.

We Know Nothing

Personalization the ability to tailor experiences to the tastes of individual consumers based upon their personal information.

What we hear from patrons I want to get automated reading recommendations I want to be notified when [author’s] new book is released I want to receive notifications when the library schedules an event I want to be able to keep track of my reading history

What we (also) hear from patrons I don’t want to log on to a site that’s not operated by the library I don’t want the library to share my data with [third party] I don’t want the titles of the books I’m checking out to display on the check-out monitors I know that you share data with the [NSA | FBI | CIA | Illuminati | Trilateral Commission]

Personalization Organization’s ability to collect data Consumer’s willingness to share

Benefit: Value received Personalization Cost: Loss of privacy Benefit: Value received Risk perception is an individual’s belief regarding the probability of gains or losses associated with purchasing goods or services

Case 1: BiblioCommons Library’s online catalog moved from local service to hosted service Third-party would have access to patron accounts and records Company located in Canada Service requires separate registration and creation of username, validation age Service encourages “sharing” – reading lists, reviews, ratings, etc.

Search Library Holdings Case 2: Kindle Books Search Library Holdings (SPL) Request Item (OverDrive) Receive Item (Amazon) Policy Contract ?? consent of the user

Privacy Domains Self Library Library Partners Other parties

Concern for Information Privacy An individual’s CFIP is a general concern about how organizations use and protect personal information Collection Unauthorized secondary use Improper access Errors Smith, H. J., S. J. Milberg, and S. J. Burke (1996) "Information privacy: Measuring individuals' concerns about organizational practices," MIS Quarterly (20) 2, pp. 167-196.

CFIP Risk Assessment Framework Collection User registration requiring personal information Retention of information Unauthorized secondary use Data may be sold to or used by third parties Profiling based on preferences and use patterns Improper access Lack of security on data-at-rest Exposure of data-in-transit Errors Mis-configuration may lead to improper billing, delayed delivery, etc.

FTC: Fair Information Practices Notice Choice Access Integrity Enforcement

FTC: Information Classifications Anonymous – IP address, browser, OS, local time Personally unidentifiable information – age, DOB, gender, ZIP code, interests, hobbies Personally identifiable information – name, email address, phone number, SSN, credit card

Trust CFIP concerns become realized when users engage in transactions, and may affect (and be affected by) the trust that individuals place in the organization. Ability Benevolence Integrity Ability beliefs pertain to the merchant's competence. Benevolence beliefs reflect whether the consumer believes that the merchant will do good by the consumer, and will not be motivated purely by a profit motive. Integrity refers to the consumer's beliefs about whether the merchant lives up to a set of rules that are acceptable to the consumer. Mayer, R. C., J. H. Davis, and F. D. Schoorman (1995) "An integrative model of organizational trust," Academy of Management Review (20) 3, pp. 709-734.

Considerations for Personalization CFIP Trust FIP