Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 1 Fair Information Practice.

Slides:



Advertisements
Similar presentations
Data Protection Billy Hawkes Data Protection Commissioner Irish Human Rights Commission 20 November 2010.
Advertisements

The Law of Privacy Prof. Michael Madison – University of Pittsburgh School of Law – January 22, 2004 [1] What is privacy? [2] What law regulates privacy?
International Privacy Laws Ashley Michele Green Sensitive Information in a Wired World October 30, 2003.
E-Commerce and the Law Section Understanding Business and Personal Law E-Commerce and the Law Section 13.3 Contracts for the Sale of Goods Electronic.
Privacy on the WEB Privacy on the WEB Group 0227 Efrain Castro, Dinesh Parmer, Michael Raiford Robert Reich, Kim Walker, Claudia Worme.
US Constitution and Right to Privacy Generally only protects against government action Doesn’t obligate government to do something, but rather to refrain.
Today’s Schools face:  Numerous State and Federal Regulations  Reduced Technology Funding  More Stringent Guidelines for Technology Use.
Introduction to Online Resources Aeronautics & Astronautics, Mechanical Engineering and Ship Science Michael Whitton November 2011 & February 2012 University.
Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.
Privacy and the Right to Know Grayson Barber, Esq. Grayson Barber, LLC.
IS3350 Security Issues in Legal Context
Introduction to Online Resources Aeronautics & Astronautics, Mechanical Engineering and Ship Science Michael Whitton February/March 2013 University Library.
13.1 Chapter 13 Privacy © 2003 by West Legal Studies in Business/A Division of Thomson Learning.
CSE2500 Systems Security and Privacy Week 11 Privacy Law in Australia (after 2000)
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Fair Information.
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Privacy Law.
CS294-1 Deeply Embedded Networks Privacy Discussion 11/25/03 David Culler University of California, Berkeley.
Disclaimer This Presentation is provided “as is” without any express or implied warranty. This Presentation is for educational purposes only and does not.
CyLab Usable Privacy and Security Laboratory 1 Privacy Policy, Law and Technology Privacy Law September 9, 2010.
Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 1 Intellectual Property.
Literature Review Week 3 Lecture 1. School of Information Technologies Faculty of Science, College of Sciences and Technology The University of Sydney.
3 Ethics and Privacy.
CyLab Usable Privacy and Security Laboratory 1 Privacy Policy, Law and Technology Fair Information Practices September 7, 2010.
A European View of Privacy Protection John Woulds Director of Operations UK Data Protection Commissioner National Conference on Privacy, Technology & Criminal.
Per Anders Eriksson
The U.S.-E.U. Safe Harbor Framework The U.S.-E.U. Safe Harbor Framework New Developments in Data Flows, Standards, & Compliance Damon Greer U.S. Department.
Transborder dataflows Flow of information across national borders Much of this data involves personal information.
Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
Class 13 Internet Privacy Law European Privacy.
THE CHOICES WE MAKE THAT MATTER – International Data Privacy/Protection JILL L. UREY, ASSISTANT GENERAL COUNSEL MID-ATLANTIC CIO FORUM NOVEMBER 20, 2014.
E-Commerce and the Law Section Understanding Business and Personal Law E-Commerce and the Law Section 13.3 Contracts for the Sale of Goods What.
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2004 Lorrie Cranor 1 Fair Information Practice.
Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.
Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.
CLOUD AND SECURITY: A LEGISLATOR'S PERSPECTIVE 6/7/2013.
Legal aspects Based on Law in the Internet Age Sharon K. Black.
1 SAFE HARBOR FRAMEWORK Barbara S. Wellbery Morrison & Foerster LLP 2000 Pennsylvania Avenue Washington, DC /
Component 4: Introduction to Information and Computer Science Unit 2: Internet and the World Wide Web 1 Component 4/Unit 2Health IT Workforce Curriculum.
Notes for Discussion on a Privacy Practice © Joe Cleetus.
25-1 Chapter 1 Legal Heritage and the Digital Age.
Federal Trade Commission required to issue and enforce regulations concerning children’s online privacy. Initial COPPA Rule effective April 21, 2000;
The European influence on privacy law and practice Nigel Waters, Pacific Privacy Consulting International Dimension of E-commerce and Cyberspace Regulation.
Privacy Professional Practice for Computer Science Guest Lecture, 05 March 2007 Philippa Lawson Director, Canadian Internet Policy & Public Interest Clinic.
IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.
Plagiarism - You can do Something About it... Copyright ©2000 Rochester Institute of Technology, Wallace.
Europe's work in progress: quality of mHealth Pēteris Zilgalvis, J.D., Head of Unit, Health and Well-Being, DG CONNECT Voka Health Community 29 September.
Family Educational Rights and Privacy Act (FERPA) UNION COLLEGE.
COPYRIGHT © 2011 South-Western/Cengage Learning. 1 Click your mouse anywhere on the screen to advance the text in each slide. After the starburst appears,
Robert Guerra Director, CryptoRights Foundation Implementing Privacy Implementing Privacy: Rules of the Game for Developers Mac-Crypto Conference on Macintosh.
Patient Confidentiality and Electronic Medical Records Ann J. Olsen, MBA, MA Information Security Officer and Director, Information Management Planning.
LAW OF COMPUTER TECHNOLOGY FALL 2015 © 2015 MICHAEL I. SHAMOS Regulatory Law Michael I. Shamos, Ph.D., J.D. Institute for Software Research School of.
14.1 Chapter 14 Privacy © 2003 by West Legal Studies in Business/A Division of Thomson Learning.
C MU U sable P rivacy and S ecurity Laboratory 1 Privacy Policy, Law and Technology Fair Information Practices September 9, 2008.
Student Financial Assistance. Session 55-2 Session 55 Internet Privacy Laws.
Approved for Public Release. Distribution Unlimited. 1 Government Privacy Rick Newbold, JD, MBA, CIPP/G Futures Branch 28.
Copyright Laws Dodge City Public Schools November 2013 Compiled By: 6-12 Academic Coaches and DCHS Librarian Approved By: 6-12 Administrators.
Copyright © 2015 by Saunders, an imprint of Elsevier Inc. All rights reserved. Chapter 3 Privacy, Confidentiality, and Security.
Jody Blanke, Professor Computer Information Systems and Law 1.
Human Subjects Update E. Wethington, Chair, UCHS.
CHAPTER SIXTEEN The Right to Privacy and Other Protections from Employer Intrusions.
Privacy. Some Web Science Issues Kieron O’Hara 29 November 2011.
Privacy and ‘Big Data’: the European perspective Human Subjects’ Protections in the Digital Age: IRB, Privacy and Big Data Peter Elias, University of Warwick.
Consumer Information Federal Trade Commission Act grants Federal Trade Commission (FTC) responsibility regarding unfair methods of competition and unfair.
Privacy and the Law.
Surveillance around the world
Data Protection: EU & International
The Law of Journalism & Mass Communication
Component 4: Introduction to Information and Computer Science Unit 2: Internet and the World Wide Web Lecture 4 This material was developed by Oregon.
Employee Privacy and Privacy of Employee Information
Legal Terms electronic commerce (p. 284) electronic signature (p.286)
Presentation transcript:

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 1 Fair Information Practice Principles and Privacy Laws Week 3 - September 12, 14

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 2 More homework 1 review Web cams Privacy in the news Issues privacy groups are working on Any questions about plagiarism?

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 3 Using Library Resources

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 4 CMU Libraries ( Engineering and Science (a.k.a. E&S) Location: Wean Hall, 4 th floor Subjects: Computer Science, Engineering, Mathematics, Physics, Science, Technology Hunt (CMU’s main library) Location: Its own building (possibly 2 nd ugliest on campus behind Wean), between Tepper and Baker Subjects: Arts, Business, Humanities, Social Sciences Software Engineering Institute (a.k.a. SEI) Location: SEI Building (4500 Fifth Avenue), 3 rd floor Subjects: Security, Software, Technology Research and Communication Skills

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 5 START HERE: Cameo Cameo is CMU’s online library catalog Catalogs everything CMU has: books, journals, periodicals, multimedia, etc. Search by key words, author, title, periodical title, etc. Research and Communication Skills

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 6 CAMEO: Search Result for “Cranor” Number of copies and status Library

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 7 CAMEO: Search Result for “Solove” Due date

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 8 If it’s not in Cameo, but you need it today: Local Libraries Carnegie Library of Pittsburgh Two closest locations  Oakland: Practically on campus (4400 Forbes Ave.)  Squirrel Hill: Forbes & Murray (5801 Forbes Ave.) University of Pittsburgh Libraries 16 libraries! Information science, Engineering, Law, Business, etc. Research and Communication Skills

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 9 If it’s not in Cameo, and you can wait: ILLiad and E-ZBorrow ILLiad and E-ZBorrow are catalogs of resources available for Interlibrary Loan from other libraries nationwide (ILLiad) and in Pennsylvania (E-ZBorrow) Order items online (almost always free) Wait for delivery – average 10 business days Find links to ILLiad and E-ZBorrow online catalogs at Research and Communication Skills

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 10 Other Useful Databases Links to many more databases, journal collections Must be accessed on campus or through VPN Lexis-Nexis Massive catalog of legal sources – law journals, case law, news stories, etc. IEEE and ACM journal databases IEEE Xplore and ACM Digital Library INSPEC database Huge database of scientific and technical papers JSTOR Arts & Sciences, Business, Mathematics, Statistics Research and Communication Skills

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 11 And of course… Reference librarians are available at all CMU libraries, and love to help people find what they need – just ask! Research and Communication Skills

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 12 OECD fair information principles berlin.de/gesetze/internat/ben.htm Collection limitation Data quality Purpose specification Use limitation Security safeguards Openness Individual participation Accountability

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 13 US FTC simplified principles Notice and disclosure Choice and consent Data security Data quality and access Recourse and remedies US Federal Trade Commission, Privacy Online: A Report to Congress (June 1998),

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 14 Privacy laws around the world Privacy laws and regulations vary widely throughout the world US has mostly sector-specific laws, with relatively minimal protections - often referred to as “patchwork quilt” Federal Trade Commission has jurisdiction over fraud and deceptive practices Federal Communications Commission regulates telecommunications European Data Protection Directive requires all European Union countries to adopt similar comprehensive privacy laws that recognize privacy as fundamental human right Privacy commissions in each country (some countries have national and state commissions) Many European companies non-compliant with privacy laws (2002 study found majority of UK web sites non-compliant)

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 15 US law basics Constitutional law governs the rights of individuals with respect to the government Tort law governs disputes between private individuals or other private entities Congress and state legislatures adopt statutes Federal agencies can adopt regulations which are equivalent to statutes, as long as they don’t conflict with statute

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 16 US Constitution No explicit privacy right, but a zone of privacy recognized in its penumbras, including 1st amendment (right of association) 3rd amendment (prohibits quartering of soldiers in homes) 4th amendment (prohibits unreasonable search and seizure) 5th amendment (no self-incrimination) 9th amendment (all other rights retained by the people) Penumbra: “fringe at the edge of a deep shadow created by an object standing in the light” (Smith 2000, p. 258, citing Justice William O. Douglas in Griswold v. Connecticut)

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 17 Federal statutes and state laws Federal statutes Tend to be narrowly focused State law State constitutions may recognize explicit right to privacy (Georgia, Hawaii) State statutes and common (tort) law Local laws and regulations (for example: ordinances on soliciting anonymously)

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 18 Four aspects of privacy tort You can sue for damages for the following torts (Smith 2000, p ) Disclosure of truly intimate facts  May be truthful  Disclosure must be widespread, and offensive or objectionable to a person of ordinary sensibilities  Must not be newsworthy or legitimate public interest False light  Personal information or picture published out of context Misappropriation (or right of publicity)  Commercial use of name or face without permission Intrusion into a person’s solitude

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 19 How does the law regulate privacy? Law may require waiving privacy interests Law may enforce privacy interests Typically, the law identifies relevant privacy interests to protect, identifies relevant interests supporting disclosure, and tries to balance both sets of issues in a single resolution

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 20 Difficult legal problems Can an individual “own” (and therefore sell) his or her own privacy rights? Should the default assumption be “protect the privacy interest” or “compel waiver of the privacy interest”? When should the law defer to informal or social norms, or to technological barriers or solutions?

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 21 Some US privacy laws Bank Secrecy Act, 1970 Fair Credit Reporting Act, 1971 Privacy Act, 1974 Right to Financial Privacy Act, 1978 Cable TV Privacy Act, 1984 Video Privacy Protection Act, 1988 Family Educational Right to Privacy Act, 1993 Electronic Communications Privacy Act, 1994 Freedom of Information Act, 1966, 1991, 1996

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 22 US law – recent additions HIPAA (Health Insurance Portability and Accountability Act, 1996) When implemented, will protect medical records and other individually identifiable health information COPPA (Children‘s Online Privacy Protection Act, 1998) Web sites that target children must obtain parental consent before collecting personal information from children under the age of 13 GLB (Gramm-Leach-Bliley-Act, 1999) Requires privacy policy disclosure and opt-out mechanisms from financial service institutions

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 23 Safe harbor Membership US companies self-certify adherence to requirements Dept. of Commerce maintains signatory list Signatories must provide  notice of data collected, purposes, and recipients  choice of opt-out of 3rd-party transfers, opt-in for sensitive data  access rights to delete or edit inaccurate information  security for storage of collected data  enforcement mechanisms for individual complaints Approved July 26, 2000 by EU reserves right to renegotiate if remedies for EU citizens prove to be inadequate

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 24 Data protection agencies Australia: Canada: France: Germany: Hong Kong: Italy: Spain: Switzerland: UK: … And many more

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 25 Writing a Literature Review

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 26 Writing a literature review What is a literature review? A critical summary of what has been published on a topic  What is already known about the topic  Strengths and weaknesses of previous studies Often part of the introduction or a section of a research paper, proposal, or thesis A literature review should be organized around and related directly to the thesis or research question you are developing synthesize results into a summary of what is and is not known identify areas of controversy in the literature formulate questions that need further research Dena Taylor and Margaret Procter The literature review: A few tips on conducting it. Research and Communication Skills

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 27 Literature review do’s and don’ts Don’t create a list of article summaries or quotes Do point out what is most relevant about each article to your paper Do compare and contrast the articles you review Do highlight controversies raised or questions left unanswered by the articles you review Do take a look at some examples of literature reviews or related work sections before you try to create one yourself For an example, of a literature review in a CS conference paper see section 2 of Research and Communication Skills

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 28 Homework 2 Privacy laws Technologies that raise privacy concerns

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 29 Homework 3

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 30 Announcements Don’t forget that project brainstorming is due by Monday

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.