Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 1 Intellectual Property.

Slides:



Advertisements
Similar presentations
Privacy Today Privacy Day January 28, 2008 International Association of Privacy Professionals.
Advertisements

EU Privacy Directive. What is a directive? A piece of European legislation, passed by bureaucrats, addressed to member states Member states must ensure.
The Law of Privacy Prof. Michael Madison – University of Pittsburgh School of Law – January 22, 2004 [1] What is privacy? [2] What law regulates privacy?
Privacy on the WEB Privacy on the WEB Group 0227 Efrain Castro, Dinesh Parmer, Michael Raiford Robert Reich, Kim Walker, Claudia Worme.
US Constitution and Right to Privacy Generally only protects against government action Doesn’t obligate government to do something, but rather to refrain.
1 Marketing Violent Entertainment to Children The FTC’s Reports on Self-Regulation and Industry Practices in the Motion Picture, Music Recording & Electronic.
Interaction of RFID Technology and Public Policy Presentation at RFID Privacy MIT 15 TH November 2003 By Rakesh Kumar
Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.
Consumer Privacy and Information Access Professor Matt Thatcher.
Children's Online Privacy Protection Act and the Video Privacy Protection Act By: Alana Rushing.
IS3350 Security Issues in Legal Context
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 1 Fair Information Practice.
The Internet industry’s privacy seal program Silicon Valley Web Guild.
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Privacy Self-Regulation.
BGS Customer Relationship Management Chapter 13 Privacy and Ethics Considerations Chapter 13 Privacy and Ethics Considerations Thomson Publishing 2007.
Internet Privacy Policies Presented by: Paul Frenken President, COLAIP.
1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,
13.1 Chapter 13 Privacy © 2003 by West Legal Studies in Business/A Division of Thomson Learning.
Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Privacy Law.
Usable Privacy and Security Carnegie Mellon University Spring 2008 Lorrie Cranor 1 Introduction to Privacy January.
Usable Privacy and Security Carnegie Mellon University Spring 2007 Cranor/Hong 1 Introduction to Privacy January.
P3P: Platform for Privacy Preferences Charlin Lu Sensitive Information in a Wired World November 11, 2003.
Privacy in Ontario Brian Beamish Office of the Information and Privacy Commissioner/Ontario Presentation to Security Canada Central 2002 International.
Privacy 1. Definitions of Privacy The right to be let alone – Harvard Law Review article by Brandeis and Chase in Abigail v. Franklin Mills.
Computers and Society Carnegie Mellon University Spring 2007 Cranor/Tongia 1 Regulating Online Speech / Privacy.
Disclaimer This Presentation is provided “as is” without any express or implied warranty. This Presentation is for educational purposes only and does not.
CyLab Usable Privacy and Security Laboratory 1 Privacy Policy, Law and Technology Privacy Law September 9, 2010.
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 History and.
3 Ethics and Privacy.
Privacy as an International Information Issue MD823 October 18, 2004.
CMU Usable Privacy and Security Laboratory Power Strips, Prophylactics, and Privacy, Oh My! Julia Gideon, Serge Egelman, Lorrie.
Privacy as an International Information Issue MD823 September 22, 2003.
Per Anders Eriksson
The U.S.-E.U. Safe Harbor Framework The U.S.-E.U. Safe Harbor Framework New Developments in Data Flows, Standards, & Compliance Damon Greer U.S. Department.
Transborder dataflows Flow of information across national borders Much of this data involves personal information.
Taking Steps to Protect Privacy A presentation to Hamilton-area Physiotherapy Managers by Bob Spence Communications Co-ordinator Office of the Ontario.
Class 13 Internet Privacy Law European Privacy.
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2004 Lorrie Cranor 1 Privacy Self-Regulation.
Banks and the Privacy of Medical Information 8 th National HIPAA Summit March 8, 2004 Joy Pritts, JD Health Policy Institute Georgetown University
E-Commerce and the Law Section Understanding Business and Personal Law E-Commerce and the Law Section 13.3 Contracts for the Sale of Goods What.
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2004 Lorrie Cranor 1 Fair Information Practice.
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 1 History and Philosophy Week.
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2004 Lorrie Cranor 1 Overview Week 1 - August.
1 Click to Check Public FTAA.ecom/inf/122 February 13, 2002 Original: English.
1 SAFE HARBOR FRAMEWORK Barbara S. Wellbery Morrison & Foerster LLP 2000 Pennsylvania Avenue Washington, DC /
Notes for Discussion on a Privacy Practice © Joe Cleetus.
Federal Trade Commission required to issue and enforce regulations concerning children’s online privacy. Initial COPPA Rule effective April 21, 2000;
Class Discussion Notes MKT April 10, 2001.
IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.
COPYRIGHT © 2011 South-Western/Cengage Learning. 1 Click your mouse anywhere on the screen to advance the text in each slide. After the starburst appears,
FIRMA April 2010 SOCIAL NETWORKING Christine M. Farquhar Managing Director, Compliance J.P. Morgan U.S. Private Banking.
G:\99Q3\9220\PD\AJD2.PPT 1 Harriet P. Pearson Chief Privacy Officer IBM February 7, 2003 IBM.
Federal Trade Commission U.S. Rules on Privacy and Data Security Organization for International Investment General Counsel Conference October 16, 2009.
14.1 Chapter 14 Privacy © 2003 by West Legal Studies in Business/A Division of Thomson Learning.
ECT 455/HCI 513 ECT 4 55/HCI 513 E-Commerce Web Site Engineering Legal Issues.
Student Financial Assistance. Session 55-2 Session 55 Internet Privacy Laws.
Lecture 8 ETHICAL AND SOCIAL ISSUES IN INFORMATION SYSTEMS (continued) © Prentice Hall
Privacy Advisory Services … … A Best Practices, Integrated Approach Insert Firm Name Here.
PRIVACY, LAW & ETHICS MBA 563. Source: eMarketing eXcellence Chaffey et al. BH Overview: Establishing trust and confidence in the online world.
Protecting Yourself from Fraud including Identity Theft Personal Finance.
Cyberlaw. “The moving finger writes; and, having writ Moves on: nor all thy piety nor wit Shall lure it back to cancel half a line. Nor all thy tears.
1 Privacy Lessons from Other Industries Chris Zoladz, CIPP, Vice President, Information Protection Marriott International, President, International Association.
Privacy. Some Web Science Issues Kieron O’Hara 29 November 2011.
Consumer Information Federal Trade Commission Act grants Federal Trade Commission (FTC) responsibility regarding unfair methods of competition and unfair.
Privacy and the Law.
Surveillance around the world
Component 4: Introduction to Information and Computer Science Unit 2: Internet and the World Wide Web Lecture 4 This material was developed by Oregon.
Employee Privacy and Privacy of Employee Information
Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .
Presentation transcript:

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 1 Intellectual Property / Privacy Week 6 - February 21, 23

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 2 Class debate #3 Google should not be permitted to scan and index library books and make short snippets from them available without permission of each book's copyright holder.

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 3 “Willfull Infringement”

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 4

5 Homework 3 discussion sp06/hw3.html sp06/hw3.html

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 6 Administrivia Reminder, paper topic and abstract due next Thursday Please submit them via the homework address

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 7 What does privacy mean to you?

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 8 What is privacy? “Being alone.” - Shane (age 4)

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 9 Westin “Privacy and Freedom” 1967 “Privacy is the claim of individuals, groups or institutions to determine for themselves when, how, and to what extent information about them is communicated to others” Privacy is not an absolute

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 10 Privacy as process “Each individual is continually engaged in a personal adjustment process in which he balances the desire for privacy with the desire for disclosure and communication….” - Alan Westin, 1967

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 11 Westin’s four states of privacy Solitude individual separated from the group and freed from the observation of other persons Intimacy individual is part of a small unit Anonymity individual in public but still seeks and finds freedom from identification and surveillance Reserve the creation of a psychological barrier against unwanted intrusion - holding back communication

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 12 Westin’s four functions of privacy Personal autonomy control when you go public about info Emotional release be yourself permissible deviations to social or institutional norms Self-evaluation Limited and protected communication

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 13 Different views of privacy Privacy as limited access to self the extent to which we are known to others and the extent to which others have physical access to us Privacy as control over information not simply limiting what others know about you, but controlling it this assumes individual autonomy, that you can control information in a meaningful way (not blind click through, for example)

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 14 Privacy as animal instinct Eagles eating a deer carcass Is privacy necessary for species survival?

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 15 Multiple facets of privacy How can posting personal information about myself on my web site result in a reduction of my privacy? How can it result in an increase in my privacy?

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 16 Privacy surveys find concerns Increasingly people say they are concerned about online privacy (80-90% of US Net users) Improved privacy protection is factor most likely to persuade non-Net users to go online 27% of US Net users have abandoned online shopping carts due to privacy concerns 64% of US Net users decided not to use a web site or make an online purchase due to privacy concerns 34% of US Net users who do not buy online would buy online if they didn’t have privacy concerns

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 17 Beyond concern April 1999 Study: Beyond Concern: Understanding Net Users' Attitudes About Online Privacy by Cranor, Ackerman and Reagle (US panel results reported) privacystudy/ Internet users more likely to provide info when they are not identified Some types of data more sensitive than others Many factors important in decisions about information disclosure Acceptance of persistent identifiers varies according to purpose Internet users dislike automatic data transfer

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 18 Few read privacy policies 3% review online privacy policies carefully most of the time Most likely to review policy before providing credit card info Policies too time consuming to read and difficult to understand 70% would prefer standard privacy policy format Most interested in knowing about data sharing and how to get off marketing lists People are more comfortable at sites that have privacy policies, even if they don’t read them

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 19 Survey references Mark S. Ackerman, Lorrie Faith Cranor and Joseph Reagle, Beyond Concern: Understanding Net Users ’ Attitudes About Online Privacy, (AT&T Labs, April 1999), Mary J. Culnan and George R. Milne, The Culnan-Milne Survey on Consumers & Online Privacy Notices: Summary of Responses, (December 2001), Cyber Dialogue, Cyber Dialogue Survey Data Reveals Lost Revenue for Retailers Due to Widespread Consumer Privacy Concerns, (Cyber Dialogue, November 7, 2001), Forrester Research, Privacy Issues Inhibit Online Spending, (Forrester, October 3, 2001). Louis Harris & Associates and Alan F. Westin, Commerce, Communication and Privacy Online (Louis Harris & Associates, 1997), Louis Harris & Associates and Alan F. Westin. E-Commerce and Privacy, What Net Users Want, (Sponsored by Price Waterhouse and Privacy & American Business. P & AB, June 1998). Opinion Research Corporation and Alan F. Westin. “ Freebies ” and Privacy: What Net Users Think. Sponsored by Privacy & American Business. P & AB, July Privacy Leadership Initiative, Privacy Notices Research Final Results, (Conducted by Harris Interactive, December 2001), An extensive list of privacy surveys from around the world is available from

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 20 Privacy laws and self-regulation

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 21 Terminology Data subject The person whose data is collected Data controller The entity responsible for collected data Primary use of personal information (primary purpose) Using information for the purposes intended by the data subjects when they provided the information Secondary use of personal information (secondary purpose) Using information for purposes that go beyond the primary purpose

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 22 OECD fair information principles berlin.de/gesetze/internat/ben.htm Collection limitation Data quality Purpose specification Use limitation Security safeguards Openness Individual participation Accountability

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 23 US FTC simplified principles Notice and disclosure Choice and consent Data security Data quality and access Recourse and remedies US Federal Trade Commission, Privacy Online: A Report to Congress (June 1998),

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 24 Laws and regulations Privacy laws and regulations vary widely throughout the world US has mostly sector-specific laws, with relatively minimal protections Federal Trade Commission has jurisdiction over fraud and deceptive practices Federal Communications Commission regulates telecommunications European Data Protection Directive requires all European Union countries to adopt similar comprehensive privacy laws Privacy commissions in each country (some countries have national and state commissions) Many European companies non-compliant with privacy laws (2002 study found majority of UK web sites non-compliant) Safe Harbor allows US companies to self-certify compliance

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 25 US law basics Constitutional law governs the rights of individuals with respect to the government Tort law governs disputes between private individuals or other private entities

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 26 US Constitution No explicit privacy right, but a zone of privacy recognized in its penumbras, including 1st amendment (right of association) 3rd amendment (prohibits quartering of soldiers in homes) 4th amendment (prohibits unreasonable search and seizure) 5th amendment (no self-incrimination) 9th amendment (all other rights retained by the people) Penumbra: “fringe at the edge of a deep shadow create by an object standing in the light” (Smith 2000, p. 258, citing Justice William O. Douglas in Griswold v. Connecticut)

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 27 Federal statutes and state laws Federal statutes Tend to be narrowly focused State law State constitutions may recognize explicit right to privacy (Georgia, Hawaii) State statutes and common (tort) law Local laws and regulations (for example: ordinances on soliciting anonymously)

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 28 Four aspects of privacy tort You can sue for damages for the following torts (Smith 2000, p ) Disclosure of truly intimate facts  May be truthful  Disclosure must be widespread, and offensive or objectionable to a person of ordinary sensibilities  Must not be newsworthy or legitimate public interest False light  Personal information or picture published out of context Misappropriation (or right of publicity)  Commercial use of name or face without permission Intrusion into a person’s solitude

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 29 Some US privacy laws Bank Secrecy Act, 1970 Fair Credit Reporting Act, 1971 Privacy Act, 1974 Right to Financial Privacy Act, 1978 Cable TV Privacy Act, 1984 Video Privacy Protection Act, 1988 Family Educational Right to Privacy Act, 1993 Electronic Communications Privacy Act, 1994 Freedom of Information Act, 1966, 1991, 1996

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 30 US law – recent additions HIPAA (Health Insurance Portability and Accountability Act, 1996) When implemented, will protect medical records and other individually identifiable health information COPPA (Children‘s Online Privacy Protection Act, 1998) Web sites that target children must obtain parental consent before collecting personal information from children under the age of 13 GLB (Gramm-Leach-Bliley-Act, 1999) Requires privacy policy disclosure and opt-out mechanisms from financial service institutions

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 31 Safe harbor Membership US companies self-certify adherence to requirements Dept. of Commerce maintains signatory list Signatories must provide  notice of data collected, purposes, and recipients  choice of opt-out of 3rd-party transfers, opt-in for sensitive data  access rights to delete or edit inaccurate information  security for storage of collected data  enforcement mechanisms for individual complaints Approved July 26, 2000 by EU reserves right to renegotiate if remedies for EU citizens prove to be inadequate

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 32 Privacy self-regulation Since 1995, the US FTC has pressured companies to “self regulate” in the privacy area Self regulation may be completely voluntary or mandatory (or somewhere in between) Self-regulatory programs and initiatives Seals CPOs Privacy policies Platform for Privacy Preferences (P3P) Project Industry guidelines

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 33 Voluntary privacy guidelines Online Privacy Alliance Direct Marketing Association Privacy Promise privacy/privacypromise.shtml Network Advertising Initiative Principles CTIA Location-based privacy guidelines com.com/news/press/body.cfm?record_id=907

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 34

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 35 Chief privacy officers Companies are increasingly appointing CPOs to have a central point of contact for privacy concerns Role of CPO varies in each company Draft privacy policy Respond to customer concerns Educate employees about company privacy policy Review new products and services for compliance with privacy policy Develop new initiatives to keep company out front on privacy issue Monitor pending privacy legislation

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 36 Seal programs TRUSTe – BBBOnline – CPA WebTrust – Japanese Privacy Mark

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 37 Seal program problems Certify only compliance with stated policy Limited ability to detect non-compliance Minimal privacy requirements Don’t address privacy issues that go beyond the web site Nonetheless, reporting requirements are forcing licensees to review their own policies and practices and think carefully before introducing policy changes

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.