Privacy ECT 582 Robin Burke

Outline Homework #6 Privacy basics relationship to security privacy policies and requirements

Homework #6

Privacy Privacy is the interest that individuals have in sustaining a 'personal space', free from interference by other people and organizations. – Roger Clarke

Forms of privacy privacy of the person privacy of personal behavior privacy of personal communications privacy of personal data

Person Bodily privacy Issues compulsory immunization compulsory drug testing compulsory sterilisation abortion

Behavior Issues sexual orientation political activism religion I-Pass Related media privacy

Communication Issues wiretapping encryption

Data Information privacy Issues availability of personal data control over collected information

Competing interests intra-personal information privacy vs access to credit inter-personal behavior privacy vs health risk organizational body privacy vs insurance risk

Privacy protection Balancing privacy interest other interests Context parties interests issues

Privacy in E-Commerce Means data privacy Questions what information is collected about visitors to a site? what is done with that information? how are users informed of possible uses of their data?

Surveillance Personal surveillance tracking an individual Mass surveillance tracking a large group When using personal data dataveillance

E-commerce data Transactions Site registration info often included address Site visitations Browsing history Platform info from browser headers

Dataveillance techniques Front-end verification linking data in an application form against data in other systems Computer matching merging of data from separate information systems creating a merged profile Profiling identifying characteristics of "interesting" individuals in advance searching databases for matches

Identification weaker than authentication relationship between a system and an individual to be recognized An entity may have many identities same business  multiple contacts same business  multiple brandnames same individual  multiple addresses same individual  different user ids

Identity Anonymous data is not associated with any individual Personally-identified data is associated with identifying user information

Spectrum Totally private site accepts only e-cash delivers goods to pre-arranged dropoff points Totally invasive site installs trojan horse which downloads sensitive data data correlated with user's activites online and offline data sold to anybody and everybody

Issues Need to know the system shouldn't collect more information than is necessary for a transaction Third parties disclosure to one organization should not mean disclosure to the world Technical disclosure interaction leaks technical information

Anonymization Services exist to "anonymize" web interactions ssl connection to proxy server proxy server emits web requests proxy server gets responses and encrypts back to user proxy server may alter content handling cookies & web bugs modifying request headers

The data trail Personal data transaction records are essential to business relationships especially to next-generation e-commerce services like personalization also evaluating web site quality and features Problem these records have to most potential for privacy problem

Psuedonymity Pseudonomous data is associated with a consistent persona not directly linked to an individual Examples chat-room persona eBay user name

Benefits Provide stable identity removed by anonymizers Allow for personalized services Good fit for "multi-role" lives Lower privacy risk But idea not widely supported in e- commerce

Legal framework for privacy Children's privacy COPPA Self-regulation privacy seal

Fair information practices Guidelines from the FTC Notice Choice Access Security

Notice Consumers should be given clear and conspicuous notice of an entity's information practices before any personal information is collected from them Should consist of what data will be collected who is collecting data who will get the data how the data will be collected how the data will be used how the data will be protected whether data is mandatory or optional

Choice Consumers should be given options as to how any personal information collected from them may be used for purposes beyond those necessary to complete a contemplated transaction. Secondary uses placement on a (e)mailing list transfer to third party usability evaluation

Access An individual's ability both to access data about him or herself and to contest that data's accuracy and completeness. Difficult to implement esp. authentication Least popular

Security Protection of personal information against unauthorized access, use, or disclosure, and against loss or destruction.

COPPA Guidelines become mandatory for children under 13 Required posted privacy policy parental consent except for addresses in some conditions re-verify consent when policy changes allow parental review of collected data allow parent opt-out

Privacy seals TRUSTe BBBOnLine Privacy CPA WebTrust Entertainment Software Ratings Board

TRUSTe Non-profit consortium Process privacy policy self-assessment Assessment_v8.html remote audit of web site annual review

BBBOnLine Privacy Offered by Better Business Bureau Must be a BBB member Similar process to TRUSTe

CPA WebTrust Franchise available to CPAs licensed by WebTrust Differences on-site audit semi-annual review (They also do Certification Authorities)

ESRB Privacy For game sites Process similar to TRUSTe on-site audit quarterly anonymous review quarterly anonymous spot-checks

Final exam Submit via COL 9 pm 11/20 No late exams!