Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy Policy Issues and Pages on the WWWeb

Published byFay Glenn Modified over 6 years ago

Similar presentations

Presentation on theme: "Privacy Policy Issues and Pages on the WWWeb"— Presentation transcript:

1 Privacy Policy Issues and Pages on the WWWeb
Jason Turner INF 385E - Information Architecture & Design 1 UT School of Information 16 Sep 03

2 Overview What’s all the fuss about? A brief history of the universe
A mouthful of P’s (…or principles for providing [perceptions of] privacy on the Internet) Privacy practices in the wild

3 Overview What’s all the fuss about? A brief history of the universe
A mouthful of P’s (…or principles for providing [perceptions of] privacy on the Internet) Privacy practices in the wild

4 What’s all the fuss about?
1 Privacy (prī´və-sē) : The quality or condition of being secluded from the presence or view of others. The state of being free from unsanctioned intrusion: a person's right to privacy. The state of being concealed; secrecy. 1 The American Heritage® Dictionary of the English Language, Fourth Edition, © 2000

5 What’s all the fuss about?
1 Privacy (prī´və-sē) : The quality or condition of being secluded from the presence or view of others. The state of being free from unsanctioned intrusion: a person's right to privacy. The state of being concealed; secrecy. 1 The American Heritage® Dictionary of the English Language, Fourth Edition, © 2000

6 What’s all the fuss about?
1 Privacy (prī´və-sē) : The quality or condition of being secluded from the presence or view of others. The state of being free from unsanctioned intrusion: a person's right to privacy. The state of being concealed; secrecy. What is privacy/what does it mean on the Internet? 1 The American Heritage® Dictionary of the English Language, Fourth Edition, © 2000

7 What’s all the fuss about?
Primary concerns Internet is inherently open & interconnected system More data is being moved on line “It will soon be technologically possible for an average person to access virtually all recorded information.” 250 MB data/person 2 How Much Information? 2

8 What’s all the fuss about?
On-line habits / storage of others: Financial Medical Personal (life/travel, habits, associations, etc.) Privacy-related ills on the Internet SPAM (it’s not just for lunch anymore) “Cyber stalkers” and other cyber crimes Fraud Identity Theft Embarrassment/Libel Economic Loss

9 What’s all the fuss about?
Privacy on the Internet is NOT Access Control Biometrics Smart Cards Passwords Authentication Procedures Transmission Security Firewalls (HW/SW) Encryption Dedicated Circuits Hardened Facilities (EM/RF Interference/Interception) Operational Security Alternate Terms/Language Cookies

10 What’s all the fuss about?
Privacy on the Internet is NOT ONLY Access Control Biometrics Smart Cards Passwords Authentication Procedures Transmission Security Firewalls (HW/SW) Encryption Dedicated Circuits Hardened Facilities (EM/RF Interference/Interception) Operational Security Alternate Terms/Language Cookies

11 What’s all the fuss about?
Privacy issues on the Internet are synthesis of all factors affecting on-/off-line activities: Hardware Software Procedures/Activities Motivations Intentions Choices

12 What’s all the fuss about?
Privacy issues on the Internet are synthesis of all factors affecting on-/off-line activities: Hardware Software Procedures/Activities Motivations Intentions Choices Philosphy (the human factor)

13 Overview What’s all the fuss about? A brief history of the universe
A mouthful of P’s (…or principles for providing [perceptions of] privacy on the Internet) Privacy practices in the wild

14 A brief history of the universe
Like any good government… Section 5, Federal Trade Commission Act (1914) Privacy Act (1974) Electronic Communications Privacy Act (1986) Health Insurance Portability and Accountability Act (1996) Children’s Online Privacy Protection Act (1988) Financial Modernization Act/Gramm-Leach-Bliley Act (1999) Fair Credit Reporting Act (2002) Online Personal Privacy Protection Act (2002)

15 A brief history of the universe
Section 5, Federal Trade Commission Act (1914, and subsequent amendments) Prohibits unfair/deceptive practices Companies should keep their promises to consumers about privacy initiatives and precautions taken to ensure safety of personal information collected

16 A brief history of the universe
Privacy Act (1974) Regulate collection, use and disclosure of personal information by government agencies Notion of “fair information practices” Electronic Communications Privacy Act (1986) Regulates privacy/disclosure issues surrounding data sent/stored via electronic means Health Insurance Portability and Accountability Act (1996) Encourage electronic transactions AND requires safeguards to protect security/confidentiality of health information

17 A brief history of the universe
Children’s Online Privacy Protection Act (1988) Provides control over what information is collected from children online and how it may be used Financial Modernization Act/Gramm-Leach-Bliley Act (1999) Companies provide consumers with explanations of information-sharing practices AND consumers must be able to limit extent of sharing

18 A brief history of the universe
Fair Credit Reporting Act (2002) Promotes accuracy in consumer credit reports and protects information w/in them Online Personal Privacy Protection Act (2002) Requires commercial Web sites/ISPs to obtain consent from consumers BEFORE collecting personal information

19 Overview What’s all the fuss about? A brief history of the universe
A mouthful of P’s (…or principles for providing [perceptions of] privacy on the Internet) Privacy practices in the wild

20 Principles for providing [perceptions of] privacy on the Internet
Provisions of Online Personal Privacy Protection Act (2002) “Fair Information Practices” Notice – clear/conspicuous notice of what is collected and how it is used Choice – offer choice of how information is to be used (internal marketing, passed along to 3rd parties, etc.) Access – reasonable access and chance to review what has been collected Security – reasonable measures to protect information collected from consumers

21 Principles for providing [perceptions of] privacy on the Internet
The Design of Sites “Fair Information Practices” Notice Choice (opt out of of disclosure to 3rd party, opt-in of use for purpose other than originally intended) Access Security Onward Transfer to 3rd Parties (combination of notice and choice) Data Integrity – personal info must be relevant to purposes of use Enforcement – independent means of resolving complaints/disputes and sanctions for breaking rules

22 Principles for providing [perceptions of] privacy on the Internet
Implications of Fair Information Practices for site design: Make privacy policy clear, easy to understand and conspicuous Link to privacy policy on every page Give choice of how their information will be used Provide consent options for r ing, secondary marketing Don’t promote acquiescence by laziness—making “I accept” default vs. requiring opt-in/out Allow “guest” accounts for single transactions

23 Principles for providing [perceptions of] privacy on the Internet
Implications of Fair Information Practices for site design: Tell people what information is collected/stored and provide a means to correct it if applicable “My account” Account management Take precautions to protect collected data Use secure connections (https) Proactive network management (virus scanning, software updates, etc.) Internal privacy policies/practices

24 Principles for providing [perceptions of] privacy on the Internet
Managing perceptions Ally with union of privacy-minded sites and conform to agreed-upon guidelines Don’t mix secure w/non-secure content (balance cost of hosting content on secure server with consumer perceptions) Avoid several degrees of separation between front page, personal information collection, and transaction services (i.e. third party shopping carts and outside banking services)

25 Overview What’s all the fuss about? A brief history of the universe
A mouthful of P’s (…or principles for providing [perceptions of] privacy on the Internet) Privacy practices in the wild

26 Privacy practices in the wild
According to FTC report to Congress In 1998, 92% of all websites were collecting personal information <15% of commercial sites have any privacy statement indicating what data was collected and how it was used By 2000, number had improved Addition of privacy disclosure statements to ~80% sites BUT Only 20% of surveyed sites had implemented basic aspects of “fair information practices” 3 Privacy Online: A Report to Congress (FTC, June ’00) 3

27 Privacy practices in the wild
Notice Amazon.com main page

28 Privacy practices in the wild
Notice Amazon.com main page

29 Privacy practices in the wild
Notice Amazon.com main page

30 Privacy practices in the wild
Notice Amazon.com main page Similar link on every page BUT not too conspicuous

31 Privacy practices in the wild
Dept. of Justice Main Page Notice Privacy Policy link is right up front at all times (static banner frame)

32 Privacy practices in the wild
Amazon.com “My account” page Choice, Access View/edit personal & financial data Radio buttons to opt-in/out of various uses of personal data Adjust preferences of secondary marketing contacts

33 Privacy practices in the wild
Examples of Fair Information Practices Dept. of Justice Privacy Policy Web Page Policy is direct and clearly stated Sections explicitly indicate: How/what information is collected How personal information is handled if sent Cookies Network security practices

34 Privacy practices in the wild
Perception Management Trust-E and Better Business Bureau have Independent security programs/guidelines Participating sites enjoy benefits of association through display of their icons/”seals of approval”

35 Overview What’s all the fuss about? A brief history of the universe
A mouthful of P’s (…or principles for providing [perceptions of] privacy on the Internet) Privacy practices in the wild

36 Questions?

Download ppt "Privacy Policy Issues and Pages on the WWWeb"

Similar presentations

EU Privacy Directive. What is a directive? A piece of European legislation, passed by bureaucrats, addressed to member states Member states must ensure.

EU Privacy Directive. What is a directive? A piece of European legislation, passed by bureaucrats, addressed to member states Member states must ensure.
Red Flags Rule BAS Forum August 18, 2010. What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.

Red Flags Rule BAS Forum August 18, What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.
E-Commerce and the Law Section 13.3. Understanding Business and Personal Law E-Commerce and the Law Section 13.3 Contracts for the Sale of Goods Electronic.

E-Commerce and the Law Section Understanding Business and Personal Law E-Commerce and the Law Section 13.3 Contracts for the Sale of Goods Electronic.
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.

Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.
The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA) UNDERSTANDING AND DEVELOPING A STRATEGIC PLAN TO BECOME COMPLIANT.

The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA) UNDERSTANDING AND DEVELOPING A STRATEGIC PLAN TO BECOME COMPLIANT.
Privacy and the Right to Know Grayson Barber, Esq. Grayson Barber, LLC.

Privacy and the Right to Know Grayson Barber, Esq. Grayson Barber, LLC.
Section 6.3 Protecting Your Credit. Billing Errors and Disputes Notify your creditor in writing Notify your creditor in writing Pay the portion of the.

Section 6.3 Protecting Your Credit. Billing Errors and Disputes Notify your creditor in writing Notify your creditor in writing Pay the portion of the.
1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,
Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.

Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.
PRIVACY: What does it mean?? Molly, Julia, Erin and Andrew Project.

PRIVACY: What does it mean?? Molly, Julia, Erin and Andrew Project.
Disclaimer This Presentation is provided “as is” without any express or implied warranty. This Presentation is for educational purposes only and does not.

Disclaimer This Presentation is provided “as is” without any express or implied warranty. This Presentation is for educational purposes only and does not.
Promoting Excellence in Family Medicine Enabling Patients to Access Electronic Health Records Guidance for Health Professionals.

Promoting Excellence in Family Medicine Enabling Patients to Access Electronic Health Records Guidance for Health Professionals.
Per Anders Eriksson

Per Anders Eriksson
“Internet” and “Operator” (COPPA Statute) InternetOperator Collectively the myriad of computer and telecommunications facilities, including equipment.

“Internet” and “Operator” (COPPA Statute) InternetOperator Collectively the myriad of computer and telecommunications facilities, including equipment.
Banks and the Privacy of Medical Information 8 th National HIPAA Summit March 8, 2004 Joy Pritts, JD Health Policy Institute Georgetown University 202-687-0880.

Banks and the Privacy of Medical Information 8 th National HIPAA Summit March 8, 2004 Joy Pritts, JD Health Policy Institute Georgetown University
FAIR CREDIT REPORTING ACT.  Serves the following principal purposes:  To regulate the consumer-reporting industry.  To prohibit unfair actions from.

FAIR CREDIT REPORTING ACT.  Serves the following principal purposes:  To regulate the consumer-reporting industry.  To prohibit unfair actions from.
HIPAA PRIVACY AND SECURITY AWARENESS.

HIPAA PRIVACY AND SECURITY AWARENESS.
Component 4: Introduction to Information and Computer Science Unit 2: Internet and the World Wide Web 1 Component 4/Unit 2Health IT Workforce Curriculum.

Component 4: Introduction to Information and Computer Science Unit 2: Internet and the World Wide Web 1 Component 4/Unit 2Health IT Workforce Curriculum.
Privacy, Confidentiality, Security, and Integrity of Electronic Data

Privacy, Confidentiality, Security, and Integrity of Electronic Data

Similar presentations

Ads by Google