Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fluency with Information Technology INFO100 and CSE100 Katherine Deibel 2012-05-11Katherine Deibel, Fluency in Information Technology1.

Similar presentations


Presentation on theme: "Fluency with Information Technology INFO100 and CSE100 Katherine Deibel 2012-05-11Katherine Deibel, Fluency in Information Technology1."— Presentation transcript:

1 Fluency with Information Technology INFO100 and CSE100 Katherine Deibel 2012-05-11Katherine Deibel, Fluency in Information Technology1

2 Privacy: controlling who has access to specific information Security:ensuring availability and privacy of access to specific information  This is all about data management  What is the data?  Where is it stored?  Who can access it?  How can you access it? 2012-05-11Katherine Deibel, Fluency in Information Technology2

3  Two aspects to security  Controlling who has access  Ensuring that they have access  Ensuring access is often overlooked  What would you do if you lost your cellphone and its phonebook?  What if your hard drive crashes? 2012-05-11Katherine Deibel, Fluency in Information Technology3

4  It is always a good idea to make backups of important data  Rules for backing up:  Do it frequently  Back up only recent changes (saves more space than copying everything)  Keep the backups physically separate from the originals  Choose mediums that you will continue to have technology access for 2012-05-11Katherine Deibel, Fluency in Information Technology4

5  The idea of the cloud  Move computation off of local machines to the Internet  Applications provided as web services by cloud providers  Provides access wherever and whenever one can get online 2012-05-11Katherine Deibel, Fluency in Information Technology5

6  Is the cloud a good place to store your personal data?  Is it secure?  Does it guarantee your privacy?  Is it reliable? 2012-05-11Katherine Deibel, Fluency in Information Technology6 We will come back to these questions later

7 Shocking stories of Victorian intrigue! 2012-05-11Katherine Deibel, Fluency in Information Technology7 Mother is secretly half-Welsh?!?

8  We live in an information society  Easy to collect, store, search, and manipulate data on record scales  Every action we do generates information  Using a library  Purchasing from a store  Flying on a plane  Doing homework  Paying taxes 2012-05-11Katherine Deibel, Fluency in Information Technology8

9  Who owns the information?  What can you/they do with it?  How do you manage and protect your information?  Who and what are you protecting it from?  What needs to be protected?  What needs to be managed? 2012-05-11Katherine Deibel, Fluency in Information Technology9

10  You buy a book: Cooking with Red Meat, Cheese, Lard & Beer  The store has a record of the purchase  How they may use it:  Ignore it  Recommend books to you  Target advertising  Give this information to others (your health insurance company) 2012-05-11Katherine Deibel, Fluency in Information Technology10

11  What if the book was a gift?  Recommendations become poorer  Advertising will reach the wrong market  Interpretation of the book's meaning  Do I want to eat fatty foods?  Am I studying high fat-cuisines? 2012-05-11Katherine Deibel, Fluency in Information Technology11

12  Pizza Palace http://aclu.org/pizza/images/screen.swf 2012-05-11Katherine Deibel, Fluency in Information Technology12

13  Did that video bother you?  Is it a realistic future?  If yes, do you want that future?  If no, how much do you think could become a reality and do you want it?  Most importantly, what do we mean when say we want some information to remain private? 2012-05-11Katherine Deibel, Fluency in Information Technology13

14  Cheaper cameras  Faster film speeds  Less sitting time 2012-05-11Katherine Deibel, Fluency in Information Technology14

15 S. D. Warren & L. D. Brandeis (1890). The Right to Privacy. Harvard Law Review, 4(5), pp. 193-220. "The common law secures to each individual the right of determining, ordinarily, to what extent his thoughts, sentiments and emotions shall be communicated to others. Under our system of government he can never be compelled to express them (except upon the witness stand); and even if he has chosen to give them expression, he generally retains the power to fix the limits of the publicity that shall be given them." 2012-05-11Katherine Deibel, Fluency in Information Technology15

16 S. D. Warren & L. D. Brandeis (1890). The Right to Privacy. Harvard Law Review, 4(5), pp. 193-220. "The narrower doctrine [of privacy] may have satisfied the demands of society at a time when the abuse to be guarded against could barely have arisen without violating a contract or a special confidence; but modern devices afford abundant opportunities for the perpetration of wrongs without the participation of the injured party." 2012-05-11Katherine Deibel, Fluency in Information Technology16

17  Warren & Brandeis's argument is a critical observation about society and new technologies:  The adoption of new technologies affects the interactions of people in society and therefore necessitates reviewing laws and rights in regards to the new technologies. 2012-05-11Katherine Deibel, Fluency in Information Technology17

18 A historical diversion 2012-05-11Katherine Deibel, Fluency in Information Technology18

19  China, ≈1 CE: As eye protection  Italy, 1260s: For farsightedness  Europe, 1500s: For nearsightedness  Britain, 1725: Modern frame invented  U.S.A, 1780s: Bifocals invented  Britain, 1825: For astigmatisms 2012-05-11Katherine Deibel, Fluency in Information Technology19

20 “Glasses are very disfiguring to women and girls.” From a 1901 optician journal  Glasses not for public use  Used only for brief moments  Led to quick use optics  monocle  lady’s lorgnette  pince-nez  scissor glasses 2012-05-11Katherine Deibel, Fluency in Information Technology20

21  Scholars and academics  The clergy  The Spanish T HUS … THE ASSOCIATION OF GLASSES WITH INTELLECTUAL PURSUITS !!! 2012-05-11Katherine Deibel, Fluency in Information Technology21

22  Glasses were popular  Higher classes wore larger lenses 2012-05-11Katherine Deibel, Fluency in Information Technology22 Portrait of a Cardinal, Probably Cardinal Don Fernando Niño de Guevara (1541–1609) by El Greco

23 Clergy Member Poor Vision Reading Latin Texts +Eyeglasses Continuous Use Aristocrat Poor Vision Reading a Playbill +Eyeglasses Brief Use +In Spain Continuous Use +In Spain Continuous Use 2012-05-11Katherine Deibel, Fluency in Information Technology23

24  Technology usage shapes people’s perceptions of the users  Culture and society shapes how, when, and if a technology is used 2012-05-11Katherine Deibel, Fluency in Information Technology24

25 I want to tell you but… 2012-05-11Katherine Deibel, Fluency in Information Technology25

26  What does “privacy” mean in the modern world?  The right of people to choose freely under what circumstances and to what extent they will reveal themselves, their attitude, and their behavior to others  Privacy is a right  You control when & how much is revealed  Point of this lecture: You can and should have a lot of privacy by using this control 2012-05-11Katherine Deibel, Fluency in Information Technology26

27  The collector can’t use after business purpose over  The collector can use it, if you approve (OPT-IN)  The collector can use it, unless you object (OPT-OUT)  The collector can use information no matter what 2012-05-11Katherine Deibel, Fluency in Information Technology27

28  Limited Collection  Quality  Purpose  Use Limitation  Security  Openness  Participation  Accountability 2012-05-11Katherine Deibel, Fluency in Information Technology28  Organization for Economic Cooperation and Development (OECD) defined the “gold standard” for fair information practices  Principles

29  There should be limits to the personal data collected about anyone  Collect data by fair and lawful means;  Collect data with the knowledge and consent of the person whenever appropriate and possible 2012-05-11Katherine Deibel, Fluency in Information Technology29

30  Personal data gathered should be  Relevant to the purposes for which it is used  Should be accurate, complete, and up-to-date 2012-05-11Katherine Deibel, Fluency in Information Technology30

31  The purposes for collecting personal data should be stated at the time it is collected  The uses should be limited to only those purposes 2012-05-11Katherine Deibel, Fluency in Information Technology31

32  Personal data should not be disclosed or used for purposes other than stated in the Purpose Principle  Exceptions:  With the consent of the individual  By the authority of law 2012-05-11Katherine Deibel, Fluency in Information Technology32

33  Personal data should be protected by reasonable security measures against  Risks of disclosure  Unauthorized access  Misuse  Modification  Destruction  Loss 2012-05-11Katherine Deibel, Fluency in Information Technology33

34  There should be a general openness of the policies and practices about personal data collection  Should be possible to know of its existence, kind, and purpose of use,  Should be able to identity and contact information for the data controller 2012-05-11Katherine Deibel, Fluency in Information Technology34

35  An individual should be able to  Determine whether the data controller has information about him or her,  Discover what it is in an understandable form, in a timely manner, and at a reasonable charge  Request data to erased, completed, or changed  If any of the inquiries above are denied, the individual should be able to  Learn about the reasons for the denial  Challenge the denial if so desired 2012-05-11Katherine Deibel, Fluency in Information Technology35

36  The data controller should be accountable for complying with these principles  Policies, legislation, and laws to back up the need to be held accountable 2012-05-11Katherine Deibel, Fluency in Information Technology36

37  EU, much of non-EU Europe, NZ, Hong Kong, Australia, and Canada use OECD  Both government and private purposes  U.S. privacy law does not use the OECD  U.S. privacy law for government information is generally strong  U.S. privacy law for business is “sectoral”, meaning it is limited to sectors and specific business practices 2012-05-11Katherine Deibel, Fluency in Information Technology37

38  Very few industries/practices have explicit privacy rules  Almost anything goes  Opting-out is the general approach  Recent federal law for medical data  HIPPA: Health Insurance Portability and Accountability Act of 1996  PSQIA: The Patient Safety and Quality Improvement Act of 2005 2012-05-11Katherine Deibel, Fluency in Information Technology38

39  EU law says, “Info on EU citizens must comply with OECD on leaving EU”  U.S. privacy is so bad, EU information cannot come here  U.S.-EU are in constant negotiations 2012-05-11Katherine Deibel, Fluency in Information Technology39

40 Family Educational Rights & Privacy Act  As a general rule the University will not release a student’s educational records to a third party without written consent of the student. This includes tuition account information.  Even includes practices of returning homework and reporting grades 2012-05-11Katherine Deibel, Fluency in Information Technology40

41  UW Libraries Privacy Policy  The University of Washington Libraries values the privacy of library users. The Libraries seeks to minimize the collection and retention of personally identifiable information.  When information is not kept, it cannot be abused. 2012-05-11Katherine Deibel, Fluency in Information Technology41

42  Most reputable online business post privacy statements on their sites  Should be understandable to you  Say what info they collect,  Say what they will do with it  How to "opt-out" or "opt-in" 2012-05-11Katherine Deibel, Fluency in Information Technology42

43  Unfortunately, there is  Little if any government policing  Lack of resources for filing complaints  Few penalties for violations 2012-05-11Katherine Deibel, Fluency in Information Technology43

44  Private firms organizations monitor and report privacy violations  TRU.S.Te  Better Business Bureau  Social networking and public opinion can force companies to comply 2012-05-11Katherine Deibel, Fluency in Information Technology44

45  What they did:  Secretly gathered data on people’s personal music tastes  Encrypted the info so no one would know  Didn’t mention it in their privacy statement  They were caught  Changed privacy statement  Major loss in usage  Permanent marring of public trust 2012-05-11Katherine Deibel, Fluency in Information Technology45

46 Cookies and grocery shopping 2012-05-11Katherine Deibel, Fluency in Information Technology46

47  A cookie is a record stored on your computer by a Web Server  The cookie is usually a unique ID that allows the server to remember who you are  Improves Web experience Server Client 4.95.142.16: 210465: Chris, Dating for Total Dummies Client: 210465 Name: Book: ChrisDating 2012-05-11Katherine Deibel, Fluency in Information Technology47

48  Cookies are used by many sites and they make Web usage much better  Many sites use cookies for history and logins  Banking and credit card applications cannot be secure enough without cookies  If all privacy laws met OECD standards  Cookies would be all good  No one but computer scientists would know about them 2012-05-11Katherine Deibel, Fluency in Information Technology48

49  Cookies can be stored in your computer by sites you have not visited: 3rd party ▪ 3rd Party Cookies come from a site in business with the site you visit, e.g. for ads ▪ 3rd party cookies allow info to be correlated Client Chris ABC site:210465 DEF site:4491027 3rdParty: 666-666 Server ABC Chirs Cookie: 210465 Server DEF Chirs Cookie: 4491027 Server 3rd 123 Cookie:666-666 2012-05-11Katherine Deibel, Fluency in Information Technology49

50  The 3rd party cookie becomes the key (literally, in DB sense) to join (in DB sense) the info held by separate co.s Company ABC Database Customer Cookie Ad Agcy Data1 Data 2... Chris 210465 666-666 val 1 val 2 Company DEF Database Customer Cookie Ad Agcy Data1 Data 2... Chris 4491027 666-666 val 3 val 4 It’s the same Chris!!! 2012-05-11Katherine Deibel, Fluency in Information Technology50

51  You control whether your computer accepts cookies -- look in browser  If you don’t care about privacy, Accept all cookies  If you greatly value your privacy, Accept no cookies  If you want some privacy AND benefit from the useful stuff on the Web, Accept cookies but reject 3rd party cookies 2012-05-11Katherine Deibel, Fluency in Information Technology51

52  Easy to collect information about a customer's eating habits  Identity can be validated by credit card  Some privacy experts fear that this knowledge will be passed to health insurance companies  Debatable if useful for actuarial purposes  What does the privacy statement say? 2012-05-11Katherine Deibel, Fluency in Information Technology52

53  QFC Privacy Statement: The information gathered by QFC will be used to give you, our valued customer, our very best. You have our word on that! We pledge that QFC will not release your name to any list service or manufacturer, and that such information will be held in the strictest of confidence–even within our company. 2012-05-11Katherine Deibel, Fluency in Information Technology53

54  Kroger's Privacy Statement: Kroger and its affiliates may use personal customer information to create merchandising and promotional programs tailored around specific purchases, the frequency of store visits, volume of purchases, and other data…We may share personal customer information with our subsidiaries, affiliates, agents, representatives and trusted partners for the limited purpose of providing services or information to Kroger or our customers at our direction. 2012-05-11Katherine Deibel, Fluency in Information Technology54

55  Yes  But…  It is all legal in the United States  We have grown accustomed to the idea that our information is being used  The U.S. is an opt-out society 2012-05-11Katherine Deibel, Fluency in Information Technology55

56 Are you there, Google? It's me, Kate 2012-05-11Katherine Deibel, Fluency in Information Technology56

57  Is the cloud a good place to store your personal data?  The answer depends on the privacy and security policies of the cloud service  Keep this in mind:  Privacy policies may and do change  Some services go away (e.g., MobileMe)  Will you have network access 2012-05-11Katherine Deibel, Fluency in Information Technology57

58  You may not think about privacy much, but maybe you should …  You should have a say in whether or not records of your information can be linked to you The U.S. needs better laws, and why not?  Do you care whether Google or Facebook can deliver an ad to you based on your private information? 2012-05-11Katherine Deibel, Fluency in Information Technology58


Download ppt "Fluency with Information Technology INFO100 and CSE100 Katherine Deibel 2012-05-11Katherine Deibel, Fluency in Information Technology1."

Similar presentations


Ads by Google