Presentation is loading. Please wait.

Presentation is loading. Please wait.

William H. Bowers – Ethics for the Information Age Chapter 5 – Privacy II.

Published byVeronica Henderson Modified over 9 years ago

Similar presentations

Presentation on theme: "William H. Bowers – Ethics for the Information Age Chapter 5 – Privacy II."— Presentation transcript:

1 William H. Bowers – whb108@psu.edu Ethics for the Information Age Chapter 5 – Privacy II

2 William H. Bowers – whb108@psu.edu Topics US Legislation Authorizing Wiretapping US Legislation Authorizing Wiretapping US Legislation Authorizing Wiretapping US Legislation Authorizing Wiretapping Electronic Communications Privacy Act Electronic Communications Privacy Act Electronic Communications Privacy Act Electronic Communications Privacy Act Communications Assistance for Law Enforcement Act Communications Assistance for Law Enforcement Act Communications Assistance for Law Enforcement Act Communications Assistance for Law Enforcement Act USA PATRIOT ACT USA PATRIOT ACT USA PATRIOT ACT USA PATRIOT ACT Responses to PATRIOT ACT Responses to PATRIOT ACT Responses to PATRIOT ACT Responses to PATRIOT ACT Follow-On Legislation Follow-On Legislation Follow-On Legislation Follow-On Legislation

3 William H. Bowers – whb108@psu.edu Topics (cont) Data Mining Data Mining Data Mining Data Mining Marketplace: Households Marketplace: Households Marketplace: Households Marketplace: Households IRS Audits IRS Audits IRS Audits IRS Audits Syndromic Surveillance System Syndromic Surveillance System Syndromic Surveillance System Syndromic Surveillance System Total Information Awareness Total Information Awareness Total Information Awareness Total Information Awareness Who Owns Transaction Information? Who Owns Transaction Information? Who Owns Transaction Information? Who Owns Transaction Information?

4 William H. Bowers – whb108@psu.edu Topics (cont) Identity Theft Identity Theft Identity Theft Identity Theft History and Role of SSAN History and Role of SSAN History and Role of SSAN History and Role of SSAN Debate over a National ID Card Debate over a National ID Card Debate over a National ID Card Debate over a National ID Card Encryption Encryption Encryption Digital Cash Digital Cash Digital Cash Digital Cash

5 William H. Bowers – whb108@psu.edu US Legislation Authorizing Wiretapping Title III Omnibus Crime Control and Safe Streets Act of 1968 Title III Omnibus Crime Control and Safe Streets Act of 1968 Enacted during height of Vietnam war Enacted during height of Vietnam war Concern over violent anti-war demonstrations Concern over violent anti-war demonstrations Allows phone tap for up to 30 days with a court order Allows phone tap for up to 30 days with a court order

6 William H. Bowers – whb108@psu.edu Electronic Communications Privacy Act http://www.usiia.org/legis/ecpa.html http://www.usiia.org/legis/ecpa.html http://www.usiia.org/legis/ecpa.html Enacted in 1986 Enacted in 1986 Pen register – displays number for each outgoing call Pen register – displays number for each outgoing call Trap and trace – displays phone number of each incoming call Trap and trace – displays phone number of each incoming call Requires court order Requires court order

7 William H. Bowers – whb108@psu.edu Electronic Communications Privacy Act Does not require probable cause Does not require probable cause Court approval is virtually automatic Court approval is virtually automatic Allows roving wiretaps Allows roving wiretaps

8 William H. Bowers – whb108@psu.edu Communications Assistance for Law Enforcement Act http://assembler.law.cornell.edu/uscode/ht ml/uscode18/usc_sup_01_18_10_I_20_119. html http://assembler.law.cornell.edu/uscode/ht ml/uscode18/usc_sup_01_18_10_I_20_119. html http://assembler.law.cornell.edu/uscode/ht ml/uscode18/usc_sup_01_18_10_I_20_119. html http://assembler.law.cornell.edu/uscode/ht ml/uscode18/usc_sup_01_18_10_I_20_119. html 1994 – also known as Digital Telephony Act 1994 – also known as Digital Telephony Act Addresses digital phone networks Addresses digital phone networks Requires phone company equipment to allow tracing, listening to phone calls Requires phone company equipment to allow tracing, listening to phone calls

9 William H. Bowers – whb108@psu.edu Communications Assistance for Law Enforcement Act Provides for email interception Provides for email interception Leaves details about type of information undefined Leaves details about type of information undefined FBI requested ability to intercept digits entered after connection was made FBI requested ability to intercept digits entered after connection was made –Credit card, bank numbers –ID numbers –PIN codes

10 William H. Bowers – whb108@psu.edu Communications Assistance for Law Enforcement Act 1999 FCC issues guidelines (http://www.askcalea.net/docs/fcc992 30.pdf) 1999 FCC issues guidelines (http://www.askcalea.net/docs/fcc992 30.pdf)http://www.askcalea.net/docs/fcc992 30.pdfhttp://www.askcalea.net/docs/fcc992 30.pdf http://www.askcalea.net http://www.askcalea.net http://www.askcalea.net Requires carriers to provide: Requires carriers to provide: –Content of subject initiated call

11 William H. Bowers – whb108@psu.edu Communications Assistance for Law Enforcement Act Requires carriers to provide: Requires carriers to provide: –Content of subject initiated call –Party hold, drop or join on conference calls –Subject initiated dialing and signaling information –In-band and out of band signaling –Timing information

12 William H. Bowers – whb108@psu.edu USA PATRIOT ACT Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 http://thomas.loc.gov/cgi- bin/query/D?c107:4:./temp/~c107fEmBJW:: http://thomas.loc.gov/cgi- bin/query/D?c107:4:./temp/~c107fEmBJW:: http://thomas.loc.gov/cgi- bin/query/D?c107:4:./temp/~c107fEmBJW:: http://thomas.loc.gov/cgi- bin/query/D?c107:4:./temp/~c107fEmBJW:: Enacted in response to 11 September 2001 attacks Enacted in response to 11 September 2001 attacks Amended more than 15 existing laws Amended more than 15 existing laws

13 William H. Bowers – whb108@psu.edu USA PATRIOT ACT Four principal categories Four principal categories –Greater communication monitoring authority for federal LEO and intelligence –Increased authority for Secretary of the Treasury to regulate banks to prevent money laundering

14 William H. Bowers – whb108@psu.edu USA PATRIOT ACT Four principal categories Four principal categories –Making it more difficult for terrorists to enter the US –Defining new crimes and penalties for terrorist activity

15 William H. Bowers – whb108@psu.edu Increased Monitoring Allows for using internet to track email addresses and URLs Allows for using internet to track email addresses and URLs Does not require probable cause Does not require probable cause Requires warrant Requires warrant Extends jurisdiction of court approval Extends jurisdiction of court approval Allows for national search warrants Allows for national search warrants

16 William H. Bowers – whb108@psu.edu Increased Monitoring Broadens roving surveillance Broadens roving surveillance Previously required law enforcement purpose and demonstration that the subject used the device to be monitored Previously required law enforcement purpose and demonstration that the subject used the device to be monitored Now allowed for intelligence Now allowed for intelligence Does not require reporting back to the court Does not require reporting back to the court

17 William H. Bowers – whb108@psu.edu Increased Monitoring Allows for intercepting computer based communication without warrant if Allows for intercepting computer based communication without warrant if –Access to computer was illegal –Computer owner gives permission Allows search without warrant if there is “reasonable” belief that providing notice of warrant may have an “adverse affect” Allows search without warrant if there is “reasonable” belief that providing notice of warrant may have an “adverse affect”

18 William H. Bowers – whb108@psu.edu Increased Monitoring Allows seizure of property if it “constitutes evidence of a criminal offense” even if not terror related Allows seizure of property if it “constitutes evidence of a criminal offense” even if not terror related Makes it easier for FBI to obtain warrant for medical, educational, library, religious organization records Makes it easier for FBI to obtain warrant for medical, educational, library, religious organization records No need to show probable cause No need to show probable cause Only requires statement of support of ongoing investigation Only requires statement of support of ongoing investigation

19 William H. Bowers – whb108@psu.edu Increased Monitoring Illegal for record provider to Illegal for record provider to –Reveal existence of warrant –Tell anyone that they provided information Prohibits FBI from investigating citizens solely on basis of First Amendment activities Prohibits FBI from investigating citizens solely on basis of First Amendment activities

20 William H. Bowers – whb108@psu.edu Responses to PATRIOT ACT Concern over unrestricted power Concern over unrestricted power Concerns over circumvention of First and Fourth Amendments Concerns over circumvention of First and Fourth Amendments FBI and NSA previously used illegal wiretaps to investigate unpopular political organizations FBI and NSA previously used illegal wiretaps to investigate unpopular political organizations May inhibit exercise of First Amendment rights May inhibit exercise of First Amendment rights

21 William H. Bowers – whb108@psu.edu Responses to PATRIOT ACT LEO’s can monitor internet surfing without warrant LEO’s can monitor internet surfing without warrant Roving surveillance warrants do not require description of place to be searched Roving surveillance warrants do not require description of place to be searched Allows for limited search and seizure without warrants Allows for limited search and seizure without warrants

22 William H. Bowers – whb108@psu.edu Follow-On Legislation Domestic Security Enhancement Act of 2003 Domestic Security Enhancement Act of 2003 –http://www.publicintegrity.org/dtaweb/do wnloads/Story_01_020703_Doc_1.pdf –Allows expatriation of citizens convicted of giving material support to terrorist organization –Require names on suspected terrorist lists to be kept secret

23 William H. Bowers – whb108@psu.edu Follow-On Legislation Domestic Security Enhancement Act of 2003 Domestic Security Enhancement Act of 2003 –Allow wide use of administrative subpoenas –Makes it easier for police to access credit records –Allows collection of DNA samples from suspected terrorists

24 William H. Bowers – whb108@psu.edu Follow-On Legislation Domestic Security Enhancement Act of 2003 Domestic Security Enhancement Act of 2003 –Creation of national DNA database –Wiretaps and email interception allowed for 15 days without warrant

25 William H. Bowers – whb108@psu.edu Data Mining Searching one or more databases for patterns or relationships Searching one or more databases for patterns or relationships Can combine facts from multiple transactions Can combine facts from multiple transactions Secondary use of primary data Secondary use of primary data –Primary use of Amazon customer information is process an order –Secondary use is to promote relationship

26 William H. Bowers – whb108@psu.edu Data Mining Information about customers is becoming a product in itself Information about customers is becoming a product in itself Allows more narrow focusing of marketing efforts Allows more narrow focusing of marketing efforts Suppose EZPass sells individual records without ID information Suppose EZPass sells individual records without ID information Records can be purchased by credit card company Records can be purchased by credit card company

27 William H. Bowers – whb108@psu.edu Data Mining Transactions can be matched between toll record and credit card charge based on time, date, location and amount Transactions can be matched between toll record and credit card charge based on time, date, location and amount Credit card company can now identify card holders who drive many miles Credit card company can now identify card holders who drive many miles Now that list can be sold to car dealers Now that list can be sold to car dealers

28 William H. Bowers – whb108@psu.edu Marketplace: Households Developed by Lotus Developed by Lotus Produced on CD Produced on CD Cost of $8 million Cost of $8 million Information on 120 million people Information on 120 million people Contained personal information such as household income Contained personal information such as household income Dropped after over 30,000 consumer complaints Dropped after over 30,000 consumer complaints

29 William H. Bowers – whb108@psu.edu IRS Audits Matches individual reported income with employer provided information Matches individual reported income with employer provided information Generates discriminant function (DIF) score based on number of irregularities on tax return Generates discriminant function (DIF) score based on number of irregularities on tax return

30 William H. Bowers – whb108@psu.edu Syndromic Surveillance System New York City New York City Analyzes more than 50,000 pieces of information per day Analyzes more than 50,000 pieces of information per day –911 calls, ER visits, prescription drug purchases Purpose is to identify onset of epidemics Purpose is to identify onset of epidemics

31 William H. Bowers – whb108@psu.edu Total Information Awareness Proposed by DARPA Information Awareness Office Proposed by DARPA Information Awareness Office Would capture individual’s “information signature” Would capture individual’s “information signature” –Financial –Medical –Communication –Travel –Video images

32 William H. Bowers – whb108@psu.edu Criticism of the TIA Program ACM protested that it will generate more harm than benefits ACM protested that it will generate more harm than benefits Huge privacy and security risks of maintaining such a database Huge privacy and security risks of maintaining such a database Database would become target of criminals and terrorists Database would become target of criminals and terrorists

33 William H. Bowers – whb108@psu.edu Criticism of the TIA Program Access by tens of thousands of administrators, LEO, intelligence personnel poses great security risk Access by tens of thousands of administrators, LEO, intelligence personnel poses great security risk Increased risk of identity theft Increased risk of identity theft Citizens could not challenge or correct secret databases Citizens could not challenge or correct secret databases May hurt US corporate competitiveness May hurt US corporate competitiveness

34 William H. Bowers – whb108@psu.edu Criticism of the TIA Program Potential for false positive ID Potential for false positive ID May alter innocent individual behavior May alter innocent individual behavior

35 William H. Bowers – whb108@psu.edu Who Owns Transaction Information? Purchaser Purchaser Seller Seller Opt-In (preferred by privacy advocates) Opt-In (preferred by privacy advocates) Opt-Out (preferred by direct marketing organizations) Opt-Out (preferred by direct marketing organizations) World Wide Web Consortium Platform for Privacy Preferences http://www.w3.org/P3P World Wide Web Consortium Platform for Privacy Preferences http://www.w3.org/P3Phttp://www.w3.org/P3P

36 William H. Bowers – whb108@psu.edu Identity Theft Misuse of another person’s identifying information Misuse of another person’s identifying information Largest problem in US is credit card theft Largest problem in US is credit card theft Exacerbated by ease of opening new accounts Exacerbated by ease of opening new accounts About 86,000 US victims in 2001 About 86,000 US victims in 2001

37 William H. Bowers – whb108@psu.edu Identity Theft Individual loss limited to $50 if reported promptly Individual loss limited to $50 if reported promptly Real cost is in time to clean up records Real cost is in time to clean up records Defined as crime in relatively few states Defined as crime in relatively few states ID theft usually leads to other criminal activities ID theft usually leads to other criminal activities

38 William H. Bowers – whb108@psu.edu Identity Theft Dumpster diving Dumpster diving Shoulder surfing Shoulder surfing Skimmers Skimmers Online phishing Online phishing

39 William H. Bowers – whb108@psu.edu History and Role of SSAN Social Security Act of 1935 Social Security Act of 1935 Prohibited use of SSAN outside of the Social Security Administration Prohibited use of SSAN outside of the Social Security Administration Prohibited for use as national ID number Prohibited for use as national ID number 1943 FDR ordered use of SSAN in federal databases 1943 FDR ordered use of SSAN in federal databases 1961 began use by IRS 1961 began use by IRS

40 William H. Bowers – whb108@psu.edu History and Role of SSAN Collected by banks and credit card companies for interest payment reporting Collected by banks and credit card companies for interest payment reporting Approved for use by state agencies in 1976 Approved for use by state agencies in 1976 Required to list children 1 year and older as dependent on tax return Required to list children 1 year and older as dependent on tax return

41 William H. Bowers – whb108@psu.edu Problems with SSANs Rarely checked by organizations Rarely checked by organizations No error detecting capabilities such as CRC No error detecting capabilities such as CRC

42 William H. Bowers – whb108@psu.edu Debate over a National ID Card Proponents Proponents –More controllable than multiple state driver’s licenses, employee / student ID, etc –Make it more difficult for illegal entry to US –Makes it easier for police to positively identify people –Used by many other countries

43 William H. Bowers – whb108@psu.edu Debate over a National ID Card Opponents Opponents –Does not guarantee accuracy –Biometric systems not infallible –No evidence it would reduce crime –Makes government tracking of individuals easier –Inaccurate national records harder to correct

44 William H. Bowers – whb108@psu.edu Encryption Protects communications even if intercepted Protects communications even if intercepted Symmetric encryption Symmetric encryption –Sender and user use the same key –Requires secure key transmission –Requires too many keys to be useful

45 William H. Bowers – whb108@psu.edu Encryption Asymmetric encryption Asymmetric encryption –Developed by Diffie and Hellman in 1976 –Public / Private Key –Security is directly related to key length –Keys are mathematically related –Not able to compute one from the other in a useful period of time

46 William H. Bowers – whb108@psu.edu Encryption Pretty Good Privacy Pretty Good Privacy –1991 – Senate Bill 266 required back door for government decryption of personal communications –Illegal to export encryption programs –PGP originally distributed as source code

47 William H. Bowers – whb108@psu.edu Encryption Clipper Chip Clipper Chip –1992 AT&T wanted to market telephone encryption device –FBI and NSA suggested NSA’s technology instead –US government would maintain Clipper keys –March 1993 – Approved by President Clinton

48 William H. Bowers – whb108@psu.edu Encryption Clipper Chip Clipper Chip –Two federal agencies would maintain keys Law enforcement Law enforcement Intelligence Intelligence –No penalty for improper key release –80% of public disapproved –Administration changed course in February 1994 and suggested use rather than mandating it

49 William H. Bowers – whb108@psu.edu Encryption Export Restrictions Forced software vendors to have two versions, internal and export Forced software vendors to have two versions, internal and export Or just have one with weak encryption Or just have one with weak encryption Reduced international competitiveness Reduced international competitiveness 1999, 2000 two federal appeals courts ruled ban was violation of free speech 1999, 2000 two federal appeals courts ruled ban was violation of free speech Export restrictions dropped Export restrictions dropped

50 William H. Bowers – whb108@psu.edu Digital Cash Relies on public/private keys Relies on public/private keys Signed by bank’s public key on issuance Signed by bank’s public key on issuance Done without identifying purchaser Done without identifying purchaser Must prevent copying Must prevent copying Can be used as easily as MAC cards without privacy concerns Can be used as easily as MAC cards without privacy concerns

51 William H. Bowers – whb108@psu.edu Questions & Discussion

Download ppt "William H. Bowers – Ethics for the Information Age Chapter 5 – Privacy II."

Similar presentations

Electronic Surveillance, Security, and Privacy Professor Peter P. Swire Ohio State University InSITes -- Carnegie Mellon February 7, 2002.

Electronic Surveillance, Security, and Privacy Professor Peter P. Swire Ohio State University InSITes -- Carnegie Mellon February 7, 2002.
Key New Surveillance Provisions Professor Peter P. Swire Ohio State University Privacy 2001 Conference October 4, 2001.

Key New Surveillance Provisions Professor Peter P. Swire Ohio State University Privacy 2001 Conference October 4, 2001.
10 July 2003MIS 111 Internet Privacy Laws Jennifer Almond and Colin Zupancic Enjoying the right to privacy means having control over your own personal.

10 July 2003MIS 111 Internet Privacy Laws Jennifer Almond and Colin Zupancic Enjoying the right to privacy means having control over your own personal.
Paul Ohm Associate Professor, CU Law Initiative Director, Silicon Flatirons December 4, 2009.

Paul Ohm Associate Professor, CU Law Initiative Director, Silicon Flatirons December 4, 2009.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.

BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.
Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.

Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.
Passed by the Senate 98-1 Passed by the House 357-66 October 26, 2001 – Signed into law by President Bush 130 pages in length Divided into 10 titles.

Passed by the Senate 98-1 Passed by the House October 26, 2001 – Signed into law by President Bush 130 pages in length Divided into 10 titles.
USA PATRIOT Act and Libraries Eric Johnson & Rodney Clare Jackman Sims Memorial Library.

USA PATRIOT Act and Libraries Eric Johnson & Rodney Clare Jackman Sims Memorial Library.
Patriot Act October 26, 2001. United (and) Strengthening America (by) Providing appropriate tools required (to) intercept (and) obstruct Terrorism Act.

Patriot Act October 26, United (and) Strengthening America (by) Providing appropriate tools required (to) intercept (and) obstruct Terrorism Act.
Chapter 17 Law and Terrorism.

Chapter 17 Law and Terrorism.
1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,
Basic Banking Services - Activity 1

Basic Banking Services - Activity 1
USA PATRIOT ACT USA PATRIOT ACT

USA PATRIOT ACT USA PATRIOT ACT
Responding to Cybercrime in the Post-9/11 World Scott Eltringham Computer Crime and Intellectual Property Section U.S. Department of Justice (202) 353-7848.

Responding to Cybercrime in the Post-9/11 World Scott Eltringham Computer Crime and Intellectual Property Section U.S. Department of Justice (202)
13.1 Chapter 13 Privacy © 2003 by West Legal Studies in Business/A Division of Thomson Learning.

13.1 Chapter 13 Privacy © 2003 by West Legal Studies in Business/A Division of Thomson Learning.
Chapter 15 Counter-terrorism. Introduction  United and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism.

Chapter 15 Counter-terrorism. Introduction  United and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism.
Chapter 10 Privacy and the Police State. Governmental Intrusion into Individual Privacy Affects written and oral communications Data-GPS coordinates Fourth.

Chapter 10 Privacy and the Police State. Governmental Intrusion into Individual Privacy Affects written and oral communications Data-GPS coordinates Fourth.
Slides prepared by Cyndi Chie and Sarah Frye A Gift of Fire Third edition Sara Baase Chapter 2: Privacy.

Slides prepared by Cyndi Chie and Sarah Frye A Gift of Fire Third edition Sara Baase Chapter 2: Privacy.
1 Chapter 15 Search Warrants. 2 Search warrants fall under the 4 th Amendment Search warrants fall under the 4 th Amendment The police must have “probable.

1 Chapter 15 Search Warrants. 2 Search warrants fall under the 4 th Amendment Search warrants fall under the 4 th Amendment The police must have “probable.

Similar presentations

Ads by Google