Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lesson Title: Privacy Overview Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This.

Published byDominic Flynn Modified over 9 years ago

Similar presentations

Presentation on theme: "Lesson Title: Privacy Overview Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This."— Presentation transcript:

1 Lesson Title: Privacy Overview Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas http://rfidsecurity.uark.edu 1 This material is based upon work supported by the National Science Foundation under Grant No. DUE-0736741. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation (NSF). Copyright © 2008, 2009, 2010, 2011 by Dale R. Thompson {d.r.thompson@ieee.org}

2 Privacy In 1890, a judge defined privacy as “the right to be let alone” in response to the “new” technology of photography. http://rfidsecurity.uark.edu 2

3 What is Privacy? Privacy includes the right to make decisions about one’s own life, to keep personal secrets, and to keep secrets about where we come and go. It is the right to make decisions without interference from the government or economic pressures from commercial entities. http://rfidsecurity.uark.edu/

4 What Privacy is Not! Privacy does NOT apply to an organization. It only applies to data about an individual, which is called personally identifiable information (PII). Privacy is NOT security. – Security is important to privacy. – Security is only part of the story. http://rfidsecurity.uark.edu/

5 Examples of PII Social Security Number Passport Number Credit card numbers Date of birth Mother’s maiden name http://rfidsecurity.uark.edu 5

6 Is there no privacy? Some argue that there is not or will not be privacy – The Transparent Society by David Brin – “You have zero privacy anyway, get over it.”, quote from Scott McNealy at Sun http://rfidsecurity.uark.edu 6

7 Code of Fair Information Practices The Fair Information Practices (FIPs) principles were established in 1973 in response to the movement of the government to create centralized databases http://rfidsecurity.uark.edu 7

8 5 Principles of Privacy Notice. There must be no personal-data, record-keeping systems whose very existence is a secret. Access. There must be a way for a person to find out what information about the person is in a record and how it is used. Choice. There must be a way to prevent personal information that was obtained for one purpose from being used or made available for other purposes without the person’s consent. Recourse. There must be a way for a person to correct or amend a record of identifiable information about the person. Security. Any organization creating, maintaining, using, or disseminating records of identifiable personal data must assure the reliability of the data for their intended use and must take reasonable precautions to prevent misuse of the data. http://rfidsecurity.uark.edu/

9 EPCglobal Guidelines on EPC for Consumer Products http://rfidsecurity.uark.edu 9

10 EPCglobal Guidelines on EPC for Consumer Products 1) Consumer Notice. Consumers will be given clear notice of the presence of EPC on products or their packaging and will be informed of the use of EPC technology. This notice will be given through the use of an EPC logo or identifier on the products or packaging. http://rfidsecurity.uark.edu 10

11 EPCglobal Guidelines on EPC for Consumer Products 2) Consumer Choice. Consumers will be informed of the choices that are available to discard or remove or in the future disable EPC tags from the products they acquire. It is anticipated that for most products, the EPC tags would be part of disposable packaging or would be otherwise discardable. EPCglobal, among other supporters of the technology, is committed to finding additional efficient, cost effective and reliable alternatives to further enable customer choice. http://rfidsecurity.uark.edu 11

12 EPCglobal Guidelines on EPC for Consumer Products 3) Consumer Education. Consumers will have the opportunity easily to obtain accurate information about EPC and its applications, as well as information about advances in the technology. Companies using EPC tags at the consumer level will cooperate in appropriate ways to familiarise consumers with the EPC logo and to help consumers understand the technology and its benefits. EPCglobal would also act as a forum for both companies and consumers to learn of and address any uses of EPC technology in a manner inconsistent with these Guidelines. http://rfidsecurity.uark.edu 12

13 EPCglobal Guidelines on EPC for Consumer Products 4) Record Use, Retention and Security. The Electronic Product Code does not contain, collect or store any personally identifiable information. As with conventional barcode technology, data which is associated with EPC will be collected, used, maintained, stored and protected by the EPCglobal member companies in compliance with applicable laws. Companies will publish, in compliance with all applicable laws, information on their policies regarding the retention, use and protection of any personally identifiable information associated with EPC use. http://rfidsecurity.uark.edu 13

14 Alan F. Westin’s Privacy Classifications Privacy Fundamentalist (11%) – Very concerned – Unwilling to provide data Privacy Unconcerned (13%) – Mild concern – Willing to provide data Privacy Pragmatists (75%) – Somewhat concerned – Willing to provide data if they are notified and get a benefit http://rfidsecurity.uark.edu/

15 Contact Information Dale R. Thompson, Ph.D., P.E. Associate Professor Computer Science and Computer Engineering Dept. JBHT – CSCE 504 1 University of Arkansas Fayetteville, Arkansas 72701-1201 Phone: +1 (479) 575-5090 FAX: +1 (479) 575-5339 E-mail: d.r.thompson@ieee.org WWW: http://comp.uark.edu/~drt/ http://rfidsecurity.uark.edu 15

16 Copyright Notice, Acknowledgment, and Liability Release Copyright Notice – This material is Copyright © 2008, 2009, 2010, 2011 by Dale R. Thompson. It may be freely redistributed in its entirety provided that this copyright notice is not removed. It may not be sold for profit or incorporated in commercial documents without the written permission of the copyright holder. Acknowledgment – These materials were developed through a grant from the National Science Foundation at the University of Arkansas. Any opinions, findings, and recommendations or conclusions expressed in these materials are those of the author(s) and do not necessarily reflect those of the National Science Foundation or the University of Arkansas. Liability Release – The curriculum activities and lessons have been designed to be safe and engaging learning experiences and have been field-tested with university students. However, due to the numerous variables that exist, the author(s) does not assume any liability for the use of this product. These curriculum activities and lessons are provided as is without any express or implied warranty. The user is responsible and liable for following all stated and generally accepted safety guidelines and practices. http://rfidsecurity.uark.edu 16

Download ppt "Lesson Title: Privacy Overview Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This."

Similar presentations

Minimum Necessary Standard Version 1.0

Minimum Necessary Standard Version 1.0
ISA Implementation Support Module Prepared by IAASB Staff October 2010 Written Representations.

ISA Implementation Support Module Prepared by IAASB Staff October 2010 Written Representations.
Lesson Title: RFID Modulation, Encoding, and Data Rates Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: RFID Modulation, Encoding, and Data Rates Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Lesson Title: Threat Modeling Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This.

Lesson Title: Threat Modeling Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This.
Today’s Schools face:  Numerous State and Federal Regulations  Reduced Technology Funding  More Stringent Guidelines for Technology Use.

Today’s Schools face:  Numerous State and Federal Regulations  Reduced Technology Funding  More Stringent Guidelines for Technology Use.
Lesson Title: Tag Threats, Risks, and Mitigation Dale R. Thompson and Jia Di Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Tag Threats, Risks, and Mitigation Dale R. Thompson and Jia Di Computer Science and Computer Engineering Dept. University of Arkansas
Nurbek Saparkhojayev and Dale R. Thompson, Ph.D., P.E. Computer Science and Computer Engineering Dept. University of Arkansas Matching Electronic Fingerprints.

Nurbek Saparkhojayev and Dale R. Thompson, Ph.D., P.E. Computer Science and Computer Engineering Dept. University of Arkansas Matching Electronic Fingerprints.
Data Retention LIS 550 Winter 2010 Unsworth Tuesday, March 02, 2010.

Data Retention LIS 550 Winter 2010 Unsworth Tuesday, March 02, 2010.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Lesson Title: Threats to and by an RFID system Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Threats to and by an RFID system Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Lesson Title: Electromagnetics and Antenna Overview Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Electromagnetics and Antenna Overview Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
ICAICT202A - Work and communicate effectively in an IT environment

ICAICT202A - Work and communicate effectively in an IT environment
Lesson Title: Singulation Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This material.

Lesson Title: Singulation Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This material.
NTIA Privacy Multistakeholder Meeting March 25, 2014 Amanda Koulousias, Attorney Division of Privacy and Identity Protection Federal Trade Commission FTC.

NTIA Privacy Multistakeholder Meeting March 25, 2014 Amanda Koulousias, Attorney Division of Privacy and Identity Protection Federal Trade Commission FTC.
INTERNET and CODE OF CONDUCT

INTERNET and CODE OF CONDUCT
4/3/20011 Ethics in Special Education Assessment and Testing and Maintenance of Student Information.

4/3/20011 Ethics in Special Education Assessment and Testing and Maintenance of Student Information.
Anglican Province of Canada Privacy Policy. Commitment to Privacy The Privacy Policy, including the Web Privacy Statement, is the Anglican Province of.

Anglican Province of Canada Privacy Policy. Commitment to Privacy The Privacy Policy, including the Web Privacy Statement, is the Anglican Province of.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Personal Data (Privacy) Ordinance Hong Kong Personal Data (Privacy) Ordinance Hong Kong by Stephen Lau Privacy Commissioner for Personal Data Hong Kong.

Personal Data (Privacy) Ordinance Hong Kong Personal Data (Privacy) Ordinance Hong Kong by Stephen Lau Privacy Commissioner for Personal Data Hong Kong.

Similar presentations

Ads by Google