Modernizing Privacy

  • Uploaded by: anon-21951
  • 0
  • 0
  • November 2019
  • PDF

This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA


Overview

Download & View Modernizing Privacy as PDF for free.

More details

  • Words: 475
  • Pages: 17
Introduction to Privacy Todd Ritchie

1

What is Privacy? “[T]he content of privacy cannot be captured if we focus exclusively on either information, access, or intimate decisions because privacy involves all three areas. . . privacy’s content covers intimate information, access, and decisions.” – Julie Inness 2

What is Privacy? • Control over access to personal, intimate information • Control over what is personal, intimate information • Control over decisions made based on this information

3

Modernizing Privacy Todd Ritchie

4

Privacy concerns ... • SIN, medical records, tax records … these are personal but not intimate • Sexuality, religion, relationships … these are personal and intimate • Why are these concerns? 5

Dangers • Monetary: Blackmail, fraud • Social: Embarrassment • Physical: Threats

6

Monetary dangers • Blackmail: Paying money to avoid information leaking with likely negative consequence. • For example: Pay someone to prevent them from publishing embarassing photos

7

Monetary dangers • Fraud: Illicit use of information or misrepresentation • In privacy's scope: Identity theft • Not in privacy's scope: Lying on your taxes

8

Social dangers • Embarrassment • For example: Taboo relationships (interracial, interreligious) • Taboo behaviours (intoxicated photos on Facebook) 9

Physical dangers • Threat to person • For example: FindARat.com exposing undercover agents to threats from criminals using publicly accessible court documents

10

Privacy Laws • Two kinds: Privacy law dealing with the government, privacy law dealing with private entities • Privacy Act deals with federal government, PIPEDA deals with private entities • In general, you can only collect information you need 11

Control • Privacy is about control: You can manage risk. We all decide on risk vs. privacy tradeoff in security matters. • Airmiles takes your purchase history, Facebook takes your date of birth • Once information is no longer needed, it has to be made anonymous • Sexual predator registry is a tradeoff 12

Problems with Privacy Laws • Not enough investigative authority • Doesn't deal with cross-border leak concerns at the private level • Only deals with information at a “personal level” • No breach notification

13

Not enough authority • Could not investigate Abika.com • Abika.com did not break US law, but broke Canadian law • Required presence in Canada but did not have power investigate

14

Cross-border information leak • Comparatively relaxed wiretap laws in US and UK • Tax records and e-mail are often stored in United States • Bell Nexxia outsources Deep Packet Inspection management to India

15

“Individual level” • Aggregate data is considered safe • AOL taught us it is not always • Oversight is needed

16

Breach notification • What if an e-merchant is broken into and millions of credit card records are stolen? • It happened to HBC • HBC did not have to tell anyone, they did but waited too long, thousands were victimized

17

Related Documents

Modernizing Privacy
November 2019 13
Privacy
October 2019 34
Privacy
May 2020 17
Xoops Privacy
November 2019 17
Marketing Privacy
November 2019 14