computer and internet privacy university of palestine university of palestine eng. wisam zaqoot eng....
TRANSCRIPT
Computer and Computer and Internet privacyInternet privacy
University of PalestineUniversity of Palestine Eng. Wisam ZaqootEng. Wisam Zaqoot Feb 2010Feb 2010
ITSS 4201 Internet Insurance and ITSS 4201 Internet Insurance and Information HidingInformation Hiding
First of all, What is “PrivacyFirst of all, What is “Privacy ” ”??
Your right of Privacy: "is the right to Your right of Privacy: "is the right to control over your own personal data control over your own personal data and the ability to grant or deny and the ability to grant or deny access to others"access to others"
Privacy Problem: Privacy Problem: – Consider computer-based interactions Consider computer-based interactions
from a simple transaction to a complex from a simple transaction to a complex collaborationcollaboration
– Interactions almost always involve Interactions almost always involve dissemination of private datadissemination of private data
– Threats of privacy violations result in Threats of privacy violations result in lower trust. Lower trust leads to isolation lower trust. Lower trust leads to isolation and lack of collaborationand lack of collaboration
– Privacy violations could be very harmfulPrivacy violations could be very harmful
The scope of a person’s privacy The scope of a person’s privacy disclosure should be proportional to disclosure should be proportional to the benefits expected from the the benefits expected from the interactioninteraction
As in social interactionsAs in social interactions E.g.: a customer applying for a E.g.: a customer applying for a
mortgage must reveal much more mortgage must reveal much more personal data than someone buying a personal data than someone buying a bookbook
Key Aspects of PrivacyKey Aspects of Privacy::
– Freedom from intrusion (being left Freedom from intrusion (being left alone)alone)
– Control of information about oneself. Control of information about oneself. Control of publication (“notice and Control of publication (“notice and choice”).choice”).
– Freedom from surveillance (being Freedom from surveillance (being tracked, followed, watched)tracked, followed, watched)
Main issues:Main issues:
Secondary UseSecondary Use Computer MatchingComputer Matching Computer ProfilingComputer Profiling Invisible Information GatheringInvisible Information Gathering Video SurveillanceVideo Surveillance Stealing and losing dataStealing and losing data
Secondary useSecondary use - use of personal - use of personal information for a purpose other than information for a purpose other than the one it was provided forthe one it was provided for..
Data miningData mining - searching and - searching and analyzing masses of data to find analyzing masses of data to find patterns and develop new patterns and develop new information or knowledge.information or knowledge.
Computer matchingComputer matching - combining and - combining and comparing information from different comparing information from different databases (using social insurance number, databases (using social insurance number, for example, to match records)for example, to match records)
Examples:Examples: During Vietnam War, Selective Service bought During Vietnam War, Selective Service bought
birthday list from ice cream chain to find 18-birthday list from ice cream chain to find 18-year olds who had not registered for the draft.year olds who had not registered for the draft.
Data mining and computer matching are used Data mining and computer matching are used to fight terrorismto fight terrorism
Computer profilingComputer profiling - analyzing - analyzing data in computer files to determine data in computer files to determine characteristics of people most likely characteristics of people most likely to engage in certain behaviorto engage in certain behavior
Examples:Examples: Business: find likely customers, targeted Business: find likely customers, targeted
marketing.marketing. Police: find likely criminals.Police: find likely criminals.
Invisible information gatheringInvisible information gathering - - collection of personal information collection of personal information about someone without the person’s about someone without the person’s knowledgeknowledge
Video SurveillanceVideo Surveillance
Modern surveillance techniques are redefining Modern surveillance techniques are redefining expectation of privacyexpectation of privacy– Security camerasSecurity cameras
Increased securityIncreased security Decreased privacyDecreased privacy
Cameras in United Kingdom. Millions of Cameras in United Kingdom. Millions of cameras, some of them used to enforce 9 pm cameras, some of them used to enforce 9 pm curfew for young people (<16) in some cities.curfew for young people (<16) in some cities.
Cameras in DubaiCameras in Dubai
Other surveillance technologies:Other surveillance technologies:– Satellites, RDIF, tracking credit cards transactions Satellites, RDIF, tracking credit cards transactions
…etc …etc
Stolen and Lost DataStolen and Lost DataExcept for hackers, stealing or losing Except for hackers, stealing or losing
data is not new to computer data is not new to computer technology. Before computers, files technology. Before computers, files were stolen, receipts were stolen, were stolen, receipts were stolen, information was requested under false information was requested under false pretenses and employees who have pretenses and employees who have access were bribed. But, with access were bribed. But, with computers, the extent and impact have computers, the extent and impact have grown.grown.
– Example: Child benefit details for 25 million Example: Child benefit details for 25 million people lost in Britain.people lost in Britain.
------------------------------------------------------------------------------------------------------------
Regarding the government, e-health Regarding the government, e-health and e-commerce sectors, discuss the and e-commerce sectors, discuss the following questions:following questions:
What data do they have about you? What data do they have about you? Who has access to the data? Who has access to the data? How is your data protected?How is your data protected?
Privacy, Government and Citizens:Privacy, Government and Citizens:
Basically there are traditional set of issues: Basically there are traditional set of issues:
Law enforcement/security vs. Law enforcement/security vs. privacy/individual freedom.privacy/individual freedom.
new domains: e-mail monitoring, computer new domains: e-mail monitoring, computer matching/profilingmatching/profiling
new scope: millions of records on one hard new scope: millions of records on one hard disk (U.K.)disk (U.K.)
U.S. Constitution, Fourth Amendment:U.S. Constitution, Fourth Amendment:
The right of the people to be secure in their The right of the people to be secure in their persons, houses, papers, and effects, persons, houses, papers, and effects, against unreasonable searches and against unreasonable searches and seizures, shall not be violated, and no seizures, shall not be violated, and no Warrants shall issue, but upon probable Warrants shall issue, but upon probable cause, supported by Oath or affirmation, cause, supported by Oath or affirmation, and particularly describing the place to be and particularly describing the place to be searched, and the persons or things to be searched, and the persons or things to be seized.seized.
Privacy, Business and Customers:Privacy, Business and Customers:
In the past: Information of single In the past: Information of single ordinary person not profitable. Mass ordinary person not profitable. Mass information gathering too information gathering too expensive/infeasible.expensive/infeasible.
Now: Information of 1000s or millions Now: Information of 1000s or millions of ordinary people is valuable:of ordinary people is valuable:– databases can gather and store that databases can gather and store that
much information.much information.– data mining programs can find statistical data mining programs can find statistical
patterns.patterns.
Discussion QuestionsDiscussion Questions
Is there information that you have Is there information that you have posted to the Web that you later posted to the Web that you later removed? Why did you remove it? removed? Why did you remove it? Were there consequences to posting Were there consequences to posting the information? (if you are using the information? (if you are using Facebook, have you revised your Facebook, have you revised your privacy settings?) privacy settings?)
Have you seen information that others Have you seen information that others have posted about themselves that have posted about themselves that you would not reveal about yourself ?you would not reveal about yourself ?