Information Privacy

Dr. Heng XuPrivacy Assurance Lab (PAL)

PAL @ Penn State

03/31/2010

pal.ist.psu.edu

2

3

Outline

What is Privacy? Privacy Concerns

Web Privacy

Privacy Protection Approaches Legislation Industry Self-Regulation Technology

4

What does privacy mean to you?

How would you define privacy? What does it meant to you for something

to be private?

5

Britney Spears: “We just need privacy”

“You have to realize that we're people and that we need, we just need privacy and we need our respect, and those are things that you have to have as a human being.”

— Britney Spears15 June 2006NBC Dateline

http://www.cnn.com/2006/SHOWBIZ/Music/06/15/people.spears.reut/index.html

6

Benefits Financial rewards

Coupons, gift vouchers, discounts, cash…

Personalization

Risks Lose control of your personal information Identity theft

Disclosed Information

Benefits in ReturnInformation Subject

Service Provider

Benefit/Risks Analysis

Information DisclosurePrivacy Tradeoffs

Google Google Search

Web Privacy

8

Web Privacy: A look at privacy policies at

Google, Microsoft and Yahoo What gets saved when you use the service

Microsoft doesn't record IP address, log-in time, or other user-specific information in its logs

Both Yahoo and Google collect these data, along with your browser and what you clicked on the page.

Google log record example Q = cars url = www.google.com/search?q=cars IP = 72.14.253.xx Cookie = PREF=66FUQULL0QBT8MMTVSC5K: LD=en… User-Agent: Mozilla/4.75 [en] (X11; U; NetBSD 1.5_ALPHA

i386) Time = 25 Mar 2007 10:15:32

9

Web Privacy: A look at privacy policies at

Google, Microsoft and Yahoo Amount of personal information when you sign up

Google - just name and the country you live in Yahoo and Microsoft - name, gender, birthday, and

zip code. Time-to-Delete

Google may take up to 60 days to completely remove that "Vegas was great" e-mail from its servers after you delete it.

Microsoft takes three days or less Yahoo says that, though removing the actual e-mail

content may take a short while, the information becomes dissociated from your account almost as soon as you delete it

http://www.pcworld.com/article/id,137363-page,1-c,onlineprivacy/article.html

Privacy Protection

Legislation

Industry Self-Regulation

Technology

11

Privacy Laws Privacy laws and regulations vary widely

throughout the world

US has mostly sector-specific laws, with relatively minimal protections - often referred to as “patchwork quilt” Privacy Laws – Private Sector

Fair Credit Reporting Act (FCRA) Health Insurance Portability and Accountability Act (HIPAA) Gramm-Leach-Bliley Act (GLBA) The Children’s Online Privacy Protection Act (COPPA) The Drivers Privacy Protection Act (DPPA)

Privacy Laws – Public Sector The Privacy Act of 1974 The Freedom of Information Act (FOIA)

12

Privacy Laws … State Security Breach Notification Laws Laws that compel Disclosure of personal information

The US Patriot Act of 2001 Homeland Security Act of 2002 Intelligence Reform and Terrorism Prevention Act of 2004

(IRTPA): The US Communications Assistance to Law Enforcement Act

(CALEA):

European Data Protection Directive requires all European Union countries to adopt similar comprehensive privacy laws that recognize privacy as fundamental human right

13

Privacy self-regulation

Since 1995, the US FTC has pressured companies to “self regulate” in the privacy area Upcoming FTC town hall on behavioral advertising

http://www.ftc.gov/opa/2007/08/ehavioral.shtm Self regulation may be completely voluntary or

mandatory (or somewhere in between) Self-regulatory programs and initiatives

Industry Guidelines Privacy Seals Privacy Policies

14

Voluntary privacy guidelines

Direct Marketing Association Privacy Promise

Network Advertising Initiative Principles

CTIA Location-based privacy guidelines

Generally Accepted Privacy Principals

15

Privacy policies

Policies let consumers know about site’s privacy practices

Consumers can then decide whether or not practices are acceptable, when to opt-in or opt-out, and who to do business with

The presence of privacy policies increases consumer trust

What are some problems with privacy policies?

16

Privacy policy problems

BUT policies are often difficult to understand hard to find take a long time to read change without notice?

17

Short Notices

Project organized by Hunton & Williams law firm Short version (short notice) of human-readable policy for web and

paper Also called a “layered notice” - refer to long notice for more detail Now being called “highlights notice” Focus on reducing privacy policy to at most 7 boxes

Alternative proposals from privacy advocates focus on check boxes

Interest Internationally http://www.privacyconference2003.org/resolution.asp

Interest in the US for financial privacy notices http://www.ftc.gov/opa/2003/12/privnoticesjoint.htm

18

Acme CompanyPrivacy NoticeHighlights

For more information about our privacy policy, write to:

Consumer Department Acme Company11 Main StreetAnywhere, NY 10100

Or go to the privacy statement on our website at acme.com.

We collect information directly from you and maintain information on your activity with us, including your visits to our website. We obtain information, such as your credit report and demographic and lifestyle information, from other information providers.P

ER

SO

NA

LIN

FO

RM

AT

ION

We use information about you to manage your account and offer you other products and services we think may interest you. We share information about you with our sister companies to offer you products and services. We share information about you with other companies, like insurance companies, to offer you a wider array of jointly-offered products and services. We share information about you with other companies so they can offer you their products and services.

US

ES

You may opt out of receiving promotional information from us and our sharing your contact information with other companies. To exercise your choices, call (800) 123-1234 or click on “choice” at ACME.com. Y

OU

R C

HO

ICE

S

You may request information on your billing and payment activities.

IMP

OR

TA

NT

INF

OR

MA

TIO

N

HO

W T

O R

EA

CH

US

This statement applies to Acme Company and several members of the Acme family of companies. S

CO

PE

NY142510v15/28/2002

Dated: May 28, 2002

Template prepared by the N

otices Project, a program

of the Center for Inform

ation Policy Leadership at H

unton & W

illiams

© 2002 Center for Inform

ation Policy Leadership

Privacy Notice Highlights Template

19

Checkbox proposalWE SHARE [DO NOT SHARE] PERSONAL INFORMATION WITH OTHER WEBSITES OR COMPANIES.

Collection: YES NOWe collect personal information directly from you We collect information about you from other sources: We use cookies on our website We use web bugs or other invisible collection methods We install monitoring programs on your computer

Uses: We use information about you to: With Your Without YourConsent Consent

Send you advertising mail Send you electronic mail Call you on the telephone

Sharing: We allow others to use your information to: With Your Without YourConsent Consent

Maintain shared databases about you Send you advertising mail Send you electronic mail Call you on the telephone N/A N/A

Access: You can see and correct {ALL, SOME, NONE} of the information we have about you.

Choices: You can opt-out of receiving from Us Affiliates Third PartiesAdvertising mail Electronic mail Telemarketing N/A

Retention: We keep your personal data for: {Six Months Three Years Forever}

Change: We can change our data use policy {AT ANY TIME, WITH NOTICE TO YOU, ONLY FOR DATA COLLECTED IN THE FUTURE}

Source: Robert Gellman, July 3, 2003

20

21

22

P3P

What is P3P? www.w3.org/P3P/

From a Web site’s perspective: A protocol designed to provide a way for a Web site

to encode its privacy statement in a machine-readable format.

From a user’s perspective: Use a P3P User Agent

Configure their privacy preferences Get notification of a Web site’s privacy practices

23

Privacy Bird configuration screen

Users can choose to be notified or not, when a site uses financial information for marketing purposes.

24

Chirping bird is privacy indicator

SRA-111lect10.ppt

25

Red bird indicates mismatch

Privacy Bird: Notice Approach

How about choice?

27

28

29

Privacy Finder

Uses Google or Yahoo! API to retrieve search results

Checks each result for P3P policy Evaluates P3P policy against user’s preferences Reorders search results Composes search result page with privacy

annotations next to each P3P-enabled result Users can retrieve “Privacy Report” similar to

Privacy Bird policy summary

Thank you!

What’s next?

SRA 472

Integration of Privacy &

Security

Conception

Foundation Concepts

Fair Information Practices

Technological Drivers

Privacy-Enhancing & Privacy-Invasive Technologies

The Platform for Privacy Preferences (P3P) & Design for Privacy

Organizational Approaches

Building a Privacy Org. Infrastructure

IT Governance and Risk Control

Profession & Training

Professional Associations

Career Opportunities

Project Presentations

Privacy Laws

SRA 472: Integration of Privacy and Security

Support course for Social Factors & Risk (SFR) and Intelligence Analysis & Modeling (IAM) options of SRA major

Substitute for IST402 for the IST major, SRA/ICS option, and the IST and SRA minors.

32