ch2 privacy
DESCRIPTION
Ch2 Privacy. Aspects of Privacy. Freedom from intrusion. Control of information about ones self. Freedom from surveillance. "Who's Spying on You?". Popular Mechanics (01/05) Vol. 182, No. 1, P. 56; Cooper, Simon “New technologies that enhance safety and convenience - PowerPoint PPT PresentationTRANSCRIPT
8/26/01 Miller CSC309 1
Ch2 Privacy
8/26/01 Miller CSC309 2
Aspects of Privacy
Freedom from intrusion.
Control of information about ones self.
Freedom from surveillance.
1/14/09 Miller CSC309 3
"Who's Spying on You?"Popular Mechanics (01/05) Vol. 182, No. 1, P. 56; Cooper, Simon
“New technologies that enhance safety and convenience for users are costing them their privacy. Critics are concerned that this trend might lead to a society where people's job opportunities and other aspects of their livelihood could be determined by massive repositories of data collected by monitoring systems.”
Federally mandated (GPS)-enabling cell phones“turns the phones into tracking devices”.
1/14/09 Miller CSC309 4
"Who's Spying on You?"Popular Mechanics (01/05) Vol. 182, No. 1, P. 56; Cooper, Simon
The National Transportation Safety Board's desire toinstall event data recorders (EDRs) in all new vehicles has sparked fears among privacy proponents that lawyers could use EDR data as evidence in civil suits,while insurance companies could use them to justify premium hikes or cancellations. Private "data aggregators" keep files on most Americans in vast databases, and the federal government appears to be these aggregators' biggest client.
2/1/09 Miller CSC309 5
“Small Print”From the Prof’s user manual on his 2006 van:“Some information is stored during normal operation.”In a crash event the data recorded might include enginespeed, break application, throttle position, vehicle speed, safety belt usage, airbag readiness, airbagperformance, and the severity of the crash.Information concerning a crash will not be shared withothers except if it is “in response to an official request of police or similar government office, required by law, or as part of GM’s defense.”
10/23/08 Miller CSC309 6
Radio-frequency identificationAn RFID tag is an object that can be applied to or incorporated into a product, animal, or person for the purpose of identification and tracking using radio waves. Some tags can be read from several meters away and beyond the line of sight of the reader.
Chipless technology now allows for tags to beprinted directly on products. Wikipedia
10/23/08 Miller CSC309 7
Radio-frequency identificationSo in the brave new future you walk into Walmart (currently using RFID technology) where you are greeted by a robot that calls you by name (because it can read your ID from either your verichip or the credit cards in your wallet) and informs you that the underwear you have on needs replacing (RFID tag again) and offers directions to that section of the store.
10/23/08 Miller CSC309 8
SkypeEstablished in 2003, this Luxenborg based company, provides free computer to computer “telephone service” and makes its money by charging for computer to landline or cell phone links around the world. Skype is available in 28 languages and is used in almost every country.
10/23/08 Miller CSC309 9
SkypeResearchers have discovered a Chinese Gov.surveillance operation (estimated 30,000 employees) that is monitoring voice and text messages looking for offensive words. The Chinese servers retain personal information about the users who send such messages, and record chat conversations between local andSkype users from outside China. The system also recorded text messages and Skype caller identification. (Surveillance of Skype Messages Found in China
New York Times (10/02/08) P. C1; Markoff, John)
10/1/08 Miller CSC309 10
Privacy Issues for Both the Private and Public Sectors
What methods are used to gather data? How is the data stored?How is the data secured?How is the data validated?Who has access to the data?How is the data analyzed?How is information distributed?How is the data used?
8/26/01 Miller CSC309 11
Privacy Balancing Act (Alan Westin)
(1) Safeguarding personal and group privacy, in order to protect individuality and freedom against unjustified intrusions by authorities.
(2) Collecting relevant personal information essential for rational decision-making in social, commercial, and government life; and
(3) Conducting the constitutionally limited government surveillance of people and activities necessary to protect public order and safety.
8/26/01 Miller CSC309 12
Privacy and the Constitution
While the U.S. Constitution does not explicitly use the word "privacy," several of its provisions protect different aspects of this fundamental right. The strongest protections arise from the Fourth Amendment, which safeguards individuals in their persons, homes, papers, and effects, from unreasonable searches and seizures.
8/26/01 Miller CSC309 13
Privacy and the Constitution
The First Amendment's freedom of expression and association clause, protects information about those with whom we associate (e.g.,political groups and social organizations), and offers protections for the materials that we create, read, view, etc., in the privacy of our homes.
8/26/01 Miller CSC309 14
Privacy and the Constitution
The Fifth Amendment's privilege against self-incrimination, protects the autonomy of our bodies, thoughts and beliefs.
8/26/01 Miller CSC309 15
Code of Fair Information Practices(Gov Advisory Cmt 1973)
There should be no systems whose existence is secret.
There should be a way for a person to find out what data about him or her are in the system and how they are used.
Information obtained for one purpose should not be used for another purpose without the person's consent.
8/26/01 Miller CSC309 16
Code of Fair Information Practices(Gov Advisory Cmt 1973)
There should be a way for a person to correct errors in his or her files.
Any organization creating, maintaining, using, or distributing personal data is responsible for the reliability and security of the data.
1/27/03 Miller CSC309 17
Code of Fair Information Practices(Gov Advisory Cmt 1973)
This set of five principles has formed the basisof privacy-related laws in the US.
They have been put as part of national dataprotection laws in many industrial countrieswith the US being a major exception.
They influenced the 1974 Privacy Act
8/26/01 Miller CSC309 18
In Detroit reporters were able to trace the various factions of a major crime family by recording auto license plates of autos parked around the home of a reputed mobster.
Motor vehicle data sells for about $5 per name.
On the web you can find folks that will look up tags for you.
Auto Tags
1/22/09 Miller CSC309 19
According to the the US Bureau of Transit Statistics for 2006 there were 250,851,833 registered passenger vehicles in the US and over 200 million licensed drivers.
There is information on where you live, what you drive, your height, weight, any physical handicaps, birth date, etc. We now have the ability (not my idea) to write an article on the ten heaviest women in the state.
Auto Tags
6/29/02 Miller CSC309 20
Motor Vehicle Data
It would be nice if we could say the data we give about ourselves in order to get a drivers license can be used only for making that decision but States are currently passing laws that make that impossible.Wisconsin: a drivers license can be suspended for failure to pay a fine (such as a library fine).Kentucky: A student can lose a license if he/she cuts class or fails classes.
6/29/02 Miller CSC309 21
Deadbeat Parents
More than 300,000 parents in 42 states have lost their drivers license because of latechild support payments.
In Maine it can cost you a chance at a licenseto shoot a moose.
Every state has some type of license suspension program.
In at least 26 states deadbeat parents have lost professional licenses (beauticians in MS).
2/13/02 Miller CSC309 22
In Los Angeles, a man spotted an actress driving her car, hired a private investigator to look the plate number up in a data base which then gave him a home address. He then shot and killed her when she opened her front door.
The death to actress Rebecca Schaeffer by a stalker led to the passage of the Driver’s Privacy Protection Act of 1994. Drivers were given the right to “Opt-out”of having their personal data sold.
Auto Tags
8/26/01 Miller CSC309 23
25 June 1999: DMV Info at Stake in Senate LegislationA transportation-funding bill in the Senate contains a provision that state motor vehicle agencies may not sell their drivers license data-bases. Direct marketing firms are lobbying hard against the bill, while the ACLU and privacy advocates are offering their support. http://www.wired.com/news/print_version/politics/story/20435.html?wnpg=all
8/26/01 Miller CSC309 24
-- 13 January 2000 Supreme Court Rules in
Favor of Drivers' Data
In a unanimous decision, the Supreme Court upheld the constitutionality of the 1994 Driver's Privacy Protection Act (DPPA), which restricts states from selling drivers license data without the drivers' consent.
http://www.gcn.com/breaking-news/000113124350.html
6/4/02 Miller CSC309 25
The Rest of the StoryThe reason the Supreme court was reviewing the law was because South Carolina was making good money selling drivers license data and photographs without consent of the drivers and the 1999 modifications (Oct 1999) to the Driver’s Privacy Protection Act of 1994 was changing an opt-out option to one where specific permission (opt-in) had to be given before data could be sold. The Oct 1999 change had a problem in that when it eliminated the sale of information for marketing it also eliminated the sale of information to investigators for specified lawful purposes. This was corrected.
12/25/01 Miller CSC309 26
IRSHas scanned vehicle registrations for people who own expensive boats or cars.
Examined (1993) cash transactions on two million taxpayers.
Clearly has the data on everyone who hasreported contributions to charitable organizations that have been alleged to support terrorism.
8/26/01 Miller CSC309 27
Government Files
In 1982 it was estimated there were approximately 2000 federal databases containing 3.5 billion personnel files.
Used to detect fraud and to recover bad debts.
Serious threat to personal privacy.
What about government access to bank records?
9/21/08 Miller CSC309 28
Data Base Privacy
In the 1990’s health insurance company for Commonwealth of Massachusetts released data for research that was stripped of individualidentifiers but kept date of birth, gender, and ZIP code in the records.
That is enough information to uniquely identify TWO-THIRDS of the population.
Greengard, “Privacy Matters” CACM, 09/08, Vol. 51, no 9, p17-18.
9/21/08 Miller CSC309 29
Survey Privacy USM
Faculty asked to give an anonymous evaluationof the administration. For statistical studies they were asked to provide information on theirgender, the college they were members of, the number of years in college teaching, and the number of years at they had worked at USM.
Anonymous?
How do you respond?
8/26/01 Miller CSC309 30
Matching/profilingComputer Matching means combining and comparing information from different databases. (Usually using SS#s to extract information on an individual from various sources.)
Computer Profiling means using data in computer files to determine characteristics of people most likely to engage in certain behavior.
1/29/09 Miller CSC309 31
Profiling 1/28/09In an investigative report on ABC’s Good Morning America, It was reported that at least American Express was monitoringwhere you shop to determine your credit limits. The argument being that people whoshop at certain locations have a lower instance of staying current, so, if you do, your more ofa risk. Lower limit yields higher balance/limitratio yields higher rate. Don’t use card to paymarriage counselor.
8/26/01 Miller CSC309 32
Linkage Attack
A linkage attack is one in which informationfrom a database is used to compromise privacy in a different database.
10/7/08 Miller CSC309 33
Netflix Linkage AttackNetflix published dataset: More than 100,000,000 ratings, from 480,000 randomly-chosen anonymous customers on 18,000movie titles. Privacy was protected by removing all personal information and by then replacing customer IDs with randomly-assigned IDs. Each movie rating contained the date of the rating and the title and year of release of the movie.
10/7/08 Miller CSC309 34
Netflix Linkage AttackResearchers from Univ of Texas Austinwere able to identify individuals in the Netflix data base by using public reviews published in the Internet Movie Database.
Eight ratings with dates provided enough information for the identifications tohave 99% accuracy.
10/7/08 Miller CSC309 35
On being a Professional
The Netflix breach of privacy was probablya surprise because it did look like they had taken reasonable precaution.
The latest advance, (2006) “differential privacy” introduces random noise and assures that the database behaves the sameindependent of any individual or smallgroup being either included or excluded.
12/25/01 Miller CSC309 36
Selective Service
Bought the birthday list from a major ice cream parlor chain to find 18 year olds who had not registered.
No Selective Service registration, no student aid.
8/26/01 Miller CSC309 37
FBI(2000)National Crime Information Center (NCIC).
Criminal histories on 17 million people.
24 million records on wanted felons, missing property, etc.
Can legally obtain credit reports without a court order.
Database links to other databases being expanded.
8/26/01 Miller CSC309 38
IssuesWhat about Fourth Amendment protection against "unreasonable search and seizure"?
Requires "probable cause" for search and seizure.
We can now find a suspect and look for a crime.
Problem with starting with a presumption of guilt.
12/25/01 Miller CSC309 39
Census Bureau
Mandated census every ten years.
Information collected is supposed to be confidential.
Marketing information collected.
Information used to catch draft dodgers.
Race information gathering is more complicated now because of changing attitudes and the tie to government benefits.
12/24/01 Miller CSC309 40
SS NumbersExtension of the Social Security Number to the status of an ID card was rejected in 1971 by the Social Security Administration task force on the SSN.
1991 report to congress "60% based on unverified information"
Privacy and security experts recommend that people not give their SS# without first determining if it is legally required or that there is a valid reason for requesting it.
1/29/04 Miller CSC309 41
Credit BureausThe Fair Credit Reporting Act of 1970 restricted the distribution of information to only those who needed it for legitimate business purposes.
In 1993, the Federal Trade Commission ruled that the use of credit information to generate marketing lists violates law and ordered TRW (now Experian) and TransUnion to stop. Equifax the other major credit reporting firm, had stopped the practice in 1991.
10/1/08 Miller CSC309 42
Annualcreditreport.comIn 2003 legislation was passed that required that the credit reporting agencies provide, upon request, a free credit report every twelve months to every consumer. The goal was to allow consumers a way to ensure their credit information is correct and to guard against identity theft. (Wikipedia)
It also allows the consumer to see how he looks in an enquiry.
10/1/08 Miller CSC309 43
Annualcreditreport.comThe three major credit reporting agencies, Equifax, Experian and TransUnion created a joint venture company to oversee their compliance with the legislation.
This action led to annualcreditreport.com.
A common strategy is to request a report every 4 months. (Good idea)
Wikipedia
10/1/08 Miller CSC309 44
Annualcreditreport.comAnnualcreditreport.com is the only federally mandated and authorized source for obtaining a free credit report.
Note: You don’t find free if you make your selection of reporting agencies on first page of annualcreditreport.com
Your credit score will cost you $7.95 and you will be given lots of chances to buy it.
Wikipedia
10/15/01 Miller CSC309 45
Feds Drop Privacy PushWASHINGTON (AP) -- Federal Trade Commission chairman Timothy J. Muris is to announce Thursday that his agency will not seek stronger consumer privacy laws. His position is a reversal of Clinton-era policy that said consumer privacy laws were needed to protect personal data on the Internet. The decision carries more weight after the September 11 terrorist attacks. Since then, many companies have been sharing their consumer data with law enforcement agencies and each other in an attempt to look for suspicious coincidences.
12/25/01 Miller CSC309 46
National ID cards
National ID cards have long been advocated as a means to enhance national security, unmask potential terrorists, and guard against illegal immigrants. Also proposed in debates on gun control, national health care, and Social Security reform. They are in use in many countries around the world including most European countries, Hong Kong, Malaysia, Singapore and Thailand.
12/25/01 Miller CSC309 47
History of rejection for National ID cards
1971 Social Security Administration task force.1973 Health Education and Welfare advisory ctm.1976 Federal advisory ctm. on False Identification.1977 Carter Administration “no” on SSN use.1981 Regan Administration “explicitly opposed” Clinton Administration “opposed”*1999 Congress repeals provision of Illegal Immigration Reform and Immigrant Responsibility Act of 1996.9/11/01+ White House “not even considering.”
12/25/01 Miller CSC309 48
National ID card debate after 9/11/2001
Larry Ellison, chairman and CEO of Oracle“We need a national ID card with our photograph and thumbprint digitized and imbedded in the ID card” and I’ll “provide the software for this absolutely free.”
Bush Administration saying “not an option” butsome members of Congress clearly tempted.
12/26/01 Miller CSC309 49
What’s new in National ID card proposals?
Technology options are more varied and more sophisticated. In addition to the massive net-worked databases and the unbelievable computing power which is available for searching/matching we now have digital fingerprinting, handprint scans, facial recognition technologies, voice authentication devices, and retinal scans. More on chip implants later.
12/25/01 Miller CSC309 50
Fake ID cards
Any estimate of the number of teenagers that have obtained “good enough” false ID to getby the “age” police? How difficult would it be with the support of a well financed terroristorganization or country to get a quality falseID? Does the estimated 750,000 cases of stolen identity in 2001 give some feel for how easythis might be?
1/19/02 Miller CSC309 51
The Dutch and ID cardsIn 2003, all Dutch citizens with European Union (EU) identification cards will have unique biometric data stored in a chip. These cards are travel documents for use within the EU only. Passports will also get a chip, but a date has yet to be set, Van Beers said. The biometric information will not be centrally stored in a database, only on the chip, he stressed. The trials are conducted with immigrants because they have to report to the police regularly. http://www.epic.org/privacy/id_cards/
12/26/01 Miller CSC309 52
Could an ID card decrease security?
It is not the card that security folks will be relying on but on the integrity of the process that produced the card. Cards can be forged,or obtained improperly and any over reliance on their validity will provide a false sense of security that can result in major breaches of security.[We will make a similar argument concerningthe use of passwords and how they can providea false sense of security that leads to problems.]
2/8/09 Miller CSC309 53
Google (2/8/09)
An upgraded mapping system will enable people to use mobile phones and other wireless devices to share their location with “family and friends.”
About privacy concerns: Each user can easily turn the tracking software on or off and can limit access. Google promises to store only the last position read on its computers.
2/8/09 Miller CSC309 54
Microsoft, Google, Yahoo (2/8/09)
A record is made of every search you do online including the words and sites you search for, and the time and date.
Records are kept:
Microsoft: 18 months Google: 9 monthsYahoo: 3 months
2/8/09 Miller CSC309 55
America Online (AOL)In 2006 AOL shared roughly 20 million search records from 658,000 users on their new AOL Research site. The data included a number assigned to the anonymous user, the search term, the date and time of the search, and the website visited as a result of the search. The data revealed possible illegal drug use, murder, suicide, medical information, names, addresses and social security numbers. AOL closed the site.
2/8/09 Miller CSC309 56
The Government and Internet Search Records
The AOL incident reported in the previous slide occurred just months after the government had requested requested all the search result conducted over a one week period from all the major search engines including AOL, Yahoo, and Google. Google was the only search engine that did not give in to the request. They took their case to court and eventually won.
10/27/08 Miller CSC309 57
Protecting Privacy in the Future
Baker predicts the emergence of a market in which "all kinds of companies are going to sell us software that helps us keep control of our data, furnish our data to those who will use it responsibly, and keep it from those who won't.”Numerati
2/7/09 Miller CSC309 58
History Snapshot (What does this have to do with privacy?)
David Gelernter took a bachelor's degree in religious studies and a master's in Hebrew literature from Yale. He went on to collect a PhD in computer science from the State University of New York at Stony Brook, but joined Yale as faculty in 1982. He made a name for himself by developing a computer language named "Linda”.