Who’s Watching You?

Privacy in the Global Digital Age

A SymposiumMarch 22-24, 2011

1 – 2:15 pm Symposium OpeningDr. Norvell JacksonWho’s Watching You? Privacy in the Global Digital AgeAlan Craig

2:30 – 3:45 Closing the Loop on Your Personal Information: Big pm Brother Is Here

Dr. Barbara Neuby and Robert HelinKennesaw State University

6:30 – 7 pm Reception 

7 – 9:30 pm Film: The Social Network                        Introduction by Paul Gaustad

Tuesday

9:30 – 10 am Continental Breakfast

10 – 11:15 am Read Any Good Books Lately?A Review of the Effect of the USA PATRIOT Act

on Libraries and Library UsersPete Bursi, GPC Librarian

1 – 2:15 pm Mobile Security in the Digital AgeJon Forcade, McAfee Corporation

2:30 – 3:30 Privacy and the Arena of Social Networkspm Brandon King, GPC Computer Science Student

Wednesday

4 – 6:15 pm Film: The Social NetworkIntroduction by Paul Gaustad, GPC Professor

6 – 7 pm Reception

7 – 8:15 pm Through the Naked Eye: The History of FBI Surveillance of the War Resisters’ League & Current Matters of Privacy IssuesKatherine Perrotta, GPC Professor

Wednesday (continued)

9:30 – 10 am Continental Breakfast 

10 – 11:15 am Digital Privacy—Laws, Rights, and ProtectionsDeborah Robinson, GPC CISO

11:30 – 12:45 Privacy and the Arena of Social Networks  Brandon King, GPC Computer Science Student

1 – 2:15 pm Big Brother, Is Thy Name Google?Julia Benson-Slaughter

2:30 – 3:45 pm Privacy and the Issue of Civil LibertiesDr. Crystal Garrett, GPC Professor

4 – 6 pm Closing Ceremony and Reception B 2100/2101

Thursday

New technologies are radically advancing our freedoms, but they are also enabling unparalleled invasions of privacy.

–Electronic Frontier Foundation

Ordering Pizza

• ACLU Video

• http://www.aclu.org/ordering-pizza

Definitions of Privacy:Australian Privacy Charter

• A free and democratic society requires respect for the autonomy of individuals, and limits on the power of both state and private organisations to intrude on that autonomy.

• Privacy is a value which underpins human dignity and other key values such as freedom of association and freedom of speech.

• Privacy is a basic human right and the reasonable expectation of every person.

Definitions of Privacy:

• The right to be let alone—HLR 1890 Warren & Brandeis

• "the desire by each of us for physical space where we can be free of interruption, intrusion, embarrassment, or accountability and the attempt to control the time and manner of disclosures of personal information about ourselves.”—Robert Ellis Smith

• 1st & 4th Amendments to US Constitution• 1890 Harvard Law Review, The Right to

Privacy• New Technology: telegraph, telephone, and

cameras• 1948 Universal Declaration of Human Rights• US Privacy Act of 1974

History of Privacy

516,950,604

516,950,604

• TOTAL number of records containing sensitive personal information involved in 2,403 security breaches in the U.S. since January 2005

• http://www.privacyrights.org/data-breach

• FTC warning on peer-to-peer data breaches

516,950,604

• Choicepoint–HQ in Alpharetta–Personal information on 163,000 people

stolen in 2004–Paid $15 million to resolve FTC complaint in

2006

What Does Equifax Know About You?

• The big three US credit bureaus– Equifax– TransUnion– Experian

Identity Theft

• “Every three seconds, an identity is stolen online”

–10.5 million each year

Symantec, March 2009

Identity Theft

• Symantec March 2007 – Clandestine online trade in personal information– Price of stolen US credit card data (with

verification number) ranged from $1 to $6 each– Information needed to take over a complete

identity (social security number, U.S. bank account, credit card, date of birth, government ID number, etc.)--from $14 to $18

Google

• “You can make money without doing evil.”– Google philosophy

Google

• “You can make money without doing evil.”– Google philosophy

• “We know where you are. We know where you’ve been. We can more or less know what you’re thinking about.”– Eric Schmidt, (almost former) CEO of Google:

Google

Video of Eric Schmidt CNBC interview

Google

• Street View– Identifiable personal

images– Captured Wi-Fi data

• Buzz– address books became

public contact lists, viewable by everyone.

• Reverse Phone Mapping

Privacy and Social Networking

Cloud Computing

Who Owns the Data?

• According to a recent survey, “more than 40 percent of U.S. teens are victims of cyber-bullying”

• Megan Meier• Tyler Clementi• Cyberbullying Research Center

Cyberbullying

• Iran cracked down on political dissent following the 2009 elections. This crackdown included shutting off access to social media.

• Iran went further by identifying Iranian protesters outside Iran via social media, applying pressure to protesters

• Google and Yahoo accounts of Chinese and Vietnamese human rights activists hacked

International Political Cyberbullying

Computer Science/Tools

• Anti-malware Tools• Anonymizers– Tor http://www.torproject.org/• protects you by bouncing your communications around

a distributed network of world-wide relays

– Cryptography• DES-Data Encryption Standard, AES-Advanced

Encryption Standard, Secure Socket Layer, RSA/Public Key Systems

Impersonation on the Web

• Impersonating celebrities• Impersonating you

• Is it illegal to impersonate a celebrity on formspring? plz i just need quick answer?

• Ok, so, my friends and I created a fake Oprah Winfrey on formspring and we were just kidding around with people that we are really her. We weren't giving out her information or anything, it's just a joke. But then I got a question on that formspring that said "This is the FBi, we have traced your location and you are not Oprah. If you do not delete this account, you will be arrested." I'm not sure if it's real or not but it's starting to freak me out!

So, should i delete my account even if that wasn't the "FBI", or should i still keep this formspring just for fun?

Impersonation on the Web

Cyber Activism/Hacktivism

• Politically motivated hacking• Sarah Palin-Tennessee man guessed the

challenge question to reset her Yahoo email account

• Florida man hacked a state legislator’s email account using personal information from internet

• Frenchman hacks President Obama’s Twitter account

Careers

• Chief Privacy Officer– “oversees a company's privacy policies and

practices, monitoring how the corporation handles confidential information about consumers and employees”

• International Association of Privacy Professionals

• Certified Information Privacy Professional

• Claude Shannon, Information Theory, 1948• MIT,

A Theory and Toolkit for the Mathematics of Privacy

• Predicting Social Security Numbers from Public Data

• Robust De-anonymization of Large Datasets – how to identify individual Netflix subscribers and

uncover sensitive information using publicly available data

Mathematics of Privacy

What Does the Government Know

About You?• Fusion Centers – “Fuse” data collected from a wide variety of

sources into a “virtual, centralized, grand database,”

• GISAC – Georgia Information Sharing and Analysis Center– Run by GBI with a staff of 18

Fusion CenterData Sources

• Agriculture Retail Social Services• Food Real Estate Transportation• Water Education Hospitality/Lodging• Environment Telecom Emergency Services• Public Works Government Chemical Industry• Criminal Justice Health Care Military Facilities• Banking and Finance Utility/Energy Companies• DOD Industrial Base Public Health Service• Hazardous Materials Postal and Shipping

See details at http://epic.org/privacy/fusion/

Fusion Centers

• As a result of a lawsuit, EPIC uncovered a “secret contract” between the FBI and the State Police of Virginia limiting the ability of the people of Virginia to learn what data on them was collected and stored in the Virginia Fusion Intelligence Center

• http://epic.org/privacy/virginia_fusion/MOU.pdf

RFID

• Radio-frequency identification• Extreme miniaturization• Tracking and profiling individuals (possibly

without their knowledge)

For More Information

• Electronic Privacy Information Center EPIC• Privacy.org • Electronic Frontier Foundation• Privacy Rights Clearinghouse • Privacy International• Cyberbullying Research Center• Office of the Privacy Commissioner of Canada

Who’s Watching You?

???

Who’s Watching You?

Everyone!