Presentation on theme: "Computer Privacy Paul “The No-Show” Chen Tatsumi Tagawa."— Presentation transcript:
Computer Privacy Paul “The No-Show” Chen Tatsumi Tagawa
How much information is out there? Let’s search Tatsumi Tagawa in Google and see what shows up
What is Privacy?
Definition of Privacy Privacy is the subjective condition a person experiences when two factors are in place. He or she must have the power to control information about him or herself. He or she must exercise that control consistent with his or her interests and values. Definition from Privacilla.org
"If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place” Eric Schmidt (ex-CEO, Chairman of Board of Google) December 2009 Source: Huffington Post
Surveillance and Data Collection Three arguments made against privacy rights. If you are doing nothing wrong, you shouldn’t worry. Privacy is Overrated. Privacy is no longer valued nor valuable. Collected information have enormous benefits.
Case Study: Medical Technology NASA developed a bio-capsule, which is inserted into your body. It monitors body chemistry and automatically release therapeutic molecules to treat ailments. University of Illinois Urbana-Champaign developed elastic electronics, which can wrap around organs and monitor its status. Both operates without the users’ knowledge. Data can be wirelessly transferred to your doctor. Enormous benefit to your health. But what are the consequences? Source:
Is Privacy a Right? Not mentioned in the Constitution of the US The Fourth Amendment stops the police and other government agents from searching our property without “probable cause.” Does this extend to privacy? Privacy Act of 1974 defines the privacy rights in the US. Does privacy right need to be specifically defined by law? Other Acts, such as the PATRIOT Act, gives government power not allowed by the Privacy Act.
Before we get started today…… A Quote from a Big Name in Computer Privacy
“The problem everyone realized later was the notion that security and privacy were never taken into account back then. Security wasn’t in the original design, so now we’re trying to retrofit something new onto an older system” Eric Santanen (Associate Professor at Bucknell) Fall 2011 Source: Gleisser, Benjamin. “A Case of Taken IDentity” Bucknell Magazine. Bucknell Press. Fall 2011
“Google's iPhone Tracking” Google took advantage of a loop-hole in Apple’s Safari browser on Mac and iPhone. Placed tracking cookies by circumventing the default privacy settings in the browser. No indication that any of the sites knew of the code. Google states it was an accident and unintentional. Code originally to provide better Google+ experience. Google blames Safari’s limited functionality. Source: Google's iPhone Tracking. Wall Street Journal. (Accessed 2/19/2012)
This is only some of privacy related news since last week
COMPUTER PRIVACY AND ETHICS
Whose Responsibility? Is the user responsible to know about privacy policies of various services? Are companies responsible to protect consumer privacy? Should the government enact laws protecting them?
Utilitarianism Recap: – Importance of intrinsically valuable goods. – Action is right if it produces an increase in happiness, the ultimate intrinsic good, and wrong if it does not. – Emphasis in the community, not individual
Is Privacy an Instrumental or Intrinsic Good? Is privacy good because of what it leads to? Or Is it good in itself? James Rachel’s argues privacy is instrumental to a diversity of relationships. Changes in the nature of the relationship are a function of the amount of information you exchange to one another.
Social Contract Theory Recap: – State of nature as a state of insecurity and uncertainty. – Human beings “make a contract” with others and give up some of their freedoms in exchange for benefits of cooperation. – Contract must be formed behind a “veil of ignorance.” – Each person should have an equal right to the most extensive basic liberty compatible with a similar liberty for others.
Kantianism Recap: – People in powerful positions should “act so as to treat human beings always as ends and never merely as means”
Case Study: Data collection by Target Target collects information purchases of all customers. All customers are given a Guest ID. Tracked if you use debit/credit card, personalized coupons, etc.) Data is analyzed. Targeted coupons and ads are sent to customers. Target sent a coupon booklet to a teen girl for baby goods based on the pregnancy score; statistical analysis predicts if somebody is pregnant based on their purchase behavior. Girl’s father found out she was pregnant because of it. Data gathering can be beneficial to many people because they would receive coupons for items they intend to purchase & save money Source: How Companies Learn Your Secrets. NYT (Accessed 2/19/2012) How Target Figured Out a Teen Girl was Pregnant Before Her Father. Forbes (Accessed 2/19/2012)
“People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people. That social norm is just something that has evolved over time.” Mark Zuckerberg (CEO of Facebook) January 2010 Source: ReadWriteWeb
Is the Age of Privacy Over? We have lost control of our information. Once it resides in a database anywhere, it is impossible to control. It is convenient to have our information accessible in some cases.
There are various practices consumers and service providers can do to control our information better.
Providing transparency Most users are unaware, must be made apparent. Do users care? Make various privacy policies opt-in, not opt-out.
Opt-in vs Opt-out In 2009, Facebook changed the default status to public for those who newly joined. Facebook have an opt-out policy regarding privacy. An opt-in policy gives control to the user. They can click a box called “public” if they want to make their profile public.
Companies adhere to Fair Information Practices Professionalism by IT administrators. An collective commitment to protecting privacy. Adopting a more protective behavior by all IT users. Is this enough? Additional Practices