Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 1 Intellectual Property.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 1 Intellectual Property."— Presentation transcript:

1 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 1 Intellectual Property / Privacy Week 6 - February 21, 23

2 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 2 Class debate #3 Google should not be permitted to scan and index library books and make short snippets from them available without permission of each book's copyright holder.

3 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 3 “Willfull Infringement”

4 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 4

5 5 Homework 3 discussion http://cups.cs.cmu.edu/courses/compsoc- sp06/hw3.html http://cups.cs.cmu.edu/courses/compsoc- sp06/hw3.html

6 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 6 Administrivia Reminder, paper topic and abstract due next Thursday Please submit them via the homework email address

7 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 7 What does privacy mean to you?

8 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 8 What is privacy? “Being alone.” - Shane (age 4)

9 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 9 Westin “Privacy and Freedom” 1967 “Privacy is the claim of individuals, groups or institutions to determine for themselves when, how, and to what extent information about them is communicated to others” Privacy is not an absolute

10 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 10 Privacy as process “Each individual is continually engaged in a personal adjustment process in which he balances the desire for privacy with the desire for disclosure and communication….” - Alan Westin, 1967

11 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 11 Westin’s four states of privacy Solitude individual separated from the group and freed from the observation of other persons Intimacy individual is part of a small unit Anonymity individual in public but still seeks and finds freedom from identification and surveillance Reserve the creation of a psychological barrier against unwanted intrusion - holding back communication

12 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 12 Westin’s four functions of privacy Personal autonomy control when you go public about info Emotional release be yourself permissible deviations to social or institutional norms Self-evaluation Limited and protected communication

13 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 13 Different views of privacy Privacy as limited access to self the extent to which we are known to others and the extent to which others have physical access to us Privacy as control over information not simply limiting what others know about you, but controlling it this assumes individual autonomy, that you can control information in a meaningful way (not blind click through, for example)

14 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 14 Privacy as animal instinct Eagles eating a deer carcass http://www.learner.org/jnorth/tm/eagle/CaptureE63.html Is privacy necessary for species survival?

15 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 15 Multiple facets of privacy How can posting personal information about myself on my web site result in a reduction of my privacy? How can it result in an increase in my privacy?

16 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 16 Privacy surveys find concerns Increasingly people say they are concerned about online privacy (80-90% of US Net users) Improved privacy protection is factor most likely to persuade non-Net users to go online 27% of US Net users have abandoned online shopping carts due to privacy concerns 64% of US Net users decided not to use a web site or make an online purchase due to privacy concerns 34% of US Net users who do not buy online would buy online if they didn’t have privacy concerns

17 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 17 Beyond concern April 1999 Study: Beyond Concern: Understanding Net Users' Attitudes About Online Privacy by Cranor, Ackerman and Reagle (US panel results reported) http://www.research.att.com/projects/ privacystudy/ Internet users more likely to provide info when they are not identified Some types of data more sensitive than others Many factors important in decisions about information disclosure Acceptance of persistent identifiers varies according to purpose Internet users dislike automatic data transfer

18 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 18 Few read privacy policies 3% review online privacy policies carefully most of the time Most likely to review policy before providing credit card info Policies too time consuming to read and difficult to understand 70% would prefer standard privacy policy format Most interested in knowing about data sharing and how to get off marketing lists People are more comfortable at sites that have privacy policies, even if they don’t read them

19 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 19 Survey references Mark S. Ackerman, Lorrie Faith Cranor and Joseph Reagle, Beyond Concern: Understanding Net Users ’ Attitudes About Online Privacy, (AT&T Labs, April 1999), http://www.research.att.com/projects/privacystudy/ Mary J. Culnan and George R. Milne, The Culnan-Milne Survey on Consumers & Online Privacy Notices: Summary of Responses, (December 2001), http://www.ftc.gov/bcp/workshops/glb/supporting/culnan-milne.pdf. Cyber Dialogue, Cyber Dialogue Survey Data Reveals Lost Revenue for Retailers Due to Widespread Consumer Privacy Concerns, (Cyber Dialogue, November 7, 2001), http://www.cyberdialogue.com/news/releases/2001/11-07-uco-retail.html. Forrester Research, Privacy Issues Inhibit Online Spending, (Forrester, October 3, 2001). Louis Harris & Associates and Alan F. Westin, Commerce, Communication and Privacy Online (Louis Harris & Associates, 1997), http://www.privacyexchange.org/iss/surveys/computersurvey97.html Louis Harris & Associates and Alan F. Westin. E-Commerce and Privacy, What Net Users Want, (Sponsored by Price Waterhouse and Privacy & American Business. P & AB, June 1998). http://www.privacyexchange.org/iss/surveys/ecommsum.html Opinion Research Corporation and Alan F. Westin. “ Freebies ” and Privacy: What Net Users Think. Sponsored by Privacy & American Business. P & AB, July 1999. http://www.privacyexchange.org/iss/surveys/sr990714.html Privacy Leadership Initiative, Privacy Notices Research Final Results, (Conducted by Harris Interactive, December 2001), http://www.ftc.gov/bcp/workshops/glb/supporting/harris%20results.pdf An extensive list of privacy surveys from around the world is available from http://www.privacyexchange.org/iss/surveys/surveys.html.

20 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 20 Privacy laws and self-regulation

21 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 21 Terminology Data subject The person whose data is collected Data controller The entity responsible for collected data Primary use of personal information (primary purpose) Using information for the purposes intended by the data subjects when they provided the information Secondary use of personal information (secondary purpose) Using information for purposes that go beyond the primary purpose

22 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 22 OECD fair information principles http://www.datenschutz- berlin.de/gesetze/internat/ben.htm Collection limitation Data quality Purpose specification Use limitation Security safeguards Openness Individual participation Accountability

23 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 23 US FTC simplified principles Notice and disclosure Choice and consent Data security Data quality and access Recourse and remedies US Federal Trade Commission, Privacy Online: A Report to Congress (June 1998), http://www.ftc.gov/reports/privacy3/

24 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 24 Laws and regulations Privacy laws and regulations vary widely throughout the world US has mostly sector-specific laws, with relatively minimal protections Federal Trade Commission has jurisdiction over fraud and deceptive practices Federal Communications Commission regulates telecommunications European Data Protection Directive requires all European Union countries to adopt similar comprehensive privacy laws Privacy commissions in each country (some countries have national and state commissions) Many European companies non-compliant with privacy laws (2002 study found majority of UK web sites non-compliant) Safe Harbor allows US companies to self-certify compliance

25 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 25 US law basics Constitutional law governs the rights of individuals with respect to the government Tort law governs disputes between private individuals or other private entities

26 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 26 US Constitution No explicit privacy right, but a zone of privacy recognized in its penumbras, including 1st amendment (right of association) 3rd amendment (prohibits quartering of soldiers in homes) 4th amendment (prohibits unreasonable search and seizure) 5th amendment (no self-incrimination) 9th amendment (all other rights retained by the people) Penumbra: “fringe at the edge of a deep shadow create by an object standing in the light” (Smith 2000, p. 258, citing Justice William O. Douglas in Griswold v. Connecticut)

27 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 27 Federal statutes and state laws Federal statutes Tend to be narrowly focused State law State constitutions may recognize explicit right to privacy (Georgia, Hawaii) State statutes and common (tort) law Local laws and regulations (for example: ordinances on soliciting anonymously)

28 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 28 Four aspects of privacy tort You can sue for damages for the following torts (Smith 2000, p. 232-233) Disclosure of truly intimate facts  May be truthful  Disclosure must be widespread, and offensive or objectionable to a person of ordinary sensibilities  Must not be newsworthy or legitimate public interest False light  Personal information or picture published out of context Misappropriation (or right of publicity)  Commercial use of name or face without permission Intrusion into a person’s solitude

29 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 29 Some US privacy laws Bank Secrecy Act, 1970 Fair Credit Reporting Act, 1971 Privacy Act, 1974 Right to Financial Privacy Act, 1978 Cable TV Privacy Act, 1984 Video Privacy Protection Act, 1988 Family Educational Right to Privacy Act, 1993 Electronic Communications Privacy Act, 1994 Freedom of Information Act, 1966, 1991, 1996

30 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 30 US law – recent additions HIPAA (Health Insurance Portability and Accountability Act, 1996) When implemented, will protect medical records and other individually identifiable health information COPPA (Children‘s Online Privacy Protection Act, 1998) Web sites that target children must obtain parental consent before collecting personal information from children under the age of 13 GLB (Gramm-Leach-Bliley-Act, 1999) Requires privacy policy disclosure and opt-out mechanisms from financial service institutions

31 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 31 Safe harbor Membership US companies self-certify adherence to requirements Dept. of Commerce maintains signatory list http://www.export.gov/safeharbor/ Signatories must provide  notice of data collected, purposes, and recipients  choice of opt-out of 3rd-party transfers, opt-in for sensitive data  access rights to delete or edit inaccurate information  security for storage of collected data  enforcement mechanisms for individual complaints Approved July 26, 2000 by EU reserves right to renegotiate if remedies for EU citizens prove to be inadequate

32 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 32 Privacy self-regulation Since 1995, the US FTC has pressured companies to “self regulate” in the privacy area Self regulation may be completely voluntary or mandatory (or somewhere in between) Self-regulatory programs and initiatives Seals CPOs Privacy policies Platform for Privacy Preferences (P3P) Project Industry guidelines

33 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 33 Voluntary privacy guidelines Online Privacy Alliance http://www.privacyalliance.org Direct Marketing Association Privacy Promise http://www.thedma.org/library/ privacy/privacypromise.shtml Network Advertising Initiative Principles http://www.networkadvertising.org/ CTIA Location-based privacy guidelines http://www.wow- com.com/news/press/body.cfm?record_id=907

34 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 34

35 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 35 Chief privacy officers Companies are increasingly appointing CPOs to have a central point of contact for privacy concerns Role of CPO varies in each company Draft privacy policy Respond to customer concerns Educate employees about company privacy policy Review new products and services for compliance with privacy policy Develop new initiatives to keep company out front on privacy issue Monitor pending privacy legislation

36 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 36 Seal programs TRUSTe – http://www.truste.org BBBOnline – http://www.bbbonline.org CPA WebTrust – http://www.cpawebtrust.org/ Japanese Privacy Mark http://privacymark.org/

37 Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber http://cups.cs.cmu.edu/courses/compsoc-sp06/ 37 Seal program problems Certify only compliance with stated policy Limited ability to detect non-compliance Minimal privacy requirements Don’t address privacy issues that go beyond the web site Nonetheless, reporting requirements are forcing licensees to review their own policies and practices and think carefully before introducing policy changes

Download ppt "Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 1 Intellectual Property."

Similar presentations

Privacy Today Privacy Day January 28, 2008 International Association of Privacy Professionals.

Privacy Today Privacy Day January 28, 2008 International Association of Privacy Professionals.
EU Privacy Directive. What is a directive? A piece of European legislation, passed by bureaucrats, addressed to member states Member states must ensure.

EU Privacy Directive. What is a directive? A piece of European legislation, passed by bureaucrats, addressed to member states Member states must ensure.
The Law of Privacy Prof. Michael Madison – University of Pittsburgh School of Law – January 22, 2004 [1] What is privacy? [2] What law regulates privacy?

The Law of Privacy Prof. Michael Madison – University of Pittsburgh School of Law – January 22, 2004 [1] What is privacy? [2] What law regulates privacy?
Privacy on the WEB Privacy on the WEB Group 0227 Efrain Castro, Dinesh Parmer, Michael Raiford Robert Reich, Kim Walker, Claudia Worme.

Privacy on the WEB Privacy on the WEB Group 0227 Efrain Castro, Dinesh Parmer, Michael Raiford Robert Reich, Kim Walker, Claudia Worme.
US Constitution and Right to Privacy Generally only protects against government action Doesn’t obligate government to do something, but rather to refrain.

US Constitution and Right to Privacy Generally only protects against government action Doesn’t obligate government to do something, but rather to refrain.
1 Marketing Violent Entertainment to Children The FTC’s Reports on Self-Regulation and Industry Practices in the Motion Picture, Music Recording & Electronic.

1 Marketing Violent Entertainment to Children The FTC’s Reports on Self-Regulation and Industry Practices in the Motion Picture, Music Recording & Electronic.
Interaction of RFID Technology and Public Policy Presentation at RFID Privacy MIT 15 TH November 2003 By Rakesh Kumar

Interaction of RFID Technology and Public Policy Presentation at RFID Privacy MIT 15 TH November 2003 By Rakesh Kumar
Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.

Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.
Consumer Privacy and Information Access Professor Matt Thatcher.

Consumer Privacy and Information Access Professor Matt Thatcher.
Children's Online Privacy Protection Act and the Video Privacy Protection Act By: Alana Rushing.

Children's Online Privacy Protection Act and the Video Privacy Protection Act By: Alana Rushing.
IS3350 Security Issues in Legal Context

IS3350 Security Issues in Legal Context
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 1 Fair Information Practice.

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 1 Fair Information Practice.
The Internet industry’s privacy seal program Silicon Valley Web Guild.

The Internet industry’s privacy seal program Silicon Valley Web Guild.
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Privacy Self-Regulation.

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Privacy Self-Regulation.
BGS Customer Relationship Management Chapter 13 Privacy and Ethics Considerations Chapter 13 Privacy and Ethics Considerations Thomson Publishing 2007.

BGS Customer Relationship Management Chapter 13 Privacy and Ethics Considerations Chapter 13 Privacy and Ethics Considerations Thomson Publishing 2007.
Internet Privacy Policies Presented by: Paul Frenken President, COLAIP.

Internet Privacy Policies Presented by: Paul Frenken President, COLAIP.
1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,
13.1 Chapter 13 Privacy © 2003 by West Legal Studies in Business/A Division of Thomson Learning.

13.1 Chapter 13 Privacy © 2003 by West Legal Studies in Business/A Division of Thomson Learning.
Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.

Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Privacy Law.

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Privacy Law.

Similar presentations

Ads by Google