Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy Professional Practice for Computer Science Guest Lecture, 05 March 2007 Philippa Lawson Director, Canadian Internet Policy & Public Interest Clinic.

Published byAgnes Georgiana Rose Modified over 8 years ago

Similar presentations

Presentation on theme: "Privacy Professional Practice for Computer Science Guest Lecture, 05 March 2007 Philippa Lawson Director, Canadian Internet Policy & Public Interest Clinic."— Presentation transcript:

1 Privacy Professional Practice for Computer Science Guest Lecture, 05 March 2007 Philippa Lawson Director, Canadian Internet Policy & Public Interest Clinic www.cippic.ca

2 Why Privacy? essential to human: –dignity –autonomy –freedom –democracy underpins relations of mutual trust & confidence, healthy social fabric

3 Aspects of Privacy Physical/territorial privacy Freedom from surveillance Freedom from monitoring/interception of private communications Freedom from collection, use and disclosure of personal information (“informational privacy”; “data protection”)

4 Challenges to Privacy New technologies: –photography, tape-recording (late 1880s) –video cameras; cell phone cameras –geo-locational devices –computers: data collection, storage, manipulation/analytics –internet: clickstream data; e-transactions, search engines –digital rights management systems –spyware, rootkits, keystroke loggers –intelligent sensor devices

5 Challenges to Privacy “The electronic computer is to individual privacy what the machine gun was to the horse cavalry” Scheflin and Opton, The Mind Manipulators: A Non-Fiction Account (1978)

6 Challenges to Privacy Practices: –data collection/mining; “dataveillance” commoditization of personal information electronic transactions (data trails) –workplace screening & monitoring –single number identifiers (easy linking) ID cards, smart cards –weak authentication ID theft/fraud

7 Fair Information Principles OECD Guidelines on the Protection of Privacy and Transborder Flows of Data (1980) www.oecd.org UN: Guidelines Concerning Computerized Personal Data Files (1990) www.ohchr.org Council of Europe: Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data (1980) Convention 108 EU: Directive on the Protection of Personal Data with regard to the Processing of Personal Data and the Free Movement of such Data (1990) Directive 95/46/EC

8 OECD Guidelines Collection Limitation Data Quality Purpose Specification Use Limitation Security Safeguards Openness Individual Participation Accountability

9 Cdn. Initiatives 1975: Quebec Charter of Human Rights & Freedoms –“every person has a right to respect for his private life” 1982: Canadian Charter of Rights and Freedoms 1980s: Public sector privacy laws 1990s: CSA Model Privacy Code –based on Fair Information Principles (FIPs) –adopted as formal standard in 1996 –incorporated into federal law: PIPEDA 1994: Quebec private sector law 2001: Federal private sector law 2004: Alta, B.C. private sector laws

10 Privacy Commissioners Federal + some provincial –Ontario, B.C., Alberta Public sector vs. private sector Ombuds vs. binding powers Role as educators, advocates, watchdogs, dispute resolvers, reporters…

11 Charter of Rights s.7: “Everyone has the right to life, liberty, and security of the person and the right not to be deprived thereof except in accordance with the principles of fundamental justice” –emerging privacy right s.8: “Everyone has the right to be secure against unreasonable search or seizure” –protects an individual’s “reasonable expectation of privacy” (usually in criminal law context) s.1: Rights are subject to “such reasonable limits as can be justified in a free and democratic society”

12 Public Sector legislation Federal: Privacy Act Provincial: –Ontario Freedom of Information and Protection of Privacy Act (“FIPPA”) –similar statutes in other provinces

13 Private Sector Legislation PIPEDA –federally regulated –interprovincial or international data flows –where no “substantially similar” provincial law –applies to “organizations” in the course of “commercial activities” Quebec, Alberta, B.C. laws –provincially regulated, in those provinces –cover non commercial activities as well

14 PIPEDA Purpose: –balancing individual’s “right of privacy” with “[legitimate] need of organizations” Protects: –“personal information” = “information about an identifiable individual”

15 PIPEDA: Principles 1.Accountability 2.Identifying Purposes 3.Consent 4.Limiting Collection 5.Limiting Use, Disclosure and Retention 6.Accuracy 7.Safeguards 8.Openness 9.Individual Access 10.Challenging Compliance 11. Limiting Purposes

16 Consent may be explicit or implicit –implied consent situationally obvious; consumer would agree if asked no need to confirm via opt-in or opt-out process –express (opt in) consent most reliable; must use for sensitive data or where consumer would reasonably expect –opt out consent less reliable; OK for non-sensitive data/uses; proper notice is essential

17 Effectiveness of Laws? CIPPIC, Compliance with Canadian Data Protection Laws: Are Retailers Measuring Up? (May 2006) –www.cippic.cawww.cippic.ca

18 Other Initiatives Canadian Principles for Electronic Authentication (2004) –“….the collection, use and disclosure of personal information in the context of authentication should be minimized.” applies to designers as well as those using authentication mechanisms

19 Other Initiatives “7 Laws of Identity” –by Kim Cameron, endorsed by Ont.IPC User control and consent Minimal disclosure for a constrained use Justifiable parties (“need to know” access) Directed identity (protection and accountability) Pluralism of operators and technologies Human integration (user understanding) Consistent experience across contexts

20 www.cippic.ca

Download ppt "Privacy Professional Practice for Computer Science Guest Lecture, 05 March 2007 Philippa Lawson Director, Canadian Internet Policy & Public Interest Clinic."

Similar presentations

TECHNO-TONOMY Privacy & Autonomy in a Networked World Learning Module 2: Legislating Privacy: Your Rights.

TECHNO-TONOMY Privacy & Autonomy in a Networked World Learning Module 2: Legislating Privacy: Your Rights.
Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.

Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
Data Protection Billy Hawkes Data Protection Commissioner Irish Human Rights Commission 20 November 2010.

Data Protection Billy Hawkes Data Protection Commissioner Irish Human Rights Commission 20 November 2010.
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.
Privacy and the Right to Know Grayson Barber, Esq. Grayson Barber, LLC.

Privacy and the Right to Know Grayson Barber, Esq. Grayson Barber, LLC.
The Geopolitics of Personal Data and the Governance of Privacy Colin J. Bennett Department of Political Science University of Victoria BC, Canada www.colinbennett.ca.

The Geopolitics of Personal Data and the Governance of Privacy Colin J. Bennett Department of Political Science University of Victoria BC, Canada
1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,
Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.

Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.
CS294-1 Deeply Embedded Networks Privacy Discussion 11/25/03 David Culler University of California, Berkeley.

CS294-1 Deeply Embedded Networks Privacy Discussion 11/25/03 David Culler University of California, Berkeley.
Privacy in Ontario Brian Beamish Office of the Information and Privacy Commissioner/Ontario Presentation to Security Canada Central 2002 International.

Privacy in Ontario Brian Beamish Office of the Information and Privacy Commissioner/Ontario Presentation to Security Canada Central 2002 International.
Lecture to Carleton University, Center for European Studies, December 1, 2010.

Lecture to Carleton University, Center for European Studies, December 1, 2010.
1 Office of theCommissariat Privacy Commissionerà la protection de of Canadala vie privée du Canada Personal Information Protection and Electronic Documents.

1 Office of theCommissariat Privacy Commissionerà la protection de of Canadala vie privée du Canada Personal Information Protection and Electronic Documents.
What if my organization conducts business across borders ? Your footnote Privacy and “Personal Information” have different meanings in different countries;

What if my organization conducts business across borders ? Your footnote Privacy and “Personal Information” have different meanings in different countries;
A European View of Privacy Protection John Woulds Director of Operations UK Data Protection Commissioner National Conference on Privacy, Technology & Criminal.

A European View of Privacy Protection John Woulds Director of Operations UK Data Protection Commissioner National Conference on Privacy, Technology & Criminal.
Transborder dataflows Flow of information across national borders Much of this data involves personal information.

Transborder dataflows Flow of information across national borders Much of this data involves personal information.
Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.

Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
A NEW GOVERNANCE PARADIGM: Canadian Privacy Law Developments March 11, 2004 Haliburton, Ontario Canada Volunteerism Initiative Arts Council for Haliburton.

A NEW GOVERNANCE PARADIGM: Canadian Privacy Law Developments March 11, 2004 Haliburton, Ontario Canada Volunteerism Initiative Arts Council for Haliburton.
Anglican Province of Canada Privacy Policy. Commitment to Privacy The Privacy Policy, including the Web Privacy Statement, is the Anglican Province of.

Anglican Province of Canada Privacy Policy. Commitment to Privacy The Privacy Policy, including the Web Privacy Statement, is the Anglican Province of.
Information Privacy Policy in Canada Presented By: Sue Wu.

Information Privacy Policy in Canada Presented By: Sue Wu.
Taking Steps to Protect Privacy A presentation to Hamilton-area Physiotherapy Managers by Bob Spence Communications Co-ordinator Office of the Ontario.

Taking Steps to Protect Privacy A presentation to Hamilton-area Physiotherapy Managers by Bob Spence Communications Co-ordinator Office of the Ontario.

Similar presentations

Ads by Google