C MU U sable P rivacy and S ecurity Laboratory 1 Privacy Policy, Law and Technology History and Philosophy of Privacy September 2, 2008

C MU U sable P rivacy and S ecurity Laboratory 2 Course project

C MU U sable P rivacy and S ecurity Laboratory 3 Project overview  Individual or small group (up to 3 students)  Pick your own project or one that I suggest  All projects have final paper, presentation, and poster as deliverable  Some projects may have other deliverables such as software, user interface designs, etc.  ech-fa08/project.html ech-fa08/project.html

C MU U sable P rivacy and S ecurity Laboratory 4 Past projects     Several past projects have been turned into a thesis or published paper –The Real ID Act: Fixing Identity Documents with Duct Tape. I/S: A Journal of Law and Policy for the Information Society, Fall/Winter 2005 (Serge Egelman). –How Technology Drives Vehicular Privacy. I/S: A Journal of Law and Policy for the Information Society, 2(3), Fall 2006, (Aleecia McDonald). –Scrubbing Stubborn Data: An evaluation of counter-forensic privacy tools. IEEE Security & Privacy, September/October 2006 (Matthew Geiger). –Peripheral Privacy Notifications for Wireless Networks. In Proceedings of the 2005 Workshop on Privacy in the Electronic Society, 7 November 2005, Alexandria, VA (Braden Kowitz). –Privacy in India: Attitudes and Awareness. In Proceedings of the 2005 Workshop on Privacy Enhancing Technologies (PET2005), 30 May - 1 June 2005, Dubrovnik, Croatia (Ponnurangam Kumaraguru). –PANAMA: Privacy Assured Name-Addressable Messaging Architecture For Unlinkable Instant Message Conversations. INI Thesis 2005 (Ryan Mahon).

C MU U sable P rivacy and S ecurity Laboratory 5 Selecting a research topic

C MU U sable P rivacy and S ecurity Laboratory 6 Selecting a research topic  Brainstorm –What are you interested in? –What would you like to learn more about? –What topics might be relevant to your thesis work? –What topics might be relevant to your future career?  Select a small number of candidate topics (Sept 30)  Read –How much information seems to be available? –Is this topic over done? –What open questions are there? –Do you still find this topic interesting? –Do you have the skills necessary to pursue this topic?  Focus (October 9 - one paragraph description) –Select a topic –Define a focused research question  Read some more –Conduct a “literature review” –Adjust your topic as needed  Write a project proposal (October 23)

C MU U sable P rivacy and S ecurity Laboratory 7 Finding information with search engines

C MU U sable P rivacy and S ecurity Laboratory 8 Finding info with search engines  General purpose search engines –Google, Yahoo, Altavista, A9, etc.  Clustered searching –Vivisimo, Dogpile  Search CS research literature – – – –

C MU U sable P rivacy and S ecurity Laboratory 9 Advanced searching  Boolean searching –Operators: AND, OR, NOT, NEAR –Implied operators: AND is often implied –Parentheses for grouping –Wildcards –Quotes  Getting to know the ins and outs of your favorite search engines –Many search engines do not use pure boolean searching –Most search engines have some special syntax –Search engines use different algorithms to determine best match

C MU U sable P rivacy and S ecurity Laboratory 10 Conceptualizing privacy

C MU U sable P rivacy and S ecurity Laboratory 11 Concept versus right  Privacy as concept –What is it –How and why it is valued  Privacy as right –How it is (or should be) protected By law By policy By technology

C MU U sable P rivacy and S ecurity Laboratory 12 Hard to define “Privacy is a value so complex, so entangled in competing and contradictory dimensions, so engorged with various and distinct meanings, that I sometimes despair whether it can be usefully addressed at all.” Robert C. Post, Three Concepts of Privacy, 89 Geo. L.J (2001).

C MU U sable P rivacy and S ecurity Laboratory 13 Some definitions from the literature  Personhood  Intimacy  Secrecy  Contextual integrity  Limited access to the self  Control over information

C MU U sable P rivacy and S ecurity Laboratory 14 Limited access to self “Being alone.” - Shane (age 4) “the right to be let alone” - Samuel D. Warren and Louis D. Brandeis, The Right to Privacy, 4 Harv. L. Rev. 193 (1890) “our concern over our accessibility to others: the extent to which we are known to others, the extent to which others have physical access to us, and the extent to which we are the subject of others attention. - Ruth Gavison, “Privacy and the Limits of the Law,” Yale Law Journal 89 (1980)

C MU U sable P rivacy and S ecurity Laboratory 15 Control over information “Privacy is the claim of individuals, groups or institutions to determine for themselves when, how, and to what extent information about them is communicated to others.” “…each individual is continually engaged in a personal adjustment process in which he balances the desire for privacy with the desire for disclosure and communication….” Alan Westin, Privacy and Freedom, 1967

C MU U sable P rivacy and S ecurity Laboratory 16 Realizing limited access and control  Limited access –Laws to prohibit or limit collection, disclosure, contact –Technology to facilitate anonymous transactions, minimize disclosure  Control –Laws to mandate choice (opt-in/opt-out) –Technology to facilitate informed consent, keep track of and enforce privacy preferences

C MU U sable P rivacy and S ecurity Laboratory 17 Westin’s four states of privacy  Solitude –individual separated form the group and freed form the observation of other persons  Intimacy –individual is part of a small unit  Anonymity –individual in public but still seeks and finds freedom from identification and surveillance  Reserve –the creation of a psychological barrier against unwanted intrusion - holding back communication

C MU U sable P rivacy and S ecurity Laboratory 18 Westin’s four functions of privacy  Personal autonomy –control when you go public about info  Emotional release –be yourself –permissible deviations to social or institutional norms  Self-evaluation  Limited and protected communication

C MU U sable P rivacy and S ecurity Laboratory 19 Solove’s privacy taxonomy  Information Collection –Surveillance –Interrogation  Information Processing –Aggregation –Identification –Insecurity –Secondary Use –Exclusion  Information Dissemination –Breach of Confidentiality –Disclosure –Exposure –Increased Accessibility –Blackmail –Appropriation –Distortion  Invasion –Intrusion –Decisional Interference

C MU U sable P rivacy and S ecurity Laboratory 20 Information vs. decisional privacy  Information privacy concerns the collection, use, and disclosure of personal information  Decisional privacy concerns the freedom to make decisions about one's body and family

C MU U sable P rivacy and S ecurity Laboratory 21 Multiple facets of privacy  How can posting personal information about myself on my web site result in a reduction of my privacy? How can it result in an increase in my privacy?

C MU U sable P rivacy and S ecurity Laboratory 22 Privacy as animal instinct?  Is privacy necessary for species survival? Eagles eating a deer carcass

C MU U sable P rivacy and S ecurity Laboratory 23 History

C MU U sable P rivacy and S ecurity Laboratory 24 Information privacy  In 17th century America, colonists began to collect information about each other –Census, birth and death records, school records, tax records  Informants reported people who behaved badly –Disorderly children, nightwalkers, Sabbath breakers, atheists, drunks

C MU U sable P rivacy and S ecurity Laboratory 25 Privacy of personal space  Historically, depended a lot on the type and proximity of available housing  In 18th century Europe, most people lived in cities where houses were close together, but small number of people lived in each house  In 18th century America, people lived far away from each other but many people lived in each house and even shared beds

C MU U sable P rivacy and S ecurity Laboratory 26 Communication privacy  When all communication was oral, communication privacy depended on –Communicating without someone overhearing –Communicating with people who wouldn’t tell others  Written communications brought new opportunities for privacy violations  In 18th century America, postal mail was not necessarily private –Sealing wax, basic encryption used to increase privacy – Congress made it illegal to open other peoples’ mail –Later the invention of the adhesive envelope increased communications privacy

C MU U sable P rivacy and S ecurity Laboratory 27 Telegraph  In the late nineteenth century the telegraph became a popular means of long distance communication  Messages could be coded, but you could not recover damages due to transmission errors if the message was coded  Telegraph operators were supposed to keep messages confidential  Occasional subpoenas for telegraph messages

C MU U sable P rivacy and S ecurity Laboratory 28 Cameras  Cameras, especially portable “snap” cameras (1888), raised new privacy concerns  Telephoto lenses  Video cameras  Hidden cameras  Web cams  Satellite images

C MU U sable P rivacy and S ecurity Laboratory 29 Privacy History References  Robert Ellis Smith Ben Franklin’s Web Site: Privacy and Curiosity from Plymouth Rock to the Internet. Providence: Privacy Journal.  Alan Westin Privacy and Freedom. New York: Atheneum.