8/26/01Miller CSC3091 Ch2 Privacy

8/26/01Miller CSC3092 Aspects of Privacy Freedom from intrusion. Control of information about ones self. Freedom from surveillance.

1/14/09Miller CSC3093 "Who's Spying on You?" Popular Mechanics (01/05) Vol. 182, No. 1, P. 56; Cooper, Simon “New technologies that enhance safety and convenience for users are costing them their privacy. Critics are concerned that this trend might lead to a society where people's job opportunities and other aspects of their livelihood could be determined by massive repositories of data collected by monitoring systems.” Federally mandated (GPS)-enabling cell phones “turns the phones into tracking devices”.

1/14/09Miller CSC3094 "Who's Spying on You?" Popular Mechanics (01/05) Vol. 182, No. 1, P. 56; Cooper, Simon The National Transportation Safety Board's desire to install event data recorders (EDRs) in all new vehicles has sparked fears among privacy proponents that lawyers could use EDR data as evidence in civil suits, while insurance companies could use them to justify premium hikes or cancellations. Private "data aggregators" keep files on most Americans in vast databases, and the federal government appears to be these aggregators' biggest client.

2/1/09Miller CSC3095 “Small Print” From the Prof’s user manual on his 2006 van: “Some information is stored during normal operation.” In a crash event the data recorded might include engine speed, break application, throttle position, vehicle speed, safety belt usage, airbag readiness, airbag performance, and the severity of the crash. Information concerning a crash will not be shared with others except if it is “in response to an official request of police or similar government office, required by law, or as part of GM’s defense.”

10/23/08Miller CSC3096 Radio-frequency identification An RFID tag is an object that can be applied to or incorporated into a product, animal, or person for the purpose of identification and tracking using radio waves. Some tags can be read from several meters away and beyond the line of sight of the reader. Chipless technology now allows for tags to be printed directly on products. Wikipedia

10/23/08Miller CSC3097 Radio-frequency identification So in the brave new future you walk into Walmart (currently using RFID technology) where you are greeted by a robot that calls you by name (because it can read your ID from either your verichip or the credit cards in your wallet) and informs you that the underwear you have on needs replacing (RFID tag again) and offers directions to that section of the store.

10/23/08Miller CSC3098 Skype Established in 2003, this Luxenborg based company, provides free computer to computer “ telephone service ” and makes its money by charging for computer to landline or cell phone links around the world. Skype is available in 28 languages and is used in almost every country.

10/23/08Miller CSC3099 Skype Researchers have discovered a Chinese Gov. surveillance operation (estimated 30,000 employees) that is monitoring voice and text messages looking for offensive words. The Chinese servers retain personal information about the users who send such messages, and record chat conversations between local and Skype users from outside China. The system also recorded text messages and Skype caller identification. ( Surveillance of Skype Messages Found in China New York Times (10/02/08) P. C1; Markoff, John)

10/1/08Miller CSC30910 Privacy Issues for Both the Private and Public Sectors What methods are used to gather data? How is the data stored? How is the data secured? How is the data validated? Who has access to the data? How is the data analyzed? How is information distributed? How is the data used?

8/26/01Miller CSC30911 Privacy Balancing Act (Alan Westin) (1) Safeguarding personal and group privacy, in order to protect individuality and freedom against unjustified intrusions by authorities. (2) Collecting relevant personal information essential for rational decision-making in social, commercial, and government life; and (3) Conducting the constitutionally limited government surveillance of people and activities necessary to protect public order and safety.

8/26/01Miller CSC30912 Privacy and the Constitution While the U.S. Constitution does not explicitly use the word "privacy," several of its provisions protect different aspects of this fundamental right. The strongest protections arise from the Fourth Amendment, which safeguards individuals in their persons, homes, papers, and effects, from unreasonable searches and seizures.

8/26/01Miller CSC30913 Privacy and the Constitution The First Amendment's freedom of expression and association clause, protects information about those with whom we associate (e.g., political groups and social organizations), and offers protections for the materials that we create, read, view, etc., in the privacy of our homes.

8/26/01Miller CSC30914 Privacy and the Constitution The Fifth Amendment's privilege against self-incrimination, protects the autonomy of our bodies, thoughts and beliefs.

8/26/01Miller CSC30915 Code of Fair Information Practices (Gov Advisory Cmt 1973) There should be no systems whose existence is secret. There should be a way for a person to find out what data about him or her are in the system and how they are used. Information obtained for one purpose should not be used for another purpose without the person's consent.

8/26/01Miller CSC30916 Code of Fair Information Practices (Gov Advisory Cmt 1973) There should be a way for a person to correct errors in his or her files. Any organization creating, maintaining, using, or distributing personal data is responsible for the reliability and security of the data.

1/27/03Miller CSC30917 Code of Fair Information Practices (Gov Advisory Cmt 1973) This set of five principles has formed the basis of privacy-related laws in the US. They have been put as part of national data protection laws in many industrial countries with the US being a major exception. They influenced the 1974 Privacy Act

8/26/01Miller CSC30918 In Detroit reporters were able to trace the various factions of a major crime family by recording auto license plates of autos parked around the home of a reputed mobster. Motor vehicle data sells for about $5 per name. On the web you can find folks that will look up tags for you. Auto Tags

1/22/09Miller CSC30919 According to the the US Bureau of Transit Statistics for 2006 there were 250,851,833 registered passenger vehicles in the US and over 200 million licensed drivers. There is information on where you live, what you drive, your height, weight, any physical handicaps, birth date, etc. We now have the ability (not my idea) to write an article on the ten heaviest women in the state. Auto Tags

6/29/02Miller CSC30920 Motor Vehicle Data It would be nice if we could say the data we give about ourselves in order to get a drivers license can be used only for making that decision but States are currently passing laws that make that impossible. Wisconsin: a drivers license can be suspended for failure to pay a fine (such as a library fine). Kentucky: A student can lose a license if he/she cuts class or fails classes.

6/29/02Miller CSC30921 Deadbeat Parents More than 300,000 parents in 42 states have lost their drivers license because of late child support payments. In Maine it can cost you a chance at a license to shoot a moose. Every state has some type of license suspension program. In at least 26 states deadbeat parents have lost professional licenses (beauticians in MS).

2/13/02Miller CSC30922 In Los Angeles, a man spotted an actress driving her car, hired a private investigator to look the plate number up in a data base which then gave him a home address. He then shot and killed her when she opened her front door. The death to actress Rebecca Schaeffer by a stalker led to the passage of the Driver’s Privacy Protection Act of Drivers were given the right to “Opt-out”of having their personal data sold. Auto Tags

8/26/01Miller CSC June 1999 : DMV Info at Stake in Senate Legislation

8/26/01Miller CSC January 2000 Supreme Court Rules in Favor of Drivers' Data In a unanimous decision, the Supreme Court upheld the constitutionality of the 1994 Driver's Privacy Protection Act (DPPA), which restricts states from selling drivers license data without the drivers' consent.

6/4/02Miller CSC30925 The Rest of the Story The reason the Supreme court was reviewing the law was because South Carolina was making good money selling drivers license data and photographs without consent of the drivers and the 1999 modifications (Oct 1999) to the Driver’s Privacy Protection Act of 1994 was changing an opt-out option to one where specific permission (opt-in) had to be given before data could be sold. The Oct 1999 change had a problem in that when it eliminated the sale of information for marketing it also eliminated the sale of information to investigators for specified lawful purposes. This was corrected.

12/25/01Miller CSC30926 IRS Has scanned vehicle registrations for people who own expensive boats or cars. Examined (1993) cash transactions on two million taxpayers. Clearly has the data on everyone who has reported contributions to charitable organizations that have been alleged to support terrorism.

8/26/01Miller CSC30927 Government Files In 1982 it was estimated there were approximately 2000 federal databases containing 3.5 billion personnel files. Used to detect fraud and to recover bad debts. Serious threat to personal privacy. What about government access to bank records?

9/21/08Miller CSC30928 Data Base Privacy In the 1990’s health insurance company for Commonwealth of Massachusetts released data for research that was stripped of individual identifiers but kept date of birth, gender, and ZIP code in the records. That is enough information to uniquely identify TWO-THIRDS of the population. Greengard, “ Privacy Matters ” CACM, 09/08, Vol. 51, no 9, p17-18.

9/21/08Miller CSC30929 Survey Privacy USM Faculty asked to give an anonymous evaluation of the administration. For statistical studies they were asked to provide information on their gender, the college they were members of, the number of years in college teaching, and the number of years at they had worked at USM. Anonymous? How do you respond?

8/26/01Miller CSC30930 Matching/profiling Computer Matching means combining and comparing information from different databases. (Usually using SS#s to extract information on an individual from various sources.) Computer Profiling means using data in computer files to determine characteristics of people most likely to engage in certain behavior.

1/29/09Miller CSC30931 Profiling 1/28/09 In an investigative report on ABC’s Good Morning America, It was reported that at least American Express was monitoring where you shop to determine your credit limits. The argument being that people who shop at certain locations have a lower instance of staying current, so, if you do, your more of a risk. Lower limit yields higher balance/limit ratio yields higher rate. Don’t use card to pay marriage counselor.

8/26/01Miller CSC30932 Linkage Attack A linkage attack is one in which information from a database is used to compromise privacy in a different database.

10/7/08Miller CSC30933 Netflix Linkage Attack Netflix published dataset: More than 100,000,000 ratings, from 480,000 randomly- chosen anonymous customers on 18,000 movie titles. Privacy was protected by removing all personal information and by then replacing customer IDs with randomly- assigned IDs. Each movie rating contained the date of the rating and the title and year of release of the movie.

10/7/08Miller CSC30934 Netflix Linkage Attack Researchers from Univ of Texas Austin were able to identify individuals in the Netflix data base by using public reviews published in the Internet Movie Database. Eight ratings with dates provided enough information for the identifications to have 99% accuracy.

10/7/08Miller CSC30935 On being a Professional The Netflix breach of privacy was probably a surprise because it did look like they had taken reasonable precaution. The latest advance, (2006) “differential privacy” introduces random noise and assures that the database behaves the same independent of any individual or small group being either included or excluded.

12/25/01Miller CSC30936 Selective Service Bought the birthday list from a major ice cream parlor chain to find 18 year olds who had not registered. No Selective Service registration, no student aid.

8/26/01Miller CSC30937 FBI(2000) National Crime Information Center (NCIC). Criminal histories on 17 million people. 24 million records on wanted felons, missing property, etc. Can legally obtain credit reports without a court order. Database links to other databases being expanded.

8/26/01Miller CSC30938 Issues What about Fourth Amendment protection against "unreasonable search and seizure"? Requires "probable cause" for search and seizure. We can now find a suspect and look for a crime. Problem with starting with a presumption of guilt.

12/25/01Miller CSC30939 Census Bureau Mandated census every ten years. Information collected is supposed to be confidential. Marketing information collected. Information used to catch draft dodgers. Race information gathering is more complicated now because of changing attitudes and the tie to government benefits.

12/24/01Miller CSC30940 SS Numbers Extension of the Social Security Number to the status of an ID card was rejected in 1971 by the Social Security Administration task force on the SSN report to congress "60% based on unverified information" Privacy and security experts recommend that people not give their SS# without first determining if it is legally required or that there is a valid reason for requesting it.

1/29/04Miller CSC30941 Credit Bureaus The Fair Credit Reporting Act of 1970 restricted the distribution of information to only those who needed it for legitimate business purposes. In 1993, the Federal Trade Commission ruled that the use of credit information to generate marketing lists violates law and ordered TRW (now Experian) and TransUnion to stop. Equifax the other major credit reporting firm, had stopped the practice in 1991.

10/1/08Miller CSC30942 Annualcreditreport.com In 2003 legislation was passed that required that the credit reporting agencies provide, upon request, a free credit report every twelve months to every consumer. The goal was to allow consumers a way to ensure their credit information is correct and to guard against identity theft. ( Wikipedia ) It also allows the consumer to see how he looks in an enquiry.

10/1/08Miller CSC30943 Annualcreditreport.com The three major credit reporting agencies, Equifax, Experian and TransUnion created a joint venture company to oversee their compliance with the legislation. This action led to annualcreditreport.com. A common strategy is to request a report every 4 months. (Good idea) Wikipedia

10/1/08Miller CSC30944 Annualcreditreport.com Annualcreditreport.com is the only federally mandated and authorized source for obtaining a free credit report. Note: You don ’ t find free if you make your selection of reporting agencies on first page of annualcreditreport.com Your credit score will cost you $7.95 and you will be given lots of chances to buy it. Wikipedia

10/15/01Miller CSC30945 Feds Drop Privacy Push WASHINGTON (AP) -- Federal Trade Commission chairman Timothy J. Muris is to announce Thursday that his agency will not seek stronger consumer privacy laws. His position is a reversal of Clinton-era policy that said consumer privacy laws were needed to protect personal data on the Internet. The decision carries more weight after the September 11 terrorist attacks. Since then, many companies have been sharing their consumer data with law enforcement agencies and each other in an attempt to look for suspicious coincidences.

12/25/01Miller CSC30946 National ID cards National ID cards have long been advocated as a means to enhance national security, unmask potential terrorists, and guard against illegal immigrants. Also proposed in debates on gun control, national health care, and Social Security reform. They are in use in many countries around the world including most European countries, Hong Kong, Malaysia, Singapore and Thailand.

12/25/01Miller CSC30947 History of rejection for National ID cards 1971 Social Security Administration task force Health Education and Welfare advisory ctm Federal advisory ctm. on False Identification Carter Administration “no” on SSN use Regan Administration “explicitly opposed” Clinton Administration “opposed”* 1999 Congress repeals provision of Illegal Immigration Reform and Immigrant Responsibility Act of /11/01+ White House “not even considering.”

12/25/01Miller CSC30948 National ID card debate after 9/11/2001 Larry Ellison, chairman and CEO of Oracle “ We need a national ID card with our photograph and thumbprint digitized and imbedded in the ID card ” and I ’ ll “ provide the software for this absolutely free. ” Bush Administration saying “ not an option ” but some members of Congress clearly tempted.

12/26/01Miller CSC30949 What ’ s new in National ID card proposals? Technology options are more varied and more sophisticated. In addition to the massive net- worked databases and the unbelievable computing power which is available for searching/matching we now have digital fingerprinting, handprint scans, facial recognition technologies, voice authentication devices, and retinal scans. More on chip implants later.

12/25/01Miller CSC30950 Fake ID cards Any estimate of the number of teenagers that have obtained “good enough” false ID to get by the “age” police? How difficult would it be with the support of a well financed terrorist organization or country to get a quality false ID? Does the estimated 750,000 cases of stolen identity in 2001 give some feel for how easy this might be?

1/19/02Miller CSC30951 The Dutch and ID cards In 2003, all Dutch citizens with European Union (EU) identification cards will have unique biometric data stored in a chip. These cards are travel documents for use within the EU only. Passports will also get a chip, but a date has yet to be set, Van Beers said. The biometric information will not be centrally stored in a database, only on the chip, he stressed. The trials are conducted with immigrants because they have to report to the police regularly.

12/26/01Miller CSC30952 Could an ID card decrease security? It is not the card that security folks will be relying on but on the integrity of the process that produced the card. Cards can be forged, or obtained improperly and any over reliance on their validity will provide a false sense of security that can result in major breaches of security. [We will make a similar argument concerning the use of passwords and how they can provide a false sense of security that leads to problems.]

2/8/09Miller CSC30953 Google (2/8/09) An upgraded mapping system will enable people to use mobile phones and other wireless devices to share their location with “family and friends.” About privacy concerns: Each user can easily turn the tracking software on or off and can limit access. Google promises to store only the last position read on its computers.

2/8/09Miller CSC30954 Microsoft, Google, Yahoo (2/8/09) A record is made of every search you do online including the words and sites you search for, and the time and date. Records are kept: Microsoft: 18 months Google: 9 months Yahoo: 3 months

2/8/09Miller CSC30955 America Online (AOL) In 2006 AOL shared roughly 20 million search records from 658,000 users on their new AOL Research site. The data included a number assigned to the anonymous user, the search term, the date and time of the search, and the website visited as a result of the search. The data revealed possible illegal drug use, murder, suicide, medical information, names, addresses and social security numbers. AOL closed the site.

2/8/09Miller CSC30956 The Government and Internet Search Records The AOL incident reported in the previous slide occurred just months after the government had requested requested all the search result conducted over a one week period from all the major search engines including AOL, Yahoo, and Google. Google was the only search engine that did not give in to the request. They took their case to court and eventually won.

10/27/08Miller CSC30957 Protecting Privacy in the Future Baker predicts the emergence of a market in which "all kinds of companies are going to sell us software that helps us keep control of our data, furnish our data to those who will use it responsibly, and keep it from those who won't.” Numerati

2/7/09Miller CSC30958 History Snapshot (What does this have to do with privacy?) David Gelernter took a bachelor's degree in religious studies and a master's in Hebrew literature from Yale. He went on to collect a PhD in computer science from the State University of New York at Stony Brook, but joined Yale as faculty in He made a name for himself by developing a computer language named "Linda ”.