Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy Today Privacy Day January 28, 2008 International Association of Privacy Professionals.

Published byJenna O'Hara Modified over 10 years ago

Similar presentations

Presentation on theme: "Privacy Today Privacy Day January 28, 2008 International Association of Privacy Professionals."— Presentation transcript:

1 Privacy Today Privacy Day January 28, 2008 International Association of Privacy Professionals

2 Overview What is privacy Ways to protect privacy – Technology – Law – Markets – What you do yourself 4 types of privacy harms Fair information practices Conclusion

3 I. What is Privacy? Privacy is the claim of individuals, groups or institutions to determine for themselves when, how, and to what extent information about them is communicated to others – Alan Westin: Privacy & Freedom,1967 Privacy is not an absolute We disclose, and we keep private

4 Privacy as a Process Each individual is continually engaged in a personal adjustment process in which he balances the desire for privacy with the desire for disclosure and communication…. - Alan Westin, 1967

5 Westins four states of privacy Solitude – individual separated from the group and freed from the observation of other persons Intimacy – individual is part of a small unit Anonymity – individual in public but still seeks and finds freedom from identification and surveillance Reserve – the creation of a psychological barrier against unwanted intrusion - holding back communication

6 II. Ways to Protect Privacy There are four basic ways to protect privacy: – Technology – Law – Markets – Your choices as an individual

7 Example: Reducing Spam Unwanted e-mail can be an intrusion on your privacy and can reduce the usefulness of e-mail Technology: Spam filters Law: the CAN-SPAM Act – Illegal to send commercial email with false headers – You can unsubscribe from the sender Markets: you choose an email provider that does a good job of reducing spam Your choices: you decide not to open that e-mail with the unpleasant header

8 III. 4 Types of Privacy Harms Well look more closely at 4 categories of privacy harms: – Intrusions – Information collection – Information processing – Information dissemination

9 [note to IAPP: insert here the basic flow chart from p. 490 of Solove article, at http://ssrn.com/abstract=667622 http://ssrn.com/abstract=667622 Keep the form of the person and the box for data holders Four labels should be: Intrusion; Information Collection; Information Processing; Information Dissemination Dont include the smaller-type words

10 Intrusions They come into your space and contact you or tell you what to do Examples: – Unwanted email (spam) – Unwanted phone calls Technology: Caller ID to screen calls Law: National Do Not Call list – Parents entering a teens room without knocking – Government saying what you can or cant do with your own body or property

11 Information Collection They watch what you are doing, more than they should Surveillance & Interrogation – Visual, such as peeping Toms – Communications, such as wiretapping your phone or email – Government, employers, or parents ask you private information Example of protections: with a warrant, the government can wiretap or search your house. Having to get a warrant is a protection, though, against too much information collection.

12 Information Processing They have a lot of data, and do things with it Identification: they learn about your anonymous actions Data mining: they learn patterns, to decide if you are a good customer or a suspected terrorist Exclusion: they decide you are not a good potential employee or customer, or go on the no-fly list at the airport Secondary use: they collect the data for one reason, but use it for others Note: Information processing can be helpful, when it personalizes and gives you better service. But it can invade your privacy when it goes too far or is used in ways that break the rules.

13 Information Dissemination They disclose data, perhaps more than you think they should – Breach of confidentiality: a doctor or lawyer discloses more than you wish – Transfer to third parties: a company or government shares data about you to persons you dont expect – Public disclosure of private facts: an intimate photo of you, or disclosure of intimate facts – Disclosure of untrue facts: you are put in a false light – Appropriation: they use your name or picture without your permission

14 Review: 4 Types of Privacy Harms [note to editors: insert the diagram from earlier, and use it for review here]

15 IV. Fair Information Practices We will examine five Fair Information Practices have been developed to protect against these sorts of privacy concerns The Federal Trade Commission principles: – Notice/awareness – Choice/consent – Access/participation – Integrity/security – Enforcement/redress

16 Notice/Awareness Individuals need notice to make an informed choice about whether to provide information – Who is collecting the data – Uses for which the data will be used – Who will receive the data – The nature of the data and the means by which it is collected if not obvious – The steps taken to preserve confidentiality, integrity, and quality of the data

17 Choice/Consent Choice may apply to secondary uses – uses beyond the original reasons you provided your data Sometimes choice is opt in – they wont share your data unless you say you want them to – HIPAA medical privacy rule – dont share your data unless you give consent Sometimes choice is opt out – they can share your data or contact you, but you can tell them not to – Do Not Call list – no telemarketing if you sign up at www.donotcall.gov www.donotcall.gov – Many web sites will not share your data if you opt out (tell them not to share)

18 Access/Participation Individuals in some instances can access the data held about them, and correct any inaccuracies – Fair Credit Reporting Act: no-fee credit report at www.annualcreditreport.com (some other sites advertise free reports that arent free) www.annualcreditreport.com – Privacy Act: right to see records held about you by the federal government

19 Integrity/Security Data should be secure and accurate – Without security, can have good privacy policies but hackers gain entry – Without accuracy, wrong decisions are made about individuals We should expect reasonable technical, physical, and administrative measures

20 Enforcement/Redress There is great variety in the ways that privacy principles are enforced Increasingly, companies and government agencies have Chief Privacy Officers to comply with their privacy promises Companies can be fined if they break the promises in their privacy policies (Section 5 of the FTC Act) For some kinds of data (medical, financial, stored communications), there is additional enforcement by individuals or government agencies

21 V. Conclusion Some themes from today: – The link between privacy and freedom – a zone where they do not intrude upon you – The challenges of protecting privacy in our emerging information society – The need for the right mix of technology, laws, and markets

22 Finally: The emergence of privacy professionals – My thanks to the International Association of Privacy Professionals for support of this Privacy Day presentation Were here – To ensure protection of privacy while also – Helping create the many ways you want information to be used in our information society Thank you for your attention

23 Presentation written by: Professor Peter P. Swire Ohio State University Center for American Progress www.peterswire.net On behalf of the International Association of Privacy Professionals www.privacyassociation.org

Download ppt "Privacy Today Privacy Day January 28, 2008 International Association of Privacy Professionals."

Similar presentations

Why the Financial Privacy Law is Better than People Think Professor Peter P. Swire Ohio State University University of Minnesota Symposium February 9,

Why the Financial Privacy Law is Better than People Think Professor Peter P. Swire Ohio State University University of Minnesota Symposium February 9,
Reflections on the White House Privacy Office Peter P. Swire U.S. Chief Counselor for Privacy, 1999- 2001 OSU College of Law, 2001-present CFP, March 8,

Reflections on the White House Privacy Office Peter P. Swire U.S. Chief Counselor for Privacy, OSU College of Law, 2001-present CFP, March 8,
HIPAA In Relation to Other Federal Laws Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster LLP Glasser LegalWorks/HIPAA Conference.

HIPAA In Relation to Other Federal Laws Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster LLP Glasser LegalWorks/HIPAA Conference.
Embedding Privacy in Federal Information Systems Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster LLP MITRE Corp. Workshop.

"Embedding Privacy in Federal Information Systems" Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster LLP MITRE Corp. Workshop.
Privacy and the Use of Cost/Benefit Analysis Professor Peter Swire Ohio State University FTC Workshop on Information Flows June 18, 2003.

Privacy and the Use of Cost/Benefit Analysis Professor Peter Swire Ohio State University FTC Workshop on Information Flows June 18, 2003.
Research and Privacy Under HIPAA Professor Peter P. Swire Moritz College of Law Ohio State University National Academy of Science Panel on Science, Technology.

Research and Privacy Under HIPAA Professor Peter P. Swire Moritz College of Law Ohio State University National Academy of Science Panel on Science, Technology.
The Role of the Federal Government in Privacy Policy Professor Peter P. Swire The Ohio State University Center for American Progress The Privacy Symposium,

The Role of the Federal Government in Privacy Policy Professor Peter P. Swire The Ohio State University Center for American Progress The Privacy Symposium,
Mental Health Issues & Information Sharing Professor Peter P. Swire The Ohio State University NAAG Task Force on School Safety July 5, 2007.

Mental Health Issues & Information Sharing Professor Peter P. Swire The Ohio State University NAAG Task Force on School Safety July 5, 2007.
Protect Our Students Protect Ourselves

Protect Our Students Protect Ourselves
Engineers and Lawyers in Privacy Protection Peter Swire Professor, Moritz College of Law Visiting Professor, Georgia Institute of Technology IAPP Summit.

Engineers and Lawyers in Privacy Protection Peter Swire Professor, Moritz College of Law Visiting Professor, Georgia Institute of Technology IAPP Summit.
US Constitution and Right to Privacy Generally only protects against government action Doesn’t obligate government to do something, but rather to refrain.

US Constitution and Right to Privacy Generally only protects against government action Doesn’t obligate government to do something, but rather to refrain.
Understanding the Fair Debt Collection Practices Act

Understanding the Fair Debt Collection Practices Act
PIPA PRESENTATION PERSONAL INFORMATION PROTECTION ACT.

PIPA PRESENTATION PERSONAL INFORMATION PROTECTION ACT.
Data Protection.

Data Protection.
1 GRAND VALLEY STATE UNIVERSITY FAMILY EDUCATIONAL RIGHTS & PRIVACY ACT (FERPA) TRAINING OFFICES OF THE REGISTRAR AND UNIVERSITY COUNSEL JANUARY 20, 2009.

1 GRAND VALLEY STATE UNIVERSITY FAMILY EDUCATIONAL RIGHTS & PRIVACY ACT (FERPA) TRAINING OFFICES OF THE REGISTRAR AND UNIVERSITY COUNSEL JANUARY 20, 2009.
Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.

Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.
FERPA The Family Educational Rights and Privacy Act.

FERPA The Family Educational Rights and Privacy Act.
FERPA: Protect our Students by Protecting their Records Prepared by Rebekah D. Mathis-Stump, JD.

FERPA: Protect our Students by Protecting their Records Prepared by Rebekah D. Mathis-Stump, JD.
Computers and Society Carnegie Mellon University Spring 2007 Cranor/Tongia 1 Regulating Online Speech / Privacy.

Computers and Society Carnegie Mellon University Spring 2007 Cranor/Tongia 1 Regulating Online Speech / Privacy.
Disclaimer This Presentation is provided “as is” without any express or implied warranty. This Presentation is for educational purposes only and does not.

Disclaimer This Presentation is provided “as is” without any express or implied warranty. This Presentation is for educational purposes only and does not.

Similar presentations

Ads by Google