Chapter 5: Privacy

Copyright © Pearson Education, Inc. Publishing as Pearson Addison-Wesley

Chapter 5: Privacy

Ethics for the Information AgeForth Edition

by Michael J. Quinn

5-2

1-2


Chapter Overview

• Introduction• Perspectives on privacy• Disclosing information• Ways information becomes public• U.S. legislation• Public records• Covert government surveillance• U.S. legislation authorizing wiretapping• Data mining• Identity theft• Encryption

5-3

1-3


Introduction

• Information collection, exchange, combination, and distribution easier than ever

• More information access less privacy• Trade-offs

– Privacy vs. need for credentials– Privacy vs. desire for free expression– Privacy vs. safety / security

5-4

1-4


Defining Privacy

• Privacy related to notion of access• Access

– Physical proximity to a person– Knowledge about a person

• Edmund Byrne: Privacy is a “zone of inaccessibility”

• Edward Bloustein: Privacy violations are an affront to human dignity

• Too much individual privacy can harm society– Ex: a group that facilitates business among its

members, not helping the whole siciety.

• Where to draw the line?

5-5

1-5


Harms of Privacy

• Cover for illegal or immoral activities• Burden on the nuclear family

– To care for all its members

• Hidden dysfunctional families– We don’t know about pain caused by family

violence because of privacy.

• Ignored people on society’s fringes– Poor, mentally ill people.

5-6

1-6


Benefits of Privacy• Individual growth (maturity)• Individual responsibility• Freedom to be yourself• Intellectual and spiritual growth

– Shut out the rest of the world to focus our thoughts without interruption.

• Development of loving, trusting, caring, intimate relationships– Close relationships

5-7

1-7


Is There a Natural Right to Privacy?

• Morton Levine: Property rights (Home) Privacy rights– I own my home, no body should interfere

• Privacy is a prudential right– Ex: Telemarketing and the Do Not Call Registry

5-8

1-8


Privacy and Trust• Modern life more private

– In the past there was greater emphasis on community

• Challenge: living among strangers– We know little about neighbors– BUT we must trust people to some extent– Ex: taxi driver, teachers, bank loans

• Remedy: establishing reputations– Ordeal, such as lie detector test or drug test– Credential, such as driver’s license, key, ID card,

college degree

• Establishing reputation is done at the cost of reducing privacy

5-9

1-9


Disclosing Information• Public record: information for public access

– Ex: birth certificates

• Public information: information revealed to an organization that has right to share it– Ex: Telephone directory

• Personal information: undisclosed information– Ex: religion, wealth

• Types of disclosures– Voluntary : – Involuntary : body and luggage search at airport– Statutory : Record of arrests and convicted persons

• Cameras on streets

5-10

1-10


Ways Information Becomes Public• Rewards or loyalty programs (shopping cards)• Body scanners (to choose clothes that fit you)• Digital video recorders (Sells info about viewing

habits)• New Automobile “comes with black boxes like

airplanes”• Enhanced 911 service (Track locations of cell phones)• RFIDs (Tags on products – aspirin or pants)• Implanted chips (RFID tag contains name and

address for patients and children)• Cookies (a file on your PC placed by a web server to

monitor your visit to a Web site• Spyware: a program to monitor your surfing on the net

5-11

1-11


Public Records

Examples of Public Records• Census records

– Many ways to use these records

• Internal Revenue Service records– Income, tax, assets, organization you give

charity for, medical expanses, …etc.

• FBI National Crime Information Center 2000– Stolen items, missing persons and guns,

wanted persons, criminal histories, suspected terrorists.

5-12

1-12


Census Records

• Census required to ensure every state has fair representation

• Number of questions steadily rising• Sometimes Census Bureau has broken

confidentiality requirement– World War I: provided names and addresses

of young draft resistors– World War II: used info. About Japanese-

Americans• Round them up and send them to arrest camps.

5-13

1-13


Internal Revenue Service Records

• Much personal information on tax forms• Some IRS employees have misused

access to IRS records• IRS has also misplaced tapes and

diskettes containing records

5-14

1-14


FBI National Crime Information Center 2000

• NCIC– Collection of databases related to various crimes– Contains > 39 million records

• Successes– Helps police solve hundreds of thousands of cases

every year– Helped FBI tie James Earl Ray to assassination of

Dr. Martin Luther King, Jr.– Helped FBI apprehend Timothy McVeigh for

bombing of federal building in Oklahoma City

5-15

1-15


Criticisms of the NCIC

• Erroneous records have led to false arrests• Police have arrested innocent people with same

name as someone in NCIC database• FBI has used NCIC to keep records of people not

suspected of any crime – Ex opponents to Vietnam War

• Corrupt law-enforcement employees have sold information to private investigators and deleted or altered records

• Some law-enforcement employees illegally access the NCIC (Ex: to search for babysitters)

5-16

1-16


OneDOJ Database

• Database being constructed by U.S. Department of Justice

• Gives state and local police officers access to information provided by five federal law enforcement agencies– Incident reports– Interrogation summaries– Other information not available through NCIC

• Criticisms– OneDOJ gives local police access to information about

people who have not been charged with a crime– There is no way to correct misinformation in raw police

reports

5-17

1-17


Code of Fair Information PracticesHas the following principles:• No secret databases• People should have access to personal

information in federal databases• Organizations cannot change how

information is used without consent• People should be able to correct or amend

records• Database owners are responsible for

reliability of data and must prevent misuse

5-18

1-18


Wiretaps and Bugs

• Wiretaps: relates to interception of telephone conversations

• Bugs are hidden microphones used for surveillance

• Wiretapping and bugs are not legal• FBI continues secret wiretapping

5-19

1-19


Operation Shamrock• Operation Shamrock was a covert, domestic intelligence

gathering operation that monitored telegraph communications.

• Expanded to telephone calls

• Kennedy

–Organized crime figures “watch list”

–Individuals and companies doing business with Cuba

• Johnson and Nixon

–Vietnam war protesters

• Nixon

–War on drugs

–Monitoring phone calls

5-20

1-20


Carnivore Surveillance System

• Created by FBI in late 1990s• Monitored Internet traffic, including email

exchanges• Carnivore = Windows PC + “packet-sniffing”

software• Captured packets going to/from a particular IP

address• Used about 25 times between 1998 and 2000• Replaced with commercial software

5-21

1-21


Covert Activities after 9/11

• September 11, 2001 attacks on World Trade Center and Pentagon

• President Bush authorized new, secret, intelligence-gathering operations inside United States

5-22

1-22


National Security Administration Wiretapping

• President Bush signed presidential order– OK for NSA to intercept international phone

calls & emails initiated by people inside U.S.– No search warrant required

• Number of people monitored– About 500 people inside U.S.– Another 5,000-7,000 people outside U.S.

• Two al-Qaeda plots foiled– Plot to take down Brooklyn bridge– Plot to bomb British pubs and train stations

5-23

1-23


TALON Database:Threat And Local Observation Notice• Created by U.S. Department of Defense in 2003• Supposed to contain reports of suspicious

activities or terrorist threats near military bases• Reports submitted by military personnel or

civilians• Reports assessed as “credible” or “not credible”

by military experts• Reports about anti-war protests added to

database• Many of these reports later deleted from

database• In 2007 TALON was terminated

5-24

1-24


Data Mining• Data mining

– Searching for patterns or relationships in one or more databases

– Way to generate new information by combining facts found in multiple transactions

– Way to predict future events

• Secondary use: information collected for one purpose used for another purpose– Ex: Collaborative filtering is used to predict future

preference of a person comparing to other people transactions (renting from a video store)

• Information about customers is a valuable commodity

5-25

1-25


Data Mining Examples – Marketplace: Households• Lotus Development Corporation developed

CD with information on 120 million Americans

• Planned to sell CD to small businesses that wanted to create mailing lists based on various criteria, such as household income

• More than 30,000 consumers complained to Lotus about invasion of privacy

• Lotus dropped plans to sell CD

5-26

1-26


Data Mining Examples – IRS Audits

• IRS uses computer matching and data mining to look for possible income tax fraud

• Computer matching: matching tax form information (filled by a person) with information provided by employers, banks, etc.

• Data mining: searching through forms to detect those that appear most likely to have errors resulting in underpayment of taxes

5-27

1-27


Data Mining Examples – Syndromic Surveillance System• Created by New York City• Analyzes more than 50,000 pieces of

information every day– 911 calls– Visits to emergency rooms– Purchases of prescription drugs

• Looks for patterns that might indicate an epidemic, bioterrorism, or an environmental problem

5-28

1-28


Data Mining Examples – Telecommunications Records Database

• Created by National Security Agency after 9/11• Contains phone call records of tens of millions of Americans• NSA analyzing calling patterns to detect terrorist networks• Phone records voluntarily provided by several major

telecommunications companies• USA Today revealed existence of database in May 2006• Several dozen class-action lawsuits filed• August 2006: Federal judge in Detroit ruled program illegal

and unconstitutional• July 2007: U.S. Court of Appeals overturned ruling, saying

plaintiffs did not have standing to bring suit forward

5-29

1-29


Ownership of Transaction Information

• Who controls transaction information?– Buyer?– Seller?– Both?

• Opt-in: consumer must explicitly give permission for the organization to share info with another organization. – Preferred by privacy advocates

• Opt-out: consumer must explicitly forbid an organization from sharing info– Preferred by direct marketing

5-30

1-30


Identity Theft : Background

• Identity theft: misuse of another person’s identity to take actions permitted to the owner

• Credit card fraud #1 type of identity theft• Ease of opening financial accounts contributes

to problem– Because information brokers on the Web are selling

IDs (license, SSN, Credit cards)

• 10 million victims in 2004 alone• Average loss: $5,000 per victim

5-31

1-31


Gaining Access to Information

• Mailboxes• Lost or stolen wallets• Dumpster diving (looking old bills, bank

statements, …etc)• Shoulder surfing (while people are filling forms)• Skimmers (wedges)

– Credit card readers attached to ATM machines

• Phishing– Gathering financial info through spam asking you to visit

a web site and the update personal info (fake Paypal)

5-32

1-32


Encryption

• Process of transforming a message in order to conceal its meaning

• Valuable tool for maintaining privacy

Chapter 5: Privacy

Documents

Transcript of Chapter 5: Privacy