Privacy
Chapter 5. Privacy
Table of Contents
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
5.7.2Turn on cookie notices in your Web browser, and/or use cookie management software 9
Keep a "clean" |
||
5.7.5Beware sites that offer some sort of reward or prize in exchange for your contact or
5.7.10Remember that YOU decide what information about yourself to reveal, when, why,
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
1
Privacy
5.1 Scenarios
5.1.1 Scenario 1: Fund Raising and Potential Donors
Jan studies computer science at university but does not major in it. She wishes to be involved in public service and so accepts a
Jan was asked to find out about all the information on Frank, with special focus on his wealth and the likely area where Frank will be most keen. Using the Internet and databases, Jan was able to find out the following:
•Via a public database, his board memberships
•Via databases of associated organisations, contributions he has made to others and his support for any religious organisations
•Newspaper archives – information written about Frank
•Governmental records – if he has had any encounter with the law
•Credit card agencies – his credit history
Other routes that Jan tried to get information include:
•Contacting Amazon.com about the types of books he read
•Wonders if his ISP will tell her about his online activities
•From the university records she finds that he was treated at the university hospital.
•She finds that she can access his medical records and discovers that he was treated successfully for a kidney complaint
She then proceeds to recommends that he be approached for a donation for kidney research.
Activity 1
Discuss whether or not you think she has done anything wrong?
5.1.2 Scenario 2: Taking work home
Max works for a government department working against alcoholism and drug abuse. The department maintains a database of people with these problems. Max’s job is to track the success or failure of treatment programs. He has to prepare a report indicating:
•Number of clients seen per month in each program
•Length of client treatment
•Criminal history of clients
•Distribution addresses
He gets this information from various databases located in different locations. To do this, he downloads information to his computer in his office, then copies the data to a portable hard drive and takes that home to finish his report there. However, he also leaves a copy of the information and the report on his machine at home.
Activity 2
2
Privacy
Is he wrong to move the data to his house and is he wrong to leave the data there when he is done with the report. What policy should Max’s agency have concerning taking work home? Discuss.
5.1.3 Scenario 3: Workplace Monitoring
Estelle works for Medical Insurance Company. She supervises the claims department and her brief is to improve efficiency there – each unit must process a minimum number of claims per day. In order to achieve this goal, she installs a software system which monitors:
•The number of claims processed by each clerk
•Number of keystrokes done by each clerk
•Log information on when each clerk is on or off his/her post
The system allows her to watch all the above information in
Activity 3
Should she use this system and if so should each of the clerk be informed? Do you think any limitations should be placed on companies employing such systems? Discuss.
5.1.4 Scenario 4: Data Mining
Ravi works for a credit card company, developing new products. He read about data mining and convinces his supervisor to buy this tool. With this tool Ravi can get information on customers’ buying habits, as well as finds out postal codes correlation to loan defaults. Based on this new information a new policy can be formulated resulting in his company refusing credits to clients in ‘bad’ postal code areas. Doing this could reduce his company’s exposure to bad loans.
Ravi also discovers that Zoroastrians who donate to charity charges a substantial amount to their credit cards. He promptly recommends a new policy of soliciting more Zoroastrians for credit card in hope of increasing his company’s profit.
Activity 4
Are either of these two recommendations wrong? What about the way Ravi use these information? Is the company wrong by implement these policies? Discuss.
5.2 Is there anything new here?
Panopticon of J. Bentham 1787 involves the design of prisons. By arranging the cells in circle (with the guard in the centre) in such a way that the guard can see prisoners but vice versa, the guard needs not even be there all the time. When individuals (in this case, prisoners) believe that they are being watched, they behave differently as they are concern with the observers and what they might think of them.
Many experts think that information gathering is like Panopticon. Information gather itself is not new – governmental and private organisations have always kept databases. The difference is that much more surveillance can be made with electronic databases because of their speed, types of information and scale of exchange of information between them.
Activity 5
Compare and contrast
5.2.1 Max’s case
3
Privacy
Recall that Max takes sensitive data home. The movement of data can be problematic in itself – it is difficult to keep track and to ensure security of the data in different environments and locations. Taking work home is not new
–companies have allowed their employee to take company’s resources home, make use of it in completed a tasks and then to bring it back. In these cases, companies have strict rules on how these resources should be handled. Computer data should be treated in a similar way – by either not allowing data to be copied from the main frame at all or by specifying data encryption to be used.
5.2.2 Access to data
Consider the case of Pat who took her landlord to court because of presence of pests in the flat. The landlord did not contest the case, but soon after Pat moved to another area but discovered that she always get turned down. Pat discovers that there is a list of people who has taken landlords to court and that this list can be purchased.
Activity 6
Do you think anyone is at fault here? Can you see the parallel between this
5.3 Understanding the ‘Computer and Privacy’ Issue
In essence the issue revolves around:
•Collection and use of data.
•Information obtained from data versus loss of privacy.
•The needs of the organisation collecting and using the information versus individuals’ right of privacy (considered a social good).
An example is that Amazon collects information on its clients in order to be able to inform them of new books in their interest areas.
5.3.1 Personal Privacy
What is personal privacy and why is it valuable? Most people expect privacy in their personal space such as home
–the domain in which government and other organisations should not interfere. Privacy is often seen as intrinsic good – good in itself – which can lead to other good. Kant’s theory is that privacy is essential to autonomy and that autonomy is inconceivable without privacy.
Technological development has not only changed how business is conducted, but also has had a huge impact on personal and community identities.
Activity 7
Read the following paragraph:
In order to establish a relationship with an individual one needs to be able to control information about oneself in order to maintain a relationship. Collecting and grouping of information into a database causes us to lose control of the information. This loss of control reduces our ability to form relationships.
Do you agree with what is being said there? Do not consider just personal relationships consider professional relationships as well. When you are chatting or emailing on the Net, nobody knows who you are by anything other than the name you have given as your identity. Your physical characteristics — skin colour, height, physical features — are unknown. Your
4
Privacy
Impact on the Individual
Identity: Anonymity can be liberating. Other users you come in contact with on the Net cannot look at your physical self or hear your accent and make assumptions about you. You are judged on the opinions and information you express.
Intrusion on Privacy: Personal information can be captured at certain sites through the information you have provided when you make an
5.3.2 Individual – Organizational Relationships
It is said that information a person gives to an organisation empowers them over the person – for example, a credit card company. Organisations can establish this relationship without any action by the individual (e.g. Subscription information). This problem has been amplified by the introduction of computers. Government has tried to deal with this and to allay fears by passing laws that prevent different database from being joined (e.g. the Home Affairs’ and Police’s fingerprints databases). Laws have been passed on the privacy issues concerning medical and credit records amongst others.
In the mid1970s, the United States provided five principles to govern fair information gathering practices:
1.No secret personal data keeping.
2.Individual must be able to discover their personal information and how it is used.
3.Individual must be able to discover and stop information collected for one purpose but is used for another.
4.Individual must be able to correct wrong information.
5.Database administrator of personal information must take necessary precautions to prevent misuse and also to assure reliability of data.
Activity 8
Do you think that these principles are still appropriate today when it comes to electronic databases? What changes, if any, do you think needs to be made to this code? This issue of individual – organisation relationships is discussed further in the section on Privacy Issues on the workplace later in this chapter.
Activity 9
The objective of this exercise is to experiment with some ideas on privacy. Write down some ideas about the following:
•How would you like to portray yourself to others?
•Can this be achieved if contact is only by
•What aspect of yourself might others regard as 'detrimental'?
•Can this be hidden if contact is only by
•What feature of email allows this type of privacy?
You can find some thoughts about this activity at the end of the unit.
5.3.3 Global Perspective
5
Privacy
Legislators, theologians, scientists, academics and business people are getting more interested in the impact of information technology on individuals, organizations and communities. The possible outcomes in the near future could be better — not necessarily stricter — legislation safeguarding user privacy, increased education in the proper use of the Internet, and more options for technological control that can be implemented based on user discretion. The alternative outcomes could be strict tracking of every user, together with numerous legislative bodies all imposing their own views on what information should be available. The challenge ahead of us is to ensure that the benefits of the Internet far outweigh the real and serious threats brought about by the information revolution.
The Internet expansion plays a large role in increasing the potential for misusing of information. The information is flowing across borders more readily and frequently. Irrespective of the individual nation’s policies, there is still a need for a global policy. European Union has a policy that is enforced amongst its members. Each member states must make sure that personal data must be:
•Processed fairly and lawfully.
•Collected for specific and legitimate purposes.
•Not processed further (except for statistical, scientific or historical reasons and then with prior permission).
•Adequate but not excessive for purpose required.
•Kept up to date.
•Accurate for purpose collected.
•Kept no longer than required.
Activity 10
Read the articles supplied online as part of this unit (Guardian newspaper articles).
•Do you think that a service that is free to users should be more secure? After all, you only get what you pay for.
•Will this event change the way you use
•Do you think that independent bodies should check statements claiming privacy for these types of services?
You can find some thoughts about this activity at the end of the unit.
5.3.4 Proposal for better Protection
There have also been many proposals for better protection with broad conceptual changes and legislative initiatives:
•Appreciate and action the principle that privacy is a social good.
•Need for a comprehensive approach that is not a piecemeal approach but also integrate a global exchange of data?
•Power of private corporations never envisaged – this is a new vacuum.
•Sweden introduces the Data Inspection Board:
•Licences all automated personal information systems in both public and private sectors.
•Controls collection of personal data.
•Can investigate completes.
•Designs rules for personal data collection.
Activity 11
Discuss the pro and con of a system such as that of Sweden’s Data Inspection Board is. Do you think that each country should go this route?
The ACM’s code of conduct considers privacy and seeks to:
• Minimise data collected.
6
Privacy
•Only allow authorised access to data.
•Provide proper security.
•Determine required retention period.
•Ensure proper disposal of the data.
5.4Effects of IT on recording keeping
Information keeping and handling is not new but information technology has changed record keeping in the following ways:
•Scale of information keeping
•New kinds of information kept
•New scale of information distribution and exchange
•Effect of erroneous data magnified
•Information can endure for much longer
5.5Privacy Issues in the workplace
Recall scenario 2 with Estelle and her monitoring software. Were your generally for, against or undecided against computer monitoring in the workplace. Your feeling is likely to be different depending on whether you are an employer or an employee – but here are some arguments for and against:
5.5.1Arguments for Computer Monitoring in the Workplace
That it is also used to provide incentives for employees and effectively rewards individuals for true merit and reward. They also point out that what is being measured is factual and hard, and that workers tend to favour such systems, they have seen too many cases of the wrong people being promoted for the wrong reasons. With the facts that the computer gathers, diligent workers can legitimately argue a case for better pay and conditions and this case does not rely upon personal opinions and personalities. Furthermore, these systems can help eliminate rampant waste, for example, employees calling long distance for private uses, a team carrying the load for an unproductive team member, identifying the theft of materials by matching the stock used with the amount processed by line workers (and discovering discrepancies). Finally, monitoring on a computer network can assist in troubleshooting and fine tuning of a system, as well as streamlining job design and fairly apportioning workloads.
5.5.2Arguments against Computer Monitoring in the Workplace
However, there is also the danger of turning workers into better paid battery hens, denying them job satisfaction and eliminating the human element from their work. For example, although reservation clerks may be given an incentive to process more calls when they are being monitored, it may also eliminate any human spontaneity or friendliness in their communication. There is question of balance between the rights and expectations of employees versus the obligations and objectives of employers.
Forestor and Morrison (1990) state that clearly profits are important to the continued functioning of capitalist societies and profit itself is dependent upon competitiveness. However, just how far we are willing to proceed in the pursuit of competitiveness and profitability is a matter of judgement. For example, the use of cheap child
7
Privacy
labour was once regarded as a sensible business strategy, but now our ethical sense and labour protection laws prohibit this practice. It remains to be seen in which direction our ethical intuitions will take us in determining the nature of future employment, whether we can all be monitored in the interest of profit and accountability, or whether we shall see a renewed interest in designing jobs for people.
In addition, we need to ask what kind of precedent computer based monitoring of employees will set for other invasive practices. For example, similar arguments can be marshaled for the compulsory drug testing of key personnel such as pilots, train drivers, and power plant operators. If these people have the potential to kill thousands by accident, then do we not have the right to ensure that they are in a fit state to work? On the other hand, why not also monitor the alcohol purchases of convicted drunk drivers? This highlights the most contentious aspect of any form of computer based monitoring: it is not so much the harm it may currently be causing, but what it represents.
Activity 12
Has your view changed after reading the arguments above? What is your view now? Discuss this issue with other students if you can.
5.6 Interception Act versus Privacy Act (South Africa)
Two important acts concerning privacy were introduced to the South African public. The interception act was amended in 2010.
5.6.1 The Interception Act
The interception act came into full effect in September 2005 (http://www.justice.gov.za/legislation/acts/2002- 070.pdf). (Full title: the Regulation of Interception of Communications and Provision of Communication- related Information Act (RICA)). RICA seeks to regulate the interaction of certain communications, the monitoring of certain signals and radio frequency spectrums and the provision of certain
•Law enforcement must be in possession of information or evident that electronic communications are being used in the commission of the crime.
•They must approach the court and request an "interception direction". The sitting judge will then decide on the merit of the evident present and will grant or refuse this directive.
•Once the interception direction is obtained, it can then be served to the relevant service provider who is then required by law to monitor any communication made by the individual or party concerned and then to forward all surveillance information to the law enforcement agency. Note that the person under surveillance needs not be informed.
RICA provides that all forms of monitoring and interception of communications are unlawful unless the monitoring and interception takes place under one of the recognized exceptions in RICA. There are several exceptions to the general rule on the prohibition on intercepting communications, three of which apply to monitoring in the workplace:
•Party to a communication: Section 4 of the RICA allows a party to a communication to monitor and intercept the communication if he/she is a party to the communication (for example, where the participants in a meeting consent to the meeting being recorded). This exception also applies where the interceptor is acting with the consent of one of the parties to the communication.
•Written Consent: Section 5 allows for interception of any communication under any circumstances – i.e. no special motivation or reason is required for it provided the person whose communication is being intercepted has consented to it in writing prior to such interception.
•Business Purpose Exception: Section 6 contains a
8
Privacy
business by means of which a transaction is concluded in the course of that business, which “otherwise relates to that business” or which “otherwise takes place in the course of the carrying on of that business, in the course of its transmission over a telecommunication system”.
5.6.2 The Privacy Act
The protection of personal information Act [http://www.gov.za/sites/www.gov.za/files/37067_26- 11_Act4of2013ProtectionOfPersonalInfor_correct.pdf] is seen by some as a counterbalance to the Interception Act above. The act seeks to promote the protection of personal information of South Africans processed by public and private bodies. It also seeks to provide for the rights of persons regarding unsolicited electronic communications and automated decision making. It also seeks to regulate the flow of personal information across the borders of the Republic.
Activity 11
It is likely that by the time you are reading this set of notes that another draft of the proposed act has been released. The media might also be covering it in more detail. Try and get hold of the most recent draft or some analysis of it in the media. How has it changed?
Activity 12
Discuss if and how the interception and privacy counterbalance one another. Do you have concerns about either of the acts?
5.7 Protect Your Online Privacy
The Electronic Frontier Foundation (EFF) [http://www.eff.org] is an organisation that protects rights and promotes freedom in the electronic frontier, including an individuals basic right to privacy. They advocate the following twelve ways to protect your online privacy.
5.7.1 Do not reveal personal information inadvertently
You may be "shedding" personal details, including
5.7.2Turn on cookie notices in your Web browser, and/or use cookie management software
Cookies are a small amount of information that Web sites store on your computer, temporarily or
9
Privacy
click on, etc., and share this information with all of their client Web sites (who may number in the hundreds, even thousands.) It is unknown whether all of these cookie rings (some examples of which are Double Click and Link Exchange) do in fact share user data, but they certainly can do so potentially.
Browsers are starting to allow user control over cookies. Mozilla and Firefox, for example, allows you to see a notice when a site tries to write a cookie file to your hard drive, and gives you some information about it, allowing you to decide whether or not to accept it. (Be on the lookout for cookies the function of which is not apparent, which go to other sites than the one you are trying to load, or which are not temporary). It also allows you to automatically block all cookies that are being sent to third parties (or to block all cookies, entirely, but this will make some sites inoperable). Internet Explorer has a cookie management interface in addition to Netscape like features, allowing you to selectively enable or disable cookies on a site by site basis, even to allow cookies for a site generally, but delete a specific cookie you are suspicious about. With Internet Explorer you can also turn on cookies for a site temporarily then disable them when you no longer need them. For example, at an online bookstore that requires cookies to process an order, but whom you don't want to track what books you are looking at, what links you are following, etc., the rest of the time. Turning on cookie warnings will cause alert boxes to pop up, but after some practice you may learn to hit "Decline" so fast that you hardly notice them anymore. The idea is to only enable cookies on sites that require them AND whom you trust.
5.7.3 Keep a "clean"
When mailing to unknown parties; posting to newsgroups, mailing lists, chat rooms and other public spaces on the Net; or publishing a Web page that mentions your
5.7.4Don't reveal personal details to strangers or just met "friends"
The speed of the Internet is often reflected in rapid online acquaintanceships and friendships. But it is important to realise that you don't really know who these people are or what they are like in real life. A thousand miles away, you don't have friends of friends or other references about this person. Be also wary of
Realise you may be monitored at work, avoid sending highly personal
5.7.5 Beware sites that offer some sort of reward or
10
Privacy
prize in exchange for your contact or other information
There's a high probability that they are gathering this information for direct marketing purposes. In many cases your name and address are worth much more to them (because they can sell it to other marketers, who can do the same again - a snowball effect) than what you are (supposedly) getting from them. Be especially wary of sweepstakes and contests. You probably won't win, but the marketer sure will if you give them your information.
5.7.6 Do not reply to spammers, for any reason
Spam, or unsolicited bulk
5.7.7 Be conscious of Web security
Never submit a credit card number or other highly sensitive personal information without first making sure your connection is secure (encrypted). In Firefox, look for an closed lock (Windows) or unbroken key (Mac) icon at the bottom of the browser window. In Internet Explorer, look for a closed lock icon at the bottom (Windows) or near the top (Mac) of the browser window. In any browser, look at the URL (Web address) line - a secure connection will begin "https://" instead of "http://". If you are at page (sic) that asks for such information but shows "http://" try adding the "s" yourself and hitting enter to reload the page (for Netscape or Internet Explorer; use whatever method is required by your browser to reload the page at the new URL). If you get an error message that the page or site does not exist, this probably means that the company is so clue less - and careless with your information and your money - that they don't even have Web security. Take your business elsewhere.
5.7.8 Be conscious of home computer security
On the other side of the coin, your own computer may be a trouble spot for Internet security. If you have an ADSL line or other connection to the Internet that is up and running 24 hours, unlike a modem and phone line connection, be sure to turn your computer off when you are not using it. Most home PCs have pitifully poor security compared to the Unix workstations that power most commercial Web sites. System crackers search for vulnerable, unattended ADSL connected home computers, and can invade them with surprising ease, searching through files looking for credit card numbers or other sensitive data. They can even take over the computer and quietly using it for their own purposes, such as launching attacks on other computers elsewhere - attacks you could initially be blamed for.
5.7.9 Examine privacy policies and seals
When you are considering whether or not to do business with a Web site, there are other factors than a secure connection you have to consider that are equally important to Web security. Does the site provide
11
Privacy
their word.) If you see a seal, is it real? Check with the
5.7.10Remember that YOU decide what information about yourself to reveal, when, why, and to whom
Don't give out personally identifiable information too easily. Just as you might think twice about giving some clerk at the mall your home address and phone number, keep in mind that simply because a site asks for or demands personal information from you does not mean you have to give it. You do have to give accurate billing information if you are buying something, of course, but if you are registering with a free site that is a little too nosy for you, there is no law against providing them with pseudonymous information. (However, it would probably be polite to use obviously fake addresses, such as "123 No Such Street, Nowhere, NW 0010, Republic of Nowhereland". If they are generating mailings based on this information presumably in accordance with the terms of their privacy policy - they can probably weed such addresses out and not waste the postage on them.)
5.7.11 Use encryption
Last but certainly not least, there are other privacy threats besides abusive marketers, nosy bosses, spammers and scammers. Some of the threats include industrial espionage, government surveillance, identity theft, disgruntled former associates, and system crackers. Relatively easy to use
5.8 More on Encryption
In an open network such as the Internet, message privacy, particularly for
5.8.1 PGP (Pretty Good Privacy)
PGP is a popular program used to encrypt and decrypt
5.8.2 How It Works
PGP uses a variation of the public key system. In a public key system, each user has a publicly known encryption key and a private key known only to that user. You encrypt a message you send to someone else using their public key. When they receive it, they decrypt it using their private key. Since encrypting an entire message can be
PGP comes in two public key versions - RSA and
12
Privacy
For sending digital signatures, PGP uses an efficient algorithm that generates a hash code from the user's name and other signature information. This hash code is then encrypted with the sender's private key. The receiver uses the sender's public key to decrypt the hash code. If it matches the hash code sent as the digital signature for the message, then the receiver is sure that the message has arrived securely from the stated sender. PGP's RSA version uses the MD5 algorithm to generate the hash code. PGP's
To use PGP, you download or purchase it and install it on your computer system. Typically, it contains a user interface that works with your customary
5.8.3 Where Can You Use PGP
Originally, the U.S. government restricted the exportation of PGP technology. Today, however, PGP encrypted e- mail can be exchanged with users outside the U.S if you have the correct versions of PGP at both ends. Unlike most other encryption products, the international version is just as secure as the domestic version.
The freely available PGP cannot legally be used for commercial purposes - for that, one must obtain the commercial version from Network Associates (formerly PGP, Inc.). There are several versions of PGP in use.
5.9 Review Questions
1.How can we ensure privacy when using
2.What does PICS stand for?
3.Briefly outline two ways in which censorship ratings can be made.
4.Discuss briefly something we could do, if we found an unsuitable website with misleading ratings.
5.Why would a company censor Internet use?
6.What is blocking software?
You can find answers to these review questions at the end of the unit.
5.10Discussion and Answers
5.10.1Discussion on Activity 9
1.Tall, dark, handsome, blonde, pretty, honest, cheerful, short, fun, intelligent, average, nice eyes ? (the list goes on ....!)
2.You can be all of these: nobody can tell unless you are using a Web cam (as part of video conferencing), or you tell them.
3.Glasses, big feet, spots, green hair!
4.You cannot tell if the sender of an
13
Privacy
The time to think about your response. In contrast, this is something that is not always possible when we are talking to a friend. It also can be difficult in a chat room to take time.
5.10.2 Discussion on Activity 10
1.There are no clear answers. Those who are aware of
Security could be terrible but still acceptable if the users were aware of the risks and made sure that any sensitive messages were encrypted.
2.This is your decision. A decision to be cautious is probably a good one.
3. In many countries there are standards set for advertising. This could be extremely useful for consumers as well as advertisers, who would possibly gain credibility if they had registered their advertisement. In the case study, the claim regarding 'privacy' could be removed.
5.10.3 Solutions to Review Questions
These may not be the ultimate answers to the review questions. You should also check with other resources including your textbooks and the Internet.
1.By using a strong encryption method.
2.Platform for Internet Content Selection.
3.The website can be rated by an independent ratings organisation or the author of the site.
4.We could inform our Internet Service provider and inform some of the search engines...Etc.
14