DOC PREVIEW
NJIT CS 103 - Privacy and Digital Security

This preview shows page 1-2 out of 6 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 6 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 6 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 6 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-WesleyFluency with Information TechnologyThird EditionbyLawrence SnyderChapter 13: Shhh, It's a Secret: Privacy and Digital Security1-2Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley13-2Privacy: Whose Information Is It?• What is privacy? Examine a transaction of buying Dating for Total Dummies– Information linking the purchase with the customer• How can the information be used?– Book merchant collecting information is ordinary business practice– Book merchant sending advertisements to customer is ordinary business practice– What about merchant selling information to other businesses?1-3Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley13-3Modern Devices and Privacy• Modern devices make it possible to violate people's privacy without their knowledge• In 1890, Brandeis wrote that individuals deserve "sufficient safeguards against improper circulation" of their images1-4Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley13-4Controlling the Use of Information• Spectrum of control spans four main possibilities:1. No uses. Information should be deleted when the store is finished with it2. Approval or Opt-in. Store can use it for other purposes with customer's approval3. Objection or Opt-out. Store can use it for other purposes if customer does not object4. No limits. Information can be used any way the store chooses5. Fifth possibility is internal use—store can use information to continue conducting business with you1-5Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley13-5A Privacy Definition• Privacy: The right of people to choose freely under what circumstances and to what extent they will reveal themselves, their attitude, and their behavior to others• Threats to Privacy: Government and business• Voluntary Disclosure: We choose to reveal information in return for real benefits (doctor, credit card company)1-6Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley13-6Fair Information Practices• OECD (Organization of Economic Cooperation and Development) in 1980 developed the standard eight-point list of privacy principles.– Limited Collection Principle– Quality Principle– Purpose Principle– Use Limitation Principle– Security Principle– Openness Principle– Participation Principle– Accountability Principle1-7Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley13-7Comparing Privacy Across the Atlantic• U.S. has not adopted OECD principles• China does not protect privacy• European Union has European Data Protection Directive (OECD principles)• EU Directive requires data on EU citizens to be protected at same standard even when it leaves their country1-8Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley13-8US Laws Protecting Privacy• Privacy Act of 1974 covers interaction with government• Interactions with business:– Electronic Communication Privacy Act of 1986– Video Privacy Protection Act of 1988– Telephone Consumer Protection Act of 1991– Driver's Privacy Protection Act of 1994– Health Insurance Privacy and Accountability Act of 1996• These all deal with specific business sectors—not an omnibus solution1-9Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley13-9Privacy Principles: European Union• Two points of disagreement between FTC (US) and OECD (Europe):– Opt-in/Opt-out• When can an organization use information it collects for one purpose, for a different purpose?• Opt-out is US standard except for highly sensitive data; Opt-in is European standard– Compliance/Enforcement• US has "voluntary compliance," EU has offices to control data1-10Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley13-10A Privacy Success Story• Do-Not-Call List– Telemarketing industry's "self-policing" mechanism required individuals to write a letter or pay an on-line fee to stop telemarketing calls– US government set up Do-Not-Call List. Over 107,000,000 households are on the list and telemarketing industry has largely collapsed1-11Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley13-11The Cookie Monster• Cookie: Record containing seven fields of information that uniquely identify a customer's session on a website. Cookie is stored on customer's hard drive.• Abuse: Third-party cookie– Third party advertisers on web site enter client/server relationship with customer as page loads– Advertiser can set cookies, and can access cookies when user views other websites that advertiser uses1-12Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley13-12The Cookie Monster (Cont'd)• Browser options:– Turn off cookies– Ask each time a server wants to set a cookie– Accept all cookies1-13Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley13-131-14Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley13-14Identity Theft• Americans do not enjoy the Security Principle– Those who hold private information are obliged to maintain its privacy against unauthorized access and other hazards• Identity theft is the crime of posing as someone else for fraudulent purposes– Using information about person like credit card numbers, social security numbers1-15Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley13-15Managing Your Privacy• Purchase up-to-date anti-virus/anti-spyware software• Adjust your cookie preferences to match your comfort level• Read the privacy statement of any website you give information to• Review protections against phishing scams1-16Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley13-16Managing Your Privacy (cont'd)• Patronize reputable companies for music, software, etc.• Be skeptical• Stay familiar with current assaults on privacy• Lobby for US adoption of Fair Information Practices1-17Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley13-17Encryption And Decryption• Encryption Terminology– Encryption: Transform representation so it is no longer understandable– Cryptosystem: A combination of encryption and decryption methods– Cleartext or Plaintext: Information before encryption


View Full Document
Download Privacy and Digital Security
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Privacy and Digital Security and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Privacy and Digital Security 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?