NJIT CS 103 - Privacy and Digital Security (6 pages)

Previewing pages 1, 2 of 6 page document View the full content.
View Full Document

Privacy and Digital Security



Previewing pages 1, 2 of actual document.

View the full content.
View Full Document
Unformatted text preview:

Chapter 13 Shhh It s a Secret Privacy and Digital Security Privacy Whose Information Is It What is privacy Examine a transaction of buying Dating for Total Dummies Fluency with Information Technology Third Edition Information linking the purchase with the customer How can the information be used by Lawrence Snyder Book merchant collecting information is ordinary business practice Book merchant sending advertisements to customer is ordinary business practice What about merchant selling information to other businesses 1 2 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley Modern Devices and Privacy Controlling the Use of Information Modern devices make it possible to violate people s privacy without their knowledge 13 2 Spectrum of control spans four main possibilities 1 No uses Information should be deleted when the store is finished with it In 1890 Brandeis wrote that individuals deserve sufficient safeguards against improper circulation of their images 2 Approval or Opt in Store can use it for other purposes with customer s approval 3 Objection or Opt out Store can use it for other purposes if customer does not object 4 No limits Information can be used any way the store chooses 5 Fifth possibility is internal use store can use information to continue conducting business with you 1 3 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley 13 3 1 4 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley A Privacy Definition Fair Information Practices Privacy The right of people to choose freely under what circumstances and to what extent they will reveal themselves their attitude and their behavior to others OECD Organization of Economic Cooperation and Development in 1980 developed the standard eight point list of privacy principles Threats to Privacy Government and business Voluntary Disclosure We choose to reveal information in return for real benefits doctor credit card company Limited Collection Principle Quality Principle Purpose Principle Use Limitation Principle Security Principle Openness Principle Participation Principle Accountability Principle 1 5 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley 13 5 13 4 1 6 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley 13 6 Comparing Privacy Across the Atlantic US Laws Protecting Privacy U S has not adopted OECD principles Privacy Act of 1974 covers interaction with government China does not protect privacy Interactions with business Electronic Communication Privacy Act of 1986 European Union has European Data Protection Directive OECD principles Video Privacy Protection Act of 1988 Telephone Consumer Protection Act of 1991 Driver s Privacy Protection Act of 1994 EU Directive requires data on EU citizens to be protected at same standard even when it leaves their country Health Insurance Privacy and Accountability Act of 1996 These all deal with specific business sectors not an omnibus solution 1 7 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley 13 7 1 8 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley Privacy Principles European Union A Privacy Success Story Two points of disagreement between FTC US and OECD Europe Do Not Call List Telemarketing industry s self policing mechanism required individuals to write a letter or pay an on line fee to stop telemarketing calls Opt in Opt out When can an organization use information it collects for one purpose for a different purpose Opt out is US standard except for highly sensitive data Opt in is European standard US government set up Do Not Call List Over 107 000 000 households are on the list and telemarketing industry has largely collapsed Compliance Enforcement US has voluntary compliance EU has offices to control data 1 9 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley 13 8 13 9 1 10 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley The Cookie Monster The Cookie Monster Cont d Cookie Record containing seven fields of information that uniquely identify a customer s session on a website Cookie is stored on customer s hard drive Browser options 13 10 Turn off cookies Ask each time a server wants to set a cookie Accept all cookies Abuse Third party cookie Third party advertisers on web site enter client server relationship with customer as page loads Advertiser can set cookies and can access cookies when user views other websites that advertiser uses 1 11 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley 13 11 1 12 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley 13 12 Identity Theft Americans do not enjoy the Security Principle Those who hold private information are obliged to maintain its privacy against unauthorized access and other hazards Identity theft is the crime of posing as someone else for fraudulent purposes Using information about person like credit card numbers social security numbers 1 13 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley 13 13 1 14 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley Managing Your Privacy Managing Your Privacy cont d Purchase up to date anti virus anti spyware software Patronize reputable companies for music software etc Adjust your cookie preferences to match your comfort level Be skeptical 13 14 Stay familiar with current assaults on privacy Read the privacy statement of any website you give information to Lobby for US adoption of Fair Information Practices Review protections against phishing scams 1 15 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley 13 15 1 16 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley 13 16 Encryption And Decryption Encryption Terminology Encryption Transform representation so it is no longer understandable Cryptosystem A combination of encryption and decryption methods Cleartext or Plaintext Information before encryption Cipher text Information in encrypted form One way cipher Encryption system that cannot be easily reversed used for passwords Decryption Reversing encryption process 1 17 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley 13 17 1 18 Copyright 2008 Pearson Education Inc Publishing as Pearson Addison Wesley 13 18 XOR An Encryption Operation Encrypting a


View Full Document

Access the best Study Guides, Lecture Notes and Practice Exams

Loading Unlocking...
Login

Join to view Privacy and Digital Security and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Privacy and Digital Security and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?