Data Privacy MBA Team Assignment - MBA 664 2009 Sebastian Leinmueller Birgit Hainzlmaier 4/13/2009MBA 664 Data Privacy Table of Contents 1. Introduction ............................................................................................................................. 1 2. Data Privacy in the United States and Europe ........................................................................ 2 2.1. History of Data Privacy in the United States .................................................................... 2 2.2. History of Data Privacy in Europe .................................................................................... 2 2.3. Data Privacy Regulations in the United States ................................................................. 3 2.4. Data Privacy Regulations in Europe ................................................................................. 4 2.5. Comparison of the Data Privacy Regulations of the U.S. to Europe ................................ 5 2.6. Database Security to Guarantee Data Privacy ................................................................. 5 2.7. Potential Risks and Problems ........................................................................................... 6 3. Facebook .................................................................................................................................. 8 3.1. Technical Environment ..................................................................................................... 8 3.2. Data Collection and Authorization ................................................................................... 8 3.3. Use or Abuse of the Data ................................................................................................. 9 3.4. Potential Risks and Problems ......................................................................................... 10 4. Public Surveillance Cameras .................................................................................................. 11 4.1. Technical Environment ................................................................................................... 11 4.2. Data Collection and Authorization ................................................................................. 12 4.3. Use or Abuse of the Data ............................................................................................... 12 4.4. Potential Risks and Problems ......................................................................................... 13 5. Summary ................................................................................................................................ 13 6. Bibliography ........................................................................................................................... 14MBA 664 Data Privacy 1 1. Introduction In a world where the possibility of collecting, storing and conciliation of large pools of data is widely available, data privacy becomes a critical issue. Identity theft, which is the use of personal information to illegally access existing financial accounts, open fraudulent accounts, or obtain credit cards in other people’s names (Lee 2001), happened 258,427 times nationwide (Coakley 2009, 1). About 500,000 to 750,000 credit fraud cases are registered every year (Lee 2001). Obviously, it has become an easy task to abuse personally identifiable data or to trace a person due to installed public surveillance cameras, information provided by social networks, and credit card information. In response, many states developed legislative strategies to ensure a person the right of control over all data in connection with his or her identity. However, the extent of data privacy safeguarded by the state significantly varies among different counties. The purpose of this work is to outline differences and similarities in the extent of data privacy in the United States and Europe. In the first chapter of this work, a brief section about the history of data privacy will lead to a comparison of data privacy regulations between the United States and Europe. After that, different types of technical tools and standards for protecting personally identifiable data are illustrated. Additionally, areas of concern are pointed out at the end of the first chapter. Consecutively, data privacy is examined and compared by means of two examples: the social network website Facebook and public surveillance cameras. Therefore, the second chapter takes Facebook into detailed consideration. It briefly outlines the technical environment that enables 200 million active users (Facebook 2009) to use Facebook’s services and applications. Subsequently, it is described how the data are collected and who is authorized to access the data. Once being entered in the system, it is illustrated how those data are currently used or abused. The second chapter of this work concludes with potential risks and problems. After that, chapter three provides insight in the technical environment of public surveillance cameras. Furthermore, the collection by public surveillance cameras and authorization of data is taken into consideration. After that, chapter three concludes by an overview of how the data are used or abused and potential problems and risks are identified.MBA 664 Data Privacy 2 2. Data Privacy in the United States and Europe Data privacy regulations need to find a way to share data while coincidentally protecting personally identifiable data. Comparing the legal regulations of the U.S. to those of Europe unveil that there are huge differences in the extent of protecting personal data. 2.1. History of Data Privacy in the United States In the U.S., the right of privacy has only recently received legal recognition. Nevertheless, a comparable “right to be let alone” (Olmstead v. United States 1928) is inferred by the Fourth Amendment to the United States Constitution as a part of the Bill of Rights. The Bill of Rights came into effect in 1791 and its Fourth Amendment guards against unreasonable searches and seizures associated with preventing invasions of the private sphere by the government. However, this does not cover the invasion of the private sphere by non-governmental third instances. 2.2. History of Data Privacy in Europe In