IS 376: Information Privacy

Dr. KapatamoyoOctober 23, 2014

Contemporary Major Factors

Amount: of personal information that can be gathered.

Speed: at which personal information can be transmitted.

Duration: of time that the information can be retained.

Kind: of information that can be acquired and exchanged.

2

Aspects of PrivacyDictionary definition:

SeclusionFreedom from surveillance

ConcealmentControl of personal information

Freedom from intrusion (origins with Samuel Warren and Louis Brandeis)Leave me alone

3

Perspectives on Privacy

Discussions of privacy revolve around the notion of ACCESS, where access means either physical proximity

to a person or knowledge about that person.

There is conflict between a person that wants to restrict ACCESS to them by creating a “a zone of inaccessibility” (Edmund Byrne) and outsider who wants to gain access.

Privacy is a social arrangement that allows individuals to have some level of control over who is able to gain access to their physical selves and their personal information.

4

Harms and Benefits of Privacy Harms.

Most wrong doing takes place under cover of privacy (Ferdinand Shoeman).

Nuclear families cannot share personal issues hence too much pressure on some (Edmund Leach).

Outsiders fail to acknowledge a dysfunctional family or abuse until someone is injured.

Benefits. Socialization and individuation are both necessary steps

for a person to reach maturity/blossom (Morton Levine). Privacy is recognition of each person's freedom (Jeffry

Reiman, Stanley Benn). Privacy lets us be ourselves (Charles Sykes). Privacy lets us remove our public persona (Gini Graham).

5

Is There a Natural Right to Privacy?

Born out English Common Law tradition:“a man’s home is his castle.” No one – not even

the King – can enter without permission, unless there is PROBABLE CAUSE of criminal activity.

6

Listen to PosnerPosner’s view

Not a fundamental rightPre-modern people didn’t need it; modern

people don't care if they benefitOnly criminals care because they are

doing something bad

7

Posner’s arguments Judge Posner’s argument at its core is privacy as

“concealment.” However, Premodern peoples (living in small villages or tribal

cultures) had no real ability to conceal anything about themselves, therefore no privacy. It is perfectly natural for people to live with little or no privacy.

Contemporary people are willing to give up their private information, and become transparent, in return for very small financial incentives or improvements in convenience. This proves that we do not need value individual privacy.

Concealment is mot useful to criminals, and least useful to honest people. Therefore privacy is mostly a social harm that reduces safety, not a social good.

8

“The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”

9

The Fourth Amendment

So What is “Information Privacy”?

The rights and responsibilities that govern the ACQUISITION, DISCLOSURE, and USE OF PERSONAL INFORMATION.Acquisition - from the individual, third party, legally

or illegally, with or without the individual’s awareness. Dataveillance (Roger Clarke): surveillance, data

monitoring and data recording techniques by use of computer technologies.

Disclosure - to other people or entitiesUse - storing, manipulating or evaluating personal

information

10

Kinds of Information Privacy

Different aspects: Information privacy: collection, use and disclosure of

personally identifiable information (PII).Communications privacy: private information should

be safely delivered to the intended party.Privacy in public (and work) places: electronic

profiling (i.e., collecting a variety of in-depth information about an individual electronically)

Critical question: Is there Home/work distinction & public space/private

space distinction?

11

Describe Personal Information

Any type of information that is related to a person’s private life or concerns, recorded in any form.Can also be personally identifiable information

(PII), which can be used to uniquely identify, locate or contact a person.

Not just content - but also events (a transaction) that may implicate a person’s privacy.

12

Privacy-implicating Activities: An Incomplete List Health and Medical

Records

Financial transactions of all types - tax, banking, etc.

Subscriber Information -Telephones, Cable TV, Video Rentals, etc.

Communications of all kinds - Telephone Calls, emails, etc.

Credit History

Purchasing History – Direct, Phone, Internet

Records Student InsuranceEmployment Records“Judicial History” -

Driving record, civil and criminal cases, etc.

Internet Activities

13

Reasonable Expectation of Privacy

Over the years, court rulings has set the precedent that the key to understanding privacy issues is reasonable “Expectation of Privacy.”

These are the general criteria:General legal principles: no privacy if behaviors or

communications are knowingly exposed to public view.

Vantage point: a point where anyone can see or hear what is going on.

Certain buildings or pieces of land: so most public places come with no expectation of privacy (some exceptions are public phone booths and restrooms).

Technological sophistication: laws are constantly updated to adapt to new technological innovations.

14

Informed Consent

A process in which an individual agrees to participate after being given detailed information about the benefits and potential risks of his or her action.

The person must be advised about: Nature of information collectedWhy and how it is going to be usedRisksFreedom to withdraw

15

Opt-in vs. Opt-out

Opt-in:Potential customer to self-select the information

(services) they wish to subscribe to, and how the information can be used.

Opt-out: Information can be sent to customers without

prior permission. But customers must be provided with the option to ask to be removed from the list.

16

Some Important Federal Privacy Laws 2004: Fair Education Rights and Privacy Act

2001: USA Patriot Act (USAPA) [reauthorized in 2006 with amendments] Authorizes Feds to subpoena records from providers.

2000: Children’s Online Privacy Protection Act 1998: Children’s Online Privacy Protection Act

1998: Telephone Anti-Spamming Amendments Act

1994: Communications Assistance for Law Enforcement (CALEA)

1974: Privacy Act

17

Privacy Act of 1974 “No AGENCY shall disclose any record which is contained in a system

of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains....” Data records should be “relevant and necessary” to the purpose for

which they are collected Establish procedures to allow individuals to see, copy and amend

records about themselves Requires publishing notices describing all systems of records (no

secret records) Agency is required to make reasonable efforts to maintain

accurate, relevant, timely and complete records about individuals Information collected for one purpose MAY NOT be used for another

purpose without notice to or the consent of the subject of record

18

USA Patriot Act 2001

Four principal categories: Provides feds. and Intel. agencies greater authority

to monitor communications. Gives Sec. of Treasury greater powers to regulate

banks, preventing money laundering. Makes it more difficult for terrorists to enter USA. Defines new crimes and penalties for terrorist

activity.Does this by: Extends jurisdiction of court-ordered “wiretaps” to

entire country. Allows for roving surveillance/dataveillance. Law enforcement do not need a warranty to

intercept communications if they have permission from owner of computer systems (e.g. ISP).

19