Privacy & Security Online

Ivy, Kris & Neil• Privacy Threat - Ivy• Is Big Brother Watching You? - Kris• Identity Theft - Kris• Medical Privacy - Neil• Children’s Privacy - Neil

Privacy Threat - Ivy

1.  Cookies----- is a piece of information that an Internet sent to user’s browser when he access the information on that web site.

Each time when user use his computer to access web site, the information will be sent bank to server by browser. ( E.g, the user buying habit, what the user interest in)

2.   HTTP (Hyper Text transfer protocol) ----- is the set of rules that websites and browsers follow in order to communicate.

What page the user want to look at The last web page you look at Email address ( if included in request)

Privacy Threat – Ivy

3. Browsers Security bugs in browsers

 4. Public sector (information sometime is publicly available)  Government data collection (E.g, Telephone Directory) School register Hospital --- medical information

5. Downloading ( Spyware )  Freeware & shareware Music & films

6.  Search engines Search people’s name on Internet

Privacy Threat – Ivy7. E-mail E-mail address set might reveal information ( E.g, A@B.C.D

A is name or handle, B usually is your Internet Service Provider(ISP) or the organization you work for, C and D are domain that may refer to your area of work or activity. tzhou@csd.abdn.ac.uk)

8.   Email and cryptography Intercept e-mail

9.   Spam Purchase online, publish e-mail address on website or

subscribed to a news service---- may get spam Spam will compromise and slow down the whole network Anti-spam movement---- Spam filters to filter out and delete spam Now illegal in Australia---- It is illegal to send, or cause to be

sent, 'unsolicited commercial electronic messages'

Privacy Threat - Ivy

10. Electronic commerce

Credit card use online---- hackers may steal lists of Credit Card numbers from ISPs and commercial web sites.

Personal information---- might be sold to third party or direct marketers

Easy to get Spam

Buying habit and interest information would be collected

11. Internet relay chat---- similar to telephone party lines

Chatting with unknown people ---- involuntary reveal personal information to strangers or criminals

To meet people from chat rooms ---- personal safety may be at risk

Medical Privacy - Neil

• Patient databases– 25% use electronic records

• Too many eyes – 150 per hospital stay– Sale of personal information– Privacy compromised if you know hospital staff

• Doctors unwilling to take up eRecords– Security and Privacy concern– Reliability– Lack of protocol

Medical Privacy - Neil

Central patient database proposal – NHS wide database for customer records• Internet Issues

– Network Security– Downtime

• Attacks can disable system – needs to be 24 hours• Leads to necessity for backup

– Security issues with respect to backup

• Potential Attacks– Data Mine on personal records– Change patient details– Lie about identity – retrieve personal data

Children’s Online Privacy - Neil

Children are naïve, children are innocent, Internet provides potential abusers a grooming ground.

Legislation over use of child’s personal information:

• COPPA in the US– Amazon accused– Xanga.com fined $1 million

• CEOP over here

Children’s Online Privacy - Neil

Online Identity

• Adult Check for adults, Why no Age Check for children?– All Internet users would need an ID– Big Brother?

Responsibility?

• Parents!– Watch them online– Read posts?

• Privacy issue here too!

Need to educate children about risks

Need to force safe behaviour on the child

Summary

Privacy Threat• Run time threats• Threats on own computer

Medical• Security improvements• Trust

Children• Attacks• Innocence Factor• Legislation