why do you know so much about me
DESCRIPTION
This is the 9th lecture of my Interactive Global & Regional Marketing course. This lecture covers privacy in the digital age.TRANSCRIPT
WhyDoYouKnowSoMuchAboutMe?
PrivacyintheDigitalAge
NottalkingaboutsurveillanceNottalkingaboutthegovernment
Butrather
Thevoluntarydisclosureofpersonalinformationtoprivateinstitutions
Wesayonething.Iwantmyprivacy.
Wedosomethingelse.Here’smydata.Takewhatyouwant.
(justgivememystuff)
43%ofonlineusersclaimthattheyarelikelytoreadtheprivacypolicyofawebsitebeforebuyinganything
WhatPrivacyStatementsSay
26%actuallyconsultedtheprivacypolicy
Evenmoreodd,therewasnodifferencebetweenprivacyfundamentalists,pragmatists,ortheunconcerned
71%wanttocontrolwhocanaccesstheirpersonalinformation
75%havesupplied
• Firstname• Lastname• E‐mail• Streetaddress
50%havesupplied
• Phonenumber• Birthday• Creditcardinformation
“Youhavezeroprivacy.Getoverit”
ScottMcNealyFormerCEOSunMicrosystems
“Ifyouhavesomethingyoudon’tanyonetoknow,maybeyoushouldn’tbedoingitinthefirstplace.”
EricSchmidtFormerGoogleCEO
“Peoplehavegottenmorecomfortablenotonlysharingmoreinformation,butmoreopenlyandwithmorepeople.”
MarkZukerbergFacebookCEO
Whatdoyouthinkprivacyis?
Privacyis….? Secrecy,Concealment,Seclusion,Solitude,Confidentiality,Anonymity
PrejudicialInformation PersonallyIdentifiableInformation(PII) Whateveryouwantittobe
Privacyistheclaimofindividuals,groups,orinstitutionstodetermineforthemselveswhen,how,andtowhatextentinformationaboutthemiscommunicatedtoothers.
Viewedintermsoftherelationoftheindividualtosocialparticipation,privacyisthevoluntaryandtemporarywithdrawalofapersonfromageneralsocietyintoaconditionofanonymityorreserve.
Privacyistheabilityofanindividualorgrouptosecludethemselvesorinformationaboutthemselvesandtherebyrevealthemselvesselectively.
PrivacyinColonialAmerica Findanopenfieldtotalk Sneakoffintothewoods Noprivacyindoors Churchesencouragedneighborstosnooponeachother
Privacyinthe1800s Long‐distancecommunicationbytelegraph Letters Concernaboutinvasivepress Snoopingdiscouraged Gossip,WordofMouth
Privacyfrom1900‐1965 Firstbuggingdevice Searchofelectronicconversationsconstitutional Telephonecommunicationsoverwires ColdWarpromptsgovernmenttoincreasesurveillanceofcivilianswithouttheirknowledge
Privacyfrom1965‐1990 WatergateScandal Personalcomputers Public‐keyencryptioninvented Internetemerged Sensationalistjournalism
Privacyfrom1990‐2001 Noprivacyforpublicfigures Wirelesscommunication Cameras Satellites Confusionoverwhoownscontentoncomputernetworks
PrivacyAfterSeptember11th Privatecustomerinformationdivulgedtofederalauthoritieshuntingforterroristsorcriminals
Airportsearches PollsintheUSindicatedthatpeoplethinkthatthe1stamendmentoftheUSConstitutionmightgotoofar
TotalInformationAwareness Post9/11projectto:
[Create]enormouscomputerdatabasestogatherandstorethepersonalinformationintheUnitedStates,includingpersonalemails,socialnetworkanalysis,creditcardrecords,phonecalls,medicalrecords,andnumerousothersources,withoutanyrequirementforasearchwarrant.Additionally,theprogramincludedfundingforabiometricsurveillancetechnologiesthatcouldidentifyandtrackindividualsusingsurveillancecamerasandothermethods.
Television&Privacy 1992broughtthelaunchofRealityTelevisionwhereeveryone’slivesbecamepublicconsumption
Thisbroughtaboutshowsaboutpeople: Livingtogetherinhomesandislands Familiesstrugglingwithpersonalissues Celebritiesprivateissuesmadepublic Peopleshowingofftheirstupiditytowinmoneyandfame
Inshort,RealityTVtooktheprivacydiscussiontoanewlevel
PrivacyToday YouTubehasendedallformsofpersonalprivacy Bloggershavemadetheirpersonal(andtheirfriends/acquaintances)livestopicsofdiscussionoftheentireworld
Andthencamesocialnetworks…. Wearecomfortablesharingourlivesandthoughtsinstantlywiththousandsofpeople–closefriendsandstrangersalike
WaysTechnologyThreatensPrivacy Phishing Malware&Spyware SocialNetworkingsites Photo&VideoSharing WebHistory TargetedAdvertising&Cookies
CloudComputing ElectronicMedicalData PublicWi‐Fi RetailLoyaltyCards WorkplaceComputers CellPhones
WhyPrivacyHasChanged? Curiosity Convenience TheInternetandEvolvingTechnology SocialTrends Desiretorelate&sharewithothers Identity Fame Posterity
Theprimarybusinessmodeloftoday’smostsuccessfulcorporationisthemonetizationinthemasscollection,correlation&analysisofindividualprivatedata
PrivateInfoMonetized Acxiom–750billionpiecesofinformationor1,500factson½billionpeople Correlate“consumer”infofromsignups,surveys,magazine
subscriptions USD1.38billionturnoverforFY2008
Colligent–Actionableconsumerresearchderivedfromsocialnetworks
Rapleaf–450millionsocialnetworkprofiles Submitrequestandaggregatedsocialnetworkprofilesreturned
withinaday Phorm
Uses“behavioralkeywords”–keywordsderivedfromacombinationofsearchterms,URLsandevencontextualpageanalysisovertime–tofindtherightusers
HowItAffectsUs?
White’sTaxonomyofOnlinePrivacyInvasion
Web
Request
CrossSiteTracking
RichBrowserEnvironments
ApplicationData
Aggregation,Correlation&Meta‐Data
Taxonomy–WebRequest Asinglewebrequest
Animageonawebsite
Onewebpageismadeupofmultiplerequests
WhatTheyCanFindOut Location(Latitude,Longitude,
City,Country) Language OperatingSystem&Browser Whatsiteyoucamefrom ISP Haveyoubeenherebefore?
Web
Request
Taxonomy–CrossSiteTracking Usingcookiestotrackacrosscomputersandaffiliatedsites
Cookieisstoredonyourcomputerandsentwitheveryrequest
Cookiesusuallyassociatedwithlogindetails
WhatTheyCanFindOut Whoyouare Whatsitesyouvisit Behavioralprofiles
CrossSiteTracking
Taxonomy–RichBrowserEnvironments RichWeb2.0Technologies
JavaScript/AJAX Flash/Silverlight
WhatTheyCanFindOut Browserhistory Clipboarddata Keypresses Visualstimulus Browserplugins Desktopdisplaypreferences
RichBrowserEnvironments
Taxonomy–ApplicationData RichInformationInputs Structured&UnstructuredData Searchrequests E‐mails Calendaritems InstantMessage
Communications
WhatTheyCanFindOut Whoyouare Whoyourfriendsare Whatyou’redoingonSunday YourInterests
ApplicationData
Taxonomy–Aggregation,Correlation&MetaData Combiningthepreviouslevels
Meta‐Data–Includeinteractionswithapplications
Aggregation–combiningtheinformationfromvarioussources
Correlation–normalizingentitiesacrosssources
Providesinformationyoumaynotbeawareof
Whattheycanfindout Socialnetworks Behavioralprofiles Psychologicalprofiles Deepdatabases
Aggregation,
Correlation&
Meta‐Data
HowDoesInformationGetRevealed?
ByISPs ISPsalwaysknowyourIPaddressandtheIPaddresstowhichyouarecommunicating
ISPsarecapableofobservingunencrypteddatapassingbetweenyouandtheInternetbutnotproperly‐encrypteddata
Theyareusuallypreventedtodosoduetosocialpressureandlaw
ByE‐Mail Maybeinappropriatelyspreadbytheoriginalreceiver Maybeintercepted Maybelegallyviewedordisclosedbyserviceprovidersorauthorities
ByDiscussionGroups Thereisnobarrierforunsolicitedmessagesoremailswithinamailinglistoronlinediscussiongroup
Anymemberofthelistorgroupcouldcollectanddistributeyouremailaddressandinformationyoupost
ByInternetBrowsers Mostwebbrowserscansavesomeformsofpersonaldata,suchasbrowsinghistory,cookies,webformentriesandpassword
Youmayaccidentallyrevealsuchinformationwhenusingabrowseronapubliccomputerorsomeoneelse's
BySearchEngines SearchengineshaveandusetheabilitytotrackeachoneofyoursearchesbyIPaddress,searchtermsandtimeofday
HowDoWeKnow‐AOL Aug7,06‐AOLapologizedforreleasingsearchlogdataonsubscribersthathadbeenintendedforusewiththecompany'snewlylaunchedresearchsite.
Almosttwoweeksbeforethat,AOLhadquietlyreleasedroughlytwentymillionsearchrecordfrom658,000usersontheirnewAOLResearchsite.
Thedataincludesanumberassignedtotheanonymoususer,thesearchterm,thedateandtimeofthesearch,andthewebsite(s)visitedasaresultofthesearch.
NYTimeswasabletoidentifyseveralusersbycross‐referencingwithphonebooks/publicrecords
HowDoWeKnow–DepartmentofJustice Jan06,theUSDeptofJusticeissuedasubpoenaaskingpopularsearchenginestoprovidea"randomsampling"of1millionIPaddressesthatusedthesearchengine,andarandomsamplingof1millionsearchqueriessubmittedoveraone‐weekperiod.
Thegovernmentwantedtheinformationtodefendachildpornographylaw.
Microsoft,YahooandAOLcompliedwiththerequest,whileGooglefoughtthesubpoena.
HowDoWeKnow‐Google Googlecollectsmassiveamountsofuserdata Gmailhasamachinereadingemailtoimprovetherelevanceofadvertisementsdisplayed
GoogleStreetView‐public/privateproperty&peoplecapturedinimages
Searchhistoriesarekeptfortwoyearsandidentifiedviaacookie
ByIndirectMarketing Webbugs‐agraphic(inawebsiteoragraphicenabledemail)thatcanconfirmwhenthemessageorwebpageisviewedandrecordtheIPaddressoftheviewer
Thirdpartycookies‐awebpagemaycontainimagesorothercomponentsstoredonserversinotherdomains.Cookiesthataresetduringretrievalofthesecomponentsarecalledthird‐partycookies.
WhatAreCookies? Cookiesaredatapacketssentbyaservertoawebclientandthensentbackunchangedbytheclienteachtimeitaccessesthatserver
Cookiesareusedforauthenticating,sessiontrackingandmaintainingspecificinformationaboutusers,suchassitepreferencesorthecontentsoftheirelectronicshoppingcarts
Cookiesareonlydata,notprogramsorviruses Therearetwotypesofcookies‐persistentandnon‐persistent
WhyDon’tWeLikeCookies? Cookiescanbehijackedandmodifiedbyattackers Cookiescanbeusedtotrackbrowsingbehaviorsosomethinktheyaretagged
ByDirectMarketing Directmarketingisasalespitchtargetedtoapersonbasedonpreviousconsumerchoices.
Itiscommonthesedays Manycompaniesalsosellorshareyourinformationtoothers.Thissharingwithotherbusinessescanbedonerapidlyandcheaply
ByInstantMessaging YourIMconversationcanbesavedontoacomputerevenifonlyonepersonagrees
WorkplaceIMcanbemonitoredbyyouremployer SPIM‐SpamdistributedinIM
ByEmployers 76%ofemployersmonitoremployeeswebsiteconnections
65%usetechnologytoblockedconnectionstobannedwebsites
55%monitoremail
ByCybercrime Spywaretakesadvantageofsecurityholestoattackthebrowserandforceittobedownloadedandinstalledtogatherinformationwithoutyourknowledge
Phishingoccurswhencriminalslurethevictimintoprovidingfinancialdatatoanunsecurewebsite
Pharmingoccurswhencriminalsplantprogramsinthevictim'scomputerwhichredirectthevictimfromlegitimatewebsitestoscamlook‐alikesites
Facebook“Privacy”