WhyDoYouKnowSoMuchAboutMe?

PrivacyintheDigitalAge

NottalkingaboutsurveillanceNottalkingaboutthegovernment

Butrather

Thevoluntarydisclosureofpersonalinformationtoprivateinstitutions

Wesayonething.Iwantmyprivacy.

Wedosomethingelse.Here’smydata.Takewhatyouwant.

(justgivememystuff)

43%ofonlineusersclaimthattheyarelikelytoreadtheprivacypolicyofawebsitebeforebuyinganything

WhatPrivacyStatementsSay

26%actuallyconsultedtheprivacypolicy

Evenmoreodd,therewasnodifferencebetweenprivacyfundamentalists,pragmatists,ortheunconcerned

71%wanttocontrolwhocanaccesstheirpersonalinformation

75%havesupplied

• Firstname• Lastname• E‐mail• Streetaddress

50%havesupplied

• Phonenumber• Birthday• Creditcardinformation

“Youhavezeroprivacy.Getoverit”

ScottMcNealyFormerCEOSunMicrosystems

“Ifyouhavesomethingyoudon’tanyonetoknow,maybeyoushouldn’tbedoingitinthefirstplace.”

EricSchmidtFormerGoogleCEO

“Peoplehavegottenmorecomfortablenotonlysharingmoreinformation,butmoreopenlyandwithmorepeople.”

MarkZukerbergFacebookCEO

Whatdoyouthinkprivacyis?

Privacyis….?  Secrecy,Concealment,Seclusion,Solitude,Confidentiality,Anonymity

  PrejudicialInformation  PersonallyIdentifiableInformation(PII) Whateveryouwantittobe

Privacyistheclaimofindividuals,groups,orinstitutionstodetermineforthemselveswhen,how,andtowhatextentinformationaboutthemiscommunicatedtoothers.

Viewedintermsoftherelationoftheindividualtosocialparticipation,privacyisthevoluntaryandtemporarywithdrawalofapersonfromageneralsocietyintoaconditionofanonymityorreserve.

Privacyistheabilityofanindividualorgrouptosecludethemselvesorinformationaboutthemselvesandtherebyrevealthemselvesselectively.

PrivacyinColonialAmerica  Findanopenfieldtotalk  Sneakoffintothewoods  Noprivacyindoors  Churchesencouragedneighborstosnooponeachother

Privacyinthe1800s  Long‐distancecommunicationbytelegraph  Letters  Concernaboutinvasivepress  Snoopingdiscouraged  Gossip,WordofMouth

Privacyfrom1900‐1965  Firstbuggingdevice  Searchofelectronicconversationsconstitutional  Telephonecommunicationsoverwires  ColdWarpromptsgovernmenttoincreasesurveillanceofcivilianswithouttheirknowledge

Privacyfrom1965‐1990 WatergateScandal  Personalcomputers  Public‐keyencryptioninvented  Internetemerged  Sensationalistjournalism

Privacyfrom1990‐2001  Noprivacyforpublicfigures Wirelesscommunication  Cameras  Satellites  Confusionoverwhoownscontentoncomputernetworks

PrivacyAfterSeptember11th  Privatecustomerinformationdivulgedtofederalauthoritieshuntingforterroristsorcriminals

  Airportsearches  PollsintheUSindicatedthatpeoplethinkthatthe1stamendmentoftheUSConstitutionmightgotoofar

TotalInformationAwareness  Post9/11projectto:

  [Create]enormouscomputerdatabasestogatherandstorethepersonalinformationintheUnitedStates,includingpersonalemails,socialnetworkanalysis,creditcardrecords,phonecalls,medicalrecords,andnumerousothersources,withoutanyrequirementforasearchwarrant.Additionally,theprogramincludedfundingforabiometricsurveillancetechnologiesthatcouldidentifyandtrackindividualsusingsurveillancecamerasandothermethods.

Television&Privacy  1992broughtthelaunchofRealityTelevisionwhereeveryone’slivesbecamepublicconsumption

  Thisbroughtaboutshowsaboutpeople:  Livingtogetherinhomesandislands  Familiesstrugglingwithpersonalissues  Celebritiesprivateissuesmadepublic  Peopleshowingofftheirstupiditytowinmoneyandfame

  Inshort,RealityTVtooktheprivacydiscussiontoanewlevel

PrivacyToday  YouTubehasendedallformsofpersonalprivacy  Bloggershavemadetheirpersonal(andtheirfriends/acquaintances)livestopicsofdiscussionoftheentireworld

  Andthencamesocialnetworks…. Wearecomfortablesharingourlivesandthoughtsinstantlywiththousandsofpeople–closefriendsandstrangersalike

WaysTechnologyThreatensPrivacy  Phishing Malware&Spyware  SocialNetworkingsites  Photo&VideoSharing WebHistory  TargetedAdvertising&Cookies

  CloudComputing  ElectronicMedicalData  PublicWi‐Fi  RetailLoyaltyCards WorkplaceComputers  CellPhones

WhyPrivacyHasChanged?  Curiosity  Convenience  TheInternetandEvolvingTechnology  SocialTrends  Desiretorelate&sharewithothers  Identity  Fame  Posterity

Theprimarybusinessmodeloftoday’smostsuccessfulcorporationisthemonetizationinthemasscollection,correlation&analysisofindividualprivatedata

PrivateInfoMonetized  Acxiom–750billionpiecesofinformationor1,500factson½billionpeople  Correlate“consumer”infofromsignups,surveys,magazine

subscriptions  USD1.38billionturnoverforFY2008

  Colligent–Actionableconsumerresearchderivedfromsocialnetworks

  Rapleaf–450millionsocialnetworkprofiles  Submitrequestandaggregatedsocialnetworkprofilesreturned

withinaday  Phorm

  Uses“behavioralkeywords”–keywordsderivedfromacombinationofsearchterms,URLsandevencontextualpageanalysisovertime–tofindtherightusers

HowItAffectsUs?

White’sTaxonomyofOnlinePrivacyInvasion

Web

Request

CrossSiteTracking

RichBrowserEnvironments

ApplicationData

Aggregation,Correlation&Meta‐Data

Taxonomy–WebRequest  Asinglewebrequest

  Animageonawebsite

  Onewebpageismadeupofmultiplerequests

  WhatTheyCanFindOut  Location(Latitude,Longitude,

City,Country)  Language  OperatingSystem&Browser  Whatsiteyoucamefrom  ISP  Haveyoubeenherebefore?

Web

Request

Taxonomy–CrossSiteTracking  Usingcookiestotrackacrosscomputersandaffiliatedsites

  Cookieisstoredonyourcomputerandsentwitheveryrequest

  Cookiesusuallyassociatedwithlogindetails

 WhatTheyCanFindOut  Whoyouare  Whatsitesyouvisit  Behavioralprofiles

CrossSiteTracking

Taxonomy–RichBrowserEnvironments  RichWeb2.0Technologies

  JavaScript/AJAX  Flash/Silverlight

 WhatTheyCanFindOut  Browserhistory  Clipboarddata  Keypresses  Visualstimulus  Browserplugins  Desktopdisplaypreferences

RichBrowserEnvironments

Taxonomy–ApplicationData  RichInformationInputs  Structured&UnstructuredData  Searchrequests  E‐mails  Calendaritems  InstantMessage

Communications

  WhatTheyCanFindOut  Whoyouare  Whoyourfriendsare  Whatyou’redoingonSunday  YourInterests

ApplicationData

Taxonomy–Aggregation,Correlation&MetaData  Combiningthepreviouslevels

  Meta‐Data–Includeinteractionswithapplications

  Aggregation–combiningtheinformationfromvarioussources

  Correlation–normalizingentitiesacrosssources

  Providesinformationyoumaynotbeawareof

  Whattheycanfindout  Socialnetworks  Behavioralprofiles  Psychologicalprofiles  Deepdatabases

Aggregation,

Correlation&

Meta‐Data

HowDoesInformationGetRevealed?

ByISPs  ISPsalwaysknowyourIPaddressandtheIPaddresstowhichyouarecommunicating

  ISPsarecapableofobservingunencrypteddatapassingbetweenyouandtheInternetbutnotproperly‐encrypteddata

  Theyareusuallypreventedtodosoduetosocialpressureandlaw

ByE‐Mail Maybeinappropriatelyspreadbytheoriginalreceiver Maybeintercepted Maybelegallyviewedordisclosedbyserviceprovidersorauthorities

ByDiscussionGroups  Thereisnobarrierforunsolicitedmessagesoremailswithinamailinglistoronlinediscussiongroup

  Anymemberofthelistorgroupcouldcollectanddistributeyouremailaddressandinformationyoupost

ByInternetBrowsers Mostwebbrowserscansavesomeformsofpersonaldata,suchasbrowsinghistory,cookies,webformentriesandpassword

  Youmayaccidentallyrevealsuchinformationwhenusingabrowseronapubliccomputerorsomeoneelse's

BySearchEngines  SearchengineshaveandusetheabilitytotrackeachoneofyoursearchesbyIPaddress,searchtermsandtimeofday

HowDoWeKnow‐AOL  Aug7,06‐AOLapologizedforreleasingsearchlogdataonsubscribersthathadbeenintendedforusewiththecompany'snewlylaunchedresearchsite.

  Almosttwoweeksbeforethat,AOLhadquietlyreleasedroughlytwentymillionsearchrecordfrom658,000usersontheirnewAOLResearchsite.

  Thedataincludesanumberassignedtotheanonymoususer,thesearchterm,thedateandtimeofthesearch,andthewebsite(s)visitedasaresultofthesearch.

  NYTimeswasabletoidentifyseveralusersbycross‐referencingwithphonebooks/publicrecords

HowDoWeKnow–DepartmentofJustice  Jan06,theUSDeptofJusticeissuedasubpoenaaskingpopularsearchenginestoprovidea"randomsampling"of1millionIPaddressesthatusedthesearchengine,andarandomsamplingof1millionsearchqueriessubmittedoveraone‐weekperiod.

  Thegovernmentwantedtheinformationtodefendachildpornographylaw.

 Microsoft,YahooandAOLcompliedwiththerequest,whileGooglefoughtthesubpoena.

HowDoWeKnow‐Google  Googlecollectsmassiveamountsofuserdata  Gmailhasamachinereadingemailtoimprovetherelevanceofadvertisementsdisplayed

  GoogleStreetView‐public/privateproperty&peoplecapturedinimages

  Searchhistoriesarekeptfortwoyearsandidentifiedviaacookie

ByIndirectMarketing Webbugs‐agraphic(inawebsiteoragraphicenabledemail)thatcanconfirmwhenthemessageorwebpageisviewedandrecordtheIPaddressoftheviewer

  Thirdpartycookies‐awebpagemaycontainimagesorothercomponentsstoredonserversinotherdomains.Cookiesthataresetduringretrievalofthesecomponentsarecalledthird‐partycookies.

WhatAreCookies?  Cookiesaredatapacketssentbyaservertoawebclientandthensentbackunchangedbytheclienteachtimeitaccessesthatserver

  Cookiesareusedforauthenticating,sessiontrackingandmaintainingspecificinformationaboutusers,suchassitepreferencesorthecontentsoftheirelectronicshoppingcarts

  Cookiesareonlydata,notprogramsorviruses  Therearetwotypesofcookies‐persistentandnon‐persistent

WhyDon’tWeLikeCookies?  Cookiescanbehijackedandmodifiedbyattackers  Cookiescanbeusedtotrackbrowsingbehaviorsosomethinktheyaretagged

ByDirectMarketing  Directmarketingisasalespitchtargetedtoapersonbasedonpreviousconsumerchoices.

  Itiscommonthesedays Manycompaniesalsosellorshareyourinformationtoothers.Thissharingwithotherbusinessescanbedonerapidlyandcheaply

ByInstantMessaging  YourIMconversationcanbesavedontoacomputerevenifonlyonepersonagrees

 WorkplaceIMcanbemonitoredbyyouremployer  SPIM‐SpamdistributedinIM

ByEmployers  76%ofemployersmonitoremployeeswebsiteconnections

  65%usetechnologytoblockedconnectionstobannedwebsites

  55%monitoremail

ByCybercrime  Spywaretakesadvantageofsecurityholestoattackthebrowserandforceittobedownloadedandinstalledtogatherinformationwithoutyourknowledge

  Phishingoccurswhencriminalslurethevictimintoprovidingfinancialdatatoanunsecurewebsite

  Pharmingoccurswhencriminalsplantprogramsinthevictim'scomputerwhichredirectthevictimfromlegitimatewebsitestoscamlook‐alikesites

Facebook“Privacy”