Your User's Privacy

Your Users’ Privacy . How Web 2.0 application providers and developers can enhance their users’ privacy Stefan Weiss Web 2.0 Expo Berlin November 8, 2007

What are we talking about? • Personal data • Information privacy • Harmful, privacy-invasive activities • Its importance for Web 2.0 applications • Your responsibilities • What to do? 4 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

The EU (Art. 20 Working Party) has recently released an opinion on what they consider to be personal data Personal data shall mean any information relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.1 1 Opinion 4/2007, WP 136, Article 29 Data Protection Working Party, adopted June 20, 2007. 5 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

That’s a broad definition and includes a lot of data that you are processing with your applications EXAMPLES: • Name, Gender, Date of birth • Home address, Personal telephone number or Email • Government identifiers (ex. social security number, ID numbers) PERSONAL • Biometric identifier • Photograph or video identifiable to an individual • Behavioural information (e.g., in a CRM system) • Medical records, Health plan beneficiary information HEALTH • Physical or mental health information • Provided health services or any information collected during the health service • Account numbers (bank accounts, credit cards, etc.) FINANCIAL • Financial history • Salary information • Racial or ethnic origin • Religious or philosophical beliefs • Trade-union membership SENSITIVE • Sexual orientation • Offences, criminal convictions or security measures • Combinations of certain information (e.g., name and SSN) 6 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

With 2.0 applications, add personal data that is indirectly used in a different context such as: EXAMPLES: • Name, Gender, Date of birth • Home address, Personal telephone number or Email • Government identifiers (ex. social security number, ID numbers) PERSONAL • Biometric identifier • Photograph or video identifiable to an individual • Behavioural Group and personal affiliations • information (e.g., in a CRM system) • User behaviour • Medical records, Health plan beneficiary information HEALTH • Surfing patterns • Physical or mental health information • Provided health services or any information or feelings the health service • Comments, opinions collected during • Likes and dislikes • Account numbers (bank accounts, credit cards, etc.) • Graphical material (photos, videos) FINANCIAL • Financial history • Salary information and functions • Roles • • etc. Racial or ethnic origin • Religious or philosophical beliefs • Trade-union membership SENSITIVE • Sexual orientation • Offences, criminal convictions or security measures • Combinations of certain information (e.g., name and SSN) 7 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Information privacy should determine when, how, and to what extent this personal data is processed. Information Privacy is defined as “being the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others.2 2 Alan Westin, Privacy and Freedom, 1967. 8 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Harmful and privacy-invasive activities on the Web are continuously increasing Examples for privacy invasive activities Lost Data Adware/Spyware Distortion Misuse Appropriation Unwanted Exposure Phishing Blackmail Fraud Sexual Solicitation Breach of Confidentiality Identity Theft Spam Cyber Crime Inaccuracy Unsolicited Marketing Data Integrity Intrusion Third Party Sharing Discrimination Loss of Control etc.2 2 Also see ENISA Position Paper No. 1 – Security Issues and Recommendations for Online Social Networks, October 2007. 10 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Do you know Freddie Staur4? • Sophos Facebook ID probe shows 41% of users happy to reveal all to potential identity thieves • Research highlights dangers of irresponsible behavior on social networking sites 4 www.sophos.com/facebook, Survey among 200 randomly chosen Facebook users, August 2007. 13 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Privacy 2.0 needs to address new challenges that go way beyond simple data protection measures New rules New Privacy Challenges on the Web 2.02 Openness Openness contradicts protection schemes Peering Peer-produced personal data Sharing Difficult to set data ownership Acting globally Myriad of rules and regulations to adhere to 2 Don Tapscott, “Wikinomics – How Mass Collaboration Changes Everything”, December 2006. 14 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Privacy 1.0 focused more on access authorization and protecting data • Data security • Information hiding • Access control • And maybe limiting the collection of data 15 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

But simple data protection measures do not work for lots of Web 2.0 applications Contradictions 1.0 2.0 Limit data collection Data is everywhere Disguise identity Visible identity Only authorized access Everyone can see 16 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Example: New group dynamics in social networking applications create more complex data structures Source: Forrester Research “Social Computing Upends Past Knowledge Management Archetypes” Report, March 8, 2007 17 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Challenge: Manage the Privacy 2.0 Bermuda Triangle Data is everywhere User’s Privacy High value of Vulnerable personal data technology 19 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

What are your responsibilities? • Meeting user expectations • Complying with laws and regulations • Protecting your company’s assets, brand and image • Communicating your data handling practices openly 20 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Allow the user to participate (!) and address all privacy principles (not only data protection) •Have the user control his data Self-Control •Provide choices (privacy settings) •Context-driven Rules for Usage •Assign purpose to data •Assure data provenance is known •Set privacy policies, code of conduct •Provide notices and “alarms” Accountability •Full transparency over what you do •Control third-party sharing 21 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

At a minimum, your users expect from you as a provider that • their personal data is processed fairly and only for the “specified” purpose • you comply with laws and regulations 22 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Compliance goes beyond local data protection laws Laws and Regulations (Regional, National/Federal, State) Contracts, Service Agreements Privacy Professional/Industry Standards Requirements Brand/Competitive Requirements Corporate Policies, Codes of Conduct 23 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

How to handle and steer the ship through different waters: Regional, federal or state data protection legislation (BDSG, EU Directive, PIPEDA etc.) How to signal and communicate: Email, Fax, Telecommunications (E-Privacy Directive, TCPA, TSR, etc.) How to deal with pirates: Anti-fraud, Unfair practices (UDTP, CAN-SPAM, JFPA etc.) Protecting very vulnerable gems: Personal data from children (COPPA) How to protect the most valuable treasures: Financial data, credit data, health data (GLBA, FCRA, FACTA, HIPPA, etc.) 25 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

You need to set up your individual compliance strategy – what applies to you? s w la Special privacy and e al tiv n data protection tio c 86 A re PP na 13 Di regulations that may go 20% CO SB EU EU beyond the „norm“. Privacy and data protection legislation that are similar in 80% various jurisdictions 26 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Adhering to the following set of internationally applicable Privacy Principles should be your strategy • Consent and Choice • Accountability • Purpose Specification • Collection Limitation • Use, Retention and Disclosure Limitation • Data Minimization • Accuracy and Quality • Openness, Transparency and Notice • Individual Participation and Access • Security Safeguards • Compliance 27 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Using the following data life cycle reference framework focuses your efforts to key data processes • Which privacy requirements do you have to think about in each data processing life cycle? 2 1 Usage Collection Disposal 3 Storage 4 Transfer 5 28 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

How to communicate to your users? Source: Mary Rundle, International Data Protection and Digital Identity Management Tools, mrundle[at]cyber.law.harvard.edu, 2006. 32 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Communicating your Privacy Policy Using P3P3 • Basic elements of a Website privacy policy – Surrounding tags – Entity information – Access information – Dispute/Remedies information – Statements regarding the data practices – Information types within categories tag (see Appendix 1) • Cookies Handling Practices (Appendix 4) • Example for user tool: ‘Privacy Bird’ (www.privacybird.org) • Tagging Data in P3P (see Appendices 1-3) 3 Helena and Stefan Lindskog, “Web Site Privacy with P3P”, Wiley Publishing, Inc., 2003. 33 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

And what if you don’t? Think of • Compliance with laws and regulations • Corporate Liability • Image, Brand Reputation • Your users’ expectations • Trust 34 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

“History will record what we, here in the early decades of the information age, did to foster freedom, liberty and democracy.quot; -- Bruce Schneier, July 15, 2007 35 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Contact Details Stefan Weiss Franklinstrasse 50 Stefan Weiss Gräfstraße 78 60486 Frankfurt am Main 60054 Frankfurt am Main Senior Manager PhD Student Tel.: + 49 69 75695 6355 Tel.: + 49 69 798 25301 Security & Privacy Services T-Mobile Chair of Fax: + 49 69 75695 6719 Fax: + 49 69 798 25306 M-Commerce and Mobile + 49 172 3590 674 Mobile + 49 172 3590 674 Multilateral Security stefanweiss@deloitte.de stefan.weiss@m-lehrstuhl.de www.deloitte.com/de/security www.m-lehrstuhl.de 36 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Deloitte refers to one or more of Deloitte Touche Tohmatsu, a Swiss Verein, its member firms, and their respective subsidiaries and affiliates. As a Swiss Verein (association), neither Deloitte Touche Tohmatsu nor any of its member firms has any liability for each other's acts or omissions. Each of the member firms is a separate and independent legal entity operating under the names quot;Deloittequot;, quot;Deloitte & Touchequot;, quot;Deloitte Touche Tohmatsuquot;, or other related names. Services are provided by the member firms or their subsidiaries or affiliates Member of and not by the Deloitte Touche Tohmatsu Verein. Copyright ©2007 by Deloitte Touche Tohmatsu. All rights reserved. Deloitte Touche Tohmatsu

Appendix 1 Possible Elements within the Categories Tag <physical/> <state/> <online/> <political/> <uniqueid/> <health/> <purchase/> <preference/> <financial/> <location/> <computer/> <government/> <navigation/> <interactive/> <other-category> <demographic/> string <content/> </other-category> 38 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Appendix 2 Possible Elements within the Purpose Tag <current/> <admin/> <develop/> <tailoring/> <pseudo-analysis/> <pseudo-decision/> <individual-analysis/> <individual-decision/> <contact/> <historical/> <telemarketing/> 39 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Appendix 3 Possible Elements within the Recipient Tag <ours/> <delivery/> <same/> <other-recipient/> <unrelated/> <public/> 40 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Appendix 4 A Privacy Recipe for Cookies • Include statements on cookies in your privacy policy • Remember to enhance user privacy also by managing the data used for cookies • Do not store any data in a cookie (only on a server) • Add the following tokens to the policy statements on cookies practices for: – Access, Remedies, Purpose, Recipient, Retention, Categories • The use of cookies within European countries will be allowed only if the user is provided with clear and comprehensive information about the purpose of the cookies and is offered the right to refuse cookies – thus, the need for policy statements is clear! 41 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Call for Participation Research Study on Concerns for Information Privacy in Social Networking (Web 2.0) Applications Inviting Privacy, Security, and Web 2.0 Experts Stefan Weiss Johann Wolfgang Goethe University Frankfurt am Main November 8, 2007 42 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Research Goals and Research Methods Research Goals • Conduct expert surveys to understand and focus in on most important requirements for a privacy-enhanced Web experience • Develop privacy-enhanced method/concept for Social Networking (Web 2.0) Applications Research Method: Series of 2-3 expert surveys (Delphi) • Get understanding of main concerns, requirements and existing material • Applying applicable expert knowledge to technical use case „Social Networking Applications“ • Evaluating and justifying the privacy-enhanced method to be developed 43 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

Your Participation Requirements for Participation • Have good expertise on either one or all of these areas: privacy, security or web 2.0 applications • Maximum of 3 x 40 minutes of your time over the course of 6 months Notes • Research is university research and will be made public through the published PhD thesis • Your personal information is not used for any other purpose than contacting you throughout the research project Please speak to me or write me an Email if you like to participate: stefan.weiss@m-lehrstuhl.de +49 172 3590674 44 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft

http://www.blog.stefanweiss.net	7
http://blog.stefanweiss.net	3
http://lw.l3s.uni-hannover.de	2
http://www.slideshare.net	1

Your User's Privacy

by adunne on Nov 05, 2007

Accessibility

Categories

Tags

Upload Details

Usage Rights

4 Embeds 13

Statistics

Your User’s Privacy — Presentation Transcript