• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Your User's Privacy
 

Your User's Privacy

on

  • 5,340 views

Speaker: Stefan Weiss

Speaker: Stefan Weiss

Statistics

Views

Total Views
5,340
Views on SlideShare
5,322
Embed Views
18

Actions

Likes
6
Downloads
454
Comments
0

5 Embeds 18

http://www.blog.stefanweiss.net 7
https://courses.smumn.edu 5
http://blog.stefanweiss.net 3
http://lw.l3s.uni-hannover.de 2
http://www.slideshare.net 1

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Your User's Privacy Your User's Privacy Presentation Transcript

    • Your Users’ Privacy . How Web 2.0 application providers and developers can enhance their users’ privacy Stefan Weiss Web 2.0 Expo Berlin November 8, 2007
    • Your users may control the Information Age but … 2 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • … are they controlling their own personal data too? 3 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • What are we talking about? • Personal data • Information privacy • Harmful, privacy-invasive activities • Its importance for Web 2.0 applications • Your responsibilities • What to do? 4 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • The EU (Art. 20 Working Party) has recently released an opinion on what they consider to be personal data Personal data shall mean any information relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.1 1 Opinion 4/2007, WP 136, Article 29 Data Protection Working Party, adopted June 20, 2007. 5 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • That’s a broad definition and includes a lot of data that you are processing with your applications EXAMPLES: • Name, Gender, Date of birth • Home address, Personal telephone number or Email • Government identifiers (ex. social security number, ID numbers) PERSONAL • Biometric identifier • Photograph or video identifiable to an individual • Behavioural information (e.g., in a CRM system) • Medical records, Health plan beneficiary information HEALTH • Physical or mental health information • Provided health services or any information collected during the health service • Account numbers (bank accounts, credit cards, etc.) FINANCIAL • Financial history • Salary information • Racial or ethnic origin • Religious or philosophical beliefs • Trade-union membership SENSITIVE • Sexual orientation • Offences, criminal convictions or security measures • Combinations of certain information (e.g., name and SSN) 6 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • With 2.0 applications, add personal data that is indirectly used in a different context such as: EXAMPLES: • Name, Gender, Date of birth • Home address, Personal telephone number or Email • Government identifiers (ex. social security number, ID numbers) PERSONAL • Biometric identifier • Photograph or video identifiable to an individual • Behavioural Group and personal affiliations • information (e.g., in a CRM system) • User behaviour • Medical records, Health plan beneficiary information HEALTH • Surfing patterns • Physical or mental health information • Provided health services or any information or feelings the health service • Comments, opinions collected during • Likes and dislikes • Account numbers (bank accounts, credit cards, etc.) • Graphical material (photos, videos) FINANCIAL • Financial history • Salary information and functions • Roles • • etc. Racial or ethnic origin • Religious or philosophical beliefs • Trade-union membership SENSITIVE • Sexual orientation • Offences, criminal convictions or security measures • Combinations of certain information (e.g., name and SSN) 7 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Information privacy should determine when, how, and to what extent this personal data is processed. Information Privacy is defined as “being the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others.2 2 Alan Westin, Privacy and Freedom, 1967. 8 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Privacy is not about getting your private space 9 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Harmful and privacy-invasive activities on the Web are continuously increasing Examples for privacy invasive activities Lost Data Adware/Spyware Distortion Misuse Appropriation Unwanted Exposure Phishing Blackmail Fraud Sexual Solicitation Breach of Confidentiality Identity Theft Spam Cyber Crime Inaccuracy Unsolicited Marketing Data Integrity Intrusion Third Party Sharing Discrimination Loss of Control etc.2 2 Also see ENISA Position Paper No. 1 – Security Issues and Recommendations for Online Social Networks, October 2007. 10 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • How come these guys didn’t think of that? 11 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • And how does that relate to the Web 2.0? 12 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Do you know Freddie Staur4? • Sophos Facebook ID probe shows 41% of users happy to reveal all to potential identity thieves • Research highlights dangers of irresponsible behavior on social networking sites 4 www.sophos.com/facebook, Survey among 200 randomly chosen Facebook users, August 2007. 13 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Privacy 2.0 needs to address new challenges that go way beyond simple data protection measures New rules New Privacy Challenges on the Web 2.02 Openness Openness contradicts protection schemes Peering Peer-produced personal data Sharing Difficult to set data ownership Acting globally Myriad of rules and regulations to adhere to 2 Don Tapscott, “Wikinomics – How Mass Collaboration Changes Everything”, December 2006. 14 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Privacy 1.0 focused more on access authorization and protecting data • Data security • Information hiding • Access control • And maybe limiting the collection of data 15 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • But simple data protection measures do not work for lots of Web 2.0 applications Contradictions 1.0 2.0 Limit data collection Data is everywhere Disguise identity Visible identity Only authorized access Everyone can see 16 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Example: New group dynamics in social networking applications create more complex data structures Source: Forrester Research “Social Computing Upends Past Knowledge Management Archetypes” Report, March 8, 2007 17 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Example: Attractive user data on social networking sites increase the expected risk of data abuse 18 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Challenge: Manage the Privacy 2.0 Bermuda Triangle Data is everywhere User’s Privacy High value of Vulnerable personal data technology 19 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • What are your responsibilities? • Meeting user expectations • Complying with laws and regulations • Protecting your company’s assets, brand and image • Communicating your data handling practices openly 20 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Allow the user to participate (!) and address all privacy principles (not only data protection) •Have the user control his data Self-Control •Provide choices (privacy settings) •Context-driven Rules for Usage •Assign purpose to data •Assure data provenance is known •Set privacy policies, code of conduct •Provide notices and “alarms” Accountability •Full transparency over what you do •Control third-party sharing 21 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • At a minimum, your users expect from you as a provider that • their personal data is processed fairly and only for the “specified” purpose • you comply with laws and regulations 22 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Compliance goes beyond local data protection laws Laws and Regulations (Regional, National/Federal, State) Contracts, Service Agreements Privacy Professional/Industry Standards Requirements Brand/Competitive Requirements Corporate Policies, Codes of Conduct 23 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • It is like steering a treasure chest full of personal data through the rough and open waters of Cyberspace … 24 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • How to handle and steer the ship through different waters: Regional, federal or state data protection legislation (BDSG, EU Directive, PIPEDA etc.) How to signal and communicate: Email, Fax, Telecommunications (E-Privacy Directive, TCPA, TSR, etc.) How to deal with pirates: Anti-fraud, Unfair practices (UDTP, CAN-SPAM, JFPA etc.) Protecting very vulnerable gems: Personal data from children (COPPA) How to protect the most valuable treasures: Financial data, credit data, health data (GLBA, FCRA, FACTA, HIPPA, etc.) 25 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • You need to set up your individual compliance strategy – what applies to you? s w la Special privacy and e al tiv n data protection tio c 86 A re PP na 13 Di regulations that may go 20% CO SB EU EU beyond the „norm“. Privacy and data protection legislation that are similar in 80% various jurisdictions 26 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Adhering to the following set of internationally applicable Privacy Principles should be your strategy • Consent and Choice • Accountability • Purpose Specification • Collection Limitation • Use, Retention and Disclosure Limitation • Data Minimization • Accuracy and Quality • Openness, Transparency and Notice • Individual Participation and Access • Security Safeguards • Compliance 27 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Using the following data life cycle reference framework focuses your efforts to key data processes • Which privacy requirements do you have to think about in each data processing life cycle? 2 1 Usage Collection Disposal 3 Storage 4 Transfer 5 28 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Implementing a Privacy Management Program Assess Design Privacy Program . Maintain Communicate 29 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • The challenge remains on how to communicate your privacy handling practices to your users! 30 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • How to communicate to your users? 31 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • How to communicate to your users? Source: Mary Rundle, International Data Protection and Digital Identity Management Tools, mrundle[at]cyber.law.harvard.edu, 2006. 32 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Communicating your Privacy Policy Using P3P3 • Basic elements of a Website privacy policy – Surrounding tags – Entity information – Access information – Dispute/Remedies information – Statements regarding the data practices – Information types within categories tag (see Appendix 1) • Cookies Handling Practices (Appendix 4) • Example for user tool: ‘Privacy Bird’ (www.privacybird.org) • Tagging Data in P3P (see Appendices 1-3) 3 Helena and Stefan Lindskog, “Web Site Privacy with P3P”, Wiley Publishing, Inc., 2003. 33 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • And what if you don’t? Think of • Compliance with laws and regulations • Corporate Liability • Image, Brand Reputation • Your users’ expectations • Trust 34 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • “History will record what we, here in the early decades of the information age, did to foster freedom, liberty and democracy.quot; -- Bruce Schneier, July 15, 2007 35 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Contact Details Stefan Weiss Franklinstrasse 50 Stefan Weiss Gräfstraße 78 60486 Frankfurt am Main 60054 Frankfurt am Main Senior Manager PhD Student Tel.: + 49 69 75695 6355 Tel.: + 49 69 798 25301 Security & Privacy Services T-Mobile Chair of Fax: + 49 69 75695 6719 Fax: + 49 69 798 25306 M-Commerce and Mobile + 49 172 3590 674 Mobile + 49 172 3590 674 Multilateral Security stefanweiss@deloitte.de stefan.weiss@m-lehrstuhl.de www.deloitte.com/de/security www.m-lehrstuhl.de 36 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Deloitte refers to one or more of Deloitte Touche Tohmatsu, a Swiss Verein, its member firms, and their respective subsidiaries and affiliates. As a Swiss Verein (association), neither Deloitte Touche Tohmatsu nor any of its member firms has any liability for each other's acts or omissions. Each of the member firms is a separate and independent legal entity operating under the names quot;Deloittequot;, quot;Deloitte & Touchequot;, quot;Deloitte Touche Tohmatsuquot;, or other related names. Services are provided by the member firms or their subsidiaries or affiliates Member of and not by the Deloitte Touche Tohmatsu Verein. Copyright ©2007 by Deloitte Touche Tohmatsu. All rights reserved. Deloitte Touche Tohmatsu
    • Appendix 1 Possible Elements within the Categories Tag <physical/> <state/> <online/> <political/> <uniqueid/> <health/> <purchase/> <preference/> <financial/> <location/> <computer/> <government/> <navigation/> <interactive/> <other-category> <demographic/> string <content/> </other-category> 38 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Appendix 2 Possible Elements within the Purpose Tag <current/> <admin/> <develop/> <tailoring/> <pseudo-analysis/> <pseudo-decision/> <individual-analysis/> <individual-decision/> <contact/> <historical/> <telemarketing/> 39 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Appendix 3 Possible Elements within the Recipient Tag <ours/> <delivery/> <same/> <other-recipient/> <unrelated/> <public/> 40 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Appendix 4 A Privacy Recipe for Cookies • Include statements on cookies in your privacy policy • Remember to enhance user privacy also by managing the data used for cookies • Do not store any data in a cookie (only on a server) • Add the following tokens to the policy statements on cookies practices for: – Access, Remedies, Purpose, Recipient, Retention, Categories • The use of cookies within European countries will be allowed only if the user is provided with clear and comprehensive information about the purpose of the cookies and is offered the right to refuse cookies – thus, the need for policy statements is clear! 41 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Call for Participation Research Study on Concerns for Information Privacy in Social Networking (Web 2.0) Applications Inviting Privacy, Security, and Web 2.0 Experts Stefan Weiss Johann Wolfgang Goethe University Frankfurt am Main November 8, 2007 42 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Research Goals and Research Methods Research Goals • Conduct expert surveys to understand and focus in on most important requirements for a privacy-enhanced Web experience • Develop privacy-enhanced method/concept for Social Networking (Web 2.0) Applications Research Method: Series of 2-3 expert surveys (Delphi) • Get understanding of main concerns, requirements and existing material • Applying applicable expert knowledge to technical use case „Social Networking Applications“ • Evaluating and justifying the privacy-enhanced method to be developed 43 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft
    • Your Participation Requirements for Participation • Have good expertise on either one or all of these areas: privacy, security or web 2.0 applications • Maximum of 3 x 40 minutes of your time over the course of 6 months Notes • Research is university research and will be made public through the published PhD thesis • Your personal information is not used for any other purpose than contacting you throughout the research project Please speak to me or write me an Email if you like to participate: stefan.weiss@m-lehrstuhl.de +49 172 3590674 44 Web 2.0 Expo Berlin 2007 ©2007 Deloitte & Touche GmbH Wirtschaftsprüfungsgesellschaft