“ The right to be let alone” – Supreme Court Justice Louis Brandeis, 1898
“ A free and democratic society requires respect for the autonomy of individuals, and limits on the power of both state and private organisations to intrude on that autonomy... Privacy is a key value which underpins human dignity and other key values such as freedom of association and freedom of speech” –Australian Privacy Charter
Personal data shall be processed fairly and lawfully
Personal data shall be obtained only for one or more specified and lawful purposes , and shall not be further processed in any manner incompatible with that purpose or those purposes.
Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
Personal data shall be accurate and, where necessary, kept up to date.
Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
Personal data shall be processed in accordance with the rights of data subjects under this Act.
Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
European Convention for the protection of human rights and fundamental freedoms
Reaffirming their profound belief in those fundamental freedoms which are the foundation of justice and peace in the world:
Everyone has the right to respect for his private and family life, his home and his correspondence.
Everyone has the right to freedom of peaceful assembly and to freedom of association with others
Everyone has the right to freedom of expression.
Need to address social impacts to ensure trust in new systems
Just like security, privacy is much easier to design in from the start than to lump on at the end
Privacy disasters (see RFIDs) are hard to recover from
“ How would you like it if, for instance, one day you realized your underwear was reporting on your whereabouts?”
California State Senator Debra Bowen , at a 2003 hearing
Buried in a list of 20 million Web searches collected by AOL and recently released on the Internet is user No. 4417749. The number was assigned by the company to protect the searcher's anonymity, but it was not much of a shield.
N o.4417749 conducted hundreds of searches over a three-month period on topics ranging from "numb fingers" to "60 single men" to "dog that urinates on everything”.
S earch by search, click by click, the identity of AOL user No.4417749 became easier to discern. There are queries for several people with the last name Arnold, for "landscapers in Lilburn," Georgia, and for "homes sold in shadow lake subdivision gwinnett county georgia”.
I t did not take much investigating to follow that data trail to Thelma Arnold, a 62-year-old widow who lives in Lilburn, frequently researches her friends' medical ailments and loves her three dogs. "Those are my searches," she said, after a reporter read part of the list to her over the phone