Online Privacy Technologies Dr. Lorrie Faith Cranor AT&T Labs-Research http://www.research.att.com/~lorrie/ NTIA Online Pr...
Why is Cathy concerned? Cathy March 1, 2000
How did Irving find this out?  <ul><li>He snooped her email </li></ul><ul><li>He looked at the files on her computer </li>...
What do browsers chatter about? <ul><li>Browsers chatter about </li></ul><ul><ul><li>IP address, domain name, organization...
A typical HTTP request <ul><li>GET /retail/searchresults.asp?qu= beer  HTTP/1.0 </li></ul><ul><li>Referer:  http://www.us....
What about cookies? <ul><li>Cookies can be useful </li></ul><ul><ul><li>used like a staple to attach multiple parts of a f...
YOU With cooperation from book store, ad  company can get  your name and  address from book order and link them to  your s...
Web bugs <ul><li>Invisible “images” embedded in web pages that cause cookies to be transferred </li></ul><ul><li>Work just...
Referer log problems <ul><li>GET methods result in values in URL </li></ul><ul><li>These URLs are sent in the REFERER head...
Low tech solutions <ul><li>Wander around cyber cafes </li></ul><ul><li>Use free e-mail service instead of ISP </li></ul><u...
Types of software tools <ul><li>Anonymity and pseudonymity tools </li></ul><ul><ul><li>Anonymizing proxies </li></ul></ul>...
Regulatory and self-regulatory framework Regulatory and self-regulatory framework Service User The Internet Secure channel...
Anonymizing proxy <ul><li>Acts as a proxy for users </li></ul><ul><li>Hides information from end servers </li></ul><ul><li...
http://www.anonymizer.com
Pseudonymity tools quote.com nytimes.com expedia.com mfjh asef dsfdf Proxy Automatically generate user names, passwords, e...
iPrivacy private shipping labels CUSTOMER PC Public Identity Private Identity John Doe iPrivacy ABCDEF 1 MAIN ST 1 dQg85xP...
 
Incogno SafeZone The merchant offers Incogno SafeZone from its site Upon checkout, the buyer enters personal information i...
Incogno SafeZone Incogno reinforces that the purchase is anonymous . The anonymous purchase is complete with no added soft...
Privada <ul><li>Multi-server design to shield real-world info </li></ul><ul><li>Info is compartmentalized & encrypted, the...
 
Mixes [Chaum81] Sender routes message randomly through network  of “Mixes”, using layered public-key encryption. Mix A Sen...
Freedom by Zero-Knowledge
Freedom nyms Create multiple psuedonyms Surf without a nym Select a nym and surf
Crowds <ul><li>Experimental system developed at AT&T Research </li></ul><ul><li>Users join a  Crowd   of other users </li>...
Crowds illustrated 1 2 6 3 5 4 3 5 1 6 2 4 Crowd members Web servers
Anonymous email <ul><li>Anonymous remailers allow people to send email anonymously </li></ul><ul><li>Similar to anonymous ...
Encryption tools <ul><li>File encryption </li></ul><ul><li>Email encryption </li></ul><ul><ul><li>Many email programs incl...
Disappearing, Inc.
Filters <ul><li>Cookie Cutters </li></ul><ul><ul><li>Block cookies, allow for more fine-grained cookie control, etc. </li>...
Identity management tools <ul><li>Services and tools that help people manage their online identities </li></ul><ul><ul><li...
Persona Consumer fills out Persona with personal information Consumer can decide how each field is shared with online busi...
PersonaValet <ul><li>A free toolbar  </li></ul><ul><li>Four views provide features that include Cookie Management, P3P rea...
PrivacyBank.Com PrivacyBank bookmark
Infomediary example: PrivacyBank PrivacyBank bookmark
Platform for Privacy Preferences (P3P) <ul><li>Offers an easy way for web sites to communicate about their privacy policie...
Using P3P on your Web site <ul><li>Formulate privacy policy </li></ul><ul><li>Translate privacy policy into P3P format </l...
The P3P vocabulary <ul><li>Who  is collecting data? </li></ul><ul><li>What data  is collected? </li></ul><ul><li>For  what...
Transparency <ul><li>P3P clients can check a privacy policy each time it changes </li></ul><ul><li>P3P clients can check p...
Microsoft/AT&T P3P browser helper object <ul><li>A prototype tool designed to work with Microsoft Internet Explorer Browse...
Preference settings
 
When preferences are changed to Disallow profiling, the privacy check warns us that this site profiles visitors
IDcide Privacy Companion <ul><li>A browser plug-in that adds functionality to Netscape or Internet Explorer browsers </li>...
Searching for  a P3P policy No P3P policy found P3P policy is NOT acceptable P3P policy is acceptable IDcide P3P Icons
Double clicking on the P3P icon indicates where the site’s policy differs from the user’s preferences
YOUpowered Orby Privacy Plus <ul><li>A tool bar that sits at the top of a user’s desktop and allows a user to </li></ul><u...
Trust Meter
Orby cookie prompt
Orby preference setting menu
IBM P3P Policy Editor <ul><li>Allows web sites to create privacy policies in P3P and human-readable format </li></ul><ul><...
Sites can  list the types of data they collect And view the  corresponding P3P policy
Templates allow  sites to start with a pre-defined policy and customize it to meet their needs
PrivacyBot.com Allows webmasters to fill out an online questionnaire to automatically create a human-readable privacy poli...
YOUpowered Consumer Trust Policy Manager Wizard
Other tools <ul><li>Privacy-friendly search engines </li></ul><ul><ul><li>TopClick </li></ul></ul><ul><li>Computer “cleane...
 
 
 
Tools work together <ul><li>P3P tools </li></ul><ul><ul><li>help users understand privacy policies  </li></ul></ul><ul><li...
Download these slides http://www.research.att.com/ ~lorrie/privacy/NTIA-0900.ppt
Upcoming SlideShare
Loading in...5
×

Ntia 0900

702

Published on

Published in: Technology, Design
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
702
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Prepared by Lorrie Cranor &lt;lorrie@research.att.com&gt;
  • Here is the window users use to configure their privacy preferences. Users cannot use this tool until they select a setting.
  • When users visit a site that uses P3P, they can click on the privacy icon in their browser to “privacy check” the site. This brings up a window that explains any areas where a site’s policy conflicts with a user’s preferences. Users can also use this window to jump directly to a site’s privacy policy, as well as see whether the site has a privacy seal. The top window shown here is the privacy check for the Texas Tech University Health Center. It includes a warning because this site does not provide any access to the data they collect. The bottom window is for Microsoft. In this case there are no warnings because the policy does not conflict with user’s preferences. Microsoft has a seal from TRUSTe.
  • After the user changes her preference settings, she sees a warning at the Microsoft site because the site may collect personally identifiable data for profiling.
  • Here are the symbols a user sees when they use the P3P-enabled Idcide Privacy Companion prototype.
  • Users can click on the P3P icon to find out where a site’s policy conflicts with their preferences.
  • Orby includes a Trust meter that analyzes a site’s P3P policy and evaluates it on a number of factors and computes a rating. Users can click on the Trust Meter to see the various factors that went into a particular rating.
  • Orby can also be configured to prompt users before accepting or receiving cookies. Users can enable and disable cookies on a site by site basis.
  • The Orby includes a drop-down menu from which users can select one of four privacy levels that are used to control when cookies are sent or users are prompted about cookies.
  • P3P policy generation is one of the services provided by PrivacyBot.com. PrivacyBot.com currently charges sites $30 to generate a human-readable policy and a P3P policy.
  • Ntia 0900

    1. 1. Online Privacy Technologies Dr. Lorrie Faith Cranor AT&T Labs-Research http://www.research.att.com/~lorrie/ NTIA Online Privacy Technologies Workshop
    2. 2. Why is Cathy concerned? Cathy March 1, 2000
    3. 3. How did Irving find this out? <ul><li>He snooped her email </li></ul><ul><li>He looked at the files on her computer </li></ul><ul><li>He observed the “chatter” sent by her browser </li></ul><ul><li>He set cookies through banner ads and “web bugs” that allowed him to track her activities across web sites </li></ul>
    4. 4. What do browsers chatter about? <ul><li>Browsers chatter about </li></ul><ul><ul><li>IP address, domain name, organization, </li></ul></ul><ul><ul><li>Referring page </li></ul></ul><ul><ul><li>Platform: O/S, browser </li></ul></ul><ul><ul><li>What information is requested </li></ul></ul><ul><ul><ul><li>URLs and search terms </li></ul></ul></ul><ul><ul><li>Cookies </li></ul></ul><ul><li>To anyone who might be listening </li></ul><ul><ul><li>End servers </li></ul></ul><ul><ul><li>System administrators </li></ul></ul><ul><ul><li>Internet Service Providers </li></ul></ul><ul><ul><li>Other third parties </li></ul></ul><ul><ul><ul><li>Advertising networks </li></ul></ul></ul><ul><ul><li>Anyone who might subpoena log files later </li></ul></ul>
    5. 5. A typical HTTP request <ul><li>GET /retail/searchresults.asp?qu= beer HTTP/1.0 </li></ul><ul><li>Referer: http://www.us.buy.com/default.asp </li></ul><ul><li>User-Agent: Mozilla/4.75 [en] (X11; U; NetBSD 1.5_ALPHA i386) </li></ul><ul><li>Host: www.us.buy.com </li></ul><ul><li>Accept: image/gif, image/jpeg, image/pjpeg, */* </li></ul><ul><li>Accept-Language: en </li></ul><ul><li>Cookie: buycountry=us ; dcLocName=Basket; dcCatID=6773; dcLocID=6773; dcAd=buybasket; loc=; parentLocName=Basket; parentLoc=6773; ShopperManager%2F=ShopperManager%2F=66FUQULL0QBT8MMTVSC5MMNKBJFWDVH7; Store=107; Category=0 </li></ul>
    6. 6. What about cookies? <ul><li>Cookies can be useful </li></ul><ul><ul><li>used like a staple to attach multiple parts of a form together </li></ul></ul><ul><ul><li>used to identify you when you return to a web site so you don’t have to remember a password </li></ul></ul><ul><ul><li>used to help web sites understand how people use them </li></ul></ul><ul><li>Cookies can be harmful </li></ul><ul><ul><li>used to profile users and track their activities without their knowledge , especially across web sites </li></ul></ul>
    7. 7. YOU With cooperation from book store, ad company can get your name and address from book order and link them to your search Search engine Ad Search for medical information Book Store Ad Buy book Read cookie Set cookie
    8. 8. Web bugs <ul><li>Invisible “images” embedded in web pages that cause cookies to be transferred </li></ul><ul><li>Work just like banner ads from ad networks, but you can’t see them unless you look at the code behind a web page </li></ul><ul><li>Also embedded in HTML formatted email messages </li></ul><ul><li>Can also use JavaScript to perform same function without cookies </li></ul><ul><li>For more info on web bugs see: http://www.privacyfoundation.org/education/ </li></ul>
    9. 9. Referer log problems <ul><li>GET methods result in values in URL </li></ul><ul><li>These URLs are sent in the REFERER header to next host </li></ul><ul><li>Example: </li></ul><ul><li>http://www.merchant.com/cgi_bin/order?name=Tom+Jones&address=here+there&credit+card=234876923234&PIN=1234& -> index.html </li></ul>
    10. 10. Low tech solutions <ul><li>Wander around cyber cafes </li></ul><ul><li>Use free e-mail service instead of ISP </li></ul><ul><li>Set up a pre-paid cash account with ISP </li></ul><ul><ul><li>give all phony information </li></ul></ul><ul><li>Obtain unusual domain name and get people you trust as name servers </li></ul><ul><li>Forge e-mail, spoof IP, etc. </li></ul><ul><li>. . . And don’t give out any personally-identifiable data! </li></ul>
    11. 11. Types of software tools <ul><li>Anonymity and pseudonymity tools </li></ul><ul><ul><li>Anonymizing proxies </li></ul></ul><ul><ul><li>Mix Networks and similar web anonymity tools </li></ul></ul><ul><ul><ul><li>Onion routing </li></ul></ul></ul><ul><ul><ul><li>Crowds </li></ul></ul></ul><ul><ul><ul><li>Freedom </li></ul></ul></ul><ul><ul><li>Anonymous email </li></ul></ul><ul><li>Encryption tools </li></ul><ul><ul><li>File encryption </li></ul></ul><ul><ul><li>Email encryption </li></ul></ul><ul><ul><li>Encrypted network connections </li></ul></ul><ul><li>Filters </li></ul><ul><ul><li>Cookie cutters </li></ul></ul><ul><ul><li>Child protection software </li></ul></ul><ul><li>Information and transparency tools </li></ul><ul><ul><li>Identity management tools </li></ul></ul><ul><ul><li>P3P </li></ul></ul><ul><li>Other tools </li></ul><ul><ul><li>Privacy-friendly search engines </li></ul></ul><ul><ul><li>Computer “cleaners” </li></ul></ul><ul><ul><li>Tools to facilitate access </li></ul></ul>
    12. 12. Regulatory and self-regulatory framework Regulatory and self-regulatory framework Service User The Internet Secure channel P3P user agent Cookie cutter Anonymizing agent
    13. 13. Anonymizing proxy <ul><li>Acts as a proxy for users </li></ul><ul><li>Hides information from end servers </li></ul><ul><li>Sees all web traffic </li></ul><ul><li>Free and subscription services available </li></ul><ul><li>Some free services add advertisements to web pages </li></ul>Proxy Browser End Server Request Request Reply Reply
    14. 14. http://www.anonymizer.com
    15. 15. Pseudonymity tools quote.com nytimes.com expedia.com mfjh asef dsfdf Proxy Automatically generate user names, passwords, email addresses, etc. unique to each web site you visit username
    16. 16. iPrivacy private shipping labels CUSTOMER PC Public Identity Private Identity John Doe iPrivacy ABCDEF 1 MAIN ST 1 dQg85xP26 Kansas City, KS Kansas City, KS 11122 11122 Doe@ isp .com [email_address] WEB FORM Name : iPrivacy ABCDEF Address: : 1 dQg85xP26 City : Kansas City State : KS Zip : 11122 Email : ABCDEF @iPrivacy.com WEB e- Tailer Order Entry System Submit Credit Card If Authorized Ship Product Shipping Subsystem Input Private Identity Decode Address PRINT LABEL iPrivacy ABCDEF 1 MAIN ST Kansas City, KS 11122
    17. 18. Incogno SafeZone The merchant offers Incogno SafeZone from its site Upon checkout, the buyer enters personal information into The Incogno SafeZone – a separate server.
    18. 19. Incogno SafeZone Incogno reinforces that the purchase is anonymous . The anonymous purchase is complete with no added software installation or setup for the buyer.
    19. 20. Privada <ul><li>Multi-server design to shield real-world info </li></ul><ul><li>Info is compartmentalized & encrypted, then processed by servers on a need-to-know basis </li></ul><ul><li>Online identities and activity are kept distinct from real-world identities </li></ul>Patent-pending privacy management infrastructure
    20. 22. Mixes [Chaum81] Sender routes message randomly through network of “Mixes”, using layered public-key encryption. Mix A Sender Destination Mix C Mix B B, k A C k B dest,msg k C C k B dest,msg k C dest,msg k C msg k X = encrypted with public key of Mix X
    21. 23. Freedom by Zero-Knowledge
    22. 24. Freedom nyms Create multiple psuedonyms Surf without a nym Select a nym and surf
    23. 25. Crowds <ul><li>Experimental system developed at AT&T Research </li></ul><ul><li>Users join a Crowd of other users </li></ul><ul><li>Web requests from the crowd cannot be linked to any individual </li></ul><ul><li>Protection from </li></ul><ul><ul><li>end servers </li></ul></ul><ul><ul><li>other crowd members </li></ul></ul><ul><ul><li>system administrators </li></ul></ul><ul><ul><li>eavesdroppers </li></ul></ul><ul><li>First system to hide data shadow on the web without trusting a central authority </li></ul><ul><li>http://www.research.att.com/projects/crowds/ </li></ul>
    24. 26. Crowds illustrated 1 2 6 3 5 4 3 5 1 6 2 4 Crowd members Web servers
    25. 27. Anonymous email <ul><li>Anonymous remailers allow people to send email anonymously </li></ul><ul><li>Similar to anonymous web proxies </li></ul><ul><li>Some can be chained and work like mixes </li></ul><ul><li>http://anon.efga.org/~rlist </li></ul>
    26. 28. Encryption tools <ul><li>File encryption </li></ul><ul><li>Email encryption </li></ul><ul><ul><li>Many email programs include encryption features built in or available as plug-ins </li></ul></ul><ul><ul><li>Web-based encrypted email </li></ul></ul><ul><ul><ul><li>Email that self-destructs – Disappearing, Inc. </li></ul></ul></ul><ul><li>Encrypted network connections </li></ul><ul><ul><li>Secure socket layer (SSL) </li></ul></ul><ul><ul><li>Secure shell (SSH) </li></ul></ul><ul><ul><li>Virtual private networks </li></ul></ul>
    27. 29. Disappearing, Inc.
    28. 30. Filters <ul><li>Cookie Cutters </li></ul><ul><ul><li>Block cookies, allow for more fine-grained cookie control, etc. </li></ul></ul><ul><ul><li>Some also filter ads, referer header, and browser chatter </li></ul></ul><ul><ul><li>http://www.junkbusters.com/ht/en/links.html#measures </li></ul></ul><ul><li>Child Protection Software </li></ul><ul><ul><li>Block the transmission of certain information via email, chat rooms, or web forms when child is using computer </li></ul></ul><ul><ul><li>Limit who a child can email or chat with </li></ul></ul><ul><ul><li>http://www.getnetwise.org/ </li></ul></ul>
    29. 31. Identity management tools <ul><li>Services and tools that help people manage their online identities </li></ul><ul><ul><li>Offer convenience of not having to retype data and/or remember passwords </li></ul></ul><ul><ul><li>Some let consumers opt-in to targeted advertising (permission marketing), sharing data with sites, etc. </li></ul></ul><ul><ul><ul><li>Some pay consumers for providing data </li></ul></ul></ul><ul><ul><li>Some check for privacy policies before releasing data or require minimum privacy standards for participating sites </li></ul></ul><ul><li>Examples </li></ul><ul><ul><li>AllAdvantage.com </li></ul></ul><ul><ul><li>DigitalMe </li></ul></ul><ul><ul><li>Enonymous </li></ul></ul><ul><ul><li>Lumeria </li></ul></ul><ul><ul><li>Persona </li></ul></ul><ul><ul><li>PrivacyBank.com </li></ul></ul>
    30. 32. Persona Consumer fills out Persona with personal information Consumer can decide how each field is shared with online businesses and 3 rd parties
    31. 33. PersonaValet <ul><li>A free toolbar </li></ul><ul><li>Four views provide features that include Cookie Management, P3P reader, automatic log-in, form-fill, quick access to top sites, search engines & comparison capabilities </li></ul>Allows user to accept or reject cookies while surfing Cookie Watcher tells users when cookies are being dropped P3P Viewer alerts user to site with valid P3P policy; allows comparison to user’s privacy settings Pop-up Menu
    32. 34. PrivacyBank.Com PrivacyBank bookmark
    33. 35. Infomediary example: PrivacyBank PrivacyBank bookmark
    34. 36. Platform for Privacy Preferences (P3P) <ul><li>Offers an easy way for web sites to communicate about their privacy policies in a standard machine-readable format </li></ul><ul><ul><li>Can be deployed using existing web servers </li></ul></ul><ul><li>This will enable the development of tools (built into browsers or separate applications) that: </li></ul><ul><ul><li>Provide snapshots of sites’ policies </li></ul></ul><ul><ul><li>Compare policies with user preferences </li></ul></ul><ul><ul><li>Alert and advise the user </li></ul></ul><ul><li>For more info see http://www.w3.org/P3P/ </li></ul>
    35. 37. Using P3P on your Web site <ul><li>Formulate privacy policy </li></ul><ul><li>Translate privacy policy into P3P format </li></ul><ul><ul><li>Use a policy generator tool </li></ul></ul><ul><li>Place P3P policy on web site </li></ul><ul><ul><li>One policy for entire site or multiple policies for different parts of the site </li></ul></ul><ul><li>Associate policy with web resources: </li></ul><ul><ul><li>Place P3P policy reference file (which identifies location of relevant policy file) at well-known location on server; </li></ul></ul><ul><ul><li>Configure server to insert P3P header with link to P3P policy reference file; or </li></ul></ul><ul><ul><li>Insert link to P3P policy reference file in HTML content </li></ul></ul>
    36. 38. The P3P vocabulary <ul><li>Who is collecting data? </li></ul><ul><li>What data is collected? </li></ul><ul><li>For what purpose will data be used? </li></ul><ul><li>Is there an ability to opt-in or opt-out of some data uses? </li></ul><ul><li>Who are the data recipients (anyone beyond the data collector)? </li></ul><ul><li>To what information does the data collector provide access ? </li></ul><ul><li>What is the data retention policy? </li></ul><ul><li>How will disputes about the policy be resolved? </li></ul><ul><li>Where is the human-readable privacy policy ? </li></ul>
    37. 39. Transparency <ul><li>P3P clients can check a privacy policy each time it changes </li></ul><ul><li>P3P clients can check privacy policies on all objects in a web page, including ads and invisible images </li></ul>http://adforce.imgis.com/?adlink|2|68523|1|146|ADFORCE http://www.att.com/accessatt /
    38. 40. Microsoft/AT&T P3P browser helper object <ul><li>A prototype tool designed to work with Microsoft Internet Explorer Browser </li></ul><ul><li>Not yet fully tested, still missing some features </li></ul>
    39. 41. Preference settings
    40. 43. When preferences are changed to Disallow profiling, the privacy check warns us that this site profiles visitors
    41. 44. IDcide Privacy Companion <ul><li>A browser plug-in that adds functionality to Netscape or Internet Explorer browsers </li></ul><ul><li>Includes icons to let users know that sites use first- and/or third-party cookies </li></ul><ul><li>Enables users to select a privacy level that controls the cookie types allowed (1 st or 3 rd party) </li></ul><ul><li>Prevents data spills to 3 rd parties through “referer” </li></ul><ul><li>Lets users view tracking history </li></ul><ul><li>Prototype P3P-enabled Privacy Companion allows for more fine-grained automatic decision making based on P3P policies </li></ul><ul><li>http://www.idcide.com </li></ul>
    42. 45. Searching for a P3P policy No P3P policy found P3P policy is NOT acceptable P3P policy is acceptable IDcide P3P Icons
    43. 46. Double clicking on the P3P icon indicates where the site’s policy differs from the user’s preferences
    44. 47. YOUpowered Orby Privacy Plus <ul><li>A tool bar that sits at the top of a user’s desktop and allows a user to </li></ul><ul><ul><li>Accept or deny cookies while surfing </li></ul></ul><ul><ul><li>Decide how, when and where to share personal information </li></ul></ul><ul><ul><li>Store website passwords </li></ul></ul><ul><ul><li>Enjoy the convenience of &quot;one-click&quot; form-fill </li></ul></ul><ul><li>P3P features in prototype automatically rate web sites based on their P3P policies </li></ul>
    45. 48. Trust Meter
    46. 49. Orby cookie prompt
    47. 50. Orby preference setting menu
    48. 51. IBM P3P Policy Editor <ul><li>Allows web sites to create privacy policies in P3P and human-readable format </li></ul><ul><li>Drag and drop interface </li></ul><ul><li>Available from IBM AlphaWorks site: http://www.alphaworks.ibm.com/tech/p3peditor </li></ul>
    49. 52. Sites can list the types of data they collect And view the corresponding P3P policy
    50. 53. Templates allow sites to start with a pre-defined policy and customize it to meet their needs
    51. 54. PrivacyBot.com Allows webmasters to fill out an online questionnaire to automatically create a human-readable privacy policy and a P3P policy
    52. 55. YOUpowered Consumer Trust Policy Manager Wizard
    53. 56. Other tools <ul><li>Privacy-friendly search engines </li></ul><ul><ul><li>TopClick </li></ul></ul><ul><li>Computer “cleaners” </li></ul><ul><ul><li>Window Washer – removes all traces of what web sites you visited, what files you viewed, and what files you deleted </li></ul></ul><ul><li>Tools to facilitate access </li></ul><ul><ul><li>PrivacyRight </li></ul></ul>
    54. 60. Tools work together <ul><li>P3P tools </li></ul><ul><ul><li>help users understand privacy policies </li></ul></ul><ul><li>Seal programs and regulations </li></ul><ul><ul><li>help ensure that sites comply with their policies </li></ul></ul><ul><li>Anonymity tools and filtering tools </li></ul><ul><ul><li>reduce the amount of information revealed while browsing </li></ul></ul><ul><li>Encryption tools </li></ul><ul><ul><li>secure data in transit and storage </li></ul></ul><ul><li>Laws and codes of practice </li></ul><ul><ul><li>provide a base line level for acceptable policies </li></ul></ul>
    55. 61. Download these slides http://www.research.att.com/ ~lorrie/privacy/NTIA-0900.ppt
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×