“Privacy Today” Slide Presentation

“ Privacy Today”

Overview
What is privacy
Ways to protect privacy
Technology
Law
Markets
What you do yourself
4 types of privacy harms
Fair information practices
Conclusion

I. What is Privacy?
“ Privacy is the claim of individuals, groups or institutions to determine for themselves when, how, and to what extent information about them is communicated to others”
Alan Westin: Privacy & Freedom,1967
Privacy is not an absolute
We disclose, and we keep private

Privacy as a Process
“ Each individual is continually engaged in a personal adjustment process in which he balances the desire for privacy with the desire for disclosure and communication….”
- Alan Westin, 1967

Solitude
individual separated from the group and freed from the observation of other persons
Intimacy
individual is part of a small unit
Anonymity
individual in public but still seeks and finds freedom from identification and surveillance
Reserve
the creation of a psychological barrier against unwanted intrusion - holding back communication
Westin’s four states of privacy

II. Ways to Protect Privacy
There are four basic ways to protect privacy:
Technology
Law
Markets
Your choices as an individual

Example: Reducing Spam
Unwanted e-mail can be an intrusion on your privacy and can reduce the usefulness of e-mail
Technology: Spam filters
Law: the CAN-SPAM Act
Illegal to send commercial email with false headers
You can unsubscribe from the sender
Markets: you choose an email provider that does a good job of reducing spam
Your choices: you decide not to open that e-mail with the unpleasant header

III. 4 Types of Privacy Harms
We’ll look more closely at 4 categories of privacy harms:
Intrusions
Information collection
Information processing
Information dissemination

Privacy Harms

Intrusions
“ They” come into “your” space and contact you or tell you what to do
Examples:
Unwanted email (spam)
Unwanted phone calls
Technology: Caller ID to screen calls
Law: National Do Not Call list
Parents entering a teen’s room without knocking
Government saying what you can or can’t do with your own body or property

Information Collection
“ They” watch what you are doing, more than they should
Surveillance & Interrogation
Visual, such as peeping Toms
Communications, such as wiretapping your phone or email
Government, employers, or parents ask you “private” information
Example of protections: with a warrant, the government can wiretap or search your house. Having to get a warrant is a protection, though, against too much information collection.

Information Processing
“ They” have a lot of data, and do things with it
Identification: they learn about your “anonymous” actions
Data mining: they learn patterns, to decide if you are a good customer or a suspected terrorist
Exclusion: they decide you are not a good potential employee or customer, or go on the no-fly list at the airport
Secondary use: they collect the data for one reason, but use it for others
Note: Information processing can be helpful, when it “personalizes” and gives you better service. But it can invade your privacy when it goes too far or is used in ways that break the rules.

Information Dissemination
“ They” disclose data, perhaps more than “you” think they should
Breach of confidentiality: a doctor or lawyer discloses more than you wish
Transfer to third parties: a company or government shares data about you to persons you don’t expect
Public disclosure of private facts: an intimate photo of you, or disclosure of intimate facts
Disclosure of untrue facts: you are put in a false light
Appropriation: they use your name or picture without your permission

Review: 4 Types of Privacy Harms

IV. Fair Information Practices
We will examine five Fair Information Practices have been developed to protect against these sorts of privacy concerns
The Federal Trade Commission principles:
Notice/awareness
Choice/consent
Access/participation
Integrity/security
Enforcement/redress

Notice/Awareness
Individuals need notice to make an informed choice about whether to provide information
Who is collecting the data
Uses for which the data will be used
Who will receive the data
The nature of the data and the means by which it is collected if not obvious
The steps taken to preserve confidentiality, integrity, and quality of the data

Choice/Consent
Choice may apply to “secondary uses” – uses beyond the original reasons you provided your data
Sometimes choice is “opt in” – they won’t share your data unless you say you want them to
HIPAA medical privacy rule – don’t share your data unless you give consent
Sometimes choice is “opt out” – they can share your data or contact you, but you can tell them not to
Do Not Call list – no telemarketing if you sign up at www.donotcall.gov
Many web sites will not share your data if you “opt out” (tell them not to share)

Access/Participation
Individuals in some instances can access the data held about them, and correct any inaccuracies
Fair Credit Reporting Act: no-fee credit report at www.annualcreditreport.com (some other sites advertise “free” reports that aren’t free)
Privacy Act: right to see records held about you by the federal government

Integrity/Security
Data should be secure and accurate
Without security, can have good privacy policies but hackers gain entry
Without accuracy, wrong decisions are made about individuals
We should expect reasonable technical, physical, and administrative measures

Enforcement/Redress
There is great variety in the ways that privacy principles are enforced
Increasingly, companies and government agencies have Privacy Professionals to comply with their privacy promises
Companies can be fined if they break the promises in their privacy policies (Section 5 of the FTC Act)
For some kinds of data (medical, financial, stored communications), there is additional enforcement by individuals or government agencies

V. Conclusion
Some themes from today:
The link between privacy and freedom – a zone where “they” do not intrude upon “you”
The challenges of protecting privacy in our emerging information society
The need for the right mix of technology, laws, and markets

Finally:
The emergence of privacy professionals
A growing profession focused on managing privacy in the information economy
We’re here
To ensure protection of privacy while also
Helping create the many ways you want information to be used in our information society
Thank you for your attention

Presentation written by:
Professor Peter P. Swire
Ohio State University
Center for American Progress
www.peterswire.net
On behalf of the
International Association of Privacy Professionals
www.privacyassociation.org

Creative Commons License
This work is licensed under the Creative Commons Attribution 3.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/3.0/ or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Any use of these materials requires attribution to the IAPP and Peter Swire.

http://tomasz.topa.pl	43
http://www.slideshare.net	19
http://translate.googleusercontent.com	1

“Privacy Today” Slide Presentation

by tomasztopa

Accessibility

Categories

Upload Details

Usage Rights

3 Embeds 63

Statistics

“Privacy Today” Slide Presentation Presentation Transcript