Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. Privacy Primer for Educators Melissa Dark Center for Education and Research in Information Assurance and Security (CERIAS) Purdue University [email_address]
  2. 2. What is Privacy? <ul><li>The ability to control the degree to which people and institutions impinge upon one’s life. </li></ul><ul><ul><ul><li>Hildreth & Hoyt, 1981 </li></ul></ul></ul><ul><li>The right claimed by an individual to control the disclosure of personal information about themselves. </li></ul><ul><ul><ul><li>Adams, 2000 </li></ul></ul></ul>
  3. 3. <ul><li>Describe your privacy expectations of your: </li></ul><ul><ul><ul><ul><ul><li>Bank </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Doctor </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Government Officials </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Clergy </li></ul></ul></ul></ul></ul><ul><li>Do we expect this same level of professionalism from our schools? </li></ul>
  4. 4. <ul><ul><ul><ul><ul><li>Junk Mail </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Phone Calls From Telemarketers </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Online Surveys </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>E-Mail SPAM </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Grocery Savings Cards </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Security Cameras </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Cell Phone Tampering </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Phone Logs </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Workplace Surveillance </li></ul></ul></ul></ul></ul><ul><li>What is the common factor that unites these items? </li></ul>Personal privacy in jeopardy.
  5. 5. Is privacy really that important? <ul><li>In 1993, MacWorld launched an investigation surrounding the ability of unauthorized users to obtain information from celebrities. </li></ul><ul><li>This information was all obtained in a legal and ethical manner. </li></ul>
  6. 6. For $112 per celebrity....they found: <ul><li>Through online solicitation and searches, the editors were able to obtain the following information on individuals: </li></ul>(CQ Researcher, 1993). <ul><li>biographical information </li></ul><ul><li>tax liens </li></ul><ul><li>campaign contributions </li></ul><ul><li>vehicles owned </li></ul><ul><li>real estate owned </li></ul><ul><li>commercial loans/debts </li></ul><ul><li>civil court filings </li></ul><ul><li>corporate ties </li></ul><ul><li>birth date </li></ul><ul><li>home address </li></ul><ul><li>home phone </li></ul><ul><li>social security number </li></ul><ul><li>neighbors address/phone </li></ul><ul><li>drivers record </li></ul><ul><li>(including physical characteristics) </li></ul><ul><li>marriage record </li></ul><ul><li>voter registration information </li></ul>
  7. 7. Collection of Children’s Information <ul><li>1999 Survey: 16 million children ---14% of US citizens under the age of 18 regularly use the Internet. (1999) </li></ul><ul><li>Study conducted by Cai and Gantz (2000) indicated that the majority of Web sites targeted at children collect personal information from their under-age users. </li></ul><ul><li>Children also readily provide personal data in return for a “great prize” (Carlson, 2000) </li></ul>
  8. 8. Why is Privacy Important for Teachers? <ul><li>Federal law mandates that teachers protect the information they gather and record regarding their students (National Center for Education Statistics, 1998). </li></ul><ul><ul><ul><ul><li>FERPA </li></ul></ul></ul></ul><ul><ul><ul><ul><li>COPPA </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Supreme Court Decisions </li></ul></ul></ul></ul><ul><li>Failure to do so could result in personal and professional liability. </li></ul>
  9. 9. Privacy Practices—Common Law <ul><li>Information should not be conveyed to other teachers/administrators unless the motive is to enhance performance. </li></ul><ul><li>Pupil information should be transmitted only upon request. </li></ul><ul><li>Records should be released only if there is a statutory requirement or the pupil/parents request the release. </li></ul>
  10. 10. Privacy Legislation for Educators <ul><li>Family Educational Rights and Privacy Act , 1974 (FERPA): </li></ul><ul><ul><li>Requires that educators demonstrate “due diligence” in protecting student data, information, records, and other sensitive information. </li></ul></ul><ul><ul><li>Teachers can be personally held liable for failing to maintain the integrity of such data. </li></ul></ul>
  11. 11. FERPA... <ul><li>Parents/guardians have a right to inspect all records. </li></ul><ul><li>Record of access maintained regarding individuals examining the files. </li></ul><ul><li>Appeals to contents are permitted. </li></ul><ul><li>Records must be kept confidential—no release unless there is permission. </li></ul><ul><ul><li>Birth date, address, ss#, grades, test results, discipline records, attendance, health records, pictures, etc. </li></ul></ul>
  12. 12. Unique Challenge of E-Mail and Electronic Documents <ul><li>Teachers must demonstrate “due diligence” in protecting ALL records. </li></ul><ul><li>Vulnerabilities: </li></ul><ul><ul><li>Open Network Connections </li></ul></ul><ul><ul><li>Poor Password Selection/Protocol </li></ul></ul><ul><ul><li>Lack of Encryption </li></ul></ul><ul><ul><li>“naked” e-Mail </li></ul></ul>
  13. 13. Encryption (Enciphering sensitive information) <ul><li>Encoding information </li></ul><ul><ul><li>Secret Code Ring </li></ul></ul><ul><ul><li>Cryptoquip </li></ul></ul><ul><ul><li>Pig Latin </li></ul></ul><ul><li>*Most* common applications offer password protection. </li></ul><ul><li>Confidential (not critical)---USE ENCRYPTION!!!! </li></ul><ul><li>NEVER send HIGHLY SENSITIVE information through email. (email should *never* be considered secure!) </li></ul>
  14. 14. PGP: Pretty Good Privacy (approx. $20 per unit) Requires use of Public Keys Sample PGP encrypted email:
  15. 15. Without the proper keys... the message is unreadable.
  16. 16. Sample Encrypted Document:
  17. 17. <ul><li>File / Save As </li></ul><ul><li>Click on TOOLS </li></ul><ul><li>Select GENERAL OPTIONS </li></ul><ul><li>Enter passwords </li></ul>Password Protecting Windows Documents
  18. 18. Practical Privacy Techniques for Teachers: <ul><li>Practice Proper Information Security Techniques </li></ul><ul><li>E-Mail Awareness </li></ul><ul><li>Use of Encryption </li></ul><ul><li>Download Precautions </li></ul><ul><li>Close the Cookie Jar </li></ul><ul><li>Read Privacy Statements </li></ul><ul><li>Set up a Second Online Account </li></ul>
  19. 19. Dissemination of Privacy Practices to Students: <ul><li>Fundamentals of protecting privacy is a “new” skill that schools should address </li></ul><ul><ul><ul><li>(Willard, 2000) </li></ul></ul></ul><ul><li>Privacy issues need to be embedded within the curriculum as readily as technical skills </li></ul><ul><ul><ul><li>(FTC, 2001) </li></ul></ul></ul><ul><li>Short lessons and natural teaching moments work well for identifying the topic. </li></ul><ul><li>Teachers must serve as a role model for privacy protection practices. </li></ul>
  20. 20. Conclusion: <ul><li>As technology is introduced into schools, it is critical to combine the technical skills with the soft (ethical) skills surrounding the media. </li></ul><ul><li>Attention needs to given to both teachers and students upon this topic. </li></ul><ul><li>Teachers must practice privacy techniques daily---to protect the information and serve as a positive role model. </li></ul>
  21. 21. Excellent Resources: <ul><li>Stealth Surfing by Matt Lake: </li></ul><ul><li>,aid,16350,00.asp </li></ul><ul><li>Follett Software Company: Privacy Sites: </li></ul><ul><li> </li></ul><ul><li>Make Your PC Hacker Proof by Jeff Sengstack : </li></ul><ul><li>,aid,17759,00.asp </li></ul>