Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Privacy in the Virtually Legal Context


Published on

Thoughts on privacy in the internet context

Published in: Education
  • Be the first to comment

Privacy in the Virtually Legal Context

  1. 1. IE MDMK09 Borislav Kiprin Privacy Virtual Companies & Legal Environment Course Leader: Ignacio J. Fernandez Plovdiv, Bulgaria Phone: +359 879997300 E-Mail: Web:
  2. 2. 2 Privacy Notion What is privacy? Privacy is the ability of an individual, group or business entity to reserve the right to disclose information about himself/herself/themselves and share that information upon their own choice. Sometimes it is difficult to determine what are the boundaries and this is very subjective notion coming down to personal, cultural, ethnical etc. In that sense there are common understandings among the majority of people and there are issues that are considered private only in a particular ethnic or geographical area. In general, when something is considered private, it comes down to a sensitive issue or a special one that the person/group/entity is not ready to share with the community or the world. It also depends on how the public opinion will perceive this private information and there is often a timeframe for relevance and actually interest from the public. In the case of business entities it might sometimes come down to securing secrets directly related to the normal performance of the organization and often part of the business itself. Individual or group privacy is usually part of the legal base in most of the countries in the world – whether under the form of a privacy laws or even in the constitution. Although we all have a right to some sort of personal privacy, there are limitations when it comes to national security, taxation, income sources etc. This differs on country-to-country basis and it has different limitations. For example in the USA the freedom of speech is described in the First Amendment1 of the constitution, whereas in China or other communist states there are limitations when people talk about politics, reforms and others. Another example is the fact that there are still countries in this world that do not reveal bank account information of individuals and this is considered as a privacy issue. Privacy types:  Physical is the immediate proximity of the world we all consider private – such as our house, diary, sexual acts and visual materials concerning private moments. For example, in the USA the Fourth Amendment guarantees exactly the right of "the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures". 2 This however differs to the extreme from the legislation in other parts of the world, especially in totalitarian and dictatorship states, where no warrant is needed for the arrest of a suspect.  Informational concerns data that is considered private when it comes, for example, to medical files, financial ones, sexual preferences etc. A very interesting issue here is that when one is applying for a job in the United States he/she has to be careful enough not to include any private information such as a picture, race, religion, sexual preference etc. Whereas in Europe it is considered obligatory to provide most of the previously stated personal information. Nonetheless disclosure of this information is considered in the USA as a base for voluntary or involuntary discrimination, but in Europe as normal.  Organizational deals mainly with security issues. Shortly after September 11, 2001’s attacks, the US government introduced a much stricter legislation that allowed governmental security agencies to dig into the private life of individuals should there be a suspicion of threat for national security. This has raised many questions when it comes to an ethnic and religious profiling of the usual suspects – Arabs, Muslims and South East Asians.3 1 Source: 2 Source: 3 Source: Borislav Kiprin – IE MDMK09
  3. 3. 3 Privacy Protection of Privacy: There are many laws around the world that insure the right of protection of privacy. There are even established courts that deal especially with this issue. In the case of the European Union this will be the European Court of Human Rights that takes as its prerogative Directive 95/46/EC on the protection of personal data and others concerning the privacy of European individuals and groups. There are also countries that had established specific guidelines or governmental bodies that are authorizing any new law that might have privacy infringement issues - in the United Kingdom by the Data Protection Act 1998 and n France data protection is also monitored by the CNIL (Commission Nationale de l'Informatique et des Libertés). On the other hand there are many NGOs that are involved with the follow up of human rights and in particular with the protection of privacy – such as Internet Privacy Coalition. In fact, these organizations play the role of creating awareness among the public and put some pressure on the relative legislative power to act properly upon certain privacy issues and respect them while creating laws that may seem invasive and obstructive. Evolution of Privacy: The evolution of privacy has been mainly regarded as a process related to the development of technology. Such instruments as tapping into phones, looking at personal computer’s content or following other communication ways (mobile, internet etc.) are well known among the public. But, in fact, it has all started with the printed media (such as newspapers, magazines and posters). With the spread of such materials, the misusage of particular content and the breach of privacy was a alarming and the first known publication concerning privacy was in the USA and represented and article written by Samuel Warren and Louis Brandels – The right to Privacy, 4 Harvard L.R. 193 (1890).4 Later with the further development of technology, especially the communication channels through mobile networks and the Internet, more and more concerns were raised with the issue of invasion of privacy. And to add to this the fact that the world is facing now social threats as drug production and dealing, terrorism, money laundering from illegal activities, hacking into personal account information in financial, governmental and medical records, the public is becoming more and more sensitive on how the governments are trying to battle the issues through legal and more over practical ways. A particular example can be given with the creation of antiterrorist laws all over the world and in particular in the EU, USA and Russia. These legislations have created quite a buzz around the world among citizens and personal privacy protectionists. Whether it is because of miss-communicating the right message when it comes to national and public security and what the law is trying to achieve, or simply because the government is not really too interested in how the public will accept it, but the fact is that we all are followed in a certain way and experiencing here and there invasion of our own privacy. The reason for this issue to be raised, alarming much and growing at the moment even more is the fact that it become easier and easier with every leap forward of the technology to gather and analyze information. 4 Source: Borislav Kiprin – IE MDMK09
  4. 4. 4 Privacy Privacy at the Work Place With the development of technology and the increasing dependence on Internet as a channel of communication, more and more employer are introducing instrument to monitor employees performance. In some cases this has a direct impact on the personal privacy of the latter. As explained earlier the line between personal privacy and the availability of information to the public is very thin. Some of the introduced instruments and ways to obtain information have resulted into lawsuits, voluntary leave of the companies and termination of employment contracts. The thing here is, that in most of the cases the employees are even not aware that their activities are monitors or calls and emails screened.  Eavesdropping is the act of covertly listening to a private conversation. 5 And this is indeed practiced in the nowadays-corporate world to monitor employees’ performance during work time. However, there is a morality question involved here. Many people believe that one shall not be expected to have his/her mind engaged with work related stuff for the whole duration of the eight hours he/she is paid for.  Live Video Monitoring is the act of monitoring in live feed the performance of employees at the work place or for example traffic control on the street. The question here comes with the fact that people are not accustomed to be watched. But I do remember a particular case in Germany in 2007, where a German supermarket chain was filming in its shops and recorded many inappropriate acts that were not related to the business duties of its employees (i.e. sexual intercourse, stealing articles etc.)  Whistle blowing - There is also the case of “triggered surveillance” which happens in the event of a lead posted by a colleague or a peer to an employer regarding questionable behavior of an employee in concern. However, this can be rather volatile and destructive to the organization and the teamwork, should that lead be found misleading, inappropriate or irrelevant. The ways that organizations deal with this kind of situation differ based on management point of view or established guidelines and standard operating procedures. Nonetheless, the chances of having a false lead are always to be considered and evaluated properly.  Communication scanning is covering the security and privacy of mail, telephones, e-mail and other forms of communication 6 . In sensitive businesses such as pharmaceuticals, nanotechnologies and arms production this is a very common practice, especially concerning key figure employees. The American Management Association (AMA) conducted a study, named the "2005 Electronic Monitoring & Surveillance Survey". Of the 526 employers that the AMA surveyed, most conduct some type of electronic surveillance on employees. 7 76% monitor Website visits There are also findings that some 92 % of employers deny employee workplace privacy rights through electronic surveillance of different 55% monitor eMail messages sort. 50% monitor computer files Form moral point of view and to the very extend of being legal; employers are obliged to let employees be aware of the above- mentioned issues online. These policies can be communicated through the employee’s handbook, memos or even in the employment contract. It also could be that an employer will inform certain employees working on a information sensitive project that their private life will be monitored to some extend. However, he must have the agreement of the later and specifically list the activities that will be performed. 5 Source: 6 Source:[347]=x-347-559474 7 Source: Borislav Kiprin – IE MDMK09
  5. 5. 5 Privacy Privacy Online In the age of Internet and especially in Web 2.0 and the coming Web 3.0, the public is more and more concerned with personal privacy. The optimization of the viewed content and especially the input of personal content and display for sharing has raised more questions. This issue will be reviewed bellow, divided by issues I have found interesting to discuss and ponder upon:  Hackers – This is probably the biggest concern to invasion of privacy when it comes to the Internet. Hacking is illegally finding ways to penetrate closed networks or databases and stealing, moderating or erasing data. We have been witnessing massive attacked on customer databases especially in Credit Card companies, Social Security Databases etc. These are rather sensitive events that are hitting hard the soft spot in the public’s heart. A particular case that I can recall is the steal of 180,000 people’s personal data from Mastercard database in 2005.8  Spam – is the abuse of electronic messaging systems (including most broadcast media, digital delivery systems) to send unsolicited bulk messages indiscriminately.9 Spamming is not usually considered exactly an invasion of privacy issue, however we have to think of the lesser and lesser usage of emails these days. There studies that point spam as the main reason for people to set particular timings during the day to check their emails. They even go so far as to set auto responses stating that if the email sent to them is important they should contacted through the phone (but then, phone number is not stated in the message). Some would say that spam feeding is exactly invasion of privacy, since it is obtrusive, bothering and basically unwanted.  Gmail Adver-feeding – If you have a Gmail account, you have probably noticed those Google Adwords commercials displayed on the very right side of your window. When this service was introduced initially, the public and the authorities have raised the question firstly on the searchability and findability of personal messages in Google’s search engine. This technological issue was solved pretty fast, but now the issue comes with the adfeeding. In order to get relevant adfeeding the personal messages in the mailbox must be scanned and analyzed. But the real question here is are these messages stored somewhere and kept by Google or even more disturbing are all the users being profiled based on send and received communications. This issue is not yet address by any legislative power around the world, for all I know, but I believe it will be becoming one as soon as enough awareness among the public’s opinion is raised.  Social Networks Profiles – This relatively new communication channel gives the ability to share personal content and keep in touch with friends and peers. And since this is still regarded as an innovative channel, a part of the user base is not really leveraging the opportunities to find themselves in situation of sharing more than they are ready to give. We can even talk of social exhibitionism that comes either intentionally or unintentionally and inconsiderately, but nonetheless it presents a growing problem. Adjustments of the Privacy base on these websites are common and in fact difficult to notice. For example, Facebook has tried to change its Privacy statement on few occasions and received a lot of angry statement from users that found the changes a threat to their privacy (Beacon10 – for example). It is also interesting to learn that data mining is possible in Facebook and in 2005 two MIT students were able to download the profiles of 70,000 colleagues (MIT, NYU, the University of Oklahoma, and Harvard) through an automated algorithm. 11 Another threat is the fact that deactivating one’s account with Facebook does not necessarily mean that all the published content will disappear with the deletion. 8 Source: 9 Source: 10 Source: 11 Source: Borislav Kiprin – IE MDMK09
  6. 6. 6 Privacy There are many other issues that are addressed, being addressed at the moment or will be addressed soon or later by the legislative powers and/or Social Networks themselves. However, the Internet and the content published in this medium will be playing a bigger and bigger role when it comes protection of privacy and concerns related to this. Reflections Giving the constant progress of technology and the establishment of more and more complicated channel of communications, privacy becomes a major issue when it comes to finding an employment, establishing employee guidelines and standard operating procedures, labor codex etc. The players in this game are rather clear – employees, private citizens, governments, corporations & private businesses etc. And all of these have different points of view and regard their privacy and that of others in a very subjective way. In order for them to come to the same page, I regard the following factors as very important:  Consensus on privacy limits – a well established and agreed upon set of rules – what is allowed and what not to be monitored and picked in. The important thing here is for all the parties to be involved and actively participate in the privacy policy setting.  Arbitrage ruling – in case of disagreement there should be an established and unbiased way to solve issues between two parties where one is accused of invading illegally the privacy of the other. And naturally that should a third party that has nothing to do with the conflict discussed.  Consent – employees and private citizens shall be asked for consent in order to be monitored. However, there is always the doubt in the head of an employee that comes to the fact whether he/she has other choice than consenting or not. Normally, the upper hand in this situation seems to be with the organization, rather than with the individual.  Communicating the policy – often a misunderstanding or un-acceptance of policies can be triggered through wrongful or badly communicated guidelines. Usually, this problem can be solved by pointing out the benefits and explaining entirely the situational analysis, causes & effects for all parties involved.  Strict management based on the policy already set – there is no place for practicing double standards here. From an employee point of view it is going to be extremely hard to stay motivated if he/she sees that for the same situation different approaches and solutions are reprimanded. As described above, privacy differs on regional and cultural basis. For that reason it will be very hard to come up with a common law that serves the world on a global perspective. Nonetheless, with the globalization and the world turning into a very small place, there seem to be signs that borders and wall are falling apart and people and cultures grow closer together. How this is going to affect the treatment of invasion of privacy and actually the privacy in the online medium is yet to be seen. Borislav Kiprin – IE MDMK09