Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
WELCOME
TO
“THE WORLD STATISTICS DAY”
@
“CONVERGENCE 2010”
Privacy Policy
Prof. S. K. Gupta
IIT Delhi
01/29/153
What’s Privacy?
The right “to be let alone”
----
Samuel Warren and Louis Brandeis
Harvard Law Review
1890
01/29/154
Informational Privacy
"The claim of individuals, groups, or institutions to
determine for themselves when, how, ...
01/29/155
Who invades privacy?
 The government (Central, state, local)
 Companies you do business with
– Online, catalog...
01/29/156
Why is privacy important?
– Legal liability if not protected - examples
– Competitive advantage
 Trade secrets
...
01/29/157
Types of privacy invasions
 Medical (hospitals, doctors, insurance, drug
companies)
 Financial (banks, credit ...
01/29/158
Web link- http://www.indianairlines.in/index.asp
01/29/159
Web link- http://www.indianairlines.in/scripts/privacy.aspx
01/29/1510
Comparison of privacy policies
Site1 Site2 Site3 Site4
Detail description about how user data will be used X Y ...
01/29/1511
Privacy Policy of Amazon
Web link- http://www.amazon.com/gp/help/customer/display.html/105-3430781602013?
ie=UT...
01/29/1512
Privacy Policy of Amazon
Web link- http://www.amazon.com/gp/help/customer/display.html/105-3430781602013?
ie=UT...
01/29/1513
Privacy Policy of Amazon
Web link- http://www.amazon.com/gp/help/customer/display.html/105-3430781602013?
ie=UT...
01/29/1514
Privacy Policy of Amazon
Web link- http://www.amazon.com/gp/help/customer/display.html/105-3430781602013?
ie=UT...
01/29/1515
Privacy Policy of Amazon
Web link- http://www.amazon.com/gp/help/customer/display.html/105-3430781602013?
ie=UT...
01/29/1516
Privacy Policy of Amazon
Web link- http://www.amazon.com/gp/help/customer/display.html/105-3430781602013?
ie=UT...
01/29/1517
Web link- http://www.google.co.in/intl/en/privacypolicy.html
01/29/1518
I.T. Understanding of Privacy
Is
Privacy = Confidentiality = Security
?
Not so.
01/29/1519
Privacy
Maintaining ownership of data.
( Contain risk and may lead to violate IT/non IT security issue)
Securit...
01/29/1520
SP
Authentication
information
like password
S
P
Reading
marks of
other student
Tempering
User data
To know the
...
01/29/1521
Privacy Act of 1974
 Applies to federal agencies
 “No agency shall disclose any record … to any person, or to...
01/29/1522
Gramm-Leach-Bliley
 Except as … authorized …, you may not, directly or through any affiliate,
disclose any non...
01/29/1523
What Gramm-Leach-Bliley Protects
 “Nonpublic personal information” means:
(i) Personally identifiable financia...
01/29/1524
What HIPAA Provides
 A covered entity may not use or disclose protected
health information, except as permitte...
01/29/1525
What HIPAA Protects
 “Individually identifiable health information” is information
that is a subset of health ...
01/29/1526
Hippocratic Database
 a database that includes privacy as a
central concern
 inspired by Hippocratic Oath tha...
01/29/1527
Key Concept : Purpose
 data is collected for a specific purpose
 the purpose should be stored with the data
...
01/29/1528
Online Bookseller Example
Collects and stores personal information:
 To complete transaction and track order
...
01/29/1529
Purpose Specification
The purpose for which the personal
information was collected shall be stored with
that in...
01/29/1530
Consent
The purpose for which the personal
information was collected shall have the
consent of the donor.
Examp...
01/29/1531
Limited Collection
The personal information collected shall be
limited to the minimum necessary to
accomplish t...
01/29/1532
Limited Use
The database shall allow only those queries
that are consistent with the specified purpose.
Example...
01/29/1533
Limited Closure
The personal information shall not be
distributed for purposes other than those for
which there...
01/29/1534
Accuracy
The personal information stored in the
database should be accurate and up-to-date.
Example:
need to ve...
01/29/1535
Limited Retention
The personal information shall be retained
only as long as necessary to fulfill the purpose
f...
01/29/1536
Safety
The personal information shall be protected
by security safeguards against theft and other
misappropriat...
01/29/1537
Openness
The donor shall be able to access all
information about him/her stored in the
database.
Example:
indiv...
01/29/1538
Compliance
The donor shall be able to verify compliance
with the stated policy and the database shall
be able t...
Strawman Design
map privacy policy to privacy-
policies table
map access control policy to
privacy-authorizations table
co...
01/29/1540
Questions?
?
Upcoming SlideShare
Loading in …5
×

Privacy policy

888 views

Published on

Published in: Technology, News & Politics
  • Be the first to comment

  • Be the first to like this

Privacy policy

  1. 1. WELCOME TO “THE WORLD STATISTICS DAY” @ “CONVERGENCE 2010”
  2. 2. Privacy Policy Prof. S. K. Gupta IIT Delhi
  3. 3. 01/29/153 What’s Privacy? The right “to be let alone” ---- Samuel Warren and Louis Brandeis Harvard Law Review 1890
  4. 4. 01/29/154 Informational Privacy "The claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others". – Normally only applied to “individuals” – Implemented through "fair information practices" Allan Westin in Privacy And Freedom (1967)
  5. 5. 01/29/155 Who invades privacy?  The government (Central, state, local)  Companies you do business with – Online, catalogs, retail stores, airlines, NFL (Super bowl)  Companies you don’t do business with  Employers  Anyone else who wants to – know about you
  6. 6. 01/29/156 Why is privacy important? – Legal liability if not protected - examples – Competitive advantage  Trade secrets  Customer lists and preferences  Databases – Embarrassment – Protects job, insurance, safety, and identity – Some things are just private
  7. 7. 01/29/157 Types of privacy invasions  Medical (hospitals, doctors, insurance, drug companies)  Financial (banks, credit cards)  Political (law enforcement, profiling)  Online (Web sites, spammers, software companies)  Children’s privacy (Web sites, entertainment media, game makers, candy companies)
  8. 8. 01/29/158 Web link- http://www.indianairlines.in/index.asp
  9. 9. 01/29/159 Web link- http://www.indianairlines.in/scripts/privacy.aspx
  10. 10. 01/29/1510 Comparison of privacy policies Site1 Site2 Site3 Site4 Detail description about how user data will be used X Y Y Y Data Retention X X Y Y Showing explicitly whether it is following Safe Harbor Program X X Y Y Provide users choice X X Y Y Third Party Data sharing X X Y Y How much data is secured X X Y Y
  11. 11. 01/29/1511 Privacy Policy of Amazon Web link- http://www.amazon.com/gp/help/customer/display.html/105-3430781602013? ie=UTF8&nodeId=468496
  12. 12. 01/29/1512 Privacy Policy of Amazon Web link- http://www.amazon.com/gp/help/customer/display.html/105-3430781602013? ie=UTF8&nodeId=468496
  13. 13. 01/29/1513 Privacy Policy of Amazon Web link- http://www.amazon.com/gp/help/customer/display.html/105-3430781602013? ie=UTF8&nodeId=468496
  14. 14. 01/29/1514 Privacy Policy of Amazon Web link- http://www.amazon.com/gp/help/customer/display.html/105-3430781602013? ie=UTF8&nodeId=468496
  15. 15. 01/29/1515 Privacy Policy of Amazon Web link- http://www.amazon.com/gp/help/customer/display.html/105-3430781602013? ie=UTF8&nodeId=468496
  16. 16. 01/29/1516 Privacy Policy of Amazon Web link- http://www.amazon.com/gp/help/customer/display.html/105-3430781602013? ie=UTF8&nodeId=468496
  17. 17. 01/29/1517 Web link- http://www.google.co.in/intl/en/privacypolicy.html
  18. 18. 01/29/1518 I.T. Understanding of Privacy Is Privacy = Confidentiality = Security ? Not so.
  19. 19. 01/29/1519 Privacy Maintaining ownership of data. ( Contain risk and may lead to violate IT/non IT security issue) Security Degradation of Service or Functionality Security vs. Privacy in IT
  20. 20. 01/29/1520 SP Authentication information like password S P Reading marks of other student Tempering User data To know the Name of Social Institution S- Security, P- Privacy Security vs. Privacy in IT
  21. 21. 01/29/1521 Privacy Act of 1974  Applies to federal agencies  “No agency shall disclose any record … to any person, or to another agency, except … with the prior written consent of, the individual to whom the record pertains, unless disclosure of the record would be -- – … used solely as a statistical research or reporting record, and the record is to be transferred in a form that is not individually identifiable” (not a defined term)  Restriction on “matching programs” – any computerized comparison of -- (i) two or more automated systems of records … [certain exceptions]
  22. 22. 01/29/1522 Gramm-Leach-Bliley  Except as … authorized …, you may not, directly or through any affiliate, disclose any nonpublic personal information about a consumer to a nonaffiliated third party unless: (i) You have provided to the consumer an initial notice as required; (ii) You have provided to the consumer an opt out notice (iii) You have given the consumer a reasonable opportunity, before you disclose the information to the nonaffiliated third party, to opt out of the disclosure; and (iv) The consumer does not opt out.  Applies to “financial institutions,” a very broad category
  23. 23. 01/29/1523 What Gramm-Leach-Bliley Protects  “Nonpublic personal information” means: (i) Personally identifiable financial information; and (ii) Any list, description, or other grouping of consumers (and publicly available information pertaining to them) that is derived using any personally identifiable financial information that is not publicly available.  “Personally identifiable financial information” means any information: (i) A consumer provides to you to obtain a financial product or service; (ii) About a consumer resulting from any transaction involving a financial product or service between you and a consumer; or (iii) You otherwise obtain about a consumer in connection with providing a financial product or service to that consumer.
  24. 24. 01/29/1524 What HIPAA Provides  A covered entity may not use or disclose protected health information, except as permitted or required … – pursuant to … a consent … to carry out treatment, payment, or health care operations – pursuant to … an authorization – pursuant to … an agreement (opt-in) – [other provisions]  Health information that meets … specifications for de- identification … is considered not to be individually identifiable health information
  25. 25. 01/29/1525 What HIPAA Protects  “Individually identifiable health information” is information that is a subset of health information, including demographic information collected from an individual, and: … – relates to … physical or mental health or condition of an individual; … provision of health care to an individual; or … payment for … health care to an individual; and – identifies the individual; or – with respect to which there is a reasonable basis to believe the information can be used to identify the individual
  26. 26. 01/29/1526 Hippocratic Database  a database that includes privacy as a central concern  inspired by Hippocratic Oath that serves as basis of doctor-patient relationship
  27. 27. 01/29/1527 Key Concept : Purpose  data is collected for a specific purpose  the purpose should be stored with the data  the purpose limits how the data can be used
  28. 28. 01/29/1528 Online Bookseller Example Collects and stores personal information:  To complete transaction and track order  To make book recommendations based on purchase history  To maintain profiles for frequent users  To publish book sales by region of the  country
  29. 29. 01/29/1529 Purpose Specification The purpose for which the personal information was collected shall be stored with that information. Example: online bookseller needs personal information for purchases, book recommendations, etc.
  30. 30. 01/29/1530 Consent The purpose for which the personal information was collected shall have the consent of the donor. Example: individual must consent for purchase, but can opt-in or opt-out of recommendations
  31. 31. 01/29/1531 Limited Collection The personal information collected shall be limited to the minimum necessary to accomplish the specified purpose. Example: don’t need credit card number if purpose is registration
  32. 32. 01/29/1532 Limited Use The database shall allow only those queries that are consistent with the specified purpose. Example: a query for book recommendations cannot reference shipping address
  33. 33. 01/29/1533 Limited Closure The personal information shall not be distributed for purposes other than those for which there is donor consent. Example: the delivery company does not need to know the credit card number
  34. 34. 01/29/1534 Accuracy The personal information stored in the database should be accurate and up-to-date. Example: need to verify that shipping address is valid and current prior to commit
  35. 35. 01/29/1535 Limited Retention The personal information shall be retained only as long as necessary to fulfill the purpose for which it was collected. Example once the purchase is complete/confirmed, credit card numbers are no longer needed
  36. 36. 01/29/1536 Safety The personal information shall be protected by security safeguards against theft and other misappropriations. Example: individuals will be authenticated; sensitive information will be encrypted
  37. 37. 01/29/1537 Openness The donor shall be able to access all information about him/her stored in the database. Example: individual can look at their purchase history and/or user profile
  38. 38. 01/29/1538 Compliance The donor shall be able to verify compliance with the stated policy and the database shall be able to address any challenges. Example: log all accesses to show who had access to what and when
  39. 39. Strawman Design map privacy policy to privacy- policies table map access control policy to privacy-authorizations table compare privacy policy to user’s privacy preferences users can opt-in or opt-out of each purpose keep audit trail as proof of user’s consent check data for accuracy before or after insertion Before Query: check to make sure that attributes in query are listed for that purpose During Query: access to individual tuples of table is restricted by purpose queries have purpose and tuples have purpose do not return tuples where query purpose ≠ tuple purpose After Query: look for unusual patterns of access that are not typical for that purpose and that user add query to audit trail in order to show who had access to what and when delete data that has outlived it’s purpose if same data collected for more than one purpose use maximum retention period
  40. 40. 01/29/1540 Questions? ?

×