Successfully reported this slideshow.

Internet Privacy


Published on

Published in: Technology
  • Be the first to comment

Internet Privacy

  1. 1. Privacy Concerns<br />Policy Discussion of<br />INF 308K Internet Applications <br />1<br />2/20/2009<br />
  2. 2. Outline<br />Definitions & Contexts<br />Ways in which Personal Information Gets Revealed (Consent, Controversy, & Violation)<br />Solutions to Protect Online Privacy<br />Discussion<br />2<br />2/20/2009<br />
  3. 3. Definitions & Contexts<br />3<br />2/20/2009<br />
  4. 4. What Is Privacy?<br />Privacy<br />-- the ability of an individual or group to seclude themselves or information about themselves and thereby reveal themselves selectively. <br />-- a personal, subjective condition. One person cannot decide for another what his or her sense of privacy should be. <br />4<br />2/20/2009<br />
  5. 5. How our privacy is affected?<br />Unsolicited Activities<br />Physical Privacy<br />Crime<br />Done Online<br />Informational Privacy<br />Cybercrime<br />Where your interests <br />MIGHT be compromised via the Internet <br />Where your interests <br />ARE immediately violated via the Internet<br />5<br />2/20/2009<br />
  6. 6. Online Privacy<br />The ability to control what information one reveals about oneself over the Internet, and to control who can access that information. <br />6<br />2/20/2009<br />
  7. 7. How people are concerned?<br />Concerns in dispute<br />Internet Security<br />Internet Privacy<br />Where ordinary users are most concerned<br />7<br />2/20/2009<br />
  8. 8. How they look at privacy?<br />“Privacy is the future. Get used to it.” <br />-- Marc Rotenberg, Director, Electronic Privacy Information Centre - EPIC) (Fortune, 2001). <br />“You have zero privacy anyway. Get over it.”<br /> -- Scott McNealy, CEO, Sun Microsystems, 1999 <br />8<br />2/20/2009<br />
  9. 9. How they look at privacy?<br />&quot;you have to realize that we&apos;re people and we just need privacy and we need our respect and these are just things you have to have as a human being.&quot; <br />-- Britney Spears<br />   June15, 2006<br />   NBC Dateline<br />9<br />2/20/2009<br />
  10. 10. Sensitivity of Information (shared in online social networks)<br /><ul><li>Sensitive information is information or knowledge that might result in loss of an advantage or level of security if revealed (disclosed) to others who might have low or unknown trustability and/or indeterminable or hostile intentions.
  11. 11. Loss, misuse, modification or unauthorized access to sensitive information can adversely affect the privacy of an individual. </li></ul>10<br />2/20/2009<br />
  12. 12. How Your Personal Information Gets Revealed<br />11<br />2/20/2009<br />
  13. 13. By ISP<br />Internet Service Providers (ISP) always know your IP address and the IP address to which you are communicating.<br />ISPs are capable of observing. unencrypted data passing between you and the Internet, but not properly-encrypted data. <br />They are usually prevented to do so due to social pressure and law.<br />12<br />2/20/2009<br />
  14. 14. By Email<br />Emails<br />May be inappropriately spread by the original receiver <br />May be intercepted<br />May be legally viewed or disclosed by services providers or authorities.<br />13<br />2/20/2009<br />
  15. 15. By Listserves & discussion groups<br />There is no barrier for unsolicited messages or Emails within a mailing list or online discussion group.<br />Any member of the list or group could collect and distribute your Email address and information you post.<br />14<br />2/20/2009<br />
  16. 16. By Internet Browsers<br />Most web browsers can save some forms of personal data, such as browsing history, cookies, web form entries and password. <br /> You may accidentally reveal such information when using a browser on a public computer or someone’s.<br />15<br />2/20/2009<br />
  17. 17. What cookie are?<br />Cookies are data packets sent by a server to a web client and then sent back unchanged by the client each time it accesses that server. <br />Cookies are used for authenticating, session tracking and maintaining specific information about users, such as site preferences or the contents of their electronic shopping carts.<br />Cookies are only data, not programs nor viruses<br />16<br />2/20/2009<br />
  18. 18. Why some people dislike cookies? <br />Cookies can be hijacked and modified by attackers. <br />Cookies can be used to track browsing behavior so some think they are tagged. <br />17<br />2/20/2009<br />
  19. 19. A Sample of Cookie<br /><ul><li> If you type JavaScript:alert(document.cookie)into the address bar, when logged onto a site, it is possible to see the cookies which have been set from that domain.</li></ul>18<br />2/20/2009<br />
  20. 20. By Search Engine<br />Search engines have and use the ability to track each one of your searches (e.g. ,IP address, search terms, time)<br />19<br />2/20/2009<br />
  21. 21. What search engines did?<br /> “August, 7, 2006, AOL apologized for releasing search log data on subscribers that had been intended for use with the company&apos;s newly launched research site. Almost 2 weeks before that, AOL had quietly released roughly 20 million search records from 658,000 users on their new AOL Research site. The data includes a number assigned to the anonymous user, the search term, the date and time of the search, and the website visited as a result of the search.”<br /> “In January 2006 the U.S. Department of Justice issued a subpoena asking popular search engines to provide a &quot;random sampling&quot; of 1 million IP addresses that used the search engine, and a random sampling of 1 million search queries submitted over a one-week period.  The government wanted the information to defend a child pornography law.  Microsoft, Yahoo, and AOL reportedly complied with the request, while Google fought the subpoena.”<br />20<br />2/20/2009<br />
  22. 22. Privacy Policy Sample Clauses<br />Yahoo: “Yahoo! collects personal information when you register with Yahoo!, when you use Yahoo! products or services, when you visit Yahoo! pages or the pages of certain Yahoo! partners, and when you enter promotions or sweepstakes. Yahoo! may combine information about you that we have with information we obtain from business partners or other companies.”<br />Google: “Log information – When you access Google services, our servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your web request, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser. Also, in order to protect you from fraud, phishing, and other misconduct, we may collect information about your interaction with our services. Any such information we collect will only be used to detect and prevent fraud or other misconduct.”<br />21<br />2/20/2009<br />
  23. 23. By indirect Marketing<br />Web bugs: a graphic (in a Web site or a graphic-enabled email) that can confirm when the message or Web page is viewed and record the IP address of the viewer.<br />Third party cookies: a web page may contain images or other components stored on servers in other domains. Cookies that are set during retrieval of these components are called third-party cookies.<br />22<br />2/20/2009<br />
  24. 24. By Direct Marketing<br />Direct marketing is a sales pitch targeted to a person based on previous consumer choices. It is ubiquitous these days.<br />Many companies also sell or share your information to others. This Sharing with other businesses can be done rapidly and cheaply. <br />23<br />2/20/2009<br />
  25. 25. By Instant Messaging<br />Your IM conversation can be saved onto a computer even if only one person agrees. <br />Workplace IM can be monitored by your employer.<br />Spim: Spam distributed in IM. <br />24<br />2/20/2009<br />
  26. 26. By Social Networks, Blog & Personal Websites<br />Employers and school officials are increasingly sensitive to the messages you convey in social networks. <br />25<br />2/20/2009<br />
  27. 27. Too many cases to list<br />“An October 2007 survey of employers found that 44% use social networking sites to obtain information about job applicants. And 39% have searched such sites for information about current employees.”<br />“In 2005 a Pennsylvania high school student was suspended for 10 days and transferred into an alternative education program after making an unflattering MySpace profile for his principal. The ACLU is currently representing the student in a lawsuit against the school district.”<br />26<br />2/20/2009<br />
  28. 28. Want to a hacker?<br />27<br />2/20/2009<br />
  29. 29. By Official Use<br />Court records When you file a lawsuit for divorce or are a party to a civil lawsuit or criminal case, court records, are accessible to the public.<br />Government  The government may want your personal information for law enforcement purposes as well as for foreign intelligence investigations.  Various laws govern these procedures. <br />28<br />2/20/2009<br />
  30. 30. According to a New York Times article (published February 4, 2006)<br />AOL receives more than 1,000 subpoenas each month seeking information about AOL users.  Most of these subpoenas come from law enforcement and generally ask for the user’s name, address, records of when the individual signed on and off of the Internet, and the IP address. <br />29<br />2/20/2009<br />
  31. 31. By Employers<br />According to the 2005 Electronic Monitoring & Surveillance Survey from the American Management Association and The ePolicy Institute<br />76% of employers monitor employees&apos; Web site connections;<br />65% use technology to block connections to banned Web sites;<br />55% monitor e-mail.<br />30<br />2/20/2009<br />
  32. 32. By Cybercrime<br />Spyware takes advantage of security holes by attacking the browser and forcing it to be downloaded and installed and gather your information without your knowledge. <br />Phishing occurs when criminal lure the victim into providing financial data. <br />Pharmingoccurs when criminals plant programs in the victim’s computer which re-direct the victim from legitimate Web sites to scam look-alike sites.<br />31<br />2/20/2009<br />
  33. 33. Solutions to Protect Online Privacy <br />32<br />2/20/2009<br />
  34. 34. Cookie Controls<br />33<br />2/20/2009<br />
  35. 35. Other Technical Resorts<br />Anti-virus software<br />Firewalls & Proxies<br />Encryption tools<br />Anonymizer<br />34<br />2/20/2009<br />
  36. 36. The Platform for Privacy Preferences (P3P)<br />developed by the World Wide Web Consortium (W3C), is a protocol allowing websites to declare their intended use of information they collect about browsing users and allow users to configure their browsers or other software tools in such a way that they are notified whether web site privacy policies match their pre-set preferences.<br />35<br />2/20/2009<br />
  37. 37. Legal Authorities <br />The Supreme Court has taken a hands-off approach to regulating the Internet in favor of free speech.  <br />The federal government is increasingly interested in regulating the Internet, for example through child pornography and gambling laws.  <br />The White House appears to welcome the lack of restriction on data sharing and surveillance.  <br />36<br />2/20/2009<br />
  38. 38. The Only Two Absolute Choices<br />Insulate yourself from the Internet<br /><ul><li> Raise awareness of privacy
  39. 39. learn to safeguard your privacy with a minimum sacrifice of convenience </li></ul>37<br />2/20/2009<br />
  40. 40. Discussion<br />How do you draw the line on online Privacy? <br />Have you had or heard any bad experience in which one’s privacy was invaded over the internet? You might want to put forth such a real-life example to alert us. <br />What do you think of P3P? Any suggestions on how to improve it?<br />Any conceptual solutions to the general public’s anxiety over online privacy invasion?<br />38<br />2/20/2009<br />