1 / 15

Taking the Byte Out of Cookies: Privacy, Consent, and the Web

Introduction. What is different about our concerns with privacy when we deal with the Internet?Our contributions:Difference between the collection and centralization of information.The role of informed consent in the theory of privacyReasonable expectation of privacy and Internet cookies. Theori

giolla
Download Presentation

Taking the Byte Out of Cookies: Privacy, Consent, and the Web

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


    1. Taking the Byte Out of Cookies: Privacy, Consent, and the Web Daniel Lin Department of Computer Science University of Illinois at Urbana-Champaign Michael C. Loui Department of Electrical and Computer Engineering, and Coordinated Science Laboratory University of Illinois at Urbana-Champaign

    2. Introduction What is different about our concerns with privacy when we deal with the Internet? Our contributions: Difference between the collection and centralization of information. The role of informed consent in the theory of privacy Reasonable expectation of privacy and Internet cookies 1. What is different about our concerns for the Internet? Documented concerns about privacy have been around for at least 100 years (since 1890 in Warren and Brandeis Harvard Law Review article). What is different is the scale of information and the ease with which is moves (both collected and released) on the Internet. Internet transactions unlike real world transactions have not been around long enough for the public to know the impact. An additional setback is that the general public does not understand technology. A good way of saying this is that the public has not yet developed a reasonable expectation of privacy for transactions on the Web. 2. Collection and centralization of information There are at least two types of manipulation of information which occur on the Internet- collection and centralization. We will see how differently these types of information implementation can affect our privacy. 3. Role of Informed Consent Concept of informed consent is well developed in the field of medical ethics. We extend its boundaries here and see how it is a useful tool for privacy discussions. 4. Reasonable expectation of privacy and Cookies Explore Cookies and offer an interpretation of reasonable expectation of privacy for them 1. What is different about our concerns for the Internet? Documented concerns about privacy have been around for at least 100 years (since 1890 in Warren and Brandeis Harvard Law Review article). What is different is the scale of information and the ease with which is moves (both collected and released) on the Internet. Internet transactions unlike real world transactions have not been around long enough for the public to know the impact. An additional setback is that the general public does not understand technology. A good way of saying this is that the public has not yet developed a reasonable expectation of privacy for transactions on the Web. 2. Collection and centralization of information There are at least two types of manipulation of information which occur on the Internet- collection and centralization. We will see how differently these types of information implementation can affect our privacy. 3. Role of Informed Consent Concept of informed consent is well developed in the field of medical ethics. We extend its boundaries here and see how it is a useful tool for privacy discussions. 4. Reasonable expectation of privacy and Cookies Explore Cookies and offer an interpretation of reasonable expectation of privacy for them

    3. Theories of Privacy Right to be let alone (Warren & Brandeis) Control of information (Fried, ) Undocumented personal knowledge (Parent) Privacy as restricted access (Gavison) Secrecy Anonymity Solitude Loss of privacy versus violation of privacy Why privacy is important (Rachels, Benn) 1. Privacy as the right to be let alone If Alice clubs Bob on the head with a baseball bat, she has not invaded his privacy. Yet she has not let Bob alone. 2. Privacy as control of information If Alice tells Bob about Charless smoking habit, Charles suffers no loss of privacy because his smoking habit is widely known. But he has no control of this information. 3. Privacy as Undocumented Personal Knowledge Any personal information which can be found in public documents such as newspapers and magazines cannot cause violations of privacy. Alice is unknowingly photographed sunbathing nude on her private beach. The photographed is published in various magazines. According to this definition of privacy, the next time someone sees Alice nude, she will not lose any privacy. 4. Privacy as Restricted Access Secrecy- extent to which we are known to others. Anonymity- extent to which we are the subject of others attention. Solitude- extent to which others have physical access to us. Loss of privacy can be good: lower auto insurance, leniency from courts. 5. If time, discuss why privacy is important (Rachels- social context for relations) 1. Privacy as the right to be let alone If Alice clubs Bob on the head with a baseball bat, she has not invaded his privacy. Yet she has not let Bob alone. 2. Privacy as control of information If Alice tells Bob about Charless smoking habit, Charles suffers no loss of privacy because his smoking habit is widely known. But he has no control of this information. 3. Privacy as Undocumented Personal Knowledge Any personal information which can be found in public documents such as newspapers and magazines cannot cause violations of privacy. Alice is unknowingly photographed sunbathing nude on her private beach. The photographed is published in various magazines. According to this definition of privacy, the next time someone sees Alice nude, she will not lose any privacy. 4. Privacy as Restricted Access Secrecy- extent to which we are known to others. Anonymity- extent to which we are the subject of others attention. Solitude- extent to which others have physical access to us. Loss of privacy can be good: lower auto insurance, leniency from courts. 5. If time, discuss why privacy is important (Rachels- social context for relations)

    4. Informed Consent and the Collection of Information Disclosure Comprehension Voluntariness Competence Consent Segue from previous slide: When, then, is a loss of privacy a violation of privacy? 1. Disclosure All pertinent information must be disclosed to the subject (how and why the information is being collected) 2. Comprehension Subject understands risks and benefits of revealing information 3. Voluntariness Subject is under no pressure of duress to reveal the information 4. Competence Subject takes responsibility for releasing information 5. Consent Subject is given a choice whether to reveal the informationSegue from previous slide: When, then, is a loss of privacy a violation of privacy? 1. Disclosure All pertinent information must be disclosed to the subject (how and why the information is being collected) 2. Comprehension Subject understands risks and benefits of revealing information 3. Voluntariness Subject is under no pressure of duress to reveal the information 4. Competence Subject takes responsibility for releasing information 5. Consent Subject is given a choice whether to reveal the information

    5. Collection of Personal Information An ethical collection of personal information causes a loss of privacy Obtaining informed consent is sufficient but not necessary for an ethical collection of personal information An unethical collection of personal information causes a violation of privacy Collection of personal information is unethical when it does not comport with the reasonable expectation of privacy for this situation To summarize, if we are uncertain whether a collection of information causes a violation of privacy- that is, if we are uncertain of the reasonable expectations of privacy for a certain situation, obtaining informed consent will make the collection ethical. To summarize, if we are uncertain whether a collection of information causes a violation of privacy- that is, if we are uncertain of the reasonable expectations of privacy for a certain situation, obtaining informed consent will make the collection ethical.

    6. Centralization of Information Assembling personal information from multiple sources, originally collected for different purposes: digital dossier Violation of privacy with no extra loss of privacy: Composite portrait out of context Unauthorized subsets of information

    7. Reasonable Expectation of Privacy Natural versus normative privacy (Moor) Privacy in public places (Nissenbaum) Supermarket: public place Shopping cart: private in public? The Internet Home office: private place Web access: public in private?

    8. Internet Cookies The Internet Reasonable expectations of privacy are neither firmly rooted nor well developed What are Internet cookies? Internet cookies allow a Web site to gather and store information about our visit to that Web site

    9. What do Cookies Look Like? All cookies contain the same information: The name of the cookie The value of the cookie An expiration date The path for which the cookie is valid The domain for which the cookie is valid A flag indicating whether the cookie requires secure transport Lets look at the first line, victory.cnn.com The name of this cookie is NGUserID The value of this cookie is cf1947b7-20682-881794064-1 The expiration date is 942189160 The valid path is / (starting from the root) The valid domain is victory.cnn.com The secure transport flag is FALSE CNN probably uses this cookie to access a database of information about this user, cf1947b7-20682-881794064-1, to access a database of information accumulated about this user.Lets look at the first line, victory.cnn.com The name of this cookie is NGUserID The value of this cookie is cf1947b7-20682-881794064-1 The expiration date is 942189160 The valid path is / (starting from the root) The valid domain is victory.cnn.com The secure transport flag is FALSE CNN probably uses this cookie to access a database of information about this user, cf1947b7-20682-881794064-1, to access a database of information accumulated about this user.

    10. What do Cookies Look Like? An example cookie file from a UNIX workstation using Netscape: # Netscape HTTP Cookie File # http://www.netscape.com/newsref/std/cookie_spec.html # This is a generated file! Do not edit. victory.cnn.com FALSE / FALSE 942189160 NGUserID cf1947b7-20682-881794064-1 revenue.infi.net FALSE / FALSE 942189160 KRRC d083adf8-4235-882047182-1 adserv.newcentury.net FALSE / FALSE 942189160 NGUserID d101991f-10174-882047153-1 .doubleclick.net TRUE / FALSE 1920499140 id 117828a6 .illuminatus.com TRUE / FALSE 945734399 Count 1 Lets look at the first line, victory.cnn.com The name of this cookie is NGUserID The value of this cookie is cf1947b7-20682-881794064-1 The expiration date is 942189160 The valid path is / (starting from the root) The valid domain is victory.cnn.com The secure transport flag is FALSE CNN probably uses this cookie to access a database of information about this user, cf1947b7-20682-881794064-1, to access a database of information accumulated about this user.Lets look at the first line, victory.cnn.com The name of this cookie is NGUserID The value of this cookie is cf1947b7-20682-881794064-1 The expiration date is 942189160 The valid path is / (starting from the root) The valid domain is victory.cnn.com The secure transport flag is FALSE CNN probably uses this cookie to access a database of information about this user, cf1947b7-20682-881794064-1, to access a database of information accumulated about this user.

    11. Argument Against Cookies (Mayer-Schoenberger) Cookies are stored on the users computer without the users consent or knowledge Cookies are clandestinely and automatically transferred from the users computer to the Web server Because cookies allow the Web server to set an expiration date, they violate the accuracy and timeliness principles in the European Union Directive on the Protection of Personal Data Once the cookie is set, it is freely accessible to Web servers: FALSE Mayer-Schoenberger presents four reasons why cookies are an invasion of our privacy. 1. As we have seen, cookie are just a text file stored on the hard drive by your web browser. Technically, this is no different from cache files, temporary files, or log files which are stored on our hard drive without our knowledge. 2. Typical computer user is unaware of much information which is transferred to other machines. Web page visits always reveal: IP address Current time Previous Web page visited 3. This argument mistakes the tool for the use. The expiration date allows the realization of the accuracy and timeliness principles. It also allows for abuse of these principles.Mayer-Schoenberger presents four reasons why cookies are an invasion of our privacy. 1. As we have seen, cookie are just a text file stored on the hard drive by your web browser. Technically, this is no different from cache files, temporary files, or log files which are stored on our hard drive without our knowledge. 2. Typical computer user is unaware of much information which is transferred to other machines. Web page visits always reveal: IP address Current time Previous Web page visited 3. This argument mistakes the tool for the use. The expiration date allows the realization of the accuracy and timeliness principles. It also allows for abuse of these principles.

More Related