150 likes | 164 Views
Explore the complexities of online privacy, data protection, and ethical considerations in IT. Learn about privacy rights, data mining ethics, workplace monitoring, and cultural influences on privacy expectations.
E N D
IT and Ethics Lecture 12 Privacy and Data Protection Kai Kimppa, IT Department, Information Systems
Varvara Z. Mitliaga (2004) Online Privacy: Explaining the Nature and Special Features of the Right to Seek Protection Richard Volkman (2003) Privacy as life, liberty and property Introduction • Internet lacks the traditional characteristics of physical space—on-line privacy? • Information gathering about people has been problematic for quite some time • What is new, however, is that now that information can be collected and handled so much more efficiently, that it is claimed, that it brings about a qualitative, and not just quantitative change • From it that society might be benevolent now doesn’t follow that it always would be • What is IT personnels responsibility? • IS designers? • IT support? Kai Kimppa, IT Department, Information Systems
Varvara Z. Mitliaga (2004) Online Privacy: Explaining the Nature and Special Features of the Right to Seek Protection Mathias Klang (2004) Spyware – the ethics of covert software Expectations of on-line privacy • Can we expect to not be known? • Contacting IRC or other chat or bulletin board, expecting to be ‘anonymous’ • Is a ‘nick’ with no identifying information some sort of guarantee for anonymity? • A lot of information available in many cases • Searches to identify etc. • Internet ‘discussions’ not similar to physical discussions, anyone can log them and find the information later • People generally think that they have more privacy than they actually do • Unobtrusiveness of on-line monitoring, “spyware”—one generally does not know when one is logged/monitored Kai Kimppa, IT Department, Information Systems
Technical solutions? • Some exist, at least the following should be used to secure some form of privacy on-line: • Firewalls • Anti-virus software • Use malware SW (even Microsoft providing one for Windows users) • Read the privacy statements provided • “Privacy birds”, i.e. signs simplifying the meaning of the deals • Don’t open just anything that comes through e-mail • Use spam blockers • Trusted (Treacherous?) Computing Kai Kimppa, IT Department, Information Systems
Personal information in the net – collecting • Public database searches – ‘public information’ • Newspaper searches • Search engine search • Google news search • False information • … Kai Kimppa, IT Department, Information Systems
Other societies privacy expectations? • Japan: “No privacy”? • Minimal sense of privacy, but not nearly as much expected as in US, for example • Group mentality • Privacy claims seen as mistrust towards others • Same applies, to a far lesser degree, but still, to continental Europe compared to Anglo-American privacy expectations Mizutani, Dorsey and Moor (2004) The internet and Japanese conception of privacy Orito & Murata (2005) Privacy Protection in Japan: Cultural Influence on the Universal Value Kai Kimppa, IT Department, Information Systems
Private data transferred to various destinations • People taking it home • Making copies left unprotected • Copying to other databases • Problems with correcting misinformation • Not knowing where the information resides or what it is used for Kai Kimppa, IT Department, Information Systems
Hansson et al. (2005) Privacy at the computerized workplace Workplace monitoring • Monitoring what people do with their computers • Various degrees • Logs of each computer • General logs of web traffic • Camera monitoring • Considered a database if saved to a computer disk Kai Kimppa, IT Department, Information Systems
Data mining Lita van Wel and Lambèr Royakkers (2004) Ethical issues in web data mining Judith Wagner DeCew (2004) Privacy and policy for genetic research Herman T. Tavani (2004) Genomic research and data-mining technology Canellopoulou-Bottis (2005) DeCODE Iceland and genetic databanks • Direct marketing • Gathered data often also sold elsewhere for use • Genetic data bases • Searching for people who are particularly prone to certain health issues • Cancer? Ok, I quess • Drug abuse? “Interesting” conclusions can be drawn • Webmining to automatically discover and extract data from documents and services • Privacy and individuality under threath • For privacy, information needs to be able to be controlled • Loss of individuality if cannot choose what information available to whom and when • Individuality also in threath from generalisations made from data mining Kai Kimppa, IT Department, Information Systems
Example: DeCODE in Iceland collected genetic information claiming the company was “working for the government” (or so people perceived it) and has then sold the information it gathered to various outside organizations, mainly pharmaseutical companies Kai Kimppa, IT Department, Information Systems
Locating the User • Location Based Services/Global Positioning System/ • What information can be given to the service provider? • Is it ok to (have to?) receive advertisement from close by restaurant, whether one wants or not? • What about the advertiser knowing where the person getting the service is? • Do others have a right to know where one travels? • Rental cars and company vehicles have locating systems • RFID applications • WLAN or Mobile Phone locating Kai Kimppa, IT Department, Information Systems
Ben Fairweather and Simon Rogerson (2004) Editorial: Biometric Identification Biometric Identification • Anonymity endangered • In what situations should we be able to be anonymous? • Cf. British identification cards • Hijacking of biometrics • Biometric data is after all just that: data—it can be falsified as any data can • False identities • If the source of the information is compromised, the trust based on identification is misplaced Kai Kimppa, IT Department, Information Systems
Digital Surveillance • Computerised Facial Recognition Systems • Collect information: For example find criminals or terrorists, BUT can also be used by criminals and terrorists to identify targets • 98% accuracy (1 out of 50 ‘criminals’ misidentified) • Privacy vs. Security? • How much security really gains from these? Worth the invasiveness? (Patriot Act, War on Terror used to limit privacy) • Combination with AI? • Purpose widening (i.e. “function creep”) • Collecting info with other data than the face – sales info, for example (already done in the States!) • Open surveillance camera’s in Google Philip Brey (2004) Ethical Aspects of Facial Recognition Systems in Public Places Lynsey Dubbeld (2004) Limits on Surveillance:… David Lyon (2003) Airports as Data Filters:… Maciej Smiatacz (2003) Erosion of privacy in comp. vision systems Kai Kimppa, IT Department, Information Systems
Digital Cameras and Camera Phones • Digital camera’s have changed the way pictures are taken • Easy to take • Easy to remove • Easy to upload • Camera phones have changed this even more • Low quality (for now) but even easier to upload as MMS • A lot of the pictures taken either illegally or at least immorally publicised • Picture taking illegal e.g. in toilets, rest areas, private areas, etc. • Although public picture taking legal, private issues (compare: the word of the law with the meaning of the law) not necessarily legal or moral to show (cf. previous bulletin) • Home video’s in the net • Some pictures modified to degree which does not reflect reality at all (e.g. “celebrity nudes”) Kai Kimppa, IT Department, Information Systems
Demonstration case • Can people giving their private information be thought to do it with “informed consent”? • Do people understand what they sign or what they agree when entering web sites that collect information about them? Kai Kimppa, IT Department, Information Systems