290 likes | 607 Views
The Invasion of Privacy. 960491 정하녕. Contents. Introduction Database Disaster Information Mosaic Calling Number Identification NSA - Virtual Big Brothers Surveillance Societies Eavesdropping Privacy Legislation Conclusion Related Sites. Introduction. George Owell <1984>
E N D
The Invasion of Privacy 960491 정하녕
Contents • Introduction • Database Disaster • Information Mosaic • Calling Number Identification • NSA - Virtual Big Brothers • Surveillance Societies • Eavesdropping • Privacy Legislation • Conclusion • Related Sites
Introduction • George Owell <1984> • Enemy of the State (1998) • A lawyer becomes a target by a corrupt politician and his NSA goons when he accidently receives key evidence to a serious politically motivated crime. • 내 귀에 도청장치가!!
Database Disaster • Computer databases have been responsible for some terrible blunders
Credit doctors • people who steal good credit histories and then sell them to those who have accumulated atrocious credit histories • Darlent Alexander, Houston schoolteacher, had become a victim of the so-called credit doctors. Her records showes outstanding accounts with American Epress, MasterCard, and Vias and a $22,800 loan for a Chevrolet Camaro. • Michael DuCross’s example on 24 March 1980 • stopped by a police patrol car after he had made an illegal left turn. • The records in FBI’s National Crime Information Center(NCIC) in Washington indicated that he was wanted by the federal government for going AWOL from the Marine Corps at Christmas 1969
On Friday, 9 November 1979 in France • Three Frenchmen who legally bought the car which had once been stolen were attacked by three police officers with an outofdate information • UD Registry Inc. • provides landlords with information about prospective tenants • Barbara Ward’s example - the record showed that she had once been servered with an eviction notice • The File by Peter Kimball • Kimball’s personal file at the FBI revealed that for more than thirty years he had been classified as an undesirable citizen and a communist sympathizer
The Information Mosaic • Data is the basis of a complex web of data dependencies and symbiotic relationships and these complex relationships amond data collectors, comsumers, and reprocessors have formes an information ecology • Whether we are aware of it or not, whether we like it or not, anyone functioning in a modern society inevitably generates a trail of informaion that acts as the plankton of this complex information ecology. • These repackaged mosaics, including errors and inaccuracies, are then sold to government agencies, mortgage lenders, retailers, small businesses, marketers, and insurers.
The major players in this commercial information ecology are the three giant credit bureaus: TRW, Equifax, and Trans Union, plus about 450 smaller outfits • The major problem is the difficulty in detecting incorrect information and its correction • according to some reports, as much as 30 to 40 percent of the information contained in the database of the big three is inaccurate
In June 1991 Robert J. Corbey … • He applied for a $2,000 loan but he was refused because computer records at Equifax had confused him with another Robert Corbey. • Although Corbey was lucky, this easily could have happened. • James Russel Wiggins thought he had finally made it… • He got a $70,000-a-year sales job at District Cablevision in Washington, D.C. But 6 weeks later he was fired because he had not told Cablevision that he had been convicted of cocaine possession. • It turned that Equifax had goofed by pulling the criminal record of James Ray Wiggins and folding the disparate files together
The proposed product of Lotus received massive complaints • Lotus Marketplace: Households database was to have contained a vast amount of data on 120 million Americans, including their names, addresses, estimated incomes, comsumer preferences, and other personal details - all of it supplied by Equifax Inc. And anyone could purchase a copy of $695 and utilize the information for whatever purpose.
Calling Number Identification • CNID(Calling Number Identification), aka “caller ID” • phone service that allows you to see the nubmer of the person calling you before you pick up the phone • Advantage • can inhibit obscene and prank callers and discourage false alarms to the police, the fire service, and ambulance services. • Disadvantage • Reveales people’s unlisted numbers not only makes that service a contradiction but potentially could be dangerous to people in threatening situations - those protecting not just their privacy bue their lives. • At a more mundane level, a casual inquiry to a local store can result in weeks of badgering by highpressure salespeople.
About fifteen states including Pennsylvania may restrict caller ID under wiretap legislation or state constitutional privacy rights. • U.K. and Australia is making moves toward allowing per-call blocking on caller ID. But for most countries, the possible efficiency gains are propelling caller ID into realization.
NSA - Virtual Big Brother • Establishment • NSA was established by Presidential directive in 1952 to provide signals intelligence and communications security activities of the Government. Since then, the NSA has gained the responsibility for information systems security and operations security training. • Mission Statement • The ability to understand the secret communications of our foreign adversaries while protecting our own communications -- a capability in which the United States leads the world -- gives our nation a unique advantage.
NSA’s involvement with the establishment of encryption standards • encryption is becoming an increasingly favored precaution in many financial transactions and other data communications • During the establishment of the Data Encryption Standard (DES) the NSA lobbied strongly inside the International Standards Organization (ISO) to have the DES disapproved. • For many experts in the field of PKC (Public Key Cryptography), the choice is tha RSA technique. However, ragher than adopt RSA, which has a patent in effect, the NSA recommended in 1991 that National Institute of Standards and Technology (NIST) adopt a technique developed by NSA - known as the Digital Signature Standard (DSS)
NSA’s restrict on information flows • National Computer Security Center (NCSC: a divition of the NSA) contacted researchers at Purdue University, Indiana, and asked them to remove information from campus computers showing the internal workings of Robert Morris’s Internet worm program. • In 1984 President Reagan signed an executive order for the NSA that describes information contained in database as part of a mosaic in which individual pieces are innocuous but, when aggregated, allow a more complete picture to appear. • U.S. government’s restrict on the exportation of cryptography technology • Microsoft Installs US Spy Agency with Windows !!! • http://www.cryptonym.com/hottopics/msft-nsa.html • http://www.etnews.co.kr/etnews/search_etnews_content?199909060106|05
Other Big Brothers • 국가정보원 • FBI • In 19667 the FBI established the National Crime Information Center (NCIC) • to maintain computer-based files on missing persons, warrants, stolen property, securities, criminal histories, and registered property(guns, vehicles, etc.). • NCIC houses some 8 million individual dossiers (one in every 30 Americans) and this number is expected to grow to encompass records on 90 percent of all U.S. residents with arrest records - about 35 million people, approximately 40 percent of the U.S. labor force.
As recently as 1992, the FBI requested that it be given authority to set technical standards for the computer and communication industry. • U.S. Defense Advanced Research Projects Agency (DARPA) • is now involved in a multi-million-dollar program to apply AI and parallel processing techniques to the detection and elimination of drug-related criminal activities. • Tracking currency, cargo shipments, and telephone usage • Such technologies might be applied to our everyday lives!! • The classic tug of war between the perceived role of the state to preserve law, order, and national security and the rights of individuals to fundamental democratic freedoms.
Surveillance Societies • In Asia there appear to be no qualms about embracing the Orwellian concept, Big Brother. • Thai’s centralized database system • includes a population identification number (PIN) with a omputer-redable ID card with photo, name, address, height, thumbprint, parent’s names, marital status, children’s names, education, occupation, income, nationality, religion, tax return, and criminal record (if any). • The largest government database in the world • Indonesia and the Philippines are considering adopting the Thai system
The white-ruled government of South Africa • used pass card and fingerprint systems to enforce travel restrictions on the black majority • the Republic of Singapore’s road tax system • monitors car locations and levys an appropriate fee for road usage • Australia’s LEAN (Law Enforcement Access Network) • Many countries in Europe already use compulsory card systems
주민등록제도 • 1968년 1월 12일 무장공비침투사건으로 어수선한 상황에서 변변한 검토도 없이 당시 여당이었던 공화당이 단독국회에서 주민등록법 개정안을 의결함으로써 도입됨.박정희 군사정권 당시, 간첩과 범죄자 색출이라는 미명하에 도입되어 현재까지 유지되고 있는 제도. • 지문날인 필수 • 강제적이고 중앙 통제적인 등록 제도 • 혼인여부, 혈액형, 본적변경사유, 주소이동상황, 예비군교육훈련사항, 학력, 학과, 직업 등 141개의 항목 • 주민등록번호의 경우 우리나라는 전국민 고유번호제도를 시행하고 있고, 생년월일, 성별, 출신지등 개인의 핵심정보로 구성된 주민등록번호체계를 갖고 있지만, 대부분의 국가에서는 지방자치단체에서 주민등록을 받은 일련번호 순으로 작성되고 있을 뿐
전자주민증 반대 운동과 지문날인 반대 운동 • 1999년 4월 26일 주민등록법 개정안이 통과되면서 새로운 주민등록증을 도입 • 새로운 주민등록증은 IC chip만 빠진 전자주민증 • IC chip 대신 전자 지문을 사용하므로 동일한 것으로 볼 수 있음 • 전 국민의 지문날인은 전 국민을 범죄자로 보는 것과 같다. • 이미 전과자를 대상으로 실시하고 있는 지문 자동 인식 시스템을 전 국민에게 확대시키는 것일 뿐
Eavesdropping • Surveillance technologies are also available to those with sufficient need and sufficient funds to purchase them. • In many workplaces employees are monitored by employers • some reports have indicated that up to 26 million Americans are having their work tracked electronically and up to 10 million have their pay based on computer evaluations. • 수사기관의 도,감청 • 국가 안보와 사생활 침해 사이의 논란 • 올 상반기의 수사기관의 유,무선 통신업체에 대한 정보제공 요청 건수가 9만 3천여건으로 지난해 같은 기간 6만 2천여건에 비해 증가 • 이동통신 5개사에 대한 통화내역 조회건수가 올 상반기 4만 8천여건으로 작년 상반기 1만 7천여건에 비해 3배 증가
올 상반기 검찰과 경찰 등 수사기관이 감청을 실시한 전화는 2만5000대당 1대 꼴인 것으로 나타났다. 대검찰청 형사부(부장 한광수)는 17일 올 상반기 수사기관이 감청한 전화는 모두 2103대로, 전체 전화 5086만여대의 0.004%였다고 밝혔다. 검찰은 또 98년은 전화 6638대에 대해 감청을 실시, 전체 전화 4814만대의 0.014%에 달했다고 검찰은 밝혔다. From 조선일보 • 기타 • 검찰은 수사기관에 의한 감청 외에 신용조사업체.심부름센터 등 사설기관에 의한 불법감청 횟수가 이보다 훨씬 많을 것으로 보고 지난달부터 검.경이 집중 단속을벌인 결과 불법감청장비 제조.판매사범, 도청사범 등 280명을 단속, 이중 126명을 구속했다고 밝혔다. • 몰래카메라 • 각종 도청 장비를 용산 등지에서 쉽게 구입 가능
Privacy Legislation • United Kingdom • the Data Protection Act of 1984 provides individuals with a number of safeguards against abuse of personal informaion contained in database. • Data Protection Registrar • But some commentators have expressed concern that the Data Protection Act is a paper tiger that doesn’t work! • European countries had been strongly influenced by two publications • Guidelines on the Protection and Privacy of Transborder Flows of Personal Data, published by the OECD in 1980 • the Council of Europe’s Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data
Some evidence suggests that the message of the Guidelines and the European Convention has filtered down to private corporations • IBM and Bank of America have developed and published rules that conform to these principles. But the U.S. legislature is only just beginning to come to terms with the complexities of new technologies coexisting with ancient legislation based on inadequate and dated precedents.
우리나라의 개인정보보호에 관한 법률 • 공공기관의 개인정보보호에 관한 법률 • 94.1.7 법률 제 4734호 • 공공기관의 개인정보보호에 관한 법률 시행령 • 공공기관의 개인정보보호에 관한 법률 시행규칙 • 정보통신망 이용촉진등에 관한 법률 • 99.2.8 법률 제 5835호 • 금융실명거래및 비밀보장에 관한 법률 • 제 4조 (금융거래의 비밀보장) • 전자거래 기본법 • 제 3장 전자거래의 안전 • 제 13조 개인정보보호 등
Conclusion • Instrumental treatment of human beings is at the heart of the privacy issue • the removal of our right to be treated as an individual human being and not as a Social Security number, a number plate, a credit history, or an insurance record • We need to ponder the larger issue of what the applicatoin of computing to social processes means for the rights and freedoms of ordinary citizens. • Nothing in life can be guaranteed, but the first step roward the resolution of any problem is to be aware of it.
Related Sites • Center for Democracy & Technology • works to promote democratic values and constitutional liberties in the digital age. With expertise in law, technology, and policy, CDT seeks practical solutions to enhance free expression and privacy in global communications technologies. CDT is dedicated to building consensus among all parties interested in the future of the Internet and other new communications media. • http://www.cdt.org • NSA • http://www.nsa.gov
DARPA • http://www.darpa.mil • 지문날인거부캠패인 • http://fprint.jinbo.net • NIST • http://www.nist.gov • Guidelines on the Protection of Privacy and … of OECD • http://www.oecd.org//dsti/sti/it/secur/prod/PRIV-EN.HTM • Electronic Privacy Information Center • http://www.eipc.org