1 / 31

“ You have zero privacy, ” “ You own your data, ” and other Myths

“ You have zero privacy, ” “ You own your data, ” and other Myths. Dr. Gilad L. Rosner Visiting Researcher Horizon Digital Economy Research Institute gilad@giladrosner.com http:// bit.ly / grosner @ GiladRosner. Where were you last night at 10pm?. What hygiene products do you buy?.

jbelinda
Download Presentation

“ You have zero privacy, ” “ You own your data, ” and other Myths

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. “You have zero privacy,”“You own your data,”and other Myths • Dr. Gilad L. Rosner • Visiting Researcher • Horizon Digital Economy Research Institute • gilad@giladrosner.com • http://bit.ly/grosner • @GiladRosner

  2. Where were you last night at 10pm?

  3. What hygiene products do you buy?

  4. How much do you drink?

  5. Did you attend a political rally last week?

  6. What is in your medicine cabinet?

  7. Have you always been • faithful to your partner?

  8. What charities do you give money to?

  9. What pornography do you prefer?

  10. How much money do you make?

  11. Do you have an STD?

  12. Is there a history of alcoholism in your family?

  13. Privacy ≠ regime to control information

  14. “Instantaneous photographs and newspaper enterprise have invaded the sacred precincts of private and domestic life; and numerous mechanical devices threaten to make good the prediction that "what is whispered in the closet shall be proclaimed from the house-tops....” The press is overstepping in every direction the obvious bounds of propriety and of decency.… The intensity and complexity of life ... have rendered necessary some retreat from the world, and man, under the refining influence of culture, has become more sensitive to publicity, so that solitude and privacy have become more essential to the individual…” Warren & Brandeis, 1890

  15. “There exists a threshold beyond which social contact becomes irritating for all parties; therefore, some provision for removing oneself from interaction and observation must be built into every establishment...” Schwartz, 1968

  16. An appetite for limitless collection • A blurring of separate informational spheres • Inter-organizational sharing • Fishing expeditions in data originally collected for other uses – “dragnet behavior” • Poor security • System abuses leading to reduced confidence in government • Impersonal machine-based choices about people’s lives • The spectre of a master dossier about individuals

  17. a right “to control, edit, manage, and delete information about [oneself] and decide when, how, and to what extent information is communicated to others” solitude・intimacy・anonymity・reserve

  18. Fair Information Principles • 1. There shall be no personal-data record-keeping system whose very existence is secret and there shall be a policy of openness about an organization's personal-data record-keeping policies, practices, and systems. (The Openness Principle) • 2. An individual about whom information is maintained by a record- keeping organization in individually identifiable form shall have a right to see and copy that information. (The Individual Access Principle) • 3. An individual about whom information is maintained by a record- keeping organization shall have a right to correct or amend the substance of that information. (The Individual Participation Principle) • 4. There shall be limits on the types of information an organization may collect about an individual, as well as certain requirements with respect to the manner in which it collects such information. (The Collection Limitation Principle) • 5. There shall be limits on the internal uses of information about an individual within a record-keeping organization. (The Use Limitation Principle) • 6. There shall be limits on the external disclosures of information about an individual a record-keeping organization may make. (The Disclosure Limitation Principle) • 7. A record-keeping organization shall bear an affirmative responsibility for establishing reasonable and proper information management policies and practices which assure that its collection, maintenance, use, and dissemination of information about an individual is necessary and lawful and the information itself is current and accurate. (The Information Management Principle) • 8. A record-keeping organization shall be accountable for its personal-data record-keeping policies, practices, and systems. (The Accountability Principle)

  19. Article 8 of the European Convention on Human Rights “Everyone has the right to respect for his private and family life, his home and his correspondence.”

  20. State Constitutions that Contain Privacy Rights Alaska Arizona California Florida Hawaii Illinois Louisiana Montana South Carolina Washington

  21. Montana “The right of individual privacy is essential to the well-being of a free society and shall not be infringed without the showing of a compelling state interest.”

  22. Right of informational self-determination “... the authority of the individual to decide [for] himself, on the basis of the idea of self-determination, when and within what limits information about his private life should be communicated to others” Westin, 1968: “to control, edit, manage, and delete information about [oneself] and decide when, how, and to what extent information is communicated to others.”

  23. “If someone cannot predict with sufficient certainty which information about himself … is known to his social milieu and cannot estimate sufficiently the knowledge of parties to whom communication may be possibly made, he is crucially inhibited in his freedom to plan or to decide freely and without being subject to any pressure or influence.” German Constitutional Court, 1983

  24. “... data protection is ... a precondition for citizens’ unbiased participation in the political processes of the democratic constitutional state. The ... state relies to a great extent on the participation of all citizens and its legitimacy is based on respecting each person’s individual liberty ... the right to informational self-determination is not only granted for the sake of the individual, but also in the interest of the public, to guarantee a free and democratic communication order.” Hornung and Schnabel, 2009

  25. Consumer Privacy Bill of Rights INDIVIDUAL CONTROL: Consumers have a right to exercise control over what personal data companies collect from them and how they use it. TRANSPARENCY: Consumers have a right to easily understandable and accessible information about privacy and security practices. RESPECT FOR CONTEXT: Consumers have a right to expect that companies will collect, use, and disclose personal data in ways that are consistent with the context in which consumers provide the data. SECURITY: Consumers have a right to secure and responsible handling of personal data. ACCESS AND ACCURACY: Consumers have a right to access and correct personal data in usable formats, in a manner that is appropriate to the sensitivity of the data and the risk of adverse consequences to consumers if the data is inaccurate. FOCUSED COLLECTION: Consumers have a right to reasonable limits on the personal data that companies collect and retain. ACCOUNTABILITY: Consumers have a right to have personal data handled by companies with appropriate measures in place to assure they adhere to the Consumer Privacy Bill of Rights.

  26. Privacy by design Privacy by default Code is law

  27. Confidentiality Integrity Availability Transparency Unlinkability Intervenability

  28. Thank you! Dr. Gilad L. Rosner gilad@giladrosner.com http://bit.ly/grosner @GiladRosner

More Related