320 likes | 413 Views
Chapter 5: Privacy. Ethics for the Information Age Forth Edition by Michael J. Quinn. Chapter Overview. Introduction Perspectives on privacy Disclosing information Ways information becomes public U.S. legislation Public records Covert government surveillance
E N D
Chapter 5: Privacy Ethics for the Information AgeForth Edition by Michael J. Quinn
Chapter Overview • Introduction • Perspectives on privacy • Disclosing information • Ways information becomes public • U.S. legislation • Public records • Covert government surveillance • U.S. legislation authorizing wiretapping • Data mining • Identity theft • Encryption
Introduction • Information collection, exchange, combination, and distribution easier than ever • More information access less privacy • Trade-offs • Privacy vs. need for credentials • Privacy vs. desire for free expression • Privacy vs. safety / security
Defining Privacy • Privacy related to notion of access • Access • Physical proximity to a person • Knowledge about a person • Edmund Byrne: Privacy is a “zone of inaccessibility” • Edward Bloustein: Privacy violations are an affront to human dignity • Too much individual privacy can harm society • Ex: a group that facilitates business among its members, not helping the whole siciety. • Where to draw the line?
Harms of Privacy • Cover for illegal or immoral activities • Burden on the nuclear family • To care for all its members • Hidden dysfunctional families • We don’t know about pain caused by family violence because of privacy. • Ignored people on society’s fringes • Poor, mentally ill people.
Benefits of Privacy • Individual growth (maturity) • Individual responsibility • Freedom to be yourself • Intellectual and spiritual growth • Shut out the rest of the world to focus our thoughts without interruption. • Development of loving, trusting, caring, intimate relationships • Close relationships
Is There a Natural Right to Privacy? • Morton Levine: Property rights (Home) Privacy rights • I own my home, no body should interfere • Privacy is a prudential right • Ex: Telemarketing and the Do Not Call Registry
Privacy and Trust • Modern life more private • In the past there was greater emphasis on community • Challenge: living among strangers • We know little about neighbors • BUT we must trust people to some extent • Ex: taxi driver, teachers, bank loans • Remedy: establishing reputations • Ordeal, such as lie detector test or drug test • Credential, such as driver’s license, key, ID card, college degree • Establishing reputation is done at the cost of reducing privacy
Disclosing Information • Public record: information for public access • Ex: birth certificates • Public information: information revealed to an organization that has right to share it • Ex: Telephone directory • Personal information: undisclosed information • Ex: religion, wealth • Types of disclosures • Voluntary : • Involuntary : body and luggage search at airport • Statutory : Record of arrests and convicted persons • Cameras on streets
Ways Information Becomes Public • Rewards or loyalty programs (shopping cards) • Body scanners (to choose clothes that fit you) • Digital video recorders (Sells info about viewing habits) • New Automobile “comes with black boxes like airplanes” • Enhanced 911 service (Track locations of cell phones) • RFIDs (Tags on products – aspirin or pants) • Implanted chips (RFID tag contains name and address for patients and children) • Cookies (a file on your PC placed by a web server to monitor your visit to a Web site • Spyware: a program to monitor your surfing on the net
Public Records Examples of Public Records • Census records • Many ways to use these records • Internal Revenue Service records • Income, tax, assets, organization you give charity for, medical expanses, …etc. • FBI National Crime Information Center 2000 • Stolen items, missing persons and guns, wanted persons, criminal histories, suspected terrorists.
Census Records • Census required to ensure every state has fair representation • Number of questions steadily rising • Sometimes Census Bureau has broken confidentiality requirement • World War I: provided names and addresses of young draft resistors • World War II: used info. About Japanese-Americans • Round them up and send them to arrest camps.
Internal Revenue Service Records • Much personal information on tax forms • Some IRS employees have misused access to IRS records • IRS has also misplaced tapes and diskettes containing records
FBI National Crime Information Center 2000 • NCIC • Collection of databases related to various crimes • Contains > 39 million records • Successes • Helps police solve hundreds of thousands of cases every year • Helped FBI tie James Earl Ray to assassination of Dr. Martin Luther King, Jr. • Helped FBI apprehend Timothy McVeigh for bombing of federal building in Oklahoma City
Criticisms of the NCIC • Erroneous records have led to false arrests • Police have arrested innocent people with same name as someone in NCIC database • FBI has used NCIC to keep records of people not suspected of any crime • Ex opponents to Vietnam War • Corrupt law-enforcement employees have sold information to private investigators and deleted or altered records • Some law-enforcement employees illegally access the NCIC (Ex: to search for babysitters)
OneDOJ Database • Database being constructed by U.S. Department of Justice • Gives state and local police officers access to information provided by five federal law enforcement agencies • Incident reports • Interrogation summaries • Other information not available through NCIC • Criticisms • OneDOJ gives local police access to information about people who have not been charged with a crime • There is no way to correct misinformation in raw police reports
Code of Fair Information PracticesHas the following principles: • No secret databases • People should have access to personal information in federal databases • Organizations cannot change how information is used without consent • People should be able to correct or amend records • Database owners are responsible for reliability of data and must prevent misuse
Wiretaps and Bugs • Wiretaps: relates to interception of telephone conversations • Bugs are hidden microphones used for surveillance • Wiretapping and bugs are not legal • FBI continues secret wiretapping
Operation Shamrock • Operation Shamrock was a covert, domestic intelligence gathering operation that monitored telegraph communications. • Expanded to telephone calls • Kennedy • Organized crime figures “watch list” • Individuals and companies doing business with Cuba • Johnson and Nixon • Vietnam war protesters • Nixon • War on drugs • Monitoring phone calls
Carnivore Surveillance System • Created by FBI in late 1990s • Monitored Internet traffic, including email exchanges • Carnivore = Windows PC + “packet-sniffing” software • Captured packets going to/from a particular IP address • Used about 25 times between 1998 and 2000 • Replaced with commercial software
Covert Activities after 9/11 • September 11, 2001 attacks on World Trade Center and Pentagon • President Bush authorized new, secret, intelligence-gathering operations inside United States
National Security Administration Wiretapping • President Bush signed presidential order • OK for NSA to intercept international phone calls & emails initiated by people inside U.S. • No search warrant required • Number of people monitored • About 500 people inside U.S. • Another 5,000-7,000 people outside U.S. • Two al-Qaeda plots foiled • Plot to take down Brooklyn bridge • Plot to bomb British pubs and train stations
TALON Database:Threat And Local Observation Notice • Created by U.S. Department of Defense in 2003 • Supposed to contain reports of suspicious activities or terrorist threats near military bases • Reports submitted by military personnel or civilians • Reports assessed as “credible” or “not credible” by military experts • Reports about anti-war protests added to database • Many of these reports later deleted from database • In 2007 TALON was terminated
Data Mining • Data mining • Searching for patterns or relationships in one or more databases • Way to generate new information by combining facts found in multiple transactions • Way to predict future events • Secondary use: information collected for one purpose used for another purpose • Ex: Collaborative filtering is used to predict future preference of a person comparing to other people transactions (renting from a video store) • Information about customers is a valuable commodity
Data Mining Examples – Marketplace: Households • Lotus Development Corporation developed CD with information on 120 million Americans • Planned to sell CD to small businesses that wanted to create mailing lists based on various criteria, such as household income • More than 30,000 consumers complained to Lotus about invasion of privacy • Lotus dropped plans to sell CD
Data Mining Examples – IRS Audits • IRS uses computer matching and data mining to look for possible income tax fraud • Computer matching: matching tax form information (filled by a person) with information provided by employers, banks, etc. • Data mining: searching through forms to detect those that appear most likely to have errors resulting in underpayment of taxes
Data Mining Examples – Syndromic Surveillance System • Created by New York City • Analyzes more than 50,000 pieces of information every day • 911 calls • Visits to emergency rooms • Purchases of prescription drugs • Looks for patterns that might indicate an epidemic, bioterrorism, or an environmental problem
Data Mining Examples – Telecommunications Records Database • Created by National Security Agency after 9/11 • Contains phone call records of tens of millions of Americans • NSA analyzing calling patterns to detect terrorist networks • Phone records voluntarily provided by several major telecommunications companies • USA Today revealed existence of database in May 2006 • Several dozen class-action lawsuits filed • August 2006: Federal judge in Detroit ruled program illegal and unconstitutional • July 2007: U.S. Court of Appeals overturned ruling, saying plaintiffs did not have standing to bring suit forward
Ownership of Transaction Information • Who controls transaction information? • Buyer? • Seller? • Both? • Opt-in: consumer must explicitly give permission for the organization to share info with another organization. • Preferred by privacy advocates • Opt-out: consumer must explicitly forbid an organization from sharing info • Preferred by direct marketing
Identity Theft : Background • Identity theft: misuse of another person’s identity to take actions permitted to the owner • Credit card fraud #1 type of identity theft • Ease of opening financial accounts contributes to problem • Because information brokers on the Web are selling IDs (license, SSN, Credit cards) • 10 million victims in 2004 alone • Average loss: $5,000 per victim
Gaining Access to Information • Mailboxes • Lost or stolen wallets • Dumpster diving (looking old bills, bank statements, …etc) • Shoulder surfing (while people are filling forms) • Skimmers (wedges) • Credit card readers attached to ATM machines • Phishing • Gathering financial info through spam asking you to visit a web site and the update personal info (fake Paypal)
Encryption • Process of transforming a message in order to conceal its meaning • Valuable tool for maintaining privacy