1 / 30

Fair Information Practice Principles and Privacy Laws

Fair Information Practice Principles and Privacy Laws. Week 3 - September 12, 14. More homework 1 review. Web cams Privacy in the news Issues privacy groups are working on Any questions about plagiarism?. Using Library Resources. Research and Communication Skills.

miles
Download Presentation

Fair Information Practice Principles and Privacy Laws

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Fair Information Practice Principles and Privacy Laws Week 3 - September 12, 14

  2. More homework 1 review • Web cams • Privacy in the news • Issues privacy groups are working on • Any questions about plagiarism?

  3. Using Library Resources

  4. Research and Communication Skills CMU Libraries (http://www.library.cmu.edu) • Engineering and Science (a.k.a. E&S) • Location: Wean Hall, 4th floor • Subjects: Computer Science, Engineering, Mathematics, Physics, Science, Technology • Hunt (CMU’s main library) • Location: Its own building (possibly 2nd ugliest on campus behind Wean), between Tepper and Baker • Subjects: Arts, Business, Humanities, Social Sciences • Software Engineering Institute (a.k.a. SEI) • Location: SEI Building (4500 Fifth Avenue), 3rd floor • Subjects: Security, Software, Technology

  5. Research and Communication Skills START HERE: Cameo • Cameo is CMU’s online library catalog • http://cameo.library.cmu.edu/ • Catalogs everything CMU has: books, journals, periodicals, multimedia, etc. • Search by key words, author, title, periodical title, etc.

  6. CAMEO: Search Result for “Cranor” Number of copies and status Library

  7. CAMEO: Search Result for “Solove” Due date

  8. Research and Communication Skills If it’s not in Cameo, but you need it today: Local Libraries • Carnegie Library of Pittsburgh • Two closest locations • Oakland: Practically on campus (4400 Forbes Ave.) • Squirrel Hill: Forbes & Murray (5801 Forbes Ave.) • http://www.carnegielibrary.org/index.html • University of Pittsburgh Libraries • 16 libraries! Information science, Engineering, Law, Business, etc. • http://pittcat.pitt.edu/

  9. Research and Communication Skills If it’s not in Cameo, and you can wait: ILLiad and E-ZBorrow • ILLiad and E-ZBorrow are catalogs of resources available for Interlibrary Loan from other libraries nationwide (ILLiad) and in Pennsylvania (E-ZBorrow) • Order items online (almost always free) • Wait for delivery – average 10 business days • Find links to ILLiad and E-ZBorrow online catalogs at http://www.library.cmu.edu/Services/ILL/

  10. Research and Communication Skills Other Useful Databases • Links to many more databases, journal collections • Must be accessed on campus or through VPN • http://www.library.cmu.edu/Search/AZ.html • Lexis-Nexis • Massive catalog of legal sources – law journals, case law, news stories, etc. • IEEE and ACM journal databases • IEEE Xplore and ACM Digital Library • INSPEC database • Huge database of scientific and technical papers • JSTOR • Arts & Sciences, Business, Mathematics, Statistics

  11. Research and Communication Skills And of course… • Reference librarians are available at all CMU libraries, and love to help people find what they need – just ask!

  12. OECD fair information principles http://www.datenschutz-berlin.de/gesetze/internat/ben.htm • Collection limitation • Data quality • Purpose specification • Use limitation • Security safeguards • Openness • Individual participation • Accountability

  13. US FTC simplified principles • Notice and disclosure • Choice and consent • Data security • Data quality and access • Recourse and remedies US Federal Trade Commission, Privacy Online: A Report to Congress (June 1998), http://www.ftc.gov/reports/privacy3/

  14. Privacy laws around the world • Privacy laws and regulations vary widely throughout the world • US has mostly sector-specific laws, with relatively minimal protections - often referred to as “patchwork quilt” • Federal Trade Commission has jurisdiction over fraud and deceptive practices • Federal Communications Commission regulates telecommunications • European Data Protection Directive requires all European Union countries to adopt similar comprehensive privacy laws that recognize privacy as fundamental human right • Privacy commissions in each country (some countries have national and state commissions) • Many European companies non-compliant with privacy laws (2002 study found majority of UK web sites non-compliant)

  15. US law basics • Constitutional law governs the rights of individuals with respect to the government • Tort law governs disputes between private individuals or other private entities • Congress and state legislatures adopt statutes • Federal agencies can adopt regulations which are equivalent to statutes, as long as they don’t conflict with statute

  16. US Constitution • No explicit privacy right, but a zone of privacy recognized in its penumbras, including • 1st amendment (right of association) • 3rd amendment (prohibits quartering of soldiers in homes) • 4th amendment (prohibits unreasonable search and seizure) • 5th amendment (no self-incrimination) • 9th amendment (all other rights retained by the people) • Penumbra: “fringe at the edge of a deep shadow created by an object standing in the light” (Smith 2000, p. 258, citing Justice William O. Douglas in Griswold v. Connecticut)

  17. Federal statutes and state laws • Federal statutes • Tend to be narrowly focused • State law • State constitutions may recognize explicit right to privacy (Georgia, Hawaii) • State statutes and common (tort) law • Local laws and regulations (for example: ordinances on soliciting anonymously)

  18. Four aspects of privacy tort • You can sue for damages for the following torts (Smith 2000, p. 232-233) • Disclosure of truly intimate facts • May be truthful • Disclosure must be widespread, and offensive or objectionable to a person of ordinary sensibilities • Must not be newsworthy or legitimate public interest • False light • Personal information or picture published out of context • Misappropriation (or right of publicity) • Commercial use of name or face without permission • Intrusion into a person’s solitude

  19. How does the law regulate privacy? • Law may require waiving privacy interests • Law may enforce privacy interests • Typically, the law identifies relevant privacy interests to protect, identifies relevant interests supporting disclosure, and tries to balance both sets of issues in a single resolution

  20. Difficult legal problems • Can an individual “own” (and therefore sell) his or her own privacy rights? • Should the default assumption be “protect the privacy interest” or “compel waiver of the privacy interest”? • When should the law defer to informal or social norms, or to technological barriers or solutions?

  21. Some US privacy laws • Bank Secrecy Act, 1970 • Fair Credit Reporting Act, 1971 • Privacy Act, 1974 • Right to Financial Privacy Act, 1978 • Cable TV Privacy Act, 1984 • Video Privacy Protection Act, 1988 • Family Educational Right to Privacy Act, 1993 • Electronic Communications Privacy Act, 1994 • Freedom of Information Act, 1966, 1991, 1996

  22. US law – recent additions • HIPAA (Health Insurance Portability and Accountability Act, 1996) • When implemented, will protect medical records and other individually identifiable health information • COPPA (Children‘s Online Privacy Protection Act, 1998) • Web sites that target children must obtain parental consent before collecting personal information from children under the age of 13 • GLB (Gramm-Leach-Bliley-Act, 1999) • Requires privacy policy disclosure and opt-out mechanisms from financial service institutions

  23. Safe harbor • Membership • US companies self-certify adherence to requirements • Dept. of Commerce maintains signatory list http://www.export.gov/safeharbor/ • Signatories must provide • notice of data collected, purposes, and recipients • choice of opt-out of 3rd-party transfers, opt-in for sensitive data • access rights to delete or edit inaccurate information • security for storage of collected data • enforcement mechanisms for individual complaints • Approved July 26, 2000 by EU • reserves right to renegotiate if remedies for EU citizens prove to be inadequate

  24. Data protectionagencies • Australia: http://www.privacy.gov.au/ • Canada: http://www.privcom.gc.ca/ • France: http://www.cnil.fr/ • Germany: http://www.bfd.bund.de/ • Hong Kong: http://www.pco.org.hk/ • Italy: http://www.privacy.it/ • Spain: http://www.ag-protecciondatos.es/ • Switzerland: http://www.edsb.ch/ • UK: http://www.dataprotection.gov.uk/ … And many more

  25. Writing a Literature Review

  26. Research and Communication Skills Writing a literature review • What is a literature review? • A critical summary of what has been published on a topic • What is already known about the topic • Strengths and weaknesses of previous studies • Often part of the introduction or a section of a research paper, proposal, or thesis • A literature review should • be organized around and related directly to the thesis or research question you are developing • synthesize results into a summary of what is and is not known • identify areas of controversy in the literature • formulate questions that need further research Dena Taylor and Margaret Procter. 2004. The literature review: A few tips on conducting it. http://www.utoronto.ca/writing/litrev.html

  27. Research and Communication Skills Literature review do’s and don’ts • Don’t create a list of article summaries or quotes • Do point out what is most relevant about each article to your paper • Do compare and contrast the articles you review • Do highlight controversies raised or questions left unanswered by the articles you review • Do take a look at some examples of literature reviews or related work sections before you try to create one yourself • For an example, of a literature review in a CS conference paper see section 2 of http://cs1.cs.nyu.edu/~waldman/publius/paper.html

  28. Homework 2 • http://lorrie.cranor.org/courses/fa05/hw2.html • Privacy laws • Technologies that raise privacy concerns

  29. Homework 3 • http://lorrie.cranor.org/courses/fa05/hw3.html

  30. Announcements • Don’t forget that project brainstorming is due by Monday

More Related