1 / 32

Politics 117: The Regulation of the Internet Privacy

Politics 117: The Regulation of the Internet Privacy. Is this a safe Facebook entry?. I love my cat Henry! . Kudos to my roommate for acing the GREs!. Woah . . . I got really #$@#D!% up last night! . My professor sucks! .

webb
Download Presentation

Politics 117: The Regulation of the Internet Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Politics 117: The Regulation of the InternetPrivacy

  2. Is this a safe Facebook entry?

  3. I love my cat Henry!

  4. Kudos to my roommate for acing the GREs!

  5. Woah . . . I got really #$@#D!% up last night!

  6. My professor sucks!

  7. Half of employers in U.S. scan social networking sites to see what you say. • 45 percent in 2009, versus 22 percent in 2008 • Most popular sites to watch are • Facebook • LinkedIn • MySpace • Twitter

  8. Nine things to stop doing on Facebook • 1. Stop using a weak password • A strong password includes letters, numbers, different cases, and symbols • Bad: ilovehenry • Good: i1oveHenry • Bad passwords lead to Facebook scams like the “help I’m in London and my wallet was stolen” scam!

  9. 2. Stop leaving your full birth date on Facebook • Lots of banks, credit card companies use your DOB as a security ID • Best practice: don’t leave any of it at all • But if you can’t do that, just leave the month and day, not year

  10. 3. Use your privacy controls! • Go to whatever privacy controls Facebook is now deploying, and use them • Best practice: everything should be just available for your “friends only” (not “friends of friends”) • Check what applications you are using

  11. 5. Keep your children’s names off of captions • Don’t mention the names of your kids • Don’t identify them by name on photos or captions • If someone else does, use the remove tag to delete the mention

  12. 6. Think twice about mentioning where you are • Especially if you are going on vacation • It’s like putting a “nobody’s home” sign on your front door • Are you still ok with your 400 friends knowing where you are?

  13. 7. Don’t let children go on Facebook unsupervised • You don’t want your kid going on Facebook and saying “Mommy is at work right now, but I’m here watching TV.”

  14. 8. Don’t say bad things about your peers on Facebook • Could catch up to you via searchers and your friends • Makes you look like an unpleasant person • Generally, don’t say or be critical of people

  15. 9. Other issues • Think about how political and critical of others you want to get on Facebook • Give some thought to how much you want to be on Facebook every day • Consider how many apps, causes, and features you want to access on Facebook

  16. Best practices • Use Facebook to positively tonetwork with friends and associates • Use Facebook privacy settings aggressively • Use e-mail, Instant messaging, texting, etc for your more raunchy side • Do anonymous commenting if you’ve got some really outrageous to say • Assume that anything you write could be broadcast to the whole world • Watch your privacy settings and monitor any changes in Facebook policy

  17. Big social network fears • Your user data, including your name and browsing patterns, will be sold to third party vendors • Your ability to control how much of the user data you want processed and interpreted will be compromised • Your security data, including your logins, passwords and financial information, will be stolen

  18. Cookies • Web sites place a “cookie,” an ID number in your web browser/computer • The site then keeps track of your purchases, visits, patterns and associates it with that number • When you come back, the site remembers what you did before thanks to the Cookie

  19. Cookie examples session-id-time 954242000 buybuybuy.com/session-id 002-4135256-7625846 buybuybuy.com/ UserID A9A3BECE0563982D www.goto.com/

  20. Hyper Text Transfer Protocol header information • The HTTP protocol sends the site you are visiting • The pages you visited • When you visited them • The IP address of your server • The name of the server you are working from • The web page from where you arrived (the referrer)

  21. Site can associates all that header data with your cookie ID#, plus • Purchases • Social interactions • Uploads • Downloads • Account preferences

  22. Problem #1: Securing your PII • Personally Identifiable Information • “information which can be used to distinguish or trace an individual's identity either alone or when combined with other public information that is linkable to a specific individual.” • Your name • Date of Birth • Your home address • Your telephone number • Your e-mail • Your gender

  23. AT&T labs study 2009: PII leaking to “third party” application providers • AT&T: “The results of our study clearly show that the indirect leakage of PII via Online Social Networks (OSNs) identifiers to third-party aggregation servers is happening.” • “In addition, two of the OSNs directly leak pieces of PII to third parties with one of the OSNs leaking zip code and email information about users that may not be even publicly available within the OSN itself.”

  24. EFF/Epic complaint (December 2009): too much publicly available information: “every application and website, including those you have not connected with” Then: • a user’s name and • a user’s network. Now: • users’ names, • profile photos, • lists of friends, • pages they are fans of, • gender, • geographic regions, and • networks to which they belong.

  25. EPIC: Facebook in Iran • Iranian Facebook commentators discovered that their posts were public on public Facebook pages • Iran security agents checking Facebook accounts • “One Facebook user who traveled to Iran said that security officials asked him whether he owned a Facebook account, and to verify his answer, they performed a Google search for his name, which revealed his Facebook page. His passport was subsequently confiscated for one month, pending interrogation.”

  26. The big issues • What are the default privacy settings? • How easy is it to change the settings and to know that they can be changed? • Can all the settings be changed to absolutely private? • Can you control what data gets to third party applications? Then there’s the problem of “flash cookies” ; cookies that you cannot delete

  27. Two pro-active legislative strategies • Expand “opt-in” requirements for all social websites • The site must ask permission from you up front for everything private • Expand the age of consent rules for social networks to collect private data

  28. Boucher/Stearns draft Privacy legislation Must have opt-in to use • Medical records, including medical history, mental or physical condition, or medical treatment or diagnosis by a health care professional • Race or ethnicity • Religious beliefs • Sexual orientation • Financial records and other financial information associated with a financial account, including balances and other financial information • Precise geolocation information Must allow you to opt-out of allowing use • The first name or initial and last name • A postal address • A telephone or fax number • An e-mail address • Unique biometric data, including a fingerprint or retina scan • A Social Security number, tax identification number, passport number, driver's license number, or any other government-issued identification number • A financial account number, or credit or debit card number, and any required security code, access code, or password that is necessary to permit access to an individual’s financial account • Any unique persistent identifier, such as a customer number, unique pseudonym or user alias, Internet Protocol address, or other unique identifier, where such identifier is used to collect, store, or identify information about a specific individual or a computer

  29. The Children’s Online Privacy and Protection Act (Coppa) • Regulates general and children’s web sites that serve children under thirteen • Parental consent required before data on children (younger than 13) given to third parties, including: • (A) a first and last name; • (B) a home or other physical address including street name and name of a city or town; • (C) an e-mail address; • (D) a telephone number; • (E) a Social Security number; • (F) any other identifier that the Commission determines permits the physical or online contacting of a specific individual; or • (G) information concerning the child or the parents of that child that the website collects online from the child and combines with an identifier described in this paragraph. Video 43.03

  30. Reactive legal strategies • Case of Sarah Palin hacker (David Kernell) • Guilty of misdemeanor computer intrusion and felony obstruction of justice (deleting records) • Sentenced to one year in prison • Relevant laws: • Stored Communications Act • Computer Abuse and Fraud Act • Communications Privacy Act

  31. Reactive legal strategies • Case of Britney Binger hacker • Hacked into Playboy bunny account to get Grady Sizemore photographs • Used personal data on Facebook page to get into Yahoo! E-mail • Charged with “gross misdemeanor” Grady Sizemore in a self-reflective moment

More Related