Professional Issues

in IT – HNDIT2403

Chapter 4: Privacy
 Privacy and Computer Technology
Key Aspects of Privacy:
• Freedom from intrusion (being left alone)
• Control of information about oneself
• Freedom from surveillance (being tracked,
followed, watched)

Faroos Fashee 2
 Privacy and Computer Technology
(cont.)
New Technology, New Risks:
• Government and private databases
• Sophisticated tools for surveillance and data
analysis
• Vulnerability of data

Faroos Fashee 3
Privacy and Computer Technology (cont.)
Terminology:

• Invisible information gathering - collection of personal

information about someone without the person’s
knowledge
• Secondary use - use of personal information for a purpose
other than the one it was provided for
• Data mining - searching and analyzing masses of data to
find patterns and develop new information or knowledge
• Computer matching - combining and comparing
information from different databases (using social security
number, for example, to match records)
• Computer profiling - analyzing data in computer files to
determine characteristics of people most likely to engage in
certain behavior Faroos Fashee 4
 Privacy and Computer Technology (cont.)
Principles for Data Collection and Use:
• Informed consent
People are informed about the data collection and use policies of a
business or organization. Then they can decide whether or not to
interact with that.
e.g. It is the process by which the treating health care provider discloses
appropriate information to a competent patient so that the patient may make a
voluntary choice to accept or refuse treatment.

• Opt-in and opt-out policies

• An opt-in policy requires someone to self-select the services they wish to
subscribe to, and how any information they provide may be used.
• An opt-out policy is where someone receives electronic communications -
usually on the basis of a prior relationship – without providing express
permission. Faroos Fashee 5
 Privacy and Computer Technology (cont.)
Principles for Data Collection and Use:
• Fair Information Principles (or Practices)
These are guidelines that represent widely accepted
concepts concerning fair information practice.

• Data retention
The policies of persistent data and records management
for meeting legal and business data archival requirements

Faroos Fashee 6
 Fair information principles
1. Inform people when you collect information about them, what you
collect, and how you use it.
2. Collect only the data needed.
3. Offer a way for people to opt out from mailing lists, advertising,
and other secondary uses. Offer a way for people to opt out from
features and services that expose personal information.
4. Keep data only as long as needed.
5. Maintain accuracy of data. Where appropriate and reasonable,
provide a way for people to access and correct data stored about
them.
6. Protect security of data (from theft and from accidental leaks).
Provide stronger protection for sensitive data.
7. Develop policies for responding to law enforcement requests for data.
7
 Privacy and Computer Technology
Discussion Questions

• Have you seen opt-in and opt-out choices?

Where? How were they worded?
• Were any of them deceptive?
• What are some common elements of
privacy policies you have read?

Faroos Fashee 8
 Diverse Privacy Topics
Marketing, Personalization and Consumer
Databases:
• Targeted marketing
– Data mining
– Paying for consumer information
– Data firms and consumer profiles
• Credit records

Faroos Fashee 9
 Diverse Privacy Topics (cont.)
Stolen and Lost Data:
• Hackers
• Physical theft (laptops, thumb-drives, etc.)
• Requesting information under false pretenses
• Bribery of employees who have access

Faroos Fashee 10
 Diverse Privacy Topics (cont.)
What We Do Ourselves:
• Personal information in blogs and online profiles
• Pictures of ourselves and our families
• File sharing and storing
• Is privacy old-fashioned?
– Young people put less value on privacy than
previous generations
– May not understand the risks

Faroos Fashee 11
 Diverse Privacy Topics (cont.)
Children:
• The Internet
– Not able to make decisions on when to provide
information
– Vulnerable to online predators/hunters
• Parental monitoring
– Software to monitor Web usage
– Web cams to monitor children while parents are
at work
– GPS tracking via cell phones or RFID

Faroos Fashee 12
 Diverse Privacy Topics
Discussion Questions
• Is there information that you have posted to
the Web that you later removed? Why did you
remove it? Were there consequences to
posting the information?
• Have you seen information that others have
posted about themselves that you would not
reveal about yourself?

Faroos Fashee 13
 Protecting Privacy
Technology and Markets:
• Privacy enhancing-technologies for consumers
• Encryption
– Public-key cryptography
• Business tools and policies for protecting data

Faroos Fashee 14
 Protecting Privacy (cont.)
Rights and laws: Contrasting Viewpoints:
• Free Market View
– Freedom of consumers to make voluntary
agreements
– Diversity of individual tastes and values
– Response of the market to consumer preferences
– Usefulness of contracts
– Weaknesses of regulatory solutions

Faroos Fashee 15
 Protecting Privacy (cont.)
Rights and laws: Contrasting Viewpoints (cont.):
• Consumer Protection View
– Uses of personal information
– Costly and disruptive results of errors in databases
– Ease with which personal information leaks out
– Consumers need protection from their own lack of
knowledge, judgment, or interest

Faroos Fashee 16