Social Implications of a Computerized Society Lecture 2 Instructor: Oliver Schulte Simon Fraser University Updates • Web company responsibility. Previously: Upper-level German court: E-bay has responsibility to prevent sales of fake brand names (Rolexes). • New: Lower-level court: this does not mean that E-bay has to proactively check into transactions. Only that they have to respond when violations are pointed out. • New German study: – 2/3 of people under 25 prefer electronic communication (facebook, e-mail, IM) to face-to-face. – With people over 45, 2/3 prefer face-to-face. • Political campaigning and internet: BC health coalition protests. • Swiss upset about fishing expeditions in anonymous bank accounts. Outline • • • • • Privacy and Computer Technology “Big Brother is Watching You” Privacy Topics Protecting Privacy Privacy of Communications Key Concepts and Issues • • • • • • • Data Spillage Secondary Use Computer Matching Computer Profiling Invisible Information Gathering New Dangers to Privacy Privacy Protection Methods Group Discussion Questions 1. Have you experienced an invasion of privacy yourself that was due to computer technology? Can you propose a (feasible and reasonable) rule/law/technology that would prevent this problem? 2. Have you ever traded personal information/privacy for a benefit? What trade-offs would you be willing to make yourself? What should be the rules about personal information gathering for everyone? See FT article, facebook. Privacy and Computer Technology Key Aspects of Privacy: • Freedom from intrusion (being left alone) • Control of information about oneself. Control of publication (“notice and choice”). • Freedom from surveillance (being tracked, followed, watched) Privacy and Computer Technology (cont.) New Technology, New Risks: • Government and private databases • Sophisticated tools for surveillance and data analysis • Vulnerability of data Examples for New Risks • Websites store and read cookies on a personal computer. • Data Spillage: DoubleClick (web ad company) got financial information from a Quicken web site. • E-Loan partnered with companies whose software was collecting its customer information. • Prisoner rapist processed personal data, sent graphic letters to woman. Privacy and Computer Technology (cont.) Terminology: • Invisible information gathering collection of personal information about someone without the person’s knowledge • Secondary use - use of personal information for a purpose other than the one it was provided for Privacy and Computer Technology (cont.) Terminology (cont.): • Data mining - searching and analyzing masses of data to find patterns and develop new information or knowledge • Computer matching - combining and comparing information from different databases (using social insurance number, for example, to match records) Privacy and Computer Technology (cont.) Terminology (cont.): • Computer profiling - analyzing data in computer files to determine characteristics of people most likely to engage in certain behavior • Business: find likely customers. • Police: find likely ciminals. Secondary Use Example • Credit card companies sell your name and information for targeted marketing. • In 2006, the Bush admin asked Google to hand over search data in defense of an Internet pornography law. Google fought and won in court. • San Fran department of public health determined that several men who had contracted syphilis had met through an AOL gay chat room. The department asked AOL for the contact information about other visitors to the chat room to inform them about the possibility of having contracted the diseases. Should AOL comply? Computer Matching: Examples • IRS scans vehicle registration records to find people with expensive cars and boats. • During Vietnam war, Selective Service bought birthday list from ice cream chain to find 18year olds who had not registered for the draft. • ChoicePoint: 10 bill records, 35 gvt agencies as clients. Info from Credit card bureaus, drug tests, insurance fraud, liens, telephone records etc. Choice Point Website • Experian: generates customer profiles. "Big Brother is Watching You" Databases: • Burden of proof and "fishing expeditions" • Data mining and computer matching to fight terrorism Examples of Fishing Expeditions • Traditionally, crime happens first, then suspects are sought. • In fishing expeditions, gvt scans information to look for suspicious activity or people. • Examples: – satellite photos to catch people growing cotton, or building backyard porches without permits. – IRS scans vehicle registration records to find people with expensive cars and boats. Video Surveillance • Security cameras – Increased security – Decreased privacy • > 500,000 Cameras in England. Used to enforce 9 pm curfew for young people (<16) in some cities. • Question: What do you think about increased video surveillance in Vancouver? • RDIF tagging - see Scientific American files. Targeted Marketing Marketing, Personalization and Consumer Dossiers: • Targeted marketing – Data mining – Paying for consumer information – Data firms and consumer profiles • Credit records Data Use in Marketing: Examples • Credit bureaus sold mailing lists (e.g. “highly affluent customers”, “people in financial difficulties”.) • DoubleClick sells ads on 1500 web sites. Wanted to combine websurfing database with offline purchase database and real names and addresses. • One company compiled list of adults likely to be incontinent. Stolen and Lost Data Stolen and Lost Data: • Hackers • Physical theft (laptops, thumb-drives, etc.) • Requesting information under false pretenses • Bribery of employees who have access. Stolen/Last Data: Examples • British Government lost hard discs with child benefit details for 25m people; issued warning about identity theft. • U.S. government officials sold data to collection agencies, credit card fraud ring. • Barack Obama’s passport file was opened without authorization. Discussion Questions • What data does the government have about you? • Who has access to the data? • How is your data protected? Expectation of Privacy and Surveillance Technologies: • Weakening the Fourth Amendment (warrant required) • Supreme Court decisions and expectation of privacy – Modern surveillance techniques are redefining expectation of privacy – Examples: satellite image of backyard, car tracking, “thermal image search” U.S. Constitution and CDN Charter • Amend 4: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. • CDN Charter: 8. Everyone has the right to be secure against unreasonable search or seizure. What We Do Ourselves: • Personal information in blogs and online profiles • See Facebook, JuicyCampus. • Pictures of ourselves and our families • File sharing and storing • Is privacy old-fashioned? – Young people put less value on privacy than previous generations – May not understand the risks Discussion Questions • Is there information that you have posted to the Web that you later removed? Why did you remove it? Were there consequences to posting the information? • Have you seen information that others have posted about themselves that you would not reveal about yourself? National ID System • Social Insurance Numbers – Too widely used by many government agencies, even businesses and universities. – Easy to falsify A New National ID System? • A new national ID system - Pros – would require the physical card – harder to forge – have to carry only one card • A new national ID system - Cons – Threat to freedom and privacy – Increased potential for abuse • Question: do you think Canada should introduce a new ID system? What Difference Do Computers Make? Gvt vs. Citizen Basically, traditional set of issues: law enforcement/security vs. privacy/individual freedom. • new domains: e-mail monitoring, computer matching/profiling • new scope: millions of records on one harddisk (U.K.) What Difference Do Computers Make? Business vs. Client • Old: Information of single ordinary person not profitable and intrusive. Mass information gathering too expensive/infeasible. • New: Information of 1000s or millions of ordinary people is valuable: – databases can gather and store that much information. – data mining programs can find statistical patterns. Personal Information as a Good • Lots of people trade some personal information for service/discount/convenience etc. • People need specify only certain pieces of information (“optional fields”) degrees of privacy. Utiliarian Perspective: Costs and Benefits of Data Mining • + for business: personalization, “one-to-one” or “push” marketing. • cheaper, better targeted advertising. • predict shopping patterns • avoid risky customers • “dynamic pricing” - different prices for different customers. • - cost of maintaing database, data mining. Costs and Benefits for Customers • + for customer: receives goods, services. • some appreciate relevant advertising • Economic analysis suggests that personalized marketing benefits customers. • Intuition: each customer becomes their own market, leading companies to compete on the features they care about. Privacy: A Rights Perspective • Privacy is basically a positive right: freedom from (intrusion, surveillance) [not freedom to act] • 3rd-person preference: I want others to leave me alone, not to spread information about me, etc. • Also important for negative rights or liberties: governments that want to restrict speech, assembly etc. begin by invading privacy (see 1984 novel). Privacy As a Right: Legal/Philosophical Approaches • Theories – Warren and Brandeis: publication restrictions, “the inviolate personality” – Thomson: privacy is derived from other rights, including a “right to one’s own person”. – Legal Categories - see SciAm chart. • Transactions - who owns the right to an interaction? e.g., search queries? • Ownership of personal data Deontic and Universalist Perspectives • Deontic: – Snooping, Gossiping is intrinsically wrong. – Rights must be respected. • Universalist/Golden Rule: – would Eric Schmidt (google) like a computer to watch his searches? – maybe it’s okay if the government sees searches for “bomb-making”- but where does it end? What about searches like “free music”? Principles for Data Collection and Use • Informed consent • Opt-in and opt-out policies • Fair Information Principles (or Practices), e.g mechanism for correcting errors. • Data retention: Keep data only as long as needed. – Google: anonymize search logs after 18 months. Cookies expire every 2 years. Privacy and Computer Technology Discussion Questions • Have you seen opt-in and opt-out choices? Where? How were they worded? • Were any of them deceptive? • What are some common elements of privacy policies you have read? Protecting Privacy: Free Market View Privacy as a “personal good” • Freedom of consumers to make voluntary agreements • Diversity of individual tastes and values • Response of the market to consumer preferences • Flaws of regulatory solutions: expensive to follow and enforce, good laws hard to write. Protecting Privacy: Consumer Protection View • Secondary uses of personal information are too common and easy. • Consumers often not really in a position to “negotiate” privacy terms. e.g., want a job. • Costly and disruptive results of errors in databases • Ease with which personal information leaks out • Consumers need protection from their own lack of knowledge, judgment, or interest paternalism? Protecting Privacy: Technology and Market Solutions • Privacy enhancing-technologies for consumers: anonymization, digital cash, access control for databases. • Encryption – Public-key cryptography • Business tools and policies for protecting data – Privacy officer – Trusted 3rd party: answers requests (e.g., credit-worthiness, does mailings) Privacy Principles • Collect only the data needed. • Information user about data collection, and how it will be used. • Offer a way to opt out. • Stronger protection for sensitive data (e.g., use opt in). • Keep data only as long as needed. • Maintain accuracy and security of data; provide a way for people to access and correct their record. Protecting Privacy in the EU European Union Data Protection Directive • More strict than U.S. regulations for the private sector. • Abuses still occur • Puts requirements on businesses outside the EU to deal with data from the EU (e.g., Australia). Protecting Privacy Group Discussion Question • How would the free-market view and the consumer protection view differ on errors in Credit Bureau databases? • Who is the consumer in this situation? • Is the national gun registry a privacy issue? Communication Privacy Wiretapping and E-mail Protection: - see SciAm diagram. • Telephone – 1934 Communications Act prohibited interception of messages – 1968 Omnibus Crime Control and Safe Streets Act allowed wiretapping and electronic surveillance by law-enforcement (with court order). – 2009 decision: international call tapping without warrant ok. • E-mail and other new communications – Electronic Communications Privacy Act of 1986 (ECPA) extended the 1968 wiretapping laws to include electronic communications, restricts government access to e-mail Designing Communications Systems for Interception • • Communications Assistance for Law Enforcement Act of 1994 (CALEA) Telecommunications equipment must be designed to ensure government can intercept telephone calls Rules and requirements written by Federal Communications Commission (FCC) Secret Intelligence Gathering • The National Security Agency (NSA) – Foreign Intelligence Surveillance Act (FISA) established oversight rules for the NSA • Secret access to communications records Communication Discussion Questions • What type of electronic communications do you use on a regular basis? Are you worried about the government or other groups tapping into them?