Information Privacy Dr Heng Xu Privacy Assurance Lab
Information Privacy Dr. Heng Xu Privacy Assurance Lab (PAL) PAL @ Penn State 03/31/2010
pal. ist. psu. edu 2
Outline n n What is Privacy? Privacy Concerns n n Privacy Protection Approaches n n n 3 Web Privacy Legislation Industry Self-Regulation Technology
What does privacy mean to you? n n 4 How would you define privacy? What does it meant to you for something to be private?
Britney Spears: “We just need privacy” “You have to realize that we're people and that we need, we just need privacy and we need our respect, and those are things that you have to have as a human being. ” — Britney Spears 15 June 2006 NBC Dateline http: //www. cnn. com/2006/SHOWBIZ/Music/06/15/people. spears. reut/index. html 5
Information Disclosure Privacy Tradeoffs Disclosed Information Benefit/Risks Analysis Information Subject n Service Provider Benefits n Financial rewards n n n Benefits in Return Coupons, gift vouchers, discounts, cash… Personalization Risks n n Lose control of your personal information Identity theft 6
Web Privacy Google Search
Web Privacy: A look at privacy policies at Google, Microsoft and Yahoo n What gets saved when you use the service n n n Microsoft doesn't record IP address, log-in time, or other user-specific information in its logs Both Yahoo and Google collect these data, along with your browser and what you clicked on the page. Google log record example n n n 8 Q = cars url = www. google. com/search? q=cars IP = 72. 14. 253. xx Cookie = PREF=66 FUQULL 0 QBT 8 MMTVSC 5 K: LD=en… User-Agent: Mozilla/4. 75 [en] (X 11; U; Net. BSD 1. 5_ALPHA i 386) Time = 25 Mar 2007 10: 15: 32
Web Privacy: A look at privacy policies at Google, Microsoft and Yahoo n n 9 Amount of personal information when you sign up n Google - just name and the country you live in n Yahoo and Microsoft - name, gender, birthday, and zip code. Time-to-Delete n Google may take up to 60 days to completely remove that "Vegas was great" e-mail from its servers after you delete it. n Microsoft takes three days or less n Yahoo says that, though removing the actual e-mail content may take a short while, the information becomes dissociated from your account almost as soon as you delete it http: //www. pcworld. com/article/id, 137363 -page, 1 -c, onlineprivacy/article. html
Privacy Protection Legislation Industry Self-Regulation Technology
Privacy Laws n Privacy laws and regulations vary widely throughout the world n US has mostly sector-specific laws, with relatively minimal protections - often referred to as “patchwork quilt” n Privacy Laws – Private Sector n n n Privacy Laws – Public Sector n n 11 Fair Credit Reporting Act (FCRA) Health Insurance Portability and Accountability Act (HIPAA) Gramm-Leach-Bliley Act (GLBA) The Children’s Online Privacy Protection Act (COPPA) The Drivers Privacy Protection Act (DPPA) The Privacy Act of 1974 The Freedom of Information Act (FOIA)
Privacy Laws … n n State Security Breach Notification Laws that compel Disclosure of personal information n n 12 The US Patriot Act of 2001 Homeland Security Act of 2002 Intelligence Reform and Terrorism Prevention Act of 2004 (IRTPA): The US Communications Assistance to Law Enforcement Act (CALEA): European Data Protection Directive requires all European Union countries to adopt similar comprehensive privacy laws that recognize privacy as fundamental human right
Privacy self-regulation n Since 1995, the US FTC has pressured companies to “self regulate” in the privacy area n n n Self regulation may be completely voluntary or mandatory (or somewhere in between) Self-regulatory programs and initiatives n n n 13 Upcoming FTC town hall on behavioral advertising http: //www. ftc. gov/opa/2007/08/ehavioral. shtm Industry Guidelines Privacy Seals Privacy Policies
Voluntary privacy guidelines n Direct Marketing Association Privacy Promise n Network Advertising Initiative Principles n CTIA Location-based privacy guidelines n Generally Accepted Privacy Principals 14
Privacy policies n n n Policies let consumers know about site’s privacy practices Consumers can then decide whether or not practices are acceptable, when to optin or opt-out, and who to do business with The presence of privacy policies increases consumer trust What are some problems with privacy policies? 15
Privacy policy problems n BUT policies are often n n 16 difficult to understand hard to find take a long time to read change without notice?
Short Notices n Project organized by Hunton & Williams law firm n n n Alternative proposals from privacy advocates focus on check boxes Interest Internationally n n http: //www. privacyconference 2003. org/resolution. asp Interest in the US for financial privacy notices n 17 Short version (short notice) of human-readable policy for web and paper Also called a “layered notice” - refer to long notice for more detail Now being called “highlights notice” Focus on reducing privacy policy to at most 7 boxes http: //www. ftc. gov/opa/2003/12/privnoticesjoint. htm
Privacy Notice Highlights Template 18 SCOPE This statement applies to Acme Company and several members of the Acme family of companies. We use information about you to manage your account and offer you other products and services we think may interest you. We share information about you with our sister companies to offer you products and services. We share information about you with other companies, like insurance companies, to offer you a wider array of jointly-offered products and services. We share information about you with other companies so they can offer you their products and services. You may opt out of receiving promotional information from us and our sharing your contact information with other companies. To exercise your choices, call (800) 123 -1234 or click on “choice” at ACME. com. You may request information on your billing and payment activities. HOW TO REACH US USES We collect information directly from you and maintain information on your activity with us, including your visits to our website. We obtain information, such as your credit report and demographic and lifestyle information, from other information providers. YOUR CHOICES PERSONAL INFORMATION Dated: May 28, 2002 IMPORTANT INFORMATION Template prepared by the Notices Project, a program of the Center for Information Policy Leadership at Hunton & Williams © 2002 Center for Information Policy Leadership NY 142510 v 1 5/28/2002 Acme Company Privacy Notice Highlights For more information about our privacy policy, write to: Consumer Department Acme Company 11 Main Street Anywhere, NY 10100 Or go to the privacy statement on our website at acme. com.
Checkbox proposal WE SHARE [DO NOT SHARE] PERSONAL INFORMATION WITH OTHER WEBSITES OR COMPANIES. Collection: We collect personal information directly from you We collect information about you from other sources: We use cookies on our website We use web bugs or other invisible collection methods We install monitoring programs on your computer Uses: We use information about you to: Send you advertising mail Send you electronic mail Call you on the telephone Sharing: We allow others to use your information to: Maintain shared databases about you Send you advertising mail Send you electronic mail Call you on the telephone YES NO With Your Consent Without Your Consent With Your Consent N/A Without Your Consent N/A Access: You can see and correct {ALL, SOME, NONE} of the information we have about you. Choices: You can opt-out of receiving from Advertising mail Electronic mail Telemarketing Retention: Change: 19 We keep your personal data for: Us {Six Months Three Years Affiliates Third Parties N/A Forever} We can change our data use policy {AT ANY TIME, WITH NOTICE TO YOU, ONLY FOR DATA COLLECTED IN THE FUTURE} Source: Robert Gellman, July 3, 2003
20
21
P 3 P n What is P 3 P? www. w 3. org/P 3 P/ n From a Web site’s perspective: n n A protocol designed to provide a way for a Web site to encode its privacy statement in a machinereadable format. From a user’s perspective: n Use a P 3 P User Agent n n 22 Configure their privacy preferences Get notification of a Web site’s privacy practices
Privacy Bird configuration screen Users can choose to be notified or not, when a site uses financial information for marketing purposes. 23
Chirping bird is privacy indicator 24
Red bird indicates mismatch 25
Privacy Bird: Notice Approach How about choice?
27
28
Privacy Finder n n n 29 Uses Google or Yahoo! API to retrieve search results Checks each result for P 3 P policy Evaluates P 3 P policy against user’s preferences Reorders search results Composes search result page with privacy annotations next to each P 3 P-enabled result Users can retrieve “Privacy Report” similar to Privacy Bird policy summary
Thank you! What’s next?
SRA 472 Technological Drivers & Privacy-Enhancing Conception Foundation Concepts Privacy-Invasive Technologies The Platform for Privacy Preferences (P 3 P) & Design for Privacy Fair Information Practices Privacy Laws Integration of Privacy & Security Profession & Training Organizational Approaches Professional Associations Career Opportunities Building a Privacy Org. Infrastructure Project Presentations IT Governance and Risk Control
SRA 472: Integration of Privacy and Security n n 32 Support course for Social Factors & Risk (SFR) and Intelligence Analysis & Modeling (IAM) options of SRA major Substitute for IST 402 for the IST major, SRA/ICS option, and the IST and SRA minors.
- Slides: 32