privacy csc 301 fall 2016 howard rosenthalcsc301csudhfall2016.weebly.com/uploads/2/2/7/6/... · csc...
TRANSCRIPT
PrivacyCSC301Fall2016
HowardRosenthal
LessonGoals� Basicprinciplesinprivacy
� Isprivacyaseparaterightorapropertyright?� Technologyexcursion–DataMining� PrivacyinAmericaandaroundtheworld–theFourthAmendment,expectationsandreality
� Privacyinbusiness� Privacyinthesocialsector–protectingyourprivacyandthatofothers
� GovernmentSystemsandPrivacy� ProtectingPrivacy� Communicationssystemsandprivacy� Technologyexamplesandimplicationswillbedescribedthroughout
2
3
ThereAreManyAspectsToSecurityandPrivacy
4
WhatIsPrivacy?� IsprivacyaNaturalRight
� Isprivacyatypeofproperty?� Ifyouinvadeaperson’sprivacyitcanbeamajorcoerciveforce
� Privacyusedtobefairlysimple� Yourhomecouldnotbeinvaded,noryourpropertyseized,withoutdueprocess
� Todayyourprivateinformationiseverywhere� Onthenet� Onyourphone� Onyourcomputer� Inthecloud� Inyouremployer’sdatabases� Withthegovernment
� Evenifthepeopleyougiveinformationtodonotmisusethatinformation,theinformationismoresusceptibletotheftviahackingorothermischiefthaneverbefore� RecentlytheFederalGovernment’sOfficeofPersonalManagementwashackedand
detailedinformationoneveryonewithasecurityclearancewasstolen� Governmentacceptedverylittleresponsibilityforthistheft
� Privacyhasthreekeyaspects� Freedomfromintrusion� Controloverinformationaboutoneself� Freedomfromsurveillance(physical,electronic,etc.)
5
OurPrivacyIsAlwaysBeingThreatened� Therearemanythreatstoourprivacy
� Intentionaluseormisuseofinformationbybusinessesorgovernment� Unauthorizedreleasetoinsidersbyinformationmaintainers� Theftofinformationbycriminalsorhostilegovernments� Inadvertentleakagethroughnegligenceorcarelessness
� Ourownactions,suchaspostingtoomuchdataontheInternetUsesmaybebenign(B)ormalicious(M)� Givetoonecharityandtenotherswillcomeknocking(B)� Listof“offcolor”moviesyoumayhavewatched(M)-usedtodiscredityou� Divorceproceeding(M)–sometimesusedbypoliticians� Stealingfinancialdata(M)–usedtoopenloans,buyhomes,etc.allinyour
name� Technologycreatesmanynewopportunitiestoinvadeourprivacy
� Someofthesethreatscombinebothlowtechtechniques,suchaseavesdroppingorlookingoverashoulder,withhightechtechniques
� Youcreatenewsecurityleakseveryday� Facebook� E-mails� Texts� Mapinstructions� Twitter
6
PersonalSecurityandPrivacyAreOIenThreatenedByOurOwnAcJons
7
EverythingYouAccessMayBeMonitored� SearchEngines
� Mayrecordallyoursearches� IfyousearchforabookonAmazonyou’llgete-mailsaboutthatbookorotherseveryfew
days� Someofyoursearchesyoumaywanttokeepprivate
� Lookingforanewjob� Searchingforcertainspecificproducts� Medicalsearches
� Smartphones� Areoftentransmittinglocationdata
� Greatifaphoneislostorstolen� Horribleifahousethiefgetsthedata
� Passwordsandcodesforkeyaccountsareoftenstoredwithoutyourknowledgeandthenuploadedtothecloudwithotherdata� Ifthecloudishackedyourinformationmaybeonthemarketwithoutyourknowledge
� Contactlistscanbecompromised� Photosmaybegatheredandsubjectedtovariousformsofanalysis
� Software� Manypiecesofsoftwarerecordalltypesofdata� Thisdatamayultimatelybecollectedandanalyzed� Sometimesitsimplysitsforgottenuntilsomeonedecidestoseewhat’sthere
8
ManagingPersonalData–TerminologyandPrinciple� InformedConsent
� Youmustagreebeforeyourinformationcanbecollectedorused
� Couldbeusedtopressureyouifyouaredeniedaservicewithoutagreeingtosharethisdata
� LoJackcollectsinformationaboutyourcarlocationcontinuously–wasthisinformedconsent
� TheAAAtriedcollectinginformationbyaskingyouifyou’dliketohookdatacollectorsintoyourcar–thentheyreportedthatdatatotheinsurancesideofthehouse
� Invisibleinformationgathering� Datacollectedwithoutyourknowledge
� Alwaysreadthefineprint� Howoftendoyouclickagreewhendownloading
� Thisisanethicalissue
9
FairInformaJonPrinciples� Abasicsetofprinciplesforbusinessestohandledatainanethicalway� Informpeoplewhenyoucollectdata� Collectonlythedatathatisneeded� Offeroptoutmethodsthatcanbeusedatanytime
� Itishardertoensureifalldataisdeletedifyouoptinandthenoptout
� Keepdataonlyaslongasisneed� Maintainaccuracyofdata� Protectthedata.Useallreasonablesecuritymethodstodoso.
� Developpoliciesforrespondingtolawenforcementrequests� Manygovernmentorganizationsaredevelopingguidelines
� FTCFairInformationPracticePrinciples.pdf
10
DataMining
11
http://www.tutorialspoint.com/data_mining/dm_quick_guide.htm
WhatIsDataMining?� Dataminingisdefinedasextractinginformationfromhugesetsofdata.� Inotherwords,wecansaythatdataminingistheprocedureof
miningknowledgefromdata.� Dataminingcanintegratemanydifferentdatasets
� Theinformationorknowledgeextractedfromdataminingcanbeusedforanyofthefollowingapplications� Profiling–Thisiswhereprivacyreallygetsinvolved� CustomerRetention� PatternAnalysis� MarketAnalysis� FraudDetection� ProductionControl� ScienceExploration
12
DataMiningTasks� Dataminingdealswiththekindofpatternsthatcanbemined.Onthebasis
ofthekindofdatatobemined,therearetwocategoriesoffunctionsinvolvedinDataMining−� TheDescriptiveFunctiondealswiththegeneralpropertiesofdatainthe
database.� Class/ConceptDescription� MiningofFrequentPatterns� MiningofAssociations� MiningofCorrelations� MiningofClusters
� ClassificationandPredictionistheprocessoffindingamodelthatdescribesthedataclassesorconcepts.Thepurposeistobeabletousethismodeltopredicttheclassofobjectswhoseclasslabelisunknown.Thisderivedmodelisbasedontheanalysisofsetsoftrainingdata.Thederivedmodelcanbepresentedinthefollowingforms−� Classification(IF-THEN)Rules� DecisionTrees� MathematicalFormulae� NeuralNetworks
13
DescripJveTasksInDataMining(1)� TheClass/ConceptDescriptionreferstothedatatobeassociatedwiththeclassesor
concepts.Forexample,inacompany,theclassesofitemsforsalesincludecomputerandprinters,andconceptsofcustomersincludebigspendersandbudgetspenders.Suchdescriptionsofaclassoraconceptarecalledclass/conceptdescriptions.Thesedescriptionscanbederivedbythefollowingtwoways−� DataCharacterizationreferstosummarizingdataofclassunderstudy.Thisclassunder
studyiscalledasTargetClass.� DataDiscriminationreferstothemappingorclassificationofaclasswithsome
predefinedgrouporclass.� MiningofFrequentPatternslooksatpatternsarethosepatternsthatoccur
frequentlyintransactionaldata.Thelistofkindoffrequentpatternsincludes� TheFrequentItemSetisasetofitemsthatfrequentlyappeartogether,forexample,
milkandbread.� TheFrequentSubsequenceisasequenceofpatternsthatoccurfrequentlysuchas
purchasingacameraisfollowedbymemorycard.� TheFrequentSubStructurereferstodifferentstructuralforms,suchasgraphs,trees,or
lattices,whichmaybecombinedwithitem−setsorsubsequences.
14
DescripJveTasksInDataMining(2)� MiningofAssociation
� Thisprocessreferstotheprocessofuncoveringtherelationshipamongdataanddeterminingassociationrules.
� Associationsareusedinretailsalestoidentifypatternsthatarefrequentlypurchasedtogether,helpingtoidentifypotentialbuyers� Forexample,aretailergeneratesanassociationrulethatshowsthat70%oftimemilk
issoldwithbreadwhileonly30%oftimesarebiscuitssoldwithbread.� MiningofCorrelations
� Additionalanalysisperformedtouncoverinterestingstatisticalcorrelationsbetweenassociated-attribute−valuepairsorbetweentwoitemsetstoanalyzethatiftheyhavepositive,negativeornoeffectoneachother.
� Wanttounderstandifthereisactualcausation� MiningofClusters
� Clusterreferstoagroupofsimilarkindofobjects.� Clusteranalysisreferstoforminggroupofobjectsthatareverysimilartoeach
otherbutarehighlydifferentfromtheobjectsinotherclusters.� Cangroupbygender,age,homelocation,language,….
15
ClassificaJonandPredicJonFuncJons� Classification−Itpredictstheclassofobjectswhoseclasslabelis
unknown.Itsobjectiveistofindaderivedmodelthatdescribesanddistinguishesdataclassesorconcepts.TheDerivedModelisbasedontheanalysissetoftrainingdatai.e.thedataobjectwhoseclasslabeliswellknown.
� Prediction−Itisusedtopredictmissingorunavailablenumericaldatavaluesratherthanclasslabels.RegressionAnalysisisgenerallyusedforprediction.Predictioncanalsobeusedforidentificationofdistributiontrendsbasedonavailabledata.
� OutlierAnalysis−Outliersmaybedefinedasthedataobjectsthatdonotcomplywiththegeneralbehaviorormodelofthedataavailable.
� EvolutionAnalysis−Evolutionanalysisreferstothedescriptionandmodelregularitiesortrendsforobjectswhosebehaviorchangesovertime.
16
DataWarehousing� Datawarehousingistheprocessofconstructingandusingthedatawarehouse.Adatawarehouseisconstructedbyintegratingthedatafrommultipleheterogeneoussources.Itsupportsanalyticalreporting,structuredand/oradhocqueries,anddecisionmaking.� Datawarehousinginvolvesdatacleaning,dataintegration,anddataconsolidations.Tointegrateheterogeneousdatabases,wehavethefollowingtwoapproaches−� QueryDrivenApproach� UpdateDrivenApproach
17
QueryDrivenApproach� Thisisthetraditionalapproachtointegrateheterogeneousdatabases.
� Buildswrappersandintegratorsontopofmultipleheterogeneousdatabases.Theseintegratorsarealsoknownasmediators.
� TheprocessofQueryDrivenApproach� Whenaqueryisissuedtoaclientside,ametadatadictionary
translatesthequeryintooneormorequeries,appropriatefortheindividualheterogeneoussiteinvolved.
� Nowthesequeriesaremappedandsenttothelocalqueryprocessor.� Theresultsfromheterogeneoussitesareintegratedintoaglobal
answerset.� Disadvantages
� TheQueryDrivenApproachneedscomplexintegrationandfilteringprocesses.� Itisveryinefficientandveryexpensiveforfrequentqueries.� Thisapproachisexpensiveforqueriesthatrequireaggregations(constant
regrouping)ofdata
18
UpdateDrivenApproach� Today'sdatawarehousesystemsfollowupdate-drivenapproachratherthan
thetraditionalapproachdiscussedearlier.� Intheupdate-drivenapproach,theinformationfrommultipleheterogeneous
sourcesisintegratedinadvanceandstoredinawarehouse.� Thisincludesdatascrubbing–theprocessofvalidatingdataforcorrectnessin
advance� Thisinformationisavailablefordirectqueryingandanalysis.� Advantages
� Thisapproachprovideshighperformance.� Thedatacanbecopied,processed,integrated,annotated,summarizedand
restructuredinthesemanticdatastoreinadvance.� Inotherwords,westoredataintheway(s)wewanttolookatit
� Queryprocessingdoesnotrequireaninterfacewiththeprocessingatthelocaloriginaldatasources.� Muchlessintrusiveandresourceintensivetopullthedataonce,ratherthanwhenever
youwanttoquery� ThewholedebateonthePatriotActcenteredaroundwhetherornotthe
governmentcouldcontinuouslycollectandstoremetadatafromtheISPsandcell/land-linephoneproviders� Apolitical/privacyargumentconflictedwithatechnicalargument
19
DataWarehousingandDataMining� OnlineAnalyticalMiningintegrateswithOnlineAnalyticalProcessing
todiscoverknowledgeacrossmultidimensionaldatabases.
20
On-lineAnalyJcalMining� On-lineAnalyticalMining(OLAM)hasthefollowingimportantattributes
� Highqualityofdataindatawarehouses� Thedataminingtoolsarerequiredtoworkonintegrated,consistent,andcleaned
datawhichareverycostlyinthepreprocessingofdata.� Thedatawarehousesconstructedbysuchpreprocessingarevaluablesourcesofhigh
qualitydataforOLAPanddataminingaswell.� Acomplexinformationprocessinginfrastructuresurroundseachdata
warehouses� Informationprocessinginfrastructurereferstoaccessing,integration,consolidation,
andtransformationofmultipleheterogeneousdatabases,web-accessingandservicefacilities,reportingandOLAPanalysistools.
� On-lineAnalyticalProcessing(OLAP)−basedexploratorydataanalysis� Exploratorydataanalysisisrequiredforeffectivedatamining.� OLAPprovidesfacilitiesfordataminingonvarioussubsetofdataandatdifferent
levelsofabstraction.� Onlineselectionofdataminingfunctions
� IntegratingOLAPwithmultipledataminingfunctionsandonlineanalyticalminingprovidesuserswiththeflexibilitytoselectdesireddataminingfunctionsandswapdataminingtasksdynamically.
21
StepsInDataMining� DataCleaning
� Thenoiseandinconsistentdataisremoved.� DataIntegration
� Multipledatasourcesarecombined.� DataSelection
� Datarelevanttotheanalysistaskareretrievedfromthedatabase.� DataTransformation
� Dataistransformedorconsolidatedintoformsappropriateforminingbyperformingsummaryoraggregationoperations.
� DataMining� Intelligentmethodsareappliedinordertoextractdatapatterns.
� PatternEvaluation� Datapatternsareevaluated.
� KnowledgePresentation� Knowledgeisrepresented,oftengraphically
22
23
TheProcessofKnowledgeDiscovery
MulJ-DimensionalDatabases� Multidimensionalstructuresuseavariationoftherelationalmodeltoorganizedataandexpresstherelationshipsbetweendata.� Morecomplexthanthetypicalrow/columnrelationaldatabase.Eachcellwithinamultidimensionalstructurecontainsaggregateddatarelatedtoelementsalongeachofitsdimensions
� Timeisanadditionaldimensionusedintheanalysisofdata
24
ExampleOfAMulJ-DimensionalDatabaseStructure
25
26
TheFourthAmendmentTherightofthepeopletobesecureintheirpersons,houses,papers,andeffects,againstunreasonablesearchesandseizures,shallnotbeviolated,andnoWarrantsshallissue,butuponprobablecause,supportedbyoathoraffirmation,andparticularlydescribingtheplacetobesearched,andthepersonsorthingstobeseized� ThisrightisspecifictotheUnitedStatesConstitutionandhasveryhighlevelsofsupportacrossallpoliticalparties,classes,etc.andisprotectedbytheSupremeCourt
� Mostcountriesdonothavesuchprotections,eveninmanyWesternDemocracies
� TheInformationandElectronicAgehasaddednewchallengestothisAmendmentandtherighttoprivacy
27
DifferentTypesOfPrivacy� Initiallyonlyappliedtophysicalprivacywithinthehome
� Aman’shomeishiscastle!!� Noseizurewithoutproperwarrant
� Todayourprivacycanbecompromisedelectronically� Surveillance� Wiretaps� Phonerecords–policecanlookatyourphonerecordstoprove
thatyouweretextingwhiledriving� Datasearches� Medicalrecords� Lostorstolendatacanberevealed(WikiLeaks)� BusinessessearchtheInternetbeforehiring–watchwhatyouput
onFacebook� Everythingisexposedwhenwegetonanairplane
28
TheSupremeCourtAndPrivacy(1)� Olmsteadvs.UnitedStates1928
� Thecourtdecidesthatwiretappingislegal,nomatterwhatthereasonormotivation,becauseitisnotexpresslyprohibitedintheConstitution.
� Usedtoputmanygangstersoutofbusiness� JusticeBrandeis'dissentlaysthegroundworkforfutureunderstandingsof
privacy.� Katzv.UnitedStates(1967)
� Inthiscase,areasonableexpectationofprivacytestwascreated.Federalagentshadattachedalisteningdevicetotheoutsideofaphonebooth
� EvidenceofKatz’sendoftheconversationsobtainedbythelisteningdevicewasadmittedinhistrialinwhichhewasaccusedoftransmittingwageringinformationbytelephone.
� TheSupremeCourtruledthattheelectronic"listeningto"andrecordingofMr.Katz'sconversationviolatedtheprivacyuponwhichhejustifiablyreliedandthusconstitutedasearchandseizureundertheFourthAmendment.
� OverruledOlmsteadcase� U.S.vs.Jones(2012)
� CarscannotbetrackedviaGPSwithoutawarrant
29
TheSupremeCourtAndPrivacy(2)� ElectronicPrivacyInformationCentervsU.S.(2013)
� TheNSAreceivedsecretSurveillanceCourtapprovaltocollectvastamountsofmetadatafromtelecomgiantVerizonandleadingInternetcompanies,includingMicrosoft,Apple,Google,YahooandFacebook.
� TheinformationincludesthenumbersandlocationofnearlyeveryphonecalltoandfromtheUnitedStatesinthepastfiveyears,butdidnotactuallymonitortheconversationsthemselves-todosowouldrequireaseparate,specificallytargetedsearchwarrant.
� SupremeCourtrefusedtooverturnSurveillanceCourtdecision,burgaveEPICoptionofgoingthroughthelowercourts
� Rileyvs.California(2014)� Thepolicegenerallymaynot,withoutawarrant,searchdigitalinformationonacell
phoneseizedfromanindividualwhohasbeenarrested.� Thisoverturnedpreviousrulingswhichstatedthatphoneswerelikeotherpersonal
propertywhichcouldbesearchedwhenapersonwasarrested� FBIvsApple
� GovernmentwantedAppletowritecodetobreakintophoneofSanBernardinoterrorists� AcourttoldAppletocomply� NeverreachedtheSupremeCourtasFBIhiredanotherfirmwhichsomehowbrokethe
phone,andFBIwithdrewthecase
30
VideoSurveillance� Courtssofarhaveupheldvideosurveillanceinpubliclocations
� Issuearisingasdataisminedtocorrelatenewtypesofinformation� Personsvisitingahome(thinkoftheGodfathermovieopeningweddingsceneandtheFBI)
� Facialrecognition� Releaseofphotostothepublictohelpinidentifyingsuspects
� Couldbecombinedwithlocationtrackingtoproveordisprovethatyouwereatacertainlocationatacertaintime
31
32
PersonalizedMarkeJng� Everyclickyoumakeandwebsiteyouvisitleavesatrace
� SearchAmazonforabookandyou’llgetmultiplee-mailsaboutthebook
� Donatetoonecharityandyou’llhearfromtensimilarcharities
� Subscribetoonemagazineandtenmorewillbeaskingyoutosubscribe
� Youwillbemarketedbasedonyourpreferences� Yourpreferenceswillbeusedandaddedtolargedatabasesofpreferencesbasedonage,gender,race,education,cartype,homelocation,buyinghabits(supermarketsknowwhatyoubuy)….
33
InformedConsent� Informedconsentincludesthefollowingelements
� Theuseristoldthatdatawillbecollectedandaskedtoaffirmativelyallowthatdatatobecollectedanddistributed
� Theuserhastheopportunitytooptoutatanytime� Sometimestheuserisinducedtooptinwithpaymentsorotherrewards
� Ifyouneedtospecificallyoptout,thisisnotinformedconsent� Yourbrowsingistrackedunlessyouspecificallyoptout
34
SocialNetworks� Therearenumeroussocialnetworkingsites
� Facebook� LinkedIn� GoogleCircles� Professionalorganizationsthatallow“friending”� Tweetingwithfollowers
� Bothweandtheprovidingcompanieshaveresponsibilitiesinpreservingourprivacy
35
SocialNetworks–OurResponsibiliJes� Whenwepostinformationonasiteitbecomesvisibleatmanylevels
� Maybelimitedtofriends–beproactive� Canbeavailablegloballyifnotprotected� Evenapicturewithyouinitmaybetransmittedtoallyourfriendsand
acquaintances� Informationonanysitemaybecomeavailabletoemployers–someemployers
askforyourFacebooksitewhenyouapplyforajob� Somerulestoprotectyourprivacy
� Proactivelysetupyoursecurityprofileonasite� Don’tpostanythingembarrassing� Becarefulaboutpostingcontroversialopinionsforpublicconsumption� Nothinglewd–soundsobviousbutithappensallthetime� Don’tpostpicturesaboutyourvacationuntilyoureturnhome–itslike
puttingupa“PleaseRobMe”sign� Don’tmakeanyonewhoasksyourfriend–havingthousandsofunknown
friendsdoesn’tmakeyoumorepopular
36
SocialNetworks–ProviderResponsibiliJes� Provideopt-outorpreferablyopt-infeatures
� Whenpeoplejoinasocialnetworktheyarelookingforaneasyexperienceandwilloftenjustagreetoeverything
� Providetheabilityforuserstocontroltheirsecurityprofiles� Generalnetworkshavearesponsibilitytomaketheseinstructionscleartothe
non-technicaluser� Deletealldataaboutauserwhenauserdeletesanaccount
� FederalTradeCommissionrequiredthisofFacebook� Sideeffect-Coulditleadtothedeletion/destructionofcriminalevidence?
� Removecriminalsites� Sometimesthelinesbetweencensorshipandsocialresponsibilityareblurry� Somebehaviorislegalforadultsbutillegalforchildren–howdoyouverify
theageofsomeonewhologson� Keepyourpersonaldatathatisprivatesecurefromhackersandcriminals
37
LifeInTheCloud� Ifyouposttoomuchpersonaldatayoumaygiveawaydatalinkedtothat
information� Don’tpostyourmother’smaidenname� Evaluatethebenefitoftheposting
� Blogsmaybepublic� Evencloudservicescanbehacked
� Doyouwanttostorepersonaldataandyourphysicalbackupsonthecloud� Whathappensifthedataisstolen,hackedorlost?� Differentcloudsuppliershavedifferentlevelsofquality,reliabilityandsecurity
� LegalandEthicalResponsibilityoftheCloudSupplier� Stillevolving� Whoisresponsibleforhacks–thehackerorthesupplier?� Securitylevelsinthecommercialworldaren’tfullydefined,sohowcanyou
promiseorenforcealevel� Evenreliabilityisoftenmisunderstood
38
LocaJonTracking� WeoftenthinkofGPSandmapapplicationswhenwethinkoflocationtracking,but
therearemanyothertrackersoutthere� WhenyoulogontoGooglefromanewlocationyouwillgetane-mailortextaskingyou
ifthislocationislegitimate� Banksdothesamething,andaskforevenmoreverificationbysendingacodetoyouvia
analternatemeanssuchascellphone� FastPasscardsknowwhenyouareinacertainlaneonthefreeway� LoJacktracksyourcar� Ifyougoabroadthegovernmentandtheairlineknowalotaboutyourplans
� TheairlineevenreportsonyourarrivaltotheTSAupondeparture� Acriminalmayhaveatrackerattachedtoanankle� Someparentsareinstallingtrackerchipsintheirchildren
� Canhelpifyouryoungchildwandersoffinthemall,butcanhurtifothersstarttrackingyourchild� Thisinformationcanbeusedforgoodpurposes
� Findyourcar,oryourchild� Sendyouinformationthatmaybeofgreatinterestoropportunityforyou
� Orbadpurposes� Informationcanbesubpoenaed� Ifhackedinformationcanletthieves,opponentsorothersobtaininformationthatis
embarrassingorthatyoumightotherwisenotwantreleased
39
SocialMediaAnalyJcs� SocialMediaAnalyticsisthepracticeofgatheringdatafromblogsandsocial
mediawebsitesandanalyzingthatdatatomakebusinessdecisions.Themostcommonuseofsocialmediaanalyticsistominecustomersentimentinordertosupportmarketingandcustomerserviceactivities.� Thefirststepinasocialmediaanalyticsinitiativeistodeterminewhich
businessgoalsthedatathatisgatheredandanalyzedwillbenefit.� Typicalobjectivesincludeincreasingrevenues,reducingcustomerservicecosts,
gettingfeedbackonproductsandservicesandimprovingpublicopinionofaparticularproductorbusinessdivision.
� Oncethebusinessgoalshavebeenidentified,keyperformanceindicators(KPIs)forobjectivelyevaluatingthedatashouldbedefined.� Forexample,customerengagementmightbemeasuredbythenumbersoffollowers
foraTwitteraccountandnumbersofretweetsandmentionsofacompany'sname.� Thereareanumberoftypesofsoftwaretoolsforanalyzingunstructureddata
foundintweetsandFacebookposts.Inadditiontototextanalysis,manyenterprise-levelsocialmediatoolswillharvestandstorethedata.
40
TheRightToBeForgo_en� Socialnetworkswillremoveposteddata,butwhathappenswhenthatdatahasbeen
copiedandpostedbyothers� Mostcompaniesthathaveyouonane-maillistallowyoutoopt-out–lookforthesmall
printattheendofthemessage� Thirdpartiesmaybecollectingalltypesofdataaboutyou(perhapscollectedbyother
companies)� Thereisnowayforyoutoknowallthedatathathasbeencollectedandwhohasit.� Youcan’tgotoonesinglelocationtoseewhohasinformationonyouandtherefore
easilyselectwhoyouwanttohavedeletedataaboutyou� Sometimesaskingfordatatoberemovedcanharmyou
� Creditagenciescollectallkindsofdata� Withoutacreditratingyouwillhaveahardtimegettingaloanoracreditcard.
� Doyouwanttodeleteallyourhealthdataifyouswitchhealthproviders?� Thismaynotbelegalandconflictwiththeprovider’sresponsibilitytosharethisdatawithyour
newprovider.� WecanstayofftheInternet–thatisanegativeright(liberty)� Thepositiveorclaimrighttohaveallinformationaboutus,eveninformationobtained
fromothersources,permanentlyeraseddoesnotyetexistlegallyortechnically� Toeliminateallthisdatawouldrequirecollectingallthemetadataaboutyou–even
moredatacollection!� Cleaningdata,avoidingdeletinginformationaboutotherswiththesamenames,etc.are
alsoissues� Doyouthinkaclaimrighttobecompletely“forgotten”islegallyorethicallydesirable
orwarranted?� Whatwouldyourresponsibilitybeifyouexercisedthisclaim?
41
42
ThePrivacyActof1974(1)� FacedwithagrowingamountofcollecteddatathePrivacyActof1974was
enactedtoensurethethegovernmentdidnotabuseitsevergrowingcollectionofinformation
� Keyprovisionsandprinciples:� Theremustbenopersonaldatarecord-keepingsystemwhoseveryexistenceis
secret.TheremustbeaFederalRegistryofallsystemsanddatabasesthatholdpersonalinformation,withexceptionsforsomesecuritydatabases
� Theremustbeawayforanindividualtofindoutwhatinformationabouthimisinarecordandhowitisused.
� Theremustbeawayforanindividualtopreventinformationabouthimthatwasobtainedforonepurposefrombeingusedormadeavailableforotherpurposeswithouthisconsent.
� Theremustbeawayforanindividualtocorrectoramendarecordofidentifiableinformationabouthim.
� Anyorganizationcreating,maintaining,using,ordisseminatingrecordsofidentifiablepersonaldatamustassurethereliabilityofthedatafortheirintendeduseandmusttakeprecautiontopreventmisuseofthedata.
43
ThePrivacyActof1974(2)� Noagencyshalldiscloseanyrecordwhichiscontainedinasystemof
recordsbyanymeansofcommunicationtoanyperson,ortoanotheragency,exceptpursuanttoawrittenrequestby,orwiththepriorwrittenconsentof,theindividualtowhomtherecordpertains
� Therearespecificexceptionsforallowingtheuseofpersonalrecords:� ForstatisticalpurposesbytheCensusBureauandtheBureauofLabor
Statistics� ForroutineuseswithinaU.S.governmentagency� Forarchivalpurposes"asarecordwhichhassufficienthistoricalor
othervaluetowarrantitscontinuedpreservationbytheUnitedStatesGovernment"
� Forlawenforcementpurposes� Forcongressionalinvestigations� Otheradministrativepurposes
44
ThePrivacyActof1974(3)� TheComputerMatchingandPrivacyProtectionActof1988,P.L.100–503,amendedthePrivacyActof1974byaddingcertainprotectionsforthesubjectsofPrivacyActrecordswhoserecordsareusedinautomatedmatchingprograms.Theseprotectionshavebeenmandatedtoensure:� Proceduraluniformityincarryingoutmatchingprograms� Dueprocessforsubjectsinordertoprotecttheirrights� OversightofmatchingprogramsthroughtheestablishmentofDataIntegrityBoardsateachagencyengaginginmatchingtomonitortheagency'smatchingactivity.
45
DataCollecJonByTheGovernment–ProblemsInPracJce� Haveyoueverputsomethingawayandthenforgottenaboutit?� Thegovernmenthasalltypesofcollectedinformationthatithasn’tevendiscovered
� Computerizedsystemsandelectronicrecordingmakeitmucheasiertogetatthatdataforbothgoodandbadpurposes
46
AgenciesThatCollectDataAboutYou� SocialSecurity–andtheSSNhasbecomeadefactoIDformanypurposes� TheIRS(whichusestheSSN)� TheDMV–forawhiletheSSNwasdisplayedonyourlicenseorIDinmany
states� YourlicenseisnowpartoftheRealIDprogramandistheminimumneededtogetontoa
plane(inlieuofapassport)� TheTransportationSafetyAdministration(TSA)whichkeepstrackofallyour
airplanetravels,andisreadytogreetyouwhenyoureturnfromabroad� TheCensusBureau–althoughthisissupposedtobeanonymous� Yourschooloruniversity–manyuseyourSSNasyourID� Medicalrecordsareoftencollectedandsharedwiththegovernment� SocialWelfareagencies� Police,theFBI,otherlawenforcementagencies
� Evenifyouarenotacriminal,justgettingasecurityclearancerequiresturningoverlotsofpersonaldata
� Publicrecordsarereadilyavailableandpublished� Propertyorbusinessownership
� OnceinformationiscollecteditmaybesubjecttoreleaseundertheFreedomofInformationAct
47
UsesandMisusesofGovernmentDataCollecJon� Somepurposesaregood,usefulandgenerallysupported
� Understandingpopulationdemographicsandmovements� Allocatingrepresentation(oneoftheoriginalpurposesofthecensus,alongwithtaxation)
� Taxcollection,collegeloancollection,etc.� Maintainingsecurity–thiscanalsobeabused� Draftregistration� Trackingcriminalsandsexoffendersinparticular� Goingafteraparentowingchildsupport
� Otherpurposescanbebadorillegal� Releaseofpersonallyembarrassinginformation� Identitytheft� Misidentification(peoplehavebeenputonthe“no-fly”listduetomistakenidentity)� Denialofcredit� Identificationofpoliticalbeliefsbydonations(overridesthesecretballotconcept)� Industrialespionage� Otherpoliticalmischief
� Wewouldliketoevaluateeachuseofthedataindividually,butsometimesthisdoesn’thappen� Thereforeweneedtoevaluatethecollectionofdatatypes,oraggregateddata,againstall
theprosandcons–arisk/rewardidentificationandtrade-off
48
TheRealIDAct� Congresswantedtohaveamoreuniformandfairwayforpeopletobeidentified,especiallywhengettingontoairplanesorenteringfederalfacilities� Setafederalstandardforeachdriver’slicenseorpersonalID
� Requiredeachpersontoprovidesupportingdocumentationsuchasabirthcertificate,withthestatesevaluatingtheinformationaccordingtothestandard,beforethestateissuedthelicenseorID
49
ANaJonalIDCard?� Prosfornationalidentificationsystem:
� Allthatinformationisoutthereinanuncontrolledwildwest.Wouldn’tconsolidationbebetter
� ThechangefromthestatedriverslicensetothenationalidentificationsystemwouldnotbedrasticasfarastheformofIDgoes.WiththenationalIDsystem,wewouldstillhaveacardjustlikethedriverslicenseswehavenow;theonlydifferenceinthemakeupofthecardwouldbetheadditionalrequirementsonthenationalIDcard(suchastheadditionalidentificationinformation,etc.).
� Ifusedproperly,thenationalIDcardcanbeusedtocontrolcrime,terroristactivity,illegalimmigration,andidentitytheft.
� Mostofthecountriesintheworldusethem,butnotall� Consfornationalidentificationsystem:
� History–whenagovernmenthassomuchcontroloverinformationittendstouseit.� Thenationalidentificationcardusesalargedatabasethatlinksallofthe50states'
databasestogether.Thisnationaldatabase,containingeverycardholder'spersonalinformation,canbeaccessedfromanywhere,includingschools,airportsecuritychecks,policestations,etc.
� ThenationalIDcardissupposedtobehardertoforgethanourIDcardsoftoday;however,thischallengemayactuallyincreasetheriskofidentitytheft.Morepeoplewillhaveaccesstothenationaldatabase.Therehavealreadybeenincidentsofidentitytheftwiththissysteminothercountries.RecentlyinRussia,policemenandcivilianswereapprehendedafterhavingforgedIDcardsthatwouldhaveallowedthemdirectaccesstoPresidentVladimirPutin'soffice.
� Nationalidentificationcardsarefacingoppositionallacrosstheglobe.CountriessuchasAustralia,NewZealand,thePhilippines,Thailand,andtheUnitedKingdomhavebeenfightingtheinstallationofanationalidentificationsystemforthepast11years.
50
Whatdoyouthink–makeyourownliststhataddtotheideasshownaboveDevelopevaluationcriteriaandgiveascoretotheNationalIDCardidea(Positivemeansyes,negativeno)
ThePatriotAct(1)� Tenbasicprovisions(I-IV)
� TitleI:Enhancingdomesticsecurityagainstterrorism� Section102expressestheSenseofCongresscondemning
discriminationagainstArabandMuslimAmericans.� TitleII:Enhancedsurveillanceprocedures
� Includesenhancedwiretappingundercourtsupervision� Allowslawenforcementtoseizevoicemailmessages.� Allowslawenforcementtosubpoenaadditionalsubscriberrecords
fromserviceproviderssuchas“recordsofsessionsanddurations”and“meansandsourceofpayment.”
� Allowsinformationtobegatheredpriortocollectionofawarrantintimecriticalsituations
� TitleIII:Anti-money-launderingtopreventterrorism� TitleIV:Bordersecurity
51
ThePatriotAct(2)� Tenbasicprovisions(V–X)
� TitleV:Removingobstaclestoinvestigatingterrorism� AuthorizestheAttorneyGeneraltomakefundsavailableforthepaymentofrewards
forassistanceincombatingterrorism.� Includespaymentstoanindividualwhofurnishesinformationleadingtothe
preventionofterrorismortheidentityofsomeone“whoholdsakeyleadershippositioninaterroristorganization”intheStateDepartment’srewardsprogram.
� Authorizesfederalofficerswhoconductelectronicsurveillanceorphysicalsearchestoacquireforeignintelligenceinformation,toconsultwithotherFederallawenforcementofficerstocoordinateeffortstoprotectagainstterroristattacksorclandestineintelligenceactivitiesbyaforeignpoweroritsagent.
� Allowslawenforcementeasieraccesstotelephonetollandtransactionalrecords,financialrecords,andconsumerreports.
� TitleVI:Victimsandfamiliesofvictimsofterrorism� TitleVII:Increasedinformationsharingforcriticalinfrastructureprotection
� GreatercooperationbetweenFBI,NSA,CIA,Immigration,StateLawEnforcement,etc.
� TitleVIII:Terrorismcriminallaw� TitleIX:Improvedintelligence
� Againtheemphasiswasoncoordinationamongstagencies� TitleX:Miscellaneous
� Modifiedin2015torestrictbulkcollectionofphonerecords� Thiscouldhurtdataminingefficiencyandabilitytotrackterroristactivities–
proponentsbelieveitisanecessarycontrolonexcessivegovernmentpower
52
ThePatriotActEvaluated� ThePatriotActisconstantlybeingevaluatedintermsofits
consequencesversusitsvalue� DoesitinterferewithNaturalRightsasLockeseesthem� ItisaprimeexampleoftheevolvingSocialContract,asHobbesmight
say?� Protectionsareputintotheveryfirstarticletoprotectminorityandin
particularMuslimrightsaspartoftheevaluatedcalculation.� Certainrightstoprivacyarecededtothestateforaperceivedgreater
good.� Warcanoftenleadtocurtailmentofrights–thereforeitisatimeto
beespeciallycarefulaboutcedingrights� ThePatriotActwasmodifiedin2015toreflecttheconcern(ofa
minority)aboutgovernmentintrusivenessviadatamining� Agreatervaluewasassignedtoconstrainingthegovernment,which
modifiedtheimmediatepost9/11valuations
53
54
PrivacyProtecJon–OrganizaJonsThatAdvocateForPrivacy
� Manyorganizationsareinvolvedasindependentmonitorsofprivacy� Theyexpectaveryhighutilityinaconsequencebeforecedingany
righttoprivacy� PrivacyRightsClearinghouse-www.privacyrights.org
� Informationresourceonissuesandmechanismsrelatedtoprivacyprotection
� ElectronicPrivacyInformationCenter-www.epic.org� Focusespublicattentiononemergingprivacyandcivilliberties
issuesandtoprotectprivacy,freedomofexpression,anddemocraticvaluesintheinformationage.EPICpursuesawiderangeofprogramactivitiesincludingpolicyresearch,publiceducation,conferences,litigation,publications,andadvocacy.
� AmericanCivilLibertiesUnion
55
PrivacyProtecJon–TechnologyandMarkets� Technologycancreateproblemsandprovidesolutions� Thisisoftenaneverendingbattle� Someactivitiesarebenign
� Advertisingpopups,followedbypopupblockers
� Othersaremalicious� Spywareandviruseshaveledtocompletesecuritysuites
56
EncrypJonandPrivacy� Therearefiveprimaryfunctionsofcryptographytoday:
� Privacy/confidentiality:Ensuringthatnoonecanreadthemessageexcepttheintendedreceiver.
� Authentication:Theprocessofprovingone'sidentity.� Integrity:Assuringthereceiverthatthereceivedmessagehasnotbeenaltered
inanywayfromtheoriginal.� Non-repudiation:Amechanismtoprovethatthesenderreallysentthis
message.� Keyexchange:Themethodbywhichcryptokeysaresharedbetweensender
andreceiver.� Encryptionisusedtoscrambleinformationsothatitcanbesentsecurely
� InCS121andotherclassesyousawsimpleCaesarCyphersandotherencryptiontechniques
� YouencryptthedataonyourhomeWi-Fi� Mostoftenencryptionanddecryptionisbasedonasecurekey
� Canbeaword,number,bitstream,hashfunctionetc.� Oftenthiskeyisheldbyathirdparty� Encryptiontechnologiesusedtobeconsiderednonexportable,
� Manyrestrictionshavebeenlifted
57
EncrypJonAlgorithms(1)� Thereareseveralwaysofclassifyingcryptographicalgorithms.
� Theyarecategorizedbasedonthenumberofkeysthatareemployedforencryptionanddecryption,andfurtherdefinedbytheirapplicationanduse.
� SecretKeyCryptography(SKC):Usesasinglekeyforbothencryptionanddecryption;alsocalledsymmetricencryption.Primarilyusedforprivacyandconfidentiality.
� PublicKeyCryptography(PKC):Usesonekeyforencryptionandanotherfordecryption;alsocalledasymmetricencryption.Primarilyusedforauthentication,non-repudiation,andkeyexchange.
� HashFunctions:Usesamathematicaltransformationtoirreversibly"encrypt"information,providingadigitalfingerprint.Primarilyusedformessageintegrity.
58
EncrypJonAlgorithms(2)
59See:AnOverviewofCryptography.pdf
Acryptographichashfunctionisahashfunctionwhichtakesaninput(or'message')andreturnsafixed-sizealphanumericstring,whichiscalledthehashvalue(sometimescalledamessagedigest,adigitalfingerprint,adigestorachecksum).
PoliciesForProtecJngPersonalData� Ifwestartfromthepremisethatprotectingpersonaldataisanethicalaswellasalegalresponsibilitythenpoliciesforprotectingyourdataneedtobeimplemented� Thesepoliciesmayrequiretechnologyaswellassecurepracticestoimplement� Encryption� Passwords� Physicalsecurity� Deletionofdatanolongerrequired� ChiefSecurityOfficerresponsibleforoverallsecurity
� Exacerbatedbythecloud,socialsites,etc.,whereyoumustbeproactive
60
LawandTheRightToPrivacy(1)� Isprivacyaright
� Negativeorpositiveright� Whenweclaimaprivacyrightwemayrestrictsomeoneelse’saccess
toinformation� Inlaw,therighttoprivacyismorerestrictedforpublicfigures
� Isprivacyapropertyright� WarrenandBrandeis–TheRightToPrivacy(1890)
� Privacyisadistinctrightrequiringitsownlawsandprotections� Distinctfromlibel,slanderetc.,personaldatadeservesitsownprotections� Aheadofitstimeinforeseeingtheseproblems
� Thomson-TheRightToPrivacy(1975)� Privacyisnotaseparaterightbutderivesfromotherrights,inparticular
propertyrights� Youcanwaivepropertyrighttoprivacyeitherdirectlyorinadvertently,butitis
apropertyright� Readingamagazineinpublicwaivestheright� Spyingonsomeoneisaviolationoftheright
� Ifyousaysomethingwithoutaconfidentialityagreementyouhavecededyourrighttoprivacy
61
LawandTheRightToPrivacy(2)� Inbothcasestherealissueiswhetherpersonalinformationcanbedisclosedwithoutpermission� Neitherapproachwouldallowbroadpublicationofprivatedata
(althoughthishappensalltoooften)� HowevertheBrandeisapproachmightallowthereleaseofprivate
informationifreasonablyaskedforinspecificcases� Lifeinsurancecompanyandsmokinghabits,etc.
� Thomsonseemstosaythatyouownyourpersonalinformationandnoonecanclaimitwithoutyourpermissionunlessitisinthepublicdomain
� Bottomline–Theissuesofwhatprivacyisandwhetheritisarightremainhotlydebated� Itisabigtopicinlawschools� MichaelGreenhaswrittenandtaughtextensivelyonthistopic� ThePeikoffarticletakesaverystrongpositionthatbynot
consideringprivacyasaseparaterightwemayimproveourprivacy
62
TransacJonsandPersonalData(1)� Whentwopeopleshareinformationwhoownstherights� Ifonepersonwantstodiscloseinformationaboutatransactionandtheotherdoesn’t,whogetsprecedence� Isitnecessarytohavea“Pre-nuptial”foreverytransaction,definingwhohaswhatrights
� Ifyouvoluntarilyallowsomeonetotakea“compromising”picture,whoownsthatpicture–Whatdoyouthink?� Whenyouthinktheremaybeaconflict,getacontractfirstthat
statesexplicitlywhatyouareagreeingto!
� Ifthereisnegativeinformationaboutyou,doyouhaveapropertyrighttothatpersonalinformation� Shouldcriminalrecordsbehiddenfromemployers?� Caninformationaboutaperson’shistoryofpayingrentbeobtainedbyanewpotentiallandlord?
63
TransacJonsandPersonalData(2)� Shouldmoralprinciplesoreconomicprinciplesbeappliedwhendeterminingpropertyrights� JudgeRichardPosnerbelievedthelattershouldapply,butrecent
trendsinlegislationareworkingintheoppositedirection� Therearehundredsofprivacylawsimplementedthrough
thousandsofregulations� Sometimestheregulationscanbesoonerousthattheyrestricttheflow
ofinformation� Remember,whenyoupublishinformationaboutyourselfwithout
copyrightprotectionitisfullyinthepublicdomain� Withtruefreemarketspeopleowntheirpropertyrightsandcanmakevoluntaryagreements� Manytimesthegovernmentandregulationscan’tkeepupwiththe
paceofchange� Regulationssometimesconstraininnovation� Howevereventhemostavidoffreemarketersbelievesinlegal
sanctionsforthosewhostealdataorloseprivatelyrevealeddatathroughcarelessness
64
TransacJonsandPersonalData(3)� Consumerprotectionistsbelievethatindividualsneedgreatergovernmentprotection� Typicallyseeprivacyasaseparateright,notapropertyright� Wantstringentconsentrequirements(noimplicitconsent)� Restrictionsoncollectionandstorageofdataformarketingor
otherpurposes� Don’tbelievethatconsumersalwaysunderstandwhattheyare
agreeingto,especiallywhenthosecollectingthedatamaynotyethaveevendeterminedhowthatdatawillbeorganizedandprofiledforuse
� Seeprivacyasaclaim(positive)right–i.e.wecangobeyondprotectingourdataourselves,andinsteadmakedemandsonothers� Don’tsenddataaboutmejustbecauseIgaveittoyouwithouta
contract� Protectanyinformationyoureceiveaboutmefromothersourcesand
don’tretransmit
65
PrivacyInTheEuropeanUnion� EUhasstricterprivacyrulesthantheU.S.
� IngeneralEUismorehighlyregulatedinallaspectsoflife� Includesthefollowingadditionalrules:
� Processingofdataispermittedonlyif� Thepersonhasconsentedunambiguously� Orifitisneededtofulfilllegalorcontractualobligations� Orforanoverridingpublicgood
� Specialcategoriesofdatacoveringrace,politics,religion,sexlife,etc.maynotbepublishedwithouttheperson’sexplicitconsent
� Processingofdataaboutcriminalconvictionsisseverelyrestricted� Defaultforsocialnetworkingsitesissetataveryhighprivacylevel,andasksthat
picturesofothersonlybeuploadedwithspecificconsent� HasledtoconflictsoverhowtheInternetisusedhereandabroad
� GooglehadissuesinGermanyaboutStreetView–nolongerprovidedwithstreetsfromGermany
� OntheotherhandtheEUallowslawagenciesgreateraccesstoinformationaboutwebusagethantheU.S.does
� TherehavebeenconflictsbetweentheEUandothercountries� EUdoesnotallowtransferofpersonaldatatocountriesoutsidetheEUwithoutadequate
privacyprotectionsystemsandregulation� Canaffectfinance,banking,travelandmanyotherareasiftherearedifferent
requirementsindifferentlocations
66
67
Overview� TheFourthAmendmentprotectsourrighttoprivacy
� Mostsearches,includingwiretaps,seizureofproperty,etc.requirewarrantsandprobablecause
� Technologyhaschangedthescopeandboundariesofcommunications,inparticularinthepast20years
� TheCommunicationsAssistanceforLawEnforcementAct(CALEA)of1994� Actually requires that communications systems be designed or
modified to allow law enforcement agencies the ability to interceptvariousformsofcommunications� Notethegovernmentcreatingitsownclaimrightandimposingitthroughlaw
andregulation� Expandedonseveraloccasionstokeepupwithtechnologychanges� Obviouslyamajorclashpointintrade-offbetweenprivacyandthelaw
� Mustyourphonehavea“Backdoor”tocomplywiththislaw?
68
WiretappingandEmailProtecJon(1)� Telephoneandtelegraphcommunicationshavebeenusedbyforunlawfulorotherless
thanethicalpurposesfromtheoutset� Organizedcrime� Drugtrade� Humantrafficking� Spying� Moneylaundering� Eavesdropping(partylinephones)
� Wiretappingfollowedsoonaftertheadventofthetelegraphandtelephone� EspeciallyusedbytheFBIandotherlawenforcementagenciesagainstorganizedcrime� Temptationsweregreatandmanytimespublicofficialsandotherswerewiretapped
(withoutawarrant)forpoliticaloreconomicdatacollection� CongressestablishedtheCommunicationsActin1934
� Onlythesendermayauthorizethereleaseofanysentmessage–warrantsweren’tmentioned
� SupremeCourtsaidthisappliedtowiretappingaswell–notethatthesewerenolongerjustphysical,butanytypeofmessage
� FBIandotheragenciesoftenignoredtheserules� FBIDirectorJ.EdgarHoovercollectedlotsofinformationforleverage(Kennedy,M.L.
King,etc.)� RobertKennedy(asAttorneyGeneral)usedillegalwiretapsagainsttheMafiaonaregular
basis,evenwhileHooverwasusingillegallycollectedinformationasleverageagainsttheKennedy’s
69
WiretappingandEmailProtecJon(2)� In1967(Katzv.U.S.)courtdeclaredthatallwiretappingandotherelectronicsurveillancewasillegalwithoutawarrant� In1968Congressexplicitlyallowedwiretappingandother
electronicsurveillancewithacourtorder,affirmingtheKatzdecisioninlaw
� AsE-mailandotherformsofcommunicationsevolvedCongressaddednewprotections� ElectronicCommunicationsPrivacy(1986,amended1994)
extendedwiretappingprohibitionandwarrantrequirementstoe-mailandotherformsofelectroniccommunications,includingwirelesscommunications
� Warrantrequirementsevenextendtothirdpartiesthatstoreyoure-mailorotherelectroniccommunications
� PatriotAct(previouslydiscussed)loosenssomeoftheserestrictions,especiallyoncollectionofmetadata
70
ComplyingWithTheCommunicaJonsAssistanceforLawEnforcementAct� GovernmentwantedtomakesurethatlawenforcementcouldkeepupwithtechnologicaladvancementsandpassedCALEAin1994
� ComplyingwithCALEArequires:� Designerscooperatewithandseekapprovalfromthegovernmentfornewtechnologicalinnovationsthatimprovesecurity
� Providersallowthegovernmenttoobtainaccesstometadataanddata,andsometimesplacemonitoringtoolsintheirsystems
� Requireaccesstoencryptiontechniquesandkeys,andallowforreverseengineering
� Makesanassumptionthatthegovernmentwon’tmisusetheinformation
71
TheNaJonalSecurityAdministraJonandIntelligenceGathering� TheNSAhasalegalroleinthecollectionofdata
� CreatedinsecretbyTrumanin1952� HasbeenlimitedinthepasttocollectinginformationoutsidetheU.S.
� In1978theForeignIntelligenceSurveillanceActwaspassedtomonitortheNSA� Setupsecretcourtswiththeabilitytoissueswarrants,allowinginterceptionof
communicationstoandfromtheU.S.� NSAstartedmonitoringmetadata(dataaboutdata)
� Someofthisseemedtobeoutsidethescopeofwarrants,sincepersonalcontentofthedatawasnotcollectedunlessapatternwasfound
� NSAsetupcollectionfacilitiesatmanycommunicationscompaniestocollectdata� FISAActof2008protectscompaniesfromlawsuitswhentheycooperatewith
thegovernment� InterrorismcasessomeoftherulesoftheFourthAmendment,suchas
revealingalldatacollectedtotheaccused,doesnotapply� Therewillalwaysbetrade-offsbetweensecurityandprivacy
� Ultimatelyweneedtoaskwhoownstheinformation� OnceweknowwhoownsinformationwecandiscusstheFourthAmendmentRights
72
Summary� Thechallengesandtradesinprotectingprivacyareexpanding� Isinformationaboutyouyourproperty?
� Whataboutinformationaboutyourinformation?� Onceinformationisreleasedtoapartycanitbesharedwithothers?
� Underthesocialcontracthowmuchprivacydowecedetothegovernmenttoprotectoursafetyandsecurity?
� Theseissuescontinuetoevolve,andourtoleranceforprivacyinvasionsseemstovarybasedonthepoliticalclimateorsecuritysituation.
73
WhatDoYouThink?AndWhy?� Thegovernmentpassesalawlimitingpersonalenergyconsumptioninordertoachievecertainenvironmentalgoals.� Canthegovernmentgotoeachofyourenergyproviders(gas,electric)tomonitoryourhomeutilization?
� Cantheymonitoryourautomobileandlimitthemileageyoudrive?
� Cantheycheckyourcreditcardtoseehowmuchyouspendongas?
� Someofthissoundsfar-fetched,butrightnowCaliforniacanfineyouforusingtoomuchwater,orevenforwateringonthewrongday.
74