Difference between revisions of "IT Questions regarding the Future of Privacy"

From ScenarioThinking
Jump to navigation Jump to search
 
Line 159: Line 159:
This may lead to stealing information from the database.
This may lead to stealing information from the database.


<li>'''What privacy issues are related to customer loyalty cards?'''</li>
<li>'''What privacy issues are related to customer loyalty cards?'''<br /><div style="width:90%; font-size:8pt;overflow:auto">Also called "registration and monitoring" programs, because whenever a person hands over name, address, and ID to receive a numbered card, that person has been registered. When that number is used to track the individual's activities, that person is also being monitored.[22]
 
Retailers benefit from tracking consumers' purchases. They use this information to analyze shopping habits, refine marketing programs, fine-tune their product mix and identify the most appealing promotions, according to the marketing institute.
 
Raymond Burke, a business professor at Indiana University, said retailers use the information to create customer profiles. That allows stores to identify which customers are spending the most money and improve service for those customers to encourage them to spend more.
 
Walt Heller, research director at the trade publication Progressive Grocer, said stores have little incentive to give the data to third parties. Many stores build trust by following policies that prohibit the selling or sharing of customer information with third parties.[21]</div></li>
<li>'''How does the price reduction and convergence of cameras affect privacy? (Patrick) '''
<li>'''How does the price reduction and convergence of cameras affect privacy? (Patrick) '''
<div style="width:90%; font-size:8pt;overflow:auto">
<div style="width:90%; font-size:8pt;overflow:auto">
Line 262: Line 268:


[20]Andreas Jacobsson,Martin Boldt and Bengt Carlsson. [http://www.bth.se/tek/aps/mbo.nsf/(WebFiles)/8355BACE15A7A600C125710D00418AC5/$FILE/WCC2004-JacobssonBoldtCarlsson.pdf  PRIVACY-INVASIVE SOFTWARE IN FILE-SHARING TOOLS], School of Engineering, Blekinge Institute of Technology.
[20]Andreas Jacobsson,Martin Boldt and Bengt Carlsson. [http://www.bth.se/tek/aps/mbo.nsf/(WebFiles)/8355BACE15A7A600C125710D00418AC5/$FILE/WCC2004-JacobssonBoldtCarlsson.pdf  PRIVACY-INVASIVE SOFTWARE IN FILE-SHARING TOOLS], School of Engineering, Blekinge Institute of Technology.
[21]http://www.tucsoncitizen.com/news/business/090204d1_storecards
[22]http://www.nocards.org/faq/faq_02.shtml

Latest revision as of 06:27, 6 March 2007

<< back to 'Questions Regarding the Future of Privacy in 2015'

Questions

  1. What technology and technological solutions are there to maintain privacy? (Folkert)
    • Snoop Proof Email
    • Anonymous Remailers
    • Surf Anonymously
    • HTML Filters
    • Cookie Busters
    • Voice Privacy
    • Email and File Privacy
    • Secure Instant Messaging
    • Web Encryption
    • Telnet Encryption
    • Disk Encryption
    • Disk/File Erasing Programs
    • Privacy Policy Generators
    • Password Security
    • Firewalls
    • Information Resources

    [10]

    Privacy Protection Tools

    A number of technologies are available to consumers who wish to safeguard their online information and activities.

    Encryption
    Encryption scrambles email messages or data files, making them gibberish to anyone other than the intended recipient. Secure, encrypted transfers are particularly important when sending sensitive information, such as credit card numbers and other financial information, over the Internet. Users can determine whether an Internet site is secure in two ways. Protected Web sites will usually indicate that transfers are encrypted; and the user's browser will display a symbol - often a small padlock icon - in the lower left or right hand corner of the page, to confirm the site's security. Many encryption programs exist, and quite a number can be downloaded free from the Internet.
    Cookie deflectors
    Cookie deflectors make the file where a browser stores its cookies unreadable. Once the file-locking method has been set, the browser will skip over any attempt to set a cookie; and it will erase its cache of stored cookies the next time the user quits and restarts the browser.
    Private email
    Hotmail, Yahoo! and other Web-based email services protect their users' identity. An email address need not include a person's name, and it also becomes the log-in code. Users may reach their email from any computer with access to the Internet, just by entering a password. But although these email programs are "free," their services have a price: when users sign up, personal information is solicited from them.
    Some services have privacy policies that promise not to reveal information to third parties; but most such services pay for the "free" email they offer by selling the information. One result of this is that users can often get flooded with "spam," or unsolicited commercial email. (This can be reduced if users unclick the registration-form box indicating a wish to receive promotional material.)
    Re-mailers
    Anonymous re-mailers act as intermediaries for messages, erasing the return address information coded into every email message. They also remove the electronic logbook of an email's checkpoints along its digital journey - its hops from one server to another on its way to its destination. There are two kinds of re-mailers: pseudo-anonymous re-mailers, and true anonymous re-mailers. Pseudo-anonymous re-mailers allow users to keep their real names, instead of replacing them with code names.
    Filtering software
    Outgoing filtering software prevents email users from sharing specific information. For example, it can be installed to prevent children from sending their name, address or telephone number over the Internet. Once this information has been programmed into the software, it will appear only as "xxx" anytime the information is entered online on that computer.
    Secure sites
    It is possible to easily find out if a Web site is secure: a tiny security icon in the shape of a key or a padlock will appear in the bottom left or right corner of the Web browser. When a user clicks on the icon, a window appears to indicate whether the site is safe for submitting information.

    [11]

  2. In what technological areas does privacy play a role? (Folkert)
  3. How is the ubiquity of computers influence privacy? (Folkert)
  4. Ubiquitous Computing’s Privacy Implications But fluid, situated interaction comes at a cost. Automatic sensing of individuals’ activities will grow more sophisticated, soon allowing for fine-grained knowledge of what someone is doing and whom they are doing it with. Mobile phones and GPS can provide a person’s outdoor location with increasing resolution, and RFID tags embedded in badges, clothing, or other objects can track movement indoors. Computer vision and speech recognition technology, while still relatively crude, can recognize faces pulled from a crowd or automatically flag keywords in a phone conversation. Machine learning techniques are being developed to infer a high-level understanding of a conversation or meeting based on the relations between participants. Coupled with the digital availability of a person’s identity, pervasive information gathering becomes a powerful surveillance and profiling tool. The emergence of ubiquitous sensor networks and robust data mining techniques will amplify the tracking and profiling capabilities of personal information collectors. As sensors pervade public and private environments, people will effectively and implicitly create continuous streams of personal information regarding their activities. One’s location, activity, and proximity to other individuals will be sensed in real-time, possibly stored for long periods, and shared and sold amongst corporate and government interests just as transaction profiles are traded today. Alone, these raw data streams have the potential to reveal a great deal about the immediate aspects of a person’s life, but when linked to one’s identity, these streams can feed and refine increasingly dense historical profiles maintained by law enforcement, commercial interests, and other individuals both familiar and unknown to the subject. As sensors pervading the social environment empower organizations to maintain continually updated dossiers on individuals’ locations, activities, companions, and correspondences, ostensibly in the interests of personalization, security, and efficiency, the very notion of being offline may become obsolete. [12] [13]

  5. What is the influence of social networks and privacy? (MSN Email Chat) (Folkert)
  6. In our study of more than 4,000 CMU users of the Facebook we have quantified individuals’ willingness to provide large amounts of personal information in an online social network, and we have shown how unconcerned its users appear to privacy risks: while personal data is generously provided, limiting privacy preferences are hardly used; only a small number of members change the default privacy preferences, which are set to maximize the visibility of users profiles. Based on the information they provide online, users expose themselves to various physical and cyber risks, and make it extremely easy for third parties to create digital dossiers of their behavior. [14]

    Social networking tools, have almost become indispensable for teenagers, who often think theirs lives are private as long as their parents are not reading their journals.

    An analysis of weblogs revealed that the types of personal information revealed online includes name, address, birth date, location, and numerous contacts, including e–mail addresses, instant messaging user names, and links to personal Web pages (Huffaker and Calvert, 2005). “Because teenage bloggers are revealing a considerable amount of personal information, as well as multiple ways to contact them online, the danger of cyberstaking and communicating with strangers online is a serious issue.” [e40]

    Marketers who target teen consumers can use stated, personal information gathered from social networking sites for purposes other than what users intend. Today, the commoditization of information has made it necessary to consider the invasion of privacy by corporations. Schement and Curtis (1995) state that “information is gathered so that the economy can support its participants.” [e41] In a capitalistic society, marketers can use personal information collected in public online databases for commercial purposes. Additionally, companies such as Coke, Apple Computer and Proctor & Gamble are using social networking sites as promotional tools [e42] For instance, Apple Computer sponsors the Apple discussion list on Facebook.

    Schools can also access and use the information posted on social networking sites. At Chicago’s Loyola University, athletes were told to get off Facebook and MySpace or risk losing their scholarships (Sports Illustrated, 2006). In May 2006, a number of hazing photos appeared on a site called badjocks.com showing athletes from Princeton, Michigan, Fordham, and UC–Santa Barbara behaving badly. As a result, schools have started investigations into student athlete behavior.

    Parents, schools, social networking companies and government officials consider the outpouring of personal information in public social networking sites to be a problem. As a result, a number of social, technological and legal solutions are currently being explored. Last April, MySpace hired a safety czar to oversee its site and they began deleting 5,000 under–age profiles a day (Reuters, 2006b). Additionally, they are requiring all members under the age of 18 to review safety tips before they can register for the site. The company also restricts the profiles of users under the age of 16. These efforts are only a few of a number of potential solutions to the social networking privacy problem. [15]

  7. Which malware infringes privacy (spam / popup / spyware) ? (Folkert)
    • Adware
    • Anonymizer
    • Commercial Monitoring Software
    • Commercial Network Management Tool
    • DataMiner
    • Dialer
    • Loyaltyware
    • Miscellaneous Security
    • Password Cracker
    • Remote Adminstration Tool
    • Trojan
    • Virus
    • Web Based Instant Messaging
    • Worm

    [16]

    • key stroke loggers and screen capture utilities, which are installed by a third party to monitor work habits, observe online behavior, or capture passwords and other information;
      • programs that collect information about the user, potentially including personally identifiable information, and send it back to a central server;
      • programs that hijack a user’s Internet connection (and potentially other resources as well) for the software’s own use—for example as part of a distributed computing network or as a spam remailer;
      • programs that use the connection only to download updates to the software or content it uses (such as advertisements).
    • “adware” and similar applications that install themselves surreptitiously through “drive-by downloads” or by piggybacking on other applications and track users’ behaviors and take advantage of their Internet connection;
    • legitimate applications that have faulty or weak user-privacy protections.

    [17]

  8. Blogs and privacy? (Folkert)
    • the great majority of bloggers identify themselves on their sites: 55% of respondents provide their real names on their blogs; another 20% provide some variant of the real name (first name only, first name and initial of surname, a pseudonym friends would know, etc.)
    • 76% of bloggers do not limit access (i.e. readership) to their entries in any way
    • 36% of respondents have gotten in trouble because of things they have written on their blogs
    • 34% of respondents know other bloggers who have gotten in trouble with family and friends
    • 12% of respondents know other bloggers who have gotten in legal or professional problems because of things they wrote on their blogs
    • when blogging about people they know personally: 66% of respondents almost never asked permission to do so; whereas, only 9% said they never blogged about people they knew personally.
    • 83% of respondents characterized their entries as personal ramblings whereas 20% said they mostly publish lists of useful/interesting links (respondents could check multiple options for this answer). This indicates that the nature of blogs might be changing from being mostly lists of links to becoming sites that contain more personal stories and commentaries.
    • the frequency with which a blogger writes highly personal things is positively and significantly correlated to how often they get in trouble because of their postings; (r = 0.3, p < 0.01); generally speaking, people have gotten in trouble both with friends and family as well as employers.
    • there is no correlation between how often a blogger writes about highly personal things and how concerned they are about the persistence of their entries
    • checking one s access log files isn t correlated to how well a blogger feels they know their audience
    • despite believing that they are liable for what they publish online (58% of respondents believed they were highly liable), in general, bloggers do not believe people could sue them for what they have written on their blogs.

    [18]

    With few exceptions, most blogs exist in a fully public arena, which means that, once published, entries are readable by anyone on the Web. The results from this survey suggest that bloggers are starting to come up against a range of privacy-related issues varying from minor embarrassments with family and friends to termination of their employment. The findings also indicate that many respondents are developing strategies for minimizing potential problems with others when posting their entries online. [19]

  9. Progress or regression of privacy in relation uprising of blogs and websites? (Folkert)
  10. Is the privacy issue larger in IT than in "real life"?
  11. How will the new passports influence privacy? (stealing, data easily) (Robert)
  12. This information is private information of the owner of the passport and can only be accessed by government services across the world. But by adding a digital chip the possibility exists that people are stealing or building a RFID scanner which can scan the document. Normally the document could only be scanned from a small distance. But it is possible to replicate the chip and put the information in an fake passport[2]. Although the data is encrypted, the encryption has already been hacked[3]. So in fact it is nowadays easier to steal data from a passport. It can be done without the notice of the owner or actually stealing the passport. This is information is worth a lot on the black market. Also governments are using the data on the passports. For example the US and the Netherlands are keeping a database with all the passport information from visitors[3]. This may lead to stealing information from the database.
  13. What privacy issues are related to customer loyalty cards?
    Also called "registration and monitoring" programs, because whenever a person hands over name, address, and ID to receive a numbered card, that person has been registered. When that number is used to track the individual's activities, that person is also being monitored.[22]

    Retailers benefit from tracking consumers' purchases. They use this information to analyze shopping habits, refine marketing programs, fine-tune their product mix and identify the most appealing promotions, according to the marketing institute.

    Raymond Burke, a business professor at Indiana University, said retailers use the information to create customer profiles. That allows stores to identify which customers are spending the most money and improve service for those customers to encourage them to spend more.

    Walt Heller, research director at the trade publication Progressive Grocer, said stores have little incentive to give the data to third parties. Many stores build trust by following policies that prohibit the selling or sharing of customer information with third parties.[21]
  14. How does the price reduction and convergence of cameras affect privacy? (Patrick)

    With over 85% of cell phones in Japan, and an estimated 80% in the USA and Western Europe having built-in cameras, it is becoming much easier for people to take pictures of unaware victims or secret products. Increasing the ease of being able to take a quality picture at any time, also increases the amount of clandestine pictures taken. Many venues are already taking or considering taking precautions to remove cell phones from public changing areas or court rooms for privacy reasons, seeing as pictures from cell phones can be published online in mere seconds.

  15. What is the influence of privacy on encryption algorithms?
  16. Does the progression of IT lead to easier stealing of private info? (Patrick)

    Private info is commonly stored using encryption algorithms using different bit-coding, from 64bit all the way up to 2048bit encryption. Right now, it is almost impossible to crack even a 1024bit encrypted code with the current computing power. However, with nano computers becoming a reality, the safety of these codes is at risk. Current computer processors are reaching their physical limits, and hence multi-core systems have been popular as of late (2006-2007), but even these systems take years to take on heavy encryption. On a more organization side of things; as IT is being used to store more information all the time, more information becomes vulnerable to system attacks and virtual thievery. Locking up important papers in hidden, heavily armored and monitored safes is still a much more secure way to store private data than any electronic method. As this information is moved from safes to electronic storage, the ease of stealing it increases. Another large trend is data mining and data warehousing. These technologies store allow large amounts of data to be stored relatively centrally and in a connected way. The more data is connected to other data, the easier raw data can be extrapolated into actual information. Having one piece of a three-piece device makes no sense, but once that one piece is linked to the other two pieces, you have something to work with. This is the same with information. Useless raw data becomes meaningful and even related to individuals as more data is logged and linked to other data.

  17. How much cyber crime is privacy related? (Robert)
  18. Still a subject of research ( to be continued )
  19. How does RFID, Galileo, GPS influence privacy? (Patrick)

    RFID chips can be easily concealed in hidden places, this can be handy for supermarket checkouts, but it also means that once outside the store, strangers can continue reading exactly what is in a person's grocery bag. RFID chips can also hold personal information. New passports now carry a chip with details on the passport holder, which can be read from a distance and then cloned. Just by walking past an area, a copy of your passport could be made without your passport ever leaving your pocket.

    GPS and the Galileo Project make tracking and tracing of invididuals even easier. The marketing manager of Ericsson Australia said in an interview: “Factors holding back GPS included the availability of integrated handsets and consumer worries about tracking and privacy“. Assuming that the Ericsson marketing department has done sufficient research in the field to come to this conclusion, it serves as evidence that being able to see or trace anything at any time is a cause for privacy concerns. For example, in a survey done by Harris Interactive, only 6% of surveyed wanted their co-workers to know where they were at all times, and only 5% of people wished this for their employers.

  20. How is Google Earth viewed in regard to privacy? (Patrick)

    Google Earth allows anybody to view relatively high resolution satellite images of almost any place in the world. This has led to complaints from private users as well as the British military troops posted in Basra, claiming that the terrorists can easily use Google Earth to plan attacks on the UK troops seeing as the bases are clearly visible on Google Earth. Personal blog posts on the internet also show concern for the visibility of nude sunbathers, and casual sunbathers in their backyards. This is seen as a violation of privacy rights. Culturally, privacy is held in higher regard than other places. For this reason Google Earth poses an even greater threat. An article in the Arab News posts concern for Google Earth, as in the muslim culture, privacy is important.

  21. File Sharing trend and privacy issues?
    Personal privacy is affected by the occurrence of adware and spyware in peer-to-peer tools. In an experiment it was found that many contained ad-/spyware programs, and, that these hidden components communicated with several servers on the Internet. Although there was no exchange of files by way of the file-sharing tools, they generated a significant amount of network traffic. Amongst the retrieved ad-/spyware programs that communicated with the Internet, we discovered that privacy-invasive information such as, e.g., user data and Internet browsing history was transmitted. In conclusion, ad-/spyware activity in filesharing tools creates serious problems not only to user privacy and security, but also to network and system performance. The increasing presence of hidden and bundled ad-/spyware programs in combination with the absence of proper anti-ad/spyware tools are therefore not beneficial for the development of a secure and stable use of the Internet.[20]

References

[1] The ministry of the Interior and Kingdom Relations (BZK), 2007, http://www.paspoortinformatie.nl/?id=1

[2] TechMedia BV, 2006, http://www.bright.nl/chip-op-nieuwe-paspoort-niet-veilig-genoeg

[3] Netkwesties, 2006, http://www.netkwesties.nl/editie138/artikel1.html

References

[1]Kanellos, Michael. Crave privacy? New tech knocks out digital cameras, September 19, 2005, CNET News, Link

[2]Charny, Ben. Gymgoers wary of camera phones, December 2, 2003, CNET News, Link

[3]Watching Them, Watching Us. RFID tag privacy concerns Retrieved from http://www.spy.org.uk/cgi-bin/rfid.pl on March 03, 2007

[4]Zetter, Kim. Hackers Clone E-Passports. August 3, 2006. Wired News, http://www.wired.com/news/technology/1,71521-0.html

[5]Jenkins, Chris. Big interest, little use for GPS. January 12, 2007. Australian IT, http://australianit.news.com.au/articles/0,7204,21048399%5E15306%5E%5Enbv%5E,00.html

[6]Hart, Roger. Privacy Concerns a Key Hurdle for Locaton Based Services. February 23, 2007. GeoCarta Blog, http://geocarta.blogspot.com/2007_02_01_archive.html

[7]Harris Interactive. Location-Based Services and Presence Technology: The Future of Telecommunications is Closer Than You Think. Volume 2, Issue 1, February 2007. The Harris Report

[8]Harding, Thomas. Terrorists 'use Google maps to hit UK troops'. January 13, 2007, Telegraph newspaper online, http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2007/01/13/wgoogle13.xml

[9]Al-Ghalib, Essam. Google Earth Raises Privacy, Security Issues. March 27, 2006. Arab News. http://www.globalsecurity.org/org/news/2006/060327-google-earth.htm

[10]http://www.epic.org/privacy/tools.html

[11]http://www.media-awareness.ca/english/resources/issues_resources/issues_tipsheets/privacy_protection_tools.cfm

[12]http://www.cs.berkeley.edu/projects/io/publications/privacy-lederer-msreport-1.01-no-appendicies.pdf

[13]http://guir.berkeley.edu/groups/privacy/readings.html

[14]http://www.heinz.cmu.edu/~acquisti/papers/privacy-facebook-gross-acquisti.pdf

[15]http://www.firstmonday.org/issues/issue11_9/barnes/

[16]http://www.spywareguide.com/category_list_full.php

[17]http://www.cdt.org/privacy/031100spyware.pdf

[18]http://alumni.media.mit.edu/~fviegas/survey/blog/results.htm

[19]http://jcmc.indiana.edu/vol10/issue3/viegas.html

[20]Andreas Jacobsson,Martin Boldt and Bengt Carlsson. PRIVACY-INVASIVE SOFTWARE IN FILE-SHARING TOOLS, School of Engineering, Blekinge Institute of Technology.

[21]http://www.tucsoncitizen.com/news/business/090204d1_storecards

[22]http://www.nocards.org/faq/faq_02.shtml