IT Questions regarding the Future of Privacy
<< back to 'Questions Regarding the Future of Privacy in 2015'
Questions
- What technology and technological solutions are there to maintain privacy? (Folkert)
- Snoop Proof Email
- Anonymous Remailers
- Surf Anonymously
- HTML Filters
- Cookie Busters
- Voice Privacy
- Email and File Privacy
- Secure Instant Messaging
- Web Encryption
- Telnet Encryption
- Disk Encryption
- Disk/File Erasing Programs
- Privacy Policy Generators
- Password Security
- Firewalls
- Information Resources
- Encryption
- Encryption scrambles email messages or data files, making them gibberish to anyone other than the intended recipient. Secure, encrypted transfers are particularly important when sending sensitive information, such as credit card numbers and other financial information, over the Internet. Users can determine whether an Internet site is secure in two ways. Protected Web sites will usually indicate that transfers are encrypted; and the user's browser will display a symbol - often a small padlock icon - in the lower left or right hand corner of the page, to confirm the site's security. Many encryption programs exist, and quite a number can be downloaded free from the Internet.
- Cookie deflectors
- Cookie deflectors make the file where a browser stores its cookies unreadable. Once the file-locking method has been set, the browser will skip over any attempt to set a cookie; and it will erase its cache of stored cookies the next time the user quits and restarts the browser.
- Private email
- Hotmail, Yahoo! and other Web-based email services protect their users' identity. An email address need not include a person's name, and it also becomes the log-in code. Users may reach their email from any computer with access to the Internet, just by entering a password. But although these email programs are "free," their services have a price: when users sign up, personal information is solicited from them.
- Some services have privacy policies that promise not to reveal information to third parties; but most such services pay for the "free" email they offer by selling the information. One result of this is that users can often get flooded with "spam," or unsolicited commercial email. (This can be reduced if users unclick the registration-form box indicating a wish to receive promotional material.)
- Re-mailers
- Anonymous re-mailers act as intermediaries for messages, erasing the return address information coded into every email message. They also remove the electronic logbook of an email's checkpoints along its digital journey - its hops from one server to another on its way to its destination. There are two kinds of re-mailers: pseudo-anonymous re-mailers, and true anonymous re-mailers. Pseudo-anonymous re-mailers allow users to keep their real names, instead of replacing them with code names.
- Filtering software
- Outgoing filtering software prevents email users from sharing specific information. For example, it can be installed to prevent children from sending their name, address or telephone number over the Internet. Once this information has been programmed into the software, it will appear only as "xxx" anytime the information is entered online on that computer.
- Secure sites
- It is possible to easily find out if a Web site is secure: a tiny security icon in the shape of a key or a padlock will appear in the bottom left or right corner of the Web browser. When a user clicks on the icon, a window appears to indicate whether the site is safe for submitting information.
- In what technological areas does privacy play a role? (Folkert)
- How is the ubiquity of computers influence privacy? (Folkert)
- What is the influence of social networks and privacy? (MSN Email Chat) (Folkert)
- Which malware infringes privacy (spam / popup / spyware) ? (Folkert)
- Adware
- Anonymizer
- Commercial Monitoring Software
- Commercial Network Management Tool
- DataMiner
- Dialer
- Loyaltyware
- Miscellaneous Security
- Password Cracker
- Remote Adminstration Tool
- Trojan
- Virus
- Web Based Instant Messaging
- Worm
- key stroke loggers and screen capture utilities, which are installed by a third party to monitor work habits, observe online behavior, or capture passwords and other information;
- programs that collect information about the user, potentially including personally identifiable information, and send it back to a central server;
- programs that hijack a user’s Internet connection (and potentially other resources as well) for the software’s own use—for example as part of a distributed computing network or as a spam remailer;
- programs that use the connection only to download updates to the software or content it uses (such as advertisements).
- “adware” and similar applications that install themselves surreptitiously through “drive-by downloads” or by piggybacking on other applications and track users’ behaviors and take advantage of their Internet connection;
- legitimate applications that have faulty or weak user-privacy protections.
- Blogs and privacy? (Folkert)
- the great majority of bloggers identify themselves on their sites: 55% of respondents provide their real names on their blogs; another 20% provide some variant of the real name (first name only, first name and initial of surname, a pseudonym friends would know, etc.)
- 76% of bloggers do not limit access (i.e. readership) to their entries in any way
- 36% of respondents have gotten in trouble because of things they have written on their blogs
- 34% of respondents know other bloggers who have gotten in trouble with family and friends
- 12% of respondents know other bloggers who have gotten in legal or professional problems because of things they wrote on their blogs
- when blogging about people they know personally: 66% of respondents almost never asked permission to do so; whereas, only 9% said they never blogged about people they knew personally.
- 83% of respondents characterized their entries as personal ramblings whereas 20% said they mostly publish lists of useful/interesting links (respondents could check multiple options for this answer). This indicates that the nature of blogs might be changing from being mostly lists of links to becoming sites that contain more personal stories and commentaries.
- the frequency with which a blogger writes highly personal things is positively and significantly correlated to how often they get in trouble because of their postings; (r = 0.3, p < 0.01); generally speaking, people have gotten in trouble both with friends and family as well as employers.
- there is no correlation between how often a blogger writes about highly personal things and how concerned they are about the persistence of their entries
- checking one s access log files isn t correlated to how well a blogger feels they know their audience
- despite believing that they are liable for what they publish online (58% of respondents believed they were highly liable), in general, bloggers do not believe people could sue them for what they have written on their blogs.
- Progress or regression of privacy in relation uprising of blogs and websites? (Folkert)
- Is the privacy issue larger in IT than in "real life"?
- How will the new passports influence privacy? (stealing, data easily) (Robert)
- What privacy issues are related to customer loyalty cards?
- How does the price reduction and convergence of cameras affect privacy? (Patrick)
With over 85% of cell phones in Japan, and an estimated 80% in the USA and Western Europe having built-in cameras, it is becoming much easier for people to take pictures of unaware victims or secret products. Increasing the ease of being able to take a quality picture at any time, also increases the amount of clandestine pictures taken. Many venues are already taking or considering taking precautions to remove cell phones from public changing areas or court rooms for privacy reasons, seeing as pictures from cell phones can be published online in mere seconds.
- What is the influence of privacy on encryption algorithms?
- Does the progression of IT lead to easier stealing of private info? (Patrick)
Private info is commonly stored using encryption algorithms using different bit-coding, from 64bit all the way up to 2048bit encryption. Right now, it is almost impossible to crack even a 1024bit encrypted code with the current computing power. However, with nano computers becoming a reality, the safety of these codes is at risk. Current computer processors are reaching their physical limits, and hence multi-core systems have been popular as of late (2006-2007), but even these systems take years to take on heavy encryption. On a more organization side of things; as IT is being used to store more information all the time, more information becomes vulnerable to system attacks and virtual thievery. Locking up important papers in hidden, heavily armored and monitored safes is still a much more secure way to store private data than any electronic method. As this information is moved from safes to electronic storage, the ease of stealing it increases. Another large trend is data mining and data warehousing. These technologies store allow large amounts of data to be stored relatively centrally and in a connected way. The more data is connected to other data, the easier raw data can be extrapolated into actual information. Having one piece of a three-piece device makes no sense, but once that one piece is linked to the other two pieces, you have something to work with. This is the same with information. Useless raw data becomes meaningful and even related to individuals as more data is logged and linked to other data.
- How much cyber crime is privacy related? (Robert) Still a subject of research ( to be continued )
- How does RFID, Galileo, GPS influence privacy? (Patrick)
RFID chips can be easily concealed in hidden places, this can be handy for supermarket checkouts, but it also means that once outside the store, strangers can continue reading exactly what is in a person's grocery bag. RFID chips can also hold personal information. New passports now carry a chip with details on the passport holder, which can be read from a distance and then cloned. Just by walking past an area, a copy of your passport could be made without your passport ever leaving your pocket.
GPS and the Galileo Project make tracking and tracing of invididuals even easier. The marketing manager of Ericsson Australia said in an interview: “Factors holding back GPS included the availability of integrated handsets and consumer worries about tracking and privacy“. Assuming that the Ericsson marketing department has done sufficient research in the field to come to this conclusion, it serves as evidence that being able to see or trace anything at any time is a cause for privacy concerns. For example, in a survey done by Harris Interactive, only 6% of surveyed wanted their co-workers to know where they were at all times, and only 5% of people wished this for their employers.
- How is Google Earth viewed in regard to privacy? (Patrick)
Google Earth allows anybody to view relatively high resolution satellite images of almost any place in the world. This has led to complaints from private users as well as the British military troops posted in Basra, claiming that the terrorists can easily use Google Earth to plan attacks on the UK troops seeing as the bases are clearly visible on Google Earth. Personal blog posts on the internet also show concern for the visibility of nude sunbathers, and casual sunbathers in their backyards. This is seen as a violation of privacy rights. Culturally, privacy is held in higher regard than other places. For this reason Google Earth poses an even greater threat. An article in the Arab News posts concern for Google Earth, as in the muslim culture, privacy is important.
- File Sharing trend and privacy issues?
[10]
Privacy Protection Tools
A number of technologies are available to consumers who wish to safeguard their online information and activities.
[11]
Ubiquitous Computing’s Privacy Implications But fluid, situated interaction comes at a cost. Automatic sensing of individuals’ activities will grow more sophisticated, soon allowing for fine-grained knowledge of what someone is doing and whom they are doing it with. Mobile phones and GPS can provide a person’s outdoor location with increasing resolution, and RFID tags embedded in badges, clothing, or other objects can track movement indoors. Computer vision and speech recognition technology, while still relatively crude, can recognize faces pulled from a crowd or automatically flag keywords in a phone conversation. Machine learning techniques are being developed to infer a high-level understanding of a conversation or meeting based on the relations between participants. Coupled with the digital availability of a person’s identity, pervasive information gathering becomes a powerful surveillance and profiling tool. The emergence of ubiquitous sensor networks and robust data mining techniques will amplify the tracking and profiling capabilities of personal information collectors. As sensors pervade public and private environments, people will effectively and implicitly create continuous streams of personal information regarding their activities. One’s location, activity, and proximity to other individuals will be sensed in real-time, possibly stored for long periods, and shared and sold amongst corporate and government interests just as transaction profiles are traded today. Alone, these raw data streams have the potential to reveal a great deal about the immediate aspects of a person’s life, but when linked to one’s identity, these streams can feed and refine increasingly dense historical profiles maintained by law enforcement, commercial interests, and other individuals both familiar and unknown to the subject. As sensors pervading the social environment empower organizations to maintain continually updated dossiers on individuals’ locations, activities, companions, and correspondences, ostensibly in the interests of personalization, security, and efficiency, the very notion of being offline may become obsolete. [12] [13]
In our study of more than 4,000 CMU users of the Facebook we have quantified individuals’ willingness to provide large amounts of personal information in an online social network, and we have shown how unconcerned its users appear to privacy risks: while personal data is generously provided, limiting privacy preferences are hardly used; only a small number of members change the default privacy preferences, which are set to maximize the visibility of users profiles. Based on the information they provide online, users expose themselves to various physical and cyber risks, and make it extremely easy for third parties to create digital dossiers of their behavior. [14]
Social networking tools, have almost become indispensable for teenagers, who often think theirs lives are private as long as their parents are not reading their journals.
An analysis of weblogs revealed that the types of personal information revealed online includes name, address, birth date, location, and numerous contacts, including e–mail addresses, instant messaging user names, and links to personal Web pages (Huffaker and Calvert, 2005). “Because teenage bloggers are revealing a considerable amount of personal information, as well as multiple ways to contact them online, the danger of cyberstaking and communicating with strangers online is a serious issue.” [e40]
Marketers who target teen consumers can use stated, personal information gathered from social networking sites for purposes other than what users intend. Today, the commoditization of information has made it necessary to consider the invasion of privacy by corporations. Schement and Curtis (1995) state that “information is gathered so that the economy can support its participants.” [e41] In a capitalistic society, marketers can use personal information collected in public online databases for commercial purposes. Additionally, companies such as Coke, Apple Computer and Proctor & Gamble are using social networking sites as promotional tools [e42] For instance, Apple Computer sponsors the Apple discussion list on Facebook.
Schools can also access and use the information posted on social networking sites. At Chicago’s Loyola University, athletes were told to get off Facebook and MySpace or risk losing their scholarships (Sports Illustrated, 2006). In May 2006, a number of hazing photos appeared on a site called badjocks.com showing athletes from Princeton, Michigan, Fordham, and UC–Santa Barbara behaving badly. As a result, schools have started investigations into student athlete behavior.
Parents, schools, social networking companies and government officials consider the outpouring of personal information in public social networking sites to be a problem. As a result, a number of social, technological and legal solutions are currently being explored. Last April, MySpace hired a safety czar to oversee its site and they began deleting 5,000 under–age profiles a day (Reuters, 2006b). Additionally, they are requiring all members under the age of 18 to review safety tips before they can register for the site. The company also restricts the profiles of users under the age of 16. These efforts are only a few of a number of potential solutions to the social networking privacy problem. [15]
[16]
[17]
[18]
With few exceptions, most blogs exist in a fully public arena, which means that, once published, entries are readable by anyone on the Web. The results from this survey suggest that bloggers are starting to come up against a range of privacy-related issues varying from minor embarrassments with family and friends to termination of their employment. The findings also indicate that many respondents are developing strategies for minimizing potential problems with others when posting their entries online. [19]
References
[1]Kanellos, Michael. Crave privacy? New tech knocks out digital cameras, September 19, 2005, CNET News, Link
[2]Charny, Ben. Gymgoers wary of camera phones, December 2, 2003, CNET News, Link
[3]Watching Them, Watching Us. RFID tag privacy concerns Retrieved from http://www.spy.org.uk/cgi-bin/rfid.pl on March 03, 2007
[4]Zetter, Kim. Hackers Clone E-Passports. August 3, 2006. Wired News, http://www.wired.com/news/technology/1,71521-0.html
[5]Jenkins, Chris. Big interest, little use for GPS. January 12, 2007. Australian IT, http://australianit.news.com.au/articles/0,7204,21048399%5E15306%5E%5Enbv%5E,00.html
[6]Hart, Roger. Privacy Concerns a Key Hurdle for Locaton Based Services. February 23, 2007. GeoCarta Blog, http://geocarta.blogspot.com/2007_02_01_archive.html
[7]Harris Interactive. Location-Based Services and Presence Technology: The Future of Telecommunications is Closer Than You Think. Volume 2, Issue 1, February 2007. The Harris Report
[8]Harding, Thomas. Terrorists 'use Google maps to hit UK troops'. January 13, 2007, Telegraph newspaper online, http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2007/01/13/wgoogle13.xml
[9]Al-Ghalib, Essam. Google Earth Raises Privacy, Security Issues. March 27, 2006. Arab News. http://www.globalsecurity.org/org/news/2006/060327-google-earth.htm
[10]http://www.epic.org/privacy/tools.html
[12]http://www.cs.berkeley.edu/projects/io/publications/privacy-lederer-msreport-1.01-no-appendicies.pdf
[13]http://guir.berkeley.edu/groups/privacy/readings.html
[14]http://www.heinz.cmu.edu/~acquisti/papers/privacy-facebook-gross-acquisti.pdf
[15]http://www.firstmonday.org/issues/issue11_9/barnes/
[16]http://www.spywareguide.com/category_list_full.php
[17]http://www.cdt.org/privacy/031100spyware.pdf
[18]http://alumni.media.mit.edu/~fviegas/survey/blog/results.htm