SUSTAINABILITY, SOCIAL ,LEGAL AND ETHICS ISSUES IN COMPUTING

Lecture 2 : Privacy
Sherif H. El-Gohary , Phd
SCH 163 - Fall 2024 Based on slides prepared by Cyndi Chie, Sarah Frye and Sharon Gray.Fifth edition updated by Timothy Henry
Outline — Introduction to Privacy in Computing

1) Introduction (def., dimensions, basic principles, …)

2) Recognition of the need for privacy
3) Threats to privacy
4) Privacy Controls

5) Selected Advanced Topics in Privacy

1. Introduction (1) [cf. Simone Fischer-Hübner]

Def. of privacy [Alan Westin, Columbia University, 1967]

= the claim of individuals, groups and institutions to determine for themselves,
when, how and to what extent information about them is communicated to others
3 Dimensions of privacy:
1) Personal privacy
Protecting a person against undue interference (such as physical searches) and information that
violates his/her moral sense

2) Territorial privacy
Protecting a physical area surrounding a person that may not be violated without the
acquiescence of the person
i. Safeguards: laws referring to trespassers search warrants

3) Informational privacy
Deals with the gathering, compilation and selective dissemination of information
 Key Aspects of Privacy
1. Freedom from intrusion Which are negative
rights?
being left alone Which are positive
2. Control of information about oneself rights?
3. Freedom from surveillance
a. from being tracked, followed, and watched
Negative rights (liberties)
The right to act without interference
Positive rights (claim-rights)
An obligation of some people to provide certain things for others
Ethical Views
1. Negative rights (liberties)

i. The right to act without interference

2. Positive rights (claim-rights)

i. An obligation of some people to provide certain

things for others

What are examples of liberties (negative rights) and

claim-rights (positive rights) that are at opposition to each other?
Key Aspects of Privacy
1.Personal information
a. Any information relating to an individual person.
2.Informed consent
a. Users being aware of what information is collected and how it is used.
3.Invisible information gathering
a. Collection of personal information about a user without the user’s
knowledge.
4.Secondary use
a. Use of personal information for a purpose other than the purpose for
which it was provided.
Key Aspects of Privacy
1. Providing informed consent:
a. opt out – Person must request (usually by checking a box) that an
organization not use information.
b. opt in – The collector of the information may use information only if
person explicitly permits use (usually checking a box).
2. Howwere some opt-in and opt-out choices you’ve seen worded (clearly
or deceptively)?
3. What are some common elements of privacy policies you’ve read?
 Key Aspects of Privacy
1. Data mining
a. Searching and analyzing masses of data to find patterns and develop new
information or knowledge.
2. Computer matching
a. Combining and comparing information from different databases (using
social security number, for example) to match records.
3. Computer profiling
a. Analyzing data to determine characteristics of people most likely to
engage in a certain behavior.
1. Introduction (2) [cf. Simone Fischer-Hübner]

1. Basic privacy principles

a. Lawfulness and fairness
b. Necessity of data collection and processing
c. Purpose specification and purpose binding
i. There are no "non-sensitive" data
d. Transparency
i. Data subject´s right to information correction, erasure or blocking of incorrect/ illegally stored
data
e. Supervision (= control by independent data protection authority) & sanctions
f. Adequate organizational and technical safeguards
2. Privacy protection can be undertaken by:
a. Privacy and data protection laws promoted by government
b. Self-regulation for fair information practices by codes of conducts promoted by businesses
c. Privacy-enhancing technologies (PETs) adopted by individuals

d. Privacy education of consumers and IT professionals

 2. Recognition of Need for Privacy Guarantees (1)

1. By individuals [Cran et al. ‘99]

a. 99% unwilling to reveal their SSN

b. 18% unwilling to reveal their… favorite TV show

2. By businesses
a. Online consumers worrying about revealing personal data
held back $15 billion in online revenue in 2001

3. By Federal government
a. Privacy Act of 1974 for Federal agencies
b. Health Insurance Portability and Accountability Act of 1996 (HIPAA)
Privacy Risks and Principles
Privacy threats come in several categories:
1. Intentional, institutional uses of personal information
2. Unauthorized use or release by “insiders”
3. Theft of information
4. Inadvertent leakage of information
5. Our own actions
 Privacy Risks and Principles
New Technology, New Risks:

1. Government and private databases

2. Sophisticated tools for surveillance and data analysis

3. Vulnerability of data
 Privacy Risks and Principles

New Technology, New Risks – Examples:

Search query data

a. Search engines collect many terabytes of data daily.
b. Data is analyzed to target advertising and develop new
services.
c. Who gets to see this data? Why should we care?
Privacy Risks and Principles
New Technology, New Risks – Examples:
Smartphones
a. Location apps
b. Data sometimes stored and sent without
user’s knowledge
Privacy Risks and Principles
New Technology, New Risks – Summary of Risks:
1. Anything we do in cyberspace is recorded.
2. Huge amounts of data are stored.
3. People are not aware of collection of data.
4. Software is complex.
5. Leaks happen.
Privacy Risks and Principles
New Technology, New Risks – Summary of Risks (cont.):
1. Information on the Internet seems to last forever.
2. Data collected for one purpose will find other uses.
3. Government can request sensitive personal data held by
businesses or organizations.
4. We cannot directly protect information about ourselves. We
depend upon businesses and organizations to protect it.
 Privacy Risks and Principles
Fair information principles
1. Inform people when you collect information.
2. Collect only the data needed.
3. Offer a way for people to opt out.
4. Keep data only as long as needed.
5. Maintain accuracy of data.
6. Protect security of data.
7. Develop policies for responding to law enforcement requests for data.
 Privacy Risks and Principles
1. Under what circumstances, if any, do you think a person
should ask for another person’s permission before
posting a photo or video that the other person is in?

2. When is it simply a courtesy, and when is it an ethical

obligation?

How does this intersect with deep fakes?

Privacy Risks and Principles
Privacy Risks
Bills introduced in the U.S. Congress (and proposed in
other countries) would require that anyone buying a
prepaid mobile phone must show identification and/or
register the phone.

What are some arguments for and against passage of

such a law?
3. Threats to Privacy (1) [cf. Simone Fischer-Hübner]

1) Threats to privacy at application level

 Threats to collection / transmission of large quantities of personal data
a. Incl. projects for new applications on Information Highway, e.g.:

i. Health Networks / Public administration Networks

ii. Research Networks / Electronic Commerce / Teleworking

iii. Distance Learning / Private use

b. Example: Information infrastructure for a better healthcare

[cf. Danish "INFO-Society 2000"- or Bangemann-Report]
i. National and European healthcare networks for the interchange of
information
ii. Interchange of (standardized) electronic patient case files
iii. Systems for tele-diagnosing and clinical treatment
3. Threat to Privacy (2) [cf. Simone Fischer-Hübner]

2) Threats to privacy at communication level

1. Threats to anonymity of sender / forwarder / receiver
2. Threats to anonymity of service provider
3. Threats to privacy of communication
a. E.g., via monitoring / logging of transactional data
i. Extraction of user profiles & its long-term storage

3) Threats to privacy at system level

E.g., threats at system access level

4) Threats to privacy in audit trails

3. Threat to Privacy [cf. Simone Fischer-Hübner]

1. Identity theft – the most serious crime against privacy

2. Threats to privacy – another view
a. Aggregation and data mining

b. Poor system security

c. Government threats

d. The Internet as privacy threat

i. Unencrypted e-mail / web surfing / attacks
e. Corporate rights and private business
i. Companies may collect data that U.S. gov’t is not allowed to
f. Privacy for sale - many traps
i. “Free” is not free…
The Fourth Amendment
The right of the people to be secure in their person, houses,
papers, and effects, against unreasonable searches and
seizures, shall not be violated, and no Warrants shall issue,
but upon probable cause, supported by Oath or affirmation,
and particularly describing the place to be searched, and the
persons or things to be seized.

—4th Amendment, U.S. Constitution

 The Fourth Amendment
1. Sets limits on government’s rights to search our homes and businesses and seize
documents and other personal effects. Requires government provide probable cause.

2. Two key problems arise from new technologies:

a. Much of our personal information is no longer safe in our homes; it resides in
huge databases outside our control.

b. New technologies allow the government to search our homes without entering
them and search our persons from a distance without our knowledge.
New Technologies
1. Make possible “noninvasive but deeply revealing” searches
a. particle sniffers, imaging systems, location trackers

2. What restrictions should we place on their use? When should

we permit government agencies to use them without a search
warrant?
Balancing Tech Progress and User Privacy
FUNDAMENTAL
STRATEGIES TO
MATERIALIZE
THIS BALANCE
WOULD INCLUDE:
 Supreme Course and Privacy

Olmstead v. United States (1928)

a. Supreme Court allowed the use of wiretaps on telephone lines
without a court order.

b. Interpreted the Fourth Amendment to apply only to physical

intrusion and only to the search or seizure of material things,
not conversations.
 Supreme Course and Privacy
Katz v United States (1967)
a. Supreme Court reversed its position and ruled that the
Fourth Amendment does apply to conversations.
b. Court said that the Fourth Amendment protects people, not
places. To intrude in a place where reasonable person has
a reasonable expectation of privacy requires a court order.
 Supreme Course and Privacy
Kyllo v United States (2001)

 Supreme Court ruled that police could not use thermal-

imaging devices to search a home from the outside without
a search warrant.
 Court stated that where “government uses a device that is
not in general public use, to explore details of the home that
would previously have been unknowable without physical
intrusion, the surveillance is a ‘search.’”
Video Surveillance and Face Recognition

1. Security cameras
a. Increased security
b. Decreased privacy

Should organizers at events which are possible terrorist

targets use such systems?

Should we allow them to screen for people with

unpaid parking tickets?
Video Surveillance and Face Recognition

A bill introduced in the New York legislature would require that drivers
involved in a car crash give their phone to police so the police can check
whether the driver was using the phone at the time of the crash.

Should this bill be passed?

How should we interpret “plain view” for search of computer or

smartphone files?
Radio-frequency identification (RFID)
● RFID tags are small devices that contain a computer chip and an
antenna
○ The chip stores ID data and does processing
○ It communicates to a RFID reader
● Many usages
○ Supply chain management
○ Electronic toll collection, public transit card, parking
○ Tracking patients, kids, farm animals
● Allow constant surveillance; Security risk, misuse
 Location Tracking

 Global Positioning Systems (GPS) – computer or

communication services that know exactly where a person is at
a particular time
 Cell phones and other devices are used for location tracking
 Pros and cons
Tools for parents
GPS tracking via cell phones or RFID
Search and Seizure of Computers and Phones
San Bernardino and the FBI versus
Apple

How do the government and technology companies balance the need

to protect the privacy of individuals and our need to be free from
government intrusion with the government’s mandate to protect the
physical security of its citizens, which requires access to information?
 Government Use of Data
A company in the Netherlands that makes navigation devices collects location data
from the devices to provide real-time services to its customers.

It also provides anonymous statistical data to government agencies to improve roads

and traffic flow.

Unknown to the company and its customers, the police used the data to choose sites
for traffic cameras to catch speeders.

Was this a privacy violation?

Why or why not?

Government Use of Data
• Implementations of digital cash can allow secure and anonymous
transactions.

• Do people have a negative right to use anonymous digital cash?

• Considering the privacy benefits and the potential for use by tax
evaders, criminals, and terrorists . . . . .

• Do you think fully anonymous digital cash should be outlawed?

Marketing and Personalization
1. Informed consent
2. “Do Not Track” button in browsers
3. Paying for consumer information

Does a person’s decision to interact with a business or Web site constitute

implicit consent to its posted data collection, marketing, and tracking policies?

How clear, obvious, and specific must an information-use policy be?

How often should a site that runs (or allows third parties to run) tracking
software remind users?
Key Aspects of Privacy
1. Caller
ID” is the feature that displays the telephone number of the caller
on the telephone of the person receiving a call.
2. With
Caller ID now routine and widely used, it might be surprising that
when the service was first available, it was very controversial because of
privacy implications.
What aspect of privacy does Caller ID protect for the recipient of the call?
What aspect of privacy does Caller ID violate for the caller?
What are some good reasons why a nonbusiness, noncriminal caller might
not want his or her number displayed?
 Social Networks
1. What we do
Post opinions, gossip, pictures, “away from home” status

2. What they do
New services with unexpected privacy settings
 Facebook Apologizes . . .
1.Facebook is apologizing after featuring a fake, sensational news 6.Facebook has apologized to a Texas newspaper after flagging a
story about Fox News anchor Megyn Kelly in its influential post containing text from the Declaration of Independence as "hate
"Trending" topics section . The story, which has since been removed speech." The ...
...
7.Facebook on Friday issued an apology to PragerU for "mistakenly"
2.Facebook Inc. took out full-page ads in nine newspapers in the U.S. removing several videos and limiting the reach of others.
and the U.K. on Sunday and apologized for "a breach of trust"
following the Cambridge Analytica data-privacy scandal. 8.Facebook apologizes for survey question asking if pedophilia is OK
3.Facebook apologized to a right-wing non-profit group after it 9.Facebook's Mark Zuckerberg apologizes for 'tone deaf' virtual trip
blocked some of its videos, making them invisible to its followers. to Puerto Rico ( Washington Post ) There's hundreds ...
Facebook said the removal of the videos was a mistake, and they ...
10.Facebook apologized to a Texas newspaper after it initially
4.Facebook apologized after it rejected an ad by a Catholic university flagged a post of the text of the Declaration of Independence being
in Ohio on Good Friday that showed Jesus hanging on the cross. labeled hate speech
The social media giant labeled the religious image "shocking ...
11.Facebook on Friday apologized for overestimating a key video
5.Facebook is apologizing for removing a Cosmopolitan photo of the metric for two years, a miscalculation that irked advertisers and
late Burt Reynolds on its platform. In a statement to Fox News media companies that have poured resources
DuckDuckGo into
Search video efforts on

Friday, a Facebook spokesperson said that "the image in question the …

was ...
 Zuckerberg Apologizes . . .
●NOVEMBER 2003: “THIS IS NOT HOW I MEANT FOR THINGS TO GO”
●SEPTEMBER 2006: “CALM DOWN. BREATHE. WE HEAR YOU”
●DECEMBER 2007: “PEOPLE NEED TO BE ABLE TO EXPLICITLY CHOOSE WHAT THEY SHARE”
●MAY 2010: “WE WILL KEEP BUILDING, WE WILL KEEP LISTENING”
●SEPTEMBER 2010: “I THINK I’VE GROWN AND LEARNED A LOT”
●NOVEMBER 2016: “THE IDEA THAT FAKE NEWS ON FACEBOOK . . . INFLUENCED THE ELECTION IN ANY WAY IS A
PRETTY CRAZY IDEA”

●FEBRUARY 2017: “I OFTEN AGREE WITH THOSE CRITICIZING US”

●SEPTEMBER 2017: “THIS IS TOO IMPORTANT AN ISSUE TO BE DISMISSIVE”
●ALSO IN SEPTEMBER 2017: “I ASK FOR FORGIVENESS AND I WILL WORK TO DO BETTER”
https://www.fastcompany.com/40547045/a-brief-
history-of-mark-zuckerberg-apologizing-or-not-
apologizing-for-stuff

●OCTOBER 2017: “I’M SORRY TO ANYONE THIS OFFENDED”

●JANUARY 2018: “FACEBOOK HAS A LOT OF WORK TO DO”
 Social Networks
Discussion Questions
1. Is there information that you have posted to the Web that you
later removed? Why did you remove it? Were there
consequences to posting the information?
2. Have you seen information that others have posted about
themselves that you would not reveal about yourself?
 Right to be Forgotten

1. The right to have material removed.

a. negative right (a liberty)
b. positive right (a claim right)
 Public Records
1. Key Issue:
Access vs. Privacy
2. Public Records
a. records available to general public
i. (bankruptcy, property, and arrest records, salaries of government
employees, etc.)
3. Identity theft can arise when public records are accessed
Government Systems
Discussion Questions:

1. What data does the government have about you?

2. Who has access to the data?

3. How is your data protected?

 Public Records
With deeds, mortgage records, and so forth, online, some cities have
seen a significant increase in fraudulent sales of houses by people
who use online information to forge deeds, impersonate the owners,
and sell the houses to unsuspecting buyers.
What are some benefits of having such information online?
Considering thefts and privacy issues, should these records be online?
What alternative access would you suggest?
Government Databases
Discussion Questions:

How should we control access to sensitive public records?

What data does the government have about you?

Who has access to the data?

How is your data protected?

 National ID System
1. Social Security Numbers
a. Too widely used
b. Easy to falsify

2. Various new proposals would require citizenship, employment,

health, tax, financial, or other data, as well as biometric
information. In many proposals, the cards would also access a
variety of databases for additional information.
• A children’s hospital collected and analyzed DNA from 100,000 children for a DNA
database.
• The database is anonymous — the hospital does not store the DNA information
with other information that identifies the individual it came from.
What are potential valuable uses of such a database?
What are potential risks and problems?
If you were the CIO of a hospital, would you have approved the project?
As an individual, if you and your family were asked to provide DNA for the database,
would you agree?
Are businesses that provide free Internet services or
other benefits in exchange for tracking Web activity
offering a fair option for consumers?
OR
Are they unfairly taking advantage of low-income
people who must give up some privacy for these
services?
1. EU’s rules are more strict than U.S. regulations
2. EU Data Privacy Directive
a. Prohibits transfer of personal information to

countries outside the EU that do not have an

adequate system of privacy protection.
b. “Safe Harbor” plan

c. Abuses still occur

d. Puts requirements on businesses outside the EU

 Reference Publications
1. “Private and Trusted Interactions,” by B. Bhargava and L. Lilien.
2. “On Security Study of Two Distance Vector Routing Protocols for Mobile Ad Hoc Networks,” by W. Wang, Y. Lu and B.
Bhargava, Proc. of IEEE Intl. Conf. on Pervasive Computing and Communications (PerCom 2003), Dallas-Fort Worth, TX,
March 2003. http://www.cs.purdue.edu/homes/wangwc/PerCom03wangwc.pdf
3. “Fraud Formalization and Detection,” by B. Bhargava, Y. Zhong and Y. Lu, Proc. of 5th Intl. Conf. on Data Warehousing and
Knowledge Discovery (DaWaK 2003), Prague, Czech Republic, September 2003.
http://www.cs.purdue.edu/homes/zhong/papers/fraud.pdf
4. “Trust, Privacy, and Security. Summary of a Workshop Breakout Session at the National Science Foundation Information and
Data Management (IDM) Workshop held in Seattle, Washington, September 14 - 16, 2003” by B. Bhargava, C. Farkas, L. Lilien
and F. Makedon, CERIAS Tech Report 2003-34, CERIAS, Purdue University, November 2003.
5. http://www2.cs.washington.edu/nsf2003 or
6. https://www.cerias.purdue.edu/tools_and_resources/bibtex_archive/archive/2003-34.pdf
7. “e-Notebook Middleware for Accountability and Reputation Based Trust in Distributed Data Sharing Communities,” by P.
Ruth, D. Xu, B. Bhargava and F. Regnier, Proc. of the Second International Conference on Trust Management (iTrust 2004),
Oxford, UK, March 2004. http://www.cs.purdue.edu/homes/dxu/pubs/iTrust04.pdf
8. “Position-Based Receiver-Contention Private Communication in Wireless Ad Hoc Networks,” by X. Wu and B. Bhargava,
submitted to the Tenth Annual Intl. Conf. on Mobile Computing and Networking (MobiCom’04), Philadelphia, PA, September
- October 2004.
http://www.cs.purdue.edu/homes/wu/HTML/research.html/paper_purdue/mobi04.pdf