Professional Documents
Culture Documents
Week 4 - ITE 6201E - Privacy in The Cyberspace
Week 4 - ITE 6201E - Privacy in The Cyberspace
Decisional Privacy
• Privacy is defined in terms of freedom from interference in one’s choices and
decisions.
Informational Privacy
• Privacy is defined as control over the flow of one’s personal information,
including the transfer and exchange of that information.
A Comprehensive Account of Privacy
• Moor (1997) has introduced a theory of privacy that incorporates important
elements of the non-intrusion, non-interference, and informational views of privacy.
✓ Scenario 2: Someone peeps through the keyhole of your apartment door and sees you
using a computer.
Your privacy is not only lost but is violated.
Why is Privacy Important?
✓ What kind of value is privacy?
✓ Is it one that is universally valued?
✓ Is privacy valued mainly in Western industrialized societies, where greater
importance is placed on individuals?
✓ Is privacy something that is valued for its own sake – i.e., an intrinsic value?
✓ Is it valued as a means to an end, in which case it has only instrumental worth?
Privacy as a Universal Value
▪ Not valued the same in all cultures.
▪ Less valued in non-Western nations and in rural societies.
▪ Less valued in some democratic societies where security and safety are important.
▪ Has at least some value in all societies.
Is Privacy an Intrinsic or Instrumental Value?
▪ Not valued for its own sake.
▪ But is more than an instrumental value in the sense that it is necessary (rather than
merely contingent) for achieving important human ends.
▪ According to Fried – “Privacy is necessary for human ends such as trust and
friendship.”
▪ According to Moor – “Privacy is an expression of the core value security.”
Privacy as an Important Social Value
• Privacy is important for a diversity of relationships (from intimate to casual).
• It is important for democracy.
• Privacy is an important social, as well as an individual value.
• Regan (1995) – we need to understand the importance of privacy as a social value.
Three Ways Privacy is Threatened by Cybertechnology
(A) data-gathering techniques used to collect and record personal information,
often without the knowledge and consent of users.
(B) data-exchanging techniques used to transfer and exchange personal data across
and between computer databases, typically without the knowledge and consent of
users.
(C) data-mining techniques used to search for patterns implicit in large databases in
order to generate consumer profiles based on behavioral patterns discovered in
certain groups.
Gathering Personal Data
• Personal data has been gathered since Roman times (Census data).
• “Dataveillance” – a term coined by Roger Clarke to capture two techniques made
possible by computer technology:
(a) the surveillance (data-monitoring)
(b) data-recording.
• Video cameras monitor an individual's physical movements – when they shop at
certain department stores.
• Some motorists are now subject to new schemes of highway surveillance while
driving in their motor vehicles, because of new forms of scanning devices such as E-
ZPASS.
• Even the number of "clickstreams" – key strokes and mouse clicks – entered by a
Web site visitor can be monitored and recorded.
Internet Cookies
• “Cookies” are files that Web sites send to and retrieve from the computer systems
of Web users.
• Cookies technology enables Web site owners to collect certain kinds of data
about the users who access their sites.
• Because of "cookies technology," information about an individual's on-line
browsing preferences can be "captured" whenever a person visits a Web site.
• The data recorded (via cookies) about the user is then stored on a file placed on
the hard drive of the user's computer system. No other data-gathering mechanism
actually stores the data it collects on the user’s computer. The information can then
be retrieved from the user's system and resubmitted to a Web site the next time
the user accesses that site. The exchange of data typically occurs without a user's
knowledge and consent.
Can Cookies be Defended?
• Web sites that use cookies maintain that they are performing a service for repeat
users of a Web site by customizing a user's means of information retrieval.
• They also point out that, because of cookies, they are able to provide a user with a
list of preferences for future visits to that Web site.
Arguments against Cookies
• Privacy advocates argue that activities involving the monitoring and recording an
individual's activities while visiting a Web site and the subsequent downloading of
that information onto a user's PC (without informing the user), violate privacy.
• They also point out that information gathered about a user via cookies can
eventually be acquired by on-line advertising agencies, who could then target that
user for on-line ads.
Computerized Merging and Matching Operations
• Computer merging is a technique of extracting information from two or more
unrelated databases, which contain data about some individual or group of
individuals, and incorporating it into a composite file.
• Metasearch engines "crawl" through the Web in order to uncover general patterns
from information retrieved from search-engine requests across multiple Web sites.
The Problem of Protecting Privacy in Public
• Non-Public Personal Information (NPI) refers to sensitive information such as in
one’s financial and medical records. It has some legal protection.
• Many privacy analysts are now concerned about a different kind of personal
information – Public Personal Information (PPI). It is non-confidential and non-
intimate in character – is also being mined.
• Why should the collection of PPI, which is publicly available information about
persons generate controversies involving privacy?
• It might seem that there is little to worry about.
• For example, suppose that you are a student at a certain institution, you frequently attend
college basketball games, and you are actively involved in the institution’s computer
science club. In one sense, the information is personal because it is about you (as a
person); but it is also about what you do in the public sphere.
Public Personal Information (PPI)
• In the past, it would have been difficult to make a strong case for such legislation
protecting PPI, because lawmakers and ordinary persons would have seen no need
to protect that kind of personal information.
• Nissenbaum (1997) believes that our earlier assumptions about the need to protect
privacy in public are no longer tenable because of a misleading assumption: There
is a realm of public information about persons to which no privacy norms apply.
• Hypothetical Scenario:
(a) Shopping at Supermart;
(b) Shopping at Nile.com;
(c) Reveal problems of protecting privacy in public in an era of information
technology and data mining.
Search Engines and Personal Information
• Search facilities can be used to gain personal information about individuals.
Your Web activities can be catalogued and referenced by search engines.
• With PETs, the default is that users must discover their existence and learn
how to use them.
PETS and the Problem of Informed Consent
• Users enter into an agreement with Web site owners (if they have a privacy
policy).
• They typically have to “opt out” of having information collected. (The default
practice is that they have opted in, unless they specify otherwise.)
• Policies involving PETs can’t guarantee users against secondary and future uses
of their information (e.g., the Toysmart case).
Thank you for listening.