Announcements
Project 3a paper due now
A review session is being scheduled for Saturday March 15, probably at 1:30

Privacy
No matter how exemplary your life is, there are things you want to keep to yourself

Dating For Total Dummies
When you buy a book, the transaction creates information … who owns it?
Is the information yours or the business’s?

Dating For Total Dummies
When you buy a book, the transaction creates information … who owns it?
Is the information yours or the business’s?
Four options on how to use it --
Store can’t use after business purpose over
Store can use it, if you approve
Store can use it, unless you object
Store can use information no matter what

What Is Privacy?
Justices Brandeis & Warren wrote …
The narrower doctrine [of privacy] may have satisfied the demands of society at a time when the abuse to be guarded against could barely have arisen without violating a contract or a special confidence; but modern devices afford abundant opportunities for the perpetration of wrongs without the participation of the injured party

What Is Privacy?
Brandeis & Warren wrote …
The narrower doctrine [of privacy] may have satisfied the demands of society at a time when the abuse to be guarded against could barely have arisen without violating a contract or a special confidence; but modern devices afford abundant opportunities for the perpetration of wrongs without the participation of the injured party

What Is Privacy?
Brandeis & Warren wrote …
The narrower doctrine [of privacy] may have satisfied the demands of society at a time when the abuse to be guarded against could barely have arisen without violating a contract or a special confidence; but modern devices afford abundant opportunities for the perpetration of wrongs without the participation of the injured party

A Definition
What does “privacy” mean in the modern world?
Privacy, the right of people to choose freely under what circumstances and to what extent they will reveal themselves, their attitude, and their behavior to others
Privacy is a right
You control when & how much is revealed

Fair Information Practices
To “protect privacy” in IT, HEW created “fair Info practices”; OECD expanded
OECD principles are the “gold standard”
Defined in 1980
Business & Government are separate cases

Europe vs America
EU, much of non-EU Europe, NZ, Hong Kong, Australia, Canada use OECD
US privacy law for government is (has been?) strong
US privacy law for business is “sectoral”, meaning it is limited to sectors and specific business practices
Very few industries/practices covered
Almost anything goes, e.g. identity theft
US has no fed law protecting med info

Think About It
EU law says, “Info on EU citizens must comply with OECD on leaving EU”
US privacy is so bad, EU information cannot come here
US-EU negotiations

Think About It
EU law says, “Info on EU citizens must comply with OECD on leaving EU”
US privacy is so bad, EU information cannot come here
US-EU negotiations stalled over
  - Opt-in/Opt-out
  - Enforcement

Digital Privacy
How private is your information online?
Reputable online business post Privacy Stmt
The statement should understandable to you and say what info they collect, what they will do with it, how to “opt-out”, etc.
But, there is little policing & few penalties

Cookies
Cookie: a record stored by a Web server on a client (your computer)
The cookie is usually a unique ID that allows the server to remember who you are
Well known CS idea that improves Web use

Cookies: Good
Cookies are used by many sites and they make Web usage much better
Many sites, e.g. Oxford English Dictionary use cookies
Banking and credit card applications cannot be secure enough without cookies
If there privacy laws met OECD standards, cookies would be all good and no one but computer scientists would know about them

Cookies: Bad
Cookies can be stored in your computer by sites you have not visited: 3rd party
3rd Party Cookies come from a site in business with the site you visit, e.g. for ads
3rd party cookies allow info to be correlated

Correlating Cookies
The 3rd party cookie becomes the key (literally, in DB sense) to join (in DB sense) the info held by separate co.s

Managing Cookies
You control whether your computer accepts cookies -- look in browser
If you don’t care about privacy, accept all cookies
If you greatly value your privacy, accept no cookies
If you want some privacy AND benefit from the useful stuff on the Web, accept cookies but reject 3rd party cookies

Slide 19

Slide 20