Project 3a paper due today | |
Submit up front on table |
A method to securely send messages between 2 parties | ||
Meant to ensure privacy, integrity and security | ||
But what happens if the party you send the information to reveals it to others? | ||
Intentionally or unintentionally | ||
You want information kept private, others feel they have a right to know-either to protect or to do business |
Privacy is difficult to pin down and define. | ||
Roots of privacy are deep in history | ||
Hebrew culture, Classical Greece, Ancient China all reference it | ||
Different ideas about privacy internationally | ||
UN sees privacy as a fundamental human right | ||
Different countries, different protections | ||
Privacy is not mentioned in our Constitution | ||
But it was a problem in need of a solution, identified by two men who would eventually become Supreme Court Justices |
Brandeis & Warren wrote … | |||
The narrower doctrine [of privacy] may have satisfied the demands of society at a time when the abuse to be guarded against could barely have arisen without violating a contract or a special confidence; but modern devices afford abundant opportunities for the perpetration of wrongs without the participation of the injured party |
What does “privacy” mean in the modern world? | |||
Privacy, the right of people to choose freely under what circumstances and to what extent they will reveal themselves, their attitude, and their behavior to others | |||
Privacy is a right | |||
You control when & how much is revealed |
What does Privacy mean in a networked world?
Many people think they move across the Internet anonymously? | ||
WRONG! | ||
Do you expect that your interactions online should have some measure of privacy? | ||
Should transactions be tracked? | ||
If yes, what limitations are there? | ||
How about just browsing? |
How private is your information online? | |||
Reputable online businesses post Privacy Stmt | |||
The statement should understandable to you and say what info they collect, what they will do with it, how to “opt-out”, etc. | |||
But, there is little policing & few penalties |
Privacy Protections for information in the public domain that are based on the difficulty and expense of collecting and manipulating information are diminished | ||
Data collected for one purpose is readily available and can be used for other purposes | ||
Student computer use to “identify” student effort | ||
Data collection can occur “invisibly”, without the person’s knowledge | ||
Cookies, video cameras, web logs of pages visited, etc. |
Cookie: a record stored by a Web server on a client (your computer) | |||
The cookie is usually a unique ID that allows the server to remember who you are | |||
Well known CS idea that improves Web use |
Cookies are used by many sites and they make Web usage much better | |||
Many sites, e.g. Amazon.com use cookies | |||
Banking and credit card applications cannot be secure enough without cookies | |||
If the privacy laws met OECD standards, cookies would be all good and no one but computer scientists would know about them |
Cookies can be stored in your computer by sites you have not visited: 3rd party | |||
3rd Party Cookies come from a site in business with the site you visit, e.g. for ads | |||
3rd party cookies allow info to be correlated |
The 3rd party cookie becomes the key (literally, in DB sense) to join (in DB sense) the info held by separate co.s |
Most browsers give you a way to say “no
thanks” – to accept no cookies at all -or to accept them selectively |
But Web sites can collect information on you even without the use of cookies | |
How can they do that? | |
Web sites store information about the requests they receive in log files. These files contain detailed information about every single request the site receives, including where the request came from, what time the visitor showed up, and what pages he or she looked at. |
What can a Web server
learn about you?
How much information is available about you when you use a Web browser? | |
Have a look at www.privacy.net |
Takes work on your part: | ||
Question why personal info needed | ||
Give only minimum required | ||
Ask what 3rd parties have access | ||
Check off opt-out option on forms or create your own | ||
Pay cash | ||
Periodically check the info companies do have for accuracy |
Takes work on your part: | ||
Look for privacy policies | ||
Use separate email for online transactions | ||
Clear out your web cache after use | ||
Only use online forms in secure mode | ||
Reject unnecessary cookies | ||
Use anonymizers while browsing | ||
Encrypt email |