ENGR 482 Lecture 17
« previous | Wednesday, October 23, 2013 | next »
Privacy and Security
Privacy is not the same thing as secrecy
Idea behind privacy: control of information
Tradeoffs...
|
Pick two:
|
c.f Pick two:
|
What information is private:
- Medical and financial records (HIPAA)
- Academic, employment, and voting records (FERPA)
- Google searches and tweets are not private
"Right to privacy" is not mentioned in the Bill of Rights, but Supreme Court has interpreted a right to privacy by extension of other rights (i.e. 4th Amendment)
Federal Open-Information Act (FOIA); except in matters of national security.
Texas Public Records Act
Emails aren't as private as one might think, especially in employer accounts.
Social security... not for identification
Relevant Cases
Software for a Library (#38)
Should library checkout data be protected? (outcome: yes)
Example: All the President's Men; reporters asked for all Library of Congress records
Legal Stuff
Who is responsible for Security?
Everyone has some level of responsibility: you, employer, IT person
Businesses have responsibility to inform parties of security breaches.
Ethical Stuff
Many levels of security with tradeoffs:
- passwords
- firewalls
- encryption (algorithm, bit-level)
Collection of private data can be justified for common good:
- health insurers have to collect info to set premiums
- credit card companies have to collect info to issue credit scores
Digital info can be aggregated and cross-rerefenced to find out more about a person. This creates risks to privacy. (see work of Dorothy Denning)