Week 6, Feb 21 Read Chapter 3 ================================================================================ subpoena v search warrant: latter is stronger warrant for unopened email, subpoena for opened?? (stored-document doctrine) Subpoenas give you a few days to comply. Warrants do not. Subpoenas may or not be issued by a court! For searches, they don't count unless they're court-issued Search warrants are supposed to describe precisely what is being sought. ================================================================================ Overarching privacy question: is your personal privacy really being eroded? Does junk mail *really* matter? How much could merchandisers really DO with lots of info? * people who have recently bought expensive things? * dietary habits, from grocery info * political leanings, based on magazine subscriptions Oscar Gandy and the "panoptic sort": is this really an issue? ================================================================================ Does RFID really matter? When would rfid matter? RFID: tracking people within a fixed zone tracking within a store: gillette razor customers photographed cosmetics customers photographed magazines/books entry/exit tracking profiling people cell-phone tracking: when can this be done? inducements to waive privacy? having to take products to "kill" counter losing warranty/return privileges ================================================================================ Tracking: Printer tracking dots word .doc format Search engines don't use search engine suggested by isp or by browser google/gmail: avoid AOL search 4417749, and T Arnold SSN Privacy Act of 1974: govt entities can't require its use unless: *federal* law specifically allows its use (as it does for tax info, social security, drivers licenses) use was required prior to 1/1/1975 Virginia required SSN for voter registration under second exception; overturned in SSN and: phone/electric/other accounts health insurance student records [!] What exactly is identity theft? National Identity Card What are the real issues? tracking? matching between databases? Identity "theft"? =============================================================================== Case 3: Westin General social justifications for privacy 1. Autonomy: control of info about oneself 2. Emotional release Minor infractions: are these really "emotional release"? "venting" Keeping our roles straight: we all play many roles in our lives: Safety valve to allow complaints & expressions of frustration near-universal deviations from social norms: driving too fast padding expense accounts income tax drugs sexual mores Do we really have a right to engage in mild rule-breaking, if the rules involved are criminal laws? 1970's and narcotics setting limits on our communication with others Implicit issue: do we *care* if gov't or anonymous marketers know about us? We do like to regulate what our associates know about u s, though. private complaining about authority figures ("let's kill the backstabbing bastards") 3. Solitude (does this have anything to do with privacy?) Need to "not be onstage" sometimes: we need privacy (physical isolation) to reflect on our experiences, and reconsider our moral choices. 4. Limited and protected communication: communication related to "emotional release" is above under #2 Havoc done to interpersonal relations by those who are too candid Need to discuss partially formed ideas with a trusted listener friends doctors, lawyers, therapists, pastors What of Westin's issues have to do with electronic monitoring??? =========================================================================== Transparent society / David Brin 1. If you invade privacy, you have to reveal your own personal info. Does this make any sense at all? This is sort of "reciprocity". Tradeoff between provacy and accountability: pseudonymity v anonymity how DO we handle genetic info? Sending "juries" in to listen to the FBI? =============================================================================== =============================================================================== GOVERNMENT privacy ================== Case 4: Patriot II OMIT Patriot 1: allows gov't to search everyone's financial records Patriot 2: DNA database, 15-day warrant-free wiretaps, immunity to businesses providing false information permits spying on american citizens, Old (2001) & new (2006) patriot acts New changes: "Section 215" requests for business/medical records [inc libraries]: must be approved by FBI director or other high-level official also by FISA court must include Statement of Facts Showing Relevance requires minimization procedures for this data adds judicial challenge (by records provider, not subject!) More on National Security Letters: judicial challenge option, etc. Sneak-and-Peek warrants may be issued by Foreign Intelligence Surveillance Court; these warrants are non-public even to the subject. ================================================================== What is "search"? Old-fashioned examples of privacy issues, now kind of quaint: Matching: Should the government be able to do data mining on their databases? In particular, should they be able to compare DBs for: taxes & welfare taxes & social security bank records & welfare? student aid and draft registration? tax & immigration No-fly list, and corrections Other criminal databases; problem of how corrections are made library records - threatened by Patriot I caller ID PATRIOT act: bank records, ISP logs are all things gov't can now demand without a warrant What are our "effects"??? ======================================================================= Govt data collection: what does this really have to do with computing? Govt has resources to keep records on "suspects" even with pencil and paper. Government and e-privacy: * matching between government databases * eavesdropping on internet communications * eavesdropping on the phone (including VOIP) * obtaining commercial records (bank, credit, grocery) * getting search-engine records (google) * transponders: I-Pass, cellphone, RFID * facial recognition * databases of suspicions (Terrorist Information Agency) What if FACIAL RECOGNITION were to really take off? What would be the consequences? There are all those cameras already. What about camera evidence of running lights or speeding? ========= =================================================================== Commercial privacy: Web cookies - do they matter? who can look at them? DRM & Privacy: potential records of everything we license video rental records E-bay privacy - H&I p 75 This one is quite remarkable. What do you think? Is this *ethical*? Fast-food purchases Alcohol purchases Grocery tags To what extent do we really care about any of this? Use of databases: credit bureaus for insurance for hiring for apartment leasing apartment-legal-complaints =================================================================== Medical Privacy- the elephant in the room? * employment * insurance * social (ED, SSRI, therapy, any serious illness) HIPAA