Saleswomen on the phone

Enter your email address on our Newsletter Page  and get special software offers by email.

Never miss out on our special sales!

Also get the latest breaking privacy news as well as Spyware, Privacy, and Security  Software Reviews.

 

Meeting Room Discussion About Spyware


Not convinced you have Spyware? Scan your PC for free and find-out! Click Here.
 

For Navigation Help See Our Site Map And Search Engine Page

 

Visit Spy Software Solutions.Com Your Online Spy, Anti-Spy, And Security-Privacy Software Comparison Guide with Free Spyware Removal Software.

Testimonials

Contact Us



Privacy & Security Education

Personal Privacy for Computer Users


Introduction

Computer users all over the world have consistently indicated that privacy is one of the key elements in their willingness or reluctance to using information technology . Collecting information about users has become a lucrative business, with some companies funding their activities primarily through the sale of marketing data or lists of potential customers with details that allow targeted contacts. Unsolicited commercial e-mail, or spam, has become a daily annoyance for millions of e-mail users. Telemarketing phone calls generate enormous resistance, especially when unscrupulous businesspeople call your home during the dinner hour or refuse to take victims off their calling lists. Grocery store loyalty cards not only provide discounts, they also track individual purchases; in some stores, customers' information allows specialized, targeted coupons to be printed at the cash register so that a competitor's product can be purchased at a discount on the next shopping trip.

On the interpersonal level, some people use Web-based services to look into the personal background of individuals on the Internet; employers use search engines and archives to read public postings by potential employees; and criminals sift through personal details to construct forged identities in the furtherance of identity theft. All these activities are possible without the use of computers, but they are greatly facilitated by the availability of large-scale databases online and of efficient search engines for collating data from different sources. Research that might have taken months of legwork, perhaps requiring personal visits to government offices to copy data laboriously by hand, can now be completed in minutes. As a result, finding out about people's lives has changed from one-by-one investigation into massive collation of data about millions of people at a time.

Personal computers have provided fertile ground for data collection about individuals. Many Web sites store information about individual users' browsing patterns in files called cookies, which reside on the user's hard disk. Cookies allow personalized views of a Web site; for example, an online bookstore can keep track of all the books that a user has searched for or requested additional information on. This information then allows the bookstore software to suggest additional titles that might interest that specific user. On a less friendly note, some users of particular software programs have been surprised to discover that their programs are placing unauthorized calls to data collection sites on the Internet to upload information about their systems or system usage.

All of these phenomena raise issues of privacy in the age of cyberspace. In this short paper, ordinary, non-technical users can get a sense of the fundamental issues that face all of us as we try to strike a balance between efficient commerce and our concerns about personal privacy.

Concepts of Privacy

Privacy can be thought of as the power to hide parts of the truth about oneself, or sometimes the power to control the use of truths about one that other people know. For example, many people would consider that the books they read or what they say in private to each other ought to remain private. In addition, the concept of informational privacy covers truths they may have revealed to others for specific purposes but that ought nonetheless to be controlled. Medical records, for instance, would seem to be semi-private under this view; a patient could reasonably approve having her gynecological data shared with doctors and nurses without wanting the details to be published in a newspaper or on the Web. Simon & Garfunkel eloquently addresses the fluidity of privacy as follows: "Privacy isn’t just about hiding things. It’s about self-possession, autonomy, and integrity . . . . It’s the right of people to control what details about their lives stay inside their own houses and what leaks to the outside."

In United States legal theory, a statement by Justice Louis Brandeis sums up the American attitude towards privacy:

"The makers of our Constitution . . . Sought to protect Americans in their beliefs, their thoughts, their emotions and their sensations. They conferred as against the Government, the right to be let alone—the most comprehensive of the rights of man and the right most valued by civilized men."

Under common law, invasion of privacy can consist of:

  • Intrusion upon a person’s seclusion in a substantial manner that would offend a reasonable person, such as pointing telephoto lenses at a bedroom window;
  • Appropriation of a person’s name or likeness – of concern primarily to celebrities who object to unauthorized use of their name or image in advertising campaigns;
  • Publicity given to someone’s private life such as details of sexual conduct, medical or psychiatric history; and
  • Publicity placing a person in a false light, such as insinuating that individuals support a particular political view when they don’t.

One of the best definitions is as follows:

"Privacy:

  1. The right of an entity (normally a person), acting in its own behalf, to determine the degree to which it will interact with its environment, including the degree to which the entity is willing to share information about itself with others . . . .
  2. The right of individuals to control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed . . . . ."

Another key concept is that "There are two kinds of truth that the law might try to protect:

  1. Truths about you that you have revealed to the public, either by giving some information over to someone else, or by being observed in public; or
  2. Truths about you that you have kept private."

Prof. Lawrence Lessig analyzes conceptions of privacy into three major concerns: minimizing intrusion, maintaining human dignity and constraining the power of the state (what he calls the substantive conception).

Cryptographer and security theorist Bruce Schneier makes an interesting point about the fundamental types of privacy violations: "There are two types of privacy violations—targeted attacks and data harvesting—and they are fundamentally different. In a targeted attack, an attacker wants to know everything about Alice. If ‘Alice’ is a person, it’s called stalking. If ‘Alice’ is a company, it’s called industrial espionage. If ‘Alice’ is a government, it’s called national intelligence or spying . . . ." In contrast, writes Schneier, data harvesting uses inference to sift through different lists of data about large numbers of data subjects and allows the attacker to generate a list of people who fit specific selection criteria.

The US Constitution does not specifically mention privacy, but the Fourth Amendment is usually applied when discussing government intrusion on people’s lives. The Amendment specifically forbids unreasonable search and seizure by government and law enforcement agents.

The distinction between government intrusion and intrusion by private commerce is important, because in the US, there are fewer privacy restrictions on private industry than on government. For example, buying a book, ordering a video, seeing a movie in a theater and eating in a restaurant have traditionally been seen as public activities; US law has said little about limiting observations of these kinds. Certainly financial information about consumers has been widely shared among lending institutions (including such unexpected entities as auto dealerships and appliance stores) and among credit agencies. The most important difference between government and private intrusions is that consumers can (often unknowingly) sign away their privacy rights by agreeing to contracts. End-user license agreements often contain language that specifically reduces a member’s or a user’s privacy rights.

In contrast, the European Union has promulgated much more stringent regulations – primarily the Data Protection Directive – on the sharing of private information – to the point of causing friction with US-based firms doing business in Europe . Until 1998, there were serious limitations to how European countries could transfer personal data to firms doing business in the USA; however, the "Safe Harbor" agreement provided a framework that gave credibility to the non-governmental, self-regulatory strategies favored in the US .

The US government has also progressed in national legislation to protect privacy. The two most important measures are the Health Insurance Portability and Accountability Act (HIPAA) that governs privacy of medical records and the Gramm-Leach-Bliley (GLB) Act that protects financial records about individuals.

In daily life, many people also have concerns about their privacy at work . In general, in the USA, the reasonable expectation of privacy governs to what extent employers may monitor electronic communications except personal phone calls. Because organizations own or control their e-mail, voice-mail and Internet-access systems, managers do have the right to monitor or intercept communications made via those media. However, it is generally accepted that employees be allowed to make personal phone calls from work; indeed, according to the Electronic Communications Privacy Act (ECPA) , any manager monitoring a live phone call is supposed to stop listening as soon as it is clear that the call is a personal one. All of this monitoring supposes that employees are aware of the likelihood of monitoring and that monitoring is carried out in a fair, unbiased way that cannot be construed as harassment or persecution of individual employees. Normally, employees must sign waivers (in many places every year) stating that they understand that the communications channels provided by their employer are the property of and under the control of the employer and may be monitored or intercepted at any time. A good rule of thumb is that no one should be doing anything on employer-supplied equipment that they would be embarrassed to discuss with their manager. Certainly writing extensive personal e-mail messages at work or spending hours on the Web in searches that are unrelated to one’s job will result in questions about an employee’s level of productivity.

In Europe, in contrast to the US situation, all personal communications by employees, including telephone, e-mail and via the Internet, are considered private and therefore subject to the Data Protection Directive restrictions.


Next Page