The 3 Secrets of Online Privacy
Post on 25-May-2015
1126 Views
Preview:
DESCRIPTION
Transcript
1
Secret Truths about Privacy
1. Privacy is subject to the Law of Unintended Consequences
2. Knowledge is Power: Consumers should know what privacy Faustian pacts they’re signing
3. Privacy requires technical and policy standards!
Laurent Liscia, CEO OASIS Open
3
2
Big Data: A Brave New Privacy World
3
The Westchester
Gun Map
Harmless, right?
Do the maps show everyone in my neighborhood who owns a gun? No. New York law does not require a permit to own a long gun such as a rifle or shotgun. How was this information obtained? Through requests to the individual county clerks under New York’s Freedom of Information Law. Isn’t that private information? No. There is no right to privacy regarding handgun ownership in New York.
[Source: The Journal News]
4
5
The Gun Map Proved Quite Harmful
• Interactive map included names and addresses of police officers and prison guards: inmates used the map to find out where they lived and threaten them. • Former thieves said criminals could use map either to target houses with no guns (to avoid getting shot) or take the risk and steal the weapons themselves. • Democratic legislator: “I never owned a gun but now have no choice. I have been exposed as someone that has no gun. And I’ll do anything to protect my family.” • Resident feared her ex, who tried to kill her in past, might find her with the map • Journalists received death threats, stationed an armed guard outside their offices.
6
Lesson From The Gun Map
• If you juxtapose two perfectly legit data sources: online maps and gun ownership information for instance, you can enter scary privacy territory • That’s the Law of Unintended Consequences
7
European Genetic Map, Harmless, right?
8
Maybe
9
Potentially Harmful Implications
“Imagine if you could figure out what town a criminal’s ancestors were likely from based on DNA alone?” Razib Khan, Discover Magazine
You can’t stop ideas that threaten privacy from popping up: yet another instance of the Law of Unintended Consequences
10
3D Map of Vancouver: Harmless, right?
11
12
Here’s Why: The Law of Unintended Consequences
What if you could juxtapose two data sets and target specific occupants of the building ?
14
Pure science Big Data visualizations that provide a useful service and don’t rely on personal data are clearly OK
15
1st takeaway: Juxtaposing data sets (what Big Data does!) may result in privacy nightmares
16
2. A Detour Through Big Social
17
Big Social Can Make Great Things Better …
Tahriri Square
18
• Audrie Pott and Rehtaeh Parsons both committed suicide after photos documenting how they had been sexually assaulted were circulated on social media• In both cases, many sided with the assailants rather than victims, calling them “sluts”
And Bad Things Worse
19
Annoying! Social Media Is Always Asking for More
20
Is Privacy a Top Issue for Big Social?
Who said: “All these concerns about privacy tend to be old-people issues”?
?
21
Reid Hoffman
22
Is Privacy In Big Social’s Business Model ?
• Nope• “Google to pay record $22.5 million fine for Safari
privacy evasion” [2012] • Twitter agreed to settle charges that it "deceived
customers" and failed to protect their personal information [FTC fine, 2010]
23
Is Privacy Even Possible in Big Social?
“Just remember when you post something, the computers remember forever”
“Every young person one day will be entitled automatically to change his or her name on reaching adulthood in order to disown youthful hijinks stored on their friends’ social media sites.”
Eric Schmidt, when he was CEO of Google
24
2nd Takeaway: It’s OK for you to be the product when you’re not paying … if you know what you’re signing up for
?
25
Reactive or Proactive: Your Call
26
Privacy Regulation in Europe
EU Data Protection Regulation will cover everything from consent to data portability and the right to be forgotten and will apply to any company storing EU resident data whether it’s HQ’d in the EU or not
27
Privacy Regulation in the US
The US approach is more laissez-faire, but also more unpredictable. To wit: the Do Not Track proposal from Sen. Jay Rockefeller following 2012 White House "Consumer Privacy Bill of Rights" asking industry to give consumers control over their personal information and Congress to pass laws.
28
Memorable Privacy Quotes
"I do not believe that companies with business models based on the collection and monetization of personal information will voluntarily stop those practices if it negatively impacts their profit margins.“ Jay Rockefeller
“Consumers are very pragmatic people. They want free content. They understand there's a value exchange. And they're OK with it.” Lou Mastria, director of the Digital Advertising Alliance
““You are the product!” Oh, fuck, off! For many people it wasn’t the new T&C that was the problem, it was that Instagram was no longer a service we felt comfortable making our “we’re the product deal” with.” Rev Dan Catt, blogger
You’re the consumer: how do YOU feel about it?
29
Do the Right Thing: Learn & Participate
• Big Data and Privacy discussions of OECD’s ITAC http://www.internetac.org/wp-content/uploads/2012/10/UPDATE-ITAC-WPISP-v02.pdf
• NSTIC’s Privacy Evaluation Methodologyhttp://www.idecosystem.org/filedepot?fid=404
• European Data Protection & Privacy Conference http://www.eu-ems.com/summary.asp?event_id=123&page_id=983
• Kuppinger Cole’s EIC – premier event for Privacy• Listen to all sides! EPIC, EFF, Project VRMhttp://epic.org/privacy/intl/eu_data_protection_directive.html http://cyber.law.harvard.edu/projectvrm/Main_Page
30
Do the Right Thing: Scour the Web for Cool Big Data & Privacy Stuff!
• Drummond Reed’s RESPECT network puts data control back into each user’s hands: http://respectnetwork.com/
• Kaliya Hamlin’s Personal Data Ecosystem reminds companies to put the user back at the center of their own data - http://pde.cc/
• Read Kord Davis’s “Ethics of Big Data: Balancing Risk and Innovation”http://www.goodreads.com/book/show/13230994-ethics-of-big-data
31
Do the Right Thing: Play in Standards
– If you thought XACML was not relevant yet, you’d better think ahead to 2014: http://j.mp/oasisXACML
– PMRM's model for translating & mapping privacy policies into a service architecture: http://j.mp/oasisPMRM
– PbD-SE: Privacy by Design for Software Engineers: http://j.mp/PbDoasis
Help MAKE and IMPLEMENT open privacy standards, for access control, policy enforcement and impact assessment!
32
What To Do About The 3 Privacy Truths
1. You can’t dodge the Law of Unintended Consequences
but when you’re processing several data sets, remind
yourself that YOU are one of the people whose privacy
is at risk and use the Golden Rule.
33
2. Knowledge is Power: Give the power to your customers to opt in and opt out at every possible turn
34
3. Standards make privacy easier to preserve. Get involved, NOW. http://www.oasis-open.org
35
Laurent Liscia, CEOOASIS首席执行官
[As a reminder that we haven’t covered Privacy and
Big Data in Asia …]
http://www.oasis-open.org
謝謝 !
top related