Legal issues regarding Security vs Privacy

For this assignment we have chosen 'Security vs. Privacy' as our main topic area. We will be discussing the background underlying concepts including examples from current situation gathered from different sources and different media. Most of our examples that will be given are events that took place in America or in Europe. We will also be discussing the ethical and legal issues regarding Security vs. Privacy as well as incorporation of IT use. "Today, we have the capability of putting a camera almost everywhere, do you believe that you would conduct yourself differently if you were on camera than if you weren't?

I think so ... it wouldn't necessarily be something legal or illegal, but it would be different. " "You'd give up everything by way of individuality, privacy, anonymity ... and even then you would not have total security. " James Gilmore (Chairman of the National Advisory Commission) Background Underlying Concepts: There's still a lot of confusion out there about just what privacy is and how we keep it or lose it. Privacy can be described as the power to control what others can come to know about you and to determine the entry rules for your own private space. Privacy is a concept which applies to an individual.

It is the right of an individual to decide what information (s)he wishes to share with others and also what information (s)he is willing to accept from others. As more and more of individual's daily activities involve some form of usage of electronic communication networks, the level of security of these networks against various types of intrusion or disruption has become a major concern. At stake are not only significant economic and financial interests but also public confidence in using communications networks for important transactions or for the exchange of sensitive information.

If an acceptable level of security cannot be guaranteed, the information society will be unlikely to develop its full potential One aspect of security is the protection against intrusion of people's private sphere and against the unauthorised use of their personal data when they are transmitted over the public communications network. For example, if you visit a website and download information, you do not want others to be able to spy on you. When you buy a product or service via the internet, you do not want others to copy your credit card number or to be able to find out what you were buying.

Historical Examples During March 2000 the following events took place due to lack of security:  For years, personal information has 'leaked' from Web sites (such as Intuit) to advertisers (such as DoubleClick). When visitors used various financial calculators on the Intuit site, a design glitch in the Web site's programming allowed information they entered to be sent to DoubleClick. This happened without the users' knowledge or consent, and surprisingly without Intuit's knowledge or consent.

Financial Times  Someone broke into the business-to-business Web site fro and stole abut 3,000 customer records, including credit card numbers and other personal information. He posted some of the information on the Internet. Telegraph Convicted criminal hacker Kevin Mitnick testified before Congress. He told them that social engineering is a major security vulnerability. He can often get passwords and other secrets just by pretending to be someone else and asking. The Independent Current Situation: Personal privacy today is a controversial and complex topic, which is influenced by a number of factors.

There is an integral role that databases play in this highly debated topic. The fact that many people now carry out their transactions electronically is another important factor. There is also pressure on personal privacy for increased national security around the world to combat terrorism. In addition, personal privacy is even threatened by commercial factors and the Internet. As technological possibilities to collect, store, analyse and distribute information about virtually every aspect of an individual's life have become almost unlimited, this power risks being greatly diminished.

Especially in today's public communication networks that include not only fixed telephone networks but also mobile networks and the Internet, personal information can be transferred with great ease and even largely invisibly. The Government: As a result of new national security concerns several nations have adopted laws that allow the government to monitor your computer without your knowledge or consent. Examples: Bar owners are harvesting personal data from driver's licenses The story talks about a device the bars can use to scan the license, determine whether it's valid, and whether the patron is older than the legal drinking age.

So far, no problem but the device can also collect the owner's name, address, date of birth, height, weight, eye colour, and sometimes Social Security number from the magnetic stripe on the license. According to the article, about 40 states now include variations on this information on their licenses. The bar owners know they've found a treasure trove, allowing them to mine the data to see how many 25-year-olds from the suburbs come in on a particular night or what the ratio of male to female is.

But some are going beyond aggregate data and are already planning to use the data to build mailing lists to market themselves to certain groups. The main problem is that those people who hand over their licenses think it is only to determine whether they can enter. Perhaps few realise that they are turning over data that could be assembled and sold to outside businesses for more aggressive marketing. The devices are spreading beyond the bars, according to The Times, and are popping up in convenience stores as well as a variety of other operations. More places are expressing interest.