Chapter 1 - Intro to Privacy Flashcards
_____ privacy is concerned with rules that govern the collection and handling of personal information.
Examples included financial info, medical info, government records and records of a person’s internet activities
Information Privacy
_____ privacy is focused on a personals physical being and an invasion thereof. Invasions can take the form of genetic testing, drug testing, or body cavity searches. This also encompasses issues such as birth control, abortion and adoption.
Bodily Privacy
_____ privacy is concerned with the ability to intrude into another individual’s environment. “Environment” isnt limited to home; it includes workplace or public space. Intrusions typically take the form of monitoring (i.e., video surveillance, ID checks and the like)
Territorial Privacy
_____ privacy encompasses the means of correspondence, including postal mail, phone convos, email and other forms of communication
Communication Privacy
What are FIPs/FIPPs?
- FIP - Fair Information Practices/FIPP - Fair Information Privacy Practices (or Principles)
- FIPS are guidelines for handling, storing and managing data with privacy, security and fairness in an information society that is rapidly evolving.
Examples include:
OECD Guidelines
Convention 108
APEC
What are the 4 main categories of FIPs?
1- rights of individuals
2- controls on the information
3- information lifecycle
4- management
Re: “(FIP) Rights of Individuals”, organizations should address what 3 areas?
1-Notice
2- Choice and Consent
3- Data Subject Access
(FIP) Rights of Individuals - Re: NOTICE, orgs should….
provide notice about their privacy policies and procedures and should identify the purpose for which personal information is collected, used, retained and disclosed.
(FIP) “Rights of Individuals” - Re: CHOICE AND CONSENT orgs should….
describe the che choices available to individuals and should get implicit/explicit consent with respect to the collection, use, retention and disclosure of personal information. Consent is especially important for disclosures of personal info to other data controllers.
(FIP) “Rights of Individuals” - Re: DATA SUBJECT ACCESS, orgs should….
provide individuals with access to their personal info for review and update.
Re: (FIP) “Controls on the Information”, organizations should address what 2 areas?
1- Information Security
2- Information Quality
(FIP) “Controls on the Information” - Re: INFORMATION SECURITY, orgs should…
use reasonable administrative, technical and physical safeguards to protect personal info against unauthorized access, use, disclosure, modification and destruction.
(FIP) “Controls on the Information” - Re: INFORMATION QUALITY, orgs should…
maintain accurate, complete and relevant personal info for the purposes identified in the notice
Re: (FIP) “Information Lifecycle”, organizations should address what 3 areas?
1- Collection
2- Use and Retention
3- Disclosure
(FIP) “Information Lifecycle” - Re: COLLECTION, orgs should…
collect personal information only for the purposes identified in the notice