Chapter 3: Privacy Threats and Violations Flashcards
what is interrogation?
Questioning or probing
individuals for personal information in this way is known as interrogation
What are the different types of interrogation
asymmetrical power relationship
existing relationships
reverse flow of information
What is asymmetrical power relationship
One feels compelled to answer questions posed by a person of authority
what is existing relationship:
Questions are out of context within the social norms of the relationship
what is reverse flow of information
A person overshares unsolicited information
what is the difference between disclosure and insecurity
, insecurity is the result of negligence, while disclosure is
the result of intentionally revealing information about an individual.
what is the difference between distortion and disclosure
distroation- false, inaccurate
disclosure- revealing true information
what is the purpose of surveillance
surveillance is used in a myriad of modalities throughout everyday lives. Advertisers track web surfers, parents use geolocation technology to know where their children are, and store specific loyalty cards track consumers’ buying trends.
What is the positive impact of surveillance
Deters people from cheating in casinos
Dissuades theft from convenience stores
Tempers behaviors in recorded conversations
What is the negative impact of surveillance
Causes self-censoring
Silences minority viewpoints
Manipulates behavior to further self-interests
What are the privacy violation in uses
Insecurity Identification Identification: Privacy technologist’s role Secondary use Exclusion
What is the use of insecurity
o Data insecurity can be the result of negligence or threat actors, such as cybercriminals or amateur hackers
o Disregarding threat actors, along with failing to design a process, product or service with access prevention, leads to data insecurity. The application of risk assessment tools is useful in identifying areas of information insecurity within a system.
What is the use of Identification
o Identification is linking unique identifying information to specific individuals; personally identifiable information can be pieced together with a few unique identifiers, such as zip code, date of birth, age range, weight and income level to identify an individual.
o Identification can also be achieved by cross-referencing timestamps on websites or databases, or the use of recurring IP addresses or cookies to identify browsing history.
What is secondary use of privacy violation
o Secondary use occurs when the intended recipient of personal information shares it with another party outside of the expectations of the individual whose information was shared.
what is the use of exclusion
o Exclusion happens when an individual’s information is used without their knowledge, or they are unable to consent to the handling or use of their information.
o Exclusion can also occur in the form of discrimination
what is disclosure
o is revealing credible and private information about an individual that can affect how others view that person or may even impact their security.
o insecurity is the result of negligence, while disclosure is the result of intentionally revealing information about an individual.
o Performing a risk analysis can assess what potential privacy incidents may occur if personal information is disclosed, particularly via a company’s data.
what is distortion
o Distortion is when someone spreads false or inaccurate information about someone else.
o disclosure, which is based on the dissemination of true personal information, distortion is the dissemination of fabricated, misleading, or incorrect personal information
o Distortion is an act against privacy, as access to and accuracy of information is imbedded within privacy models and principles, such as FIPPs and the Organisation for Economic Cooperation and Development’s (OECD) Guidelines.
What is exposure
o individuals are also at risk of exposure if parameters are not set in advance regarding communication between health care providers, loan officers, lawyers, etc.
o Performing a risk analysis to identify vulnerabilities will allow privacy technologists to apply controls.
o Communication preference: telephone, email, post mail
What is breach of confidentiality
o A breach of confidentiality results from the disclosure of information shared in private.
o The consequence of this is a loss of trust and an unwillingness for an individual to share information in the future.
o subcontractors may be used more frequently to protect systems against breach of confidentiality harms.
What is blackmail
Blackmail is the threat to disclose someone’s information against their will.
What is appropriation
Appropriation is using someone’s identity for someone else’s purpose or to promote a party’s own interests
What is interference
o Interference is any act that prevents or obstructs a process from continuing or being carried out properly.
o some forms of interference: surveillance, tracking and interrogation, for example
What are the three types of interference
Decisional interference
Intrusion
Self-representation-Interference
What is Behavioral profiling for advertising
o Behavioral profiling for advertising consists of several complex interactions and is a combination of interference-prone technologies: a behavior model, which represents who the person is and enables decision-making, and personalized ads that are sent and represent a person’s behavior.
what is social engineering
o Social engineering is using any means of psychology to manipulate people to do something that discloses valuable information or provides access, such as calling a company to reset a password with using easily accessible information such as first and last name, physical and/or email addresses.
What is patches in software security
o Patches are changes to a program that aim to fix, update or improve a system. They are also known as bug fixes to address vulnerabilities to security.
What is there difference between open source and closed source software
o Open-sourced software has code that is easily viewed, shared and modified. Bugs can be fixed quickly, and code is checked frequently.
o Closed-source software can only be fixed by the vendor, and consumers may need to wait to be assisted with issues.
