Chapter 3: Privacy Threats and Violations

Question 1

what is interrogation?

Answer 1

Questioning or probing

individuals for personal information in this way is known as interrogation

Question 2

What are the different types of interrogation

Answer 2

asymmetrical power relationship
existing relationships
reverse flow of information

Question 3

What is asymmetrical power relationship

Answer 3

One feels compelled to answer questions posed by a person of authority

Question 4

what is existing relationship:

Answer 4

Questions are out of context within the social norms of the relationship

Question 5

what is reverse flow of information

Answer 5

A person overshares unsolicited information

Question 6

what is the difference between disclosure and insecurity

Answer 6

, insecurity is the result of negligence, while disclosure is
the result of intentionally revealing information about an individual.

Question 7

what is the difference between distortion and disclosure

Answer 7

distroation- false, inaccurate

disclosure- revealing true information

Question 8

what is the purpose of surveillance

Answer 8

surveillance is used in a myriad of modalities throughout everyday lives. Advertisers track web surfers, parents use geolocation technology to know where their children are, and store specific loyalty cards track consumers’ buying trends.

Question 9

What is the positive impact of surveillance

Answer 9

Deters people from cheating in casinos
Dissuades theft from convenience stores
Tempers behaviors in recorded conversations

Question 10

What is the negative impact of surveillance

Answer 10

Causes self-censoring
Silences minority viewpoints
Manipulates behavior to further self-interests

Question 11

What are the privacy violation in uses

Answer 11

Insecurity 
Identification
Identification: Privacy technologist’s role
Secondary use
Exclusion

Question 12

What is the use of insecurity

Answer 12

o Data insecurity can be the result of negligence or threat actors, such as cybercriminals or amateur hackers
o Disregarding threat actors, along with failing to design a process, product or service with access prevention, leads to data insecurity. The application of risk assessment tools is useful in identifying areas of information insecurity within a system.

Question 13

What is the use of Identification

Answer 13

o Identification is linking unique identifying information to specific individuals; personally identifiable information can be pieced together with a few unique identifiers, such as zip code, date of birth, age range, weight and income level to identify an individual.
o Identification can also be achieved by cross-referencing timestamps on websites or databases, or the use of recurring IP addresses or cookies to identify browsing history.

Question 14

What is secondary use of privacy violation

Answer 14

o Secondary use occurs when the intended recipient of personal information shares it with another party outside of the expectations of the individual whose information was shared.

Question 15

what is the use of exclusion

Answer 15

o Exclusion happens when an individual’s information is used without their knowledge, or they are unable to consent to the handling or use of their information.
o Exclusion can also occur in the form of discrimination

Question 16

what is disclosure

Answer 16

o is revealing credible and private information about an individual that can affect how others view that person or may even impact their security.
o insecurity is the result of negligence, while disclosure is the result of intentionally revealing information about an individual.
o Performing a risk analysis can assess what potential privacy incidents may occur if personal information is disclosed, particularly via a company’s data.

Question 17

what is distortion

Answer 17

o Distortion is when someone spreads false or inaccurate information about someone else.
o disclosure, which is based on the dissemination of true personal information, distortion is the dissemination of fabricated, misleading, or incorrect personal information
o Distortion is an act against privacy, as access to and accuracy of information is imbedded within privacy models and principles, such as FIPPs and the Organisation for Economic Cooperation and Development’s (OECD) Guidelines.

Question 18

What is exposure

Answer 18

o individuals are also at risk of exposure if parameters are not set in advance regarding communication between health care providers, loan officers, lawyers, etc.
o Performing a risk analysis to identify vulnerabilities will allow privacy technologists to apply controls.
o Communication preference: telephone, email, post mail

Question 19

What is breach of confidentiality

Answer 19

o A breach of confidentiality results from the disclosure of information shared in private.
o The consequence of this is a loss of trust and an unwillingness for an individual to share information in the future.
o subcontractors may be used more frequently to protect systems against breach of confidentiality harms.

Question 20

What is blackmail

Answer 20

Blackmail is the threat to disclose someone’s information against their will.

Question 21

What is appropriation

Answer 21

Appropriation is using someone’s identity for someone else’s purpose or to promote a party’s own interests

Question 22

What is interference

Answer 22

o Interference is any act that prevents or obstructs a process from continuing or being carried out properly.
o some forms of interference: surveillance, tracking and interrogation, for example

Question 23

What are the three types of interference

Answer 23

Decisional interference
Intrusion
Self-representation-Interference

Question 24

What is Behavioral profiling for advertising

Answer 24

o Behavioral profiling for advertising consists of several complex interactions and is a combination of interference-prone technologies: a behavior model, which represents who the person is and enables decision-making, and personalized ads that are sent and represent a person’s behavior.

Question 25

what is social engineering

Answer 25

o Social engineering is using any means of psychology to manipulate people to do something that discloses valuable information or provides access, such as calling a company to reset a password with using easily accessible information such as first and last name, physical and/or email addresses.

Question 26

What is patches in software security

Answer 26

o Patches are changes to a program that aim to fix, update or improve a system. They are also known as bug fixes to address vulnerabilities to security.

Question 27

What is there difference between open source and closed source software

Answer 27

o Open-sourced software has code that is easily viewed, shared and modified. Bugs can be fixed quickly, and code is checked frequently.
o Closed-source software can only be fixed by the vendor, and consumers may need to wait to be assisted with issues.