Chapter 3: Violations Flashcards
Solove’s Taxonomy of Privacy
1) Information Collection
2) Information Processing
3) Information Dissemination
4) Invasions
Information Collection Violations (2)
- Surveillance
- Interrogation
Information Processing Violations (5)
- Aggregation
- Insecurity
- Identification
- Secondary Use
- Exclusion
Information Dissemination Violations (7)
- Breach of Confidentiality
- Disclosure
- Exposure
- Increased Accessibility
- Blackmail
- Appropriation
- Distortion
Invasion - Privacy Violations (2)
- Intrusion
- Decisional Interference
Information Collection - Surveillance
Watching, listening to, or recording of an individual’s activities.
- Tracking mouse movements around a webpage
- Security cameras in a store
- Recording user app activity in mobile phone
- Tracking GPS locations of a fitness application user
Information Collection - Interrogation
Questioning or probing individuals for personal information.
- Asking a female job candidate if she’s pregnant
- Nudging social media users to complete their profiles
- Probing for sensitive sources of income, such as alimony or child support
Information Processing - Aggregation
Combining of various pieces of personal information
- Aggregating a user’s searches to better interpret interests
- Aggregating shoppers’ purchasing habits
- Aggregating patients’ doctor visits
Information Collection - Insecurity
Carelessness in protecting information from leaks in improper access
- A web developer allowing web visitors to see customer records
- A company hiring an unlicensed individual with a criminal record to handle customer sensitive data
- A company’s developer accidentally uploading company creds on Github
Information Processing - Identification
Linking of information to a particular individual.
- Using computer device fingerprinting to tie a person to other websites or apps that do not require fingerprinting.
- Correlating timestamps in 2 databases, one that has been “anonymized” and the other not to re-identify individuals.
Information Processing - Secondary Use
Using personal information for a purpose other than for which it was collected.
- A company sends spam emails about all their product after you ordered 1 product.
- WhatsApp sharing your name and phone number to Facebook so businesses can advertise you.
- Facebook using phone numbers provided for two-factor authentication to spam users to use their platform.
Information Processing - Exclusion
Failing to let an individual know about the data that others have about them or participate in its handling or use.
- Using information about previous calls to constantly kick “Problem callers” to the back of the queue without them knowing
- Denying services or products based on information about customers without them knowing or giving them the ability to dispute it, e.g. denying a mortgage loan because of ethnicity.
Invasions - Intrusion
Disturbing an individual’s tranquillity or solitude.
- A game that invites people to go to individuals’ houses without the owners’ permission.
- Email spam.
- A political surveyor calling at 6 p.m. while you’re trying to have dinner.
Invasion - Decisional Interference
Intruding into an individual’s decision making regarding their private affairs.
- A government dictating family planning decisions.
- Hackers/ other countries interfering in a country’s presidential elections.
- A payment processor preventing a user from spending money on certain products or services on moral grounds.
Information Dissemination - Breach of Confidentiality
Breaking a promise to keep an individual’s information confidential
- Disclosure of a patient’s HIV condition in a lawsuit for an unpaid bill.
- Doctors releasing patient information that might change how they are treated or their credibility in a court case.
- Banks divulging a customer’s financial information to law enforcement without following a legally proscribed process (court order, subpoena)
- Requesting your medical records and instead of receiving the medical records for someone with the same name.
