Module 3 Flashcards
Privacy Threats and Violations
Interrogation
Is the intentional probing of information to reveal personal information about a person.
Asymmetric Power Relationship
When a person is compelled to give up personal information to a person of authority. An example would be an interviewee answering personal questions to a prospective employer.
Existing Relationship
Asking personal questions that are out of context within social norms of the relationship. An example would be an employer asking about an employee’s personal life.
Reverse Flow of Information
An individual oversharing unsolicited information. An example would be a student sharing information about their personal life during a class discussion
Covert Surveillance
Tracking that one may not be aware of being tracked (web surfers, geolocators, loyalty cards, etc.).
Overt Surveillance
Tracking that one is aware of (CCTV, Transponders, voice activations, etc.).
Identification
When information is linked to specific individuals; when a unique identifier (SSN, Driver’s License Number, etc.) is linked to other data elements (like age, weight, health info, income level, for example).
Exclusion
Information is used without an individual’s knowledge or consent. It can also occur in the form of discrimination. Privacy technologists should include unsubscribe and consent as options to avoid exclusion.
Secondary Use
Information used without consent for purposes unrelated to the original purposes. Any secondary use should be in the external privacy notice and internal privacy policies.
Data Insecurity
State or condition where data is vulnerable to unauthorized access, misuse, loss, or corruption.
Disclosure
Is revealing credible and private information about an individual that can affect how others view that person or may impact their security. Disclosure is the intentional revealing of information about an individual as opposed to insecurity, which is the result of negligence.
Distortion
Is the release of fabricated and incorrect personal information (opposite of disclosure) and can be used to harm ones reputation.
Blackmail
Is where a threat of releasing personal information against someone’s will unless paid a ransom or to perform some action.
Breach of Confidentiality
Disclosure of information shared in private.
Appropriation
Is when someone else information is use for someone else’s gain (identity theft or using another person’s identity to endorse a product).
Interference
Any act that prevents or obstructs a process from continuing or being carried out properly. Examples of interference include surveillance, tracking and interrogation.
Decisional Interference
A type of interference when an external party (government, commercial entity, etc.) interferes with an individual’s decision-making regarding their personal affairs. Inaccurate data can lead to decisional interference.
Intrusion
A type of interference where a disturbance that affects an individuals solitude or tranquility (can be physical, psychological or informational). Intrusion can be reduced by giving individuals control over electronic forms of intrusions (opting out of notifications, using opt-out as the default and asking customers to opt in).
Self Representation
A type of interference where another entity alters how an individual is represented or regarded. Whether or not the information changed is accurate is irrelevant, as the individual no longer has control over their self representation.
Behavioral Advertising
Advertising that is based on the users habits and behavior. Though this has some positives of informing users about products and services that they may not be aware of, there needs to be a balance of ones privacy. Safe privacy practices should notify users of collection practices and offer choice over collection and sharing.
Social Engineering
Using any means of psycology to maipulate people to do something that discloses valuable information or provides access.
Intrusion Report
Data that is collected when an IDS (Intrusion Detection System) monitors network traffic for suspicious activity and alerts when such activity is discovered. The one concern in the area of privacy is collecting too
much detailed information on how data is used and where vulnerabilities may lie leads to an increase in privacy risk.
Cyberbullying
Bullying that occurs online and personal information is used that can be used to intimate or bully someone. Various laws are now in place around the country that are a anti-bullying bill of rights where they stress the right not to be bullied, prohibits substantially disruptive speech against others on behavior on social media platforms contusive to intimidation and bullying.
Vulnerability Management
Vulnerability is determined by capability and probability; management involves reducing vulnerability by creating a cyber defense infrastructure support using firewall to prevent malicious network traffic.
Patches
Changes to a program with the goal to fix, update or improve a system (bug fixes). This is intended to address vulnerabilities in security.
Open-source vs Closed Source
Open-source software has code that is easily viewed, shared and modified. Closed-source software can only be fixed by the vendor, and consumers may need to wait to be assisted with issues.
