Privacy Flashcards

1
Q

Liberalism

A

Major political ideologies of modern world
Importance it attaches to the civil and political rights of individuals
Liberals demand a substantial realm of personal freedom (speech, conscience, occupation, …)
A liberal is not a political party

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Liberalism and privacy

A

Depends of the concept we have of the individual

No one has any clear idea what it is to mean the right to privacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Privacy

A

Behavioural: where a person has been or what they have done, protecting actions
Informational: how, when, and what information is communicated to others

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Impacts of ICTs

A

Computers make new threats possible

Freedom from intrusion, surveillance, and control of information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Data vs metadata

A

Data: a recording of a cellphone conversation between Y and X
Metadata: Y called X, talked for 10 mins in city C
Metadata can have more information then the data
Less restrictions on metadata

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Uses of ICTs

A
  1. Invisibility of data gathering: unknown or confusing (satellite, cookies)
  2. Ease of secondary use: using data for purpose other then person approved (sale info to others)
  3. Linking data records: combining and comparing info from multiple databases (gov getting data from commercial sources not allowed to)
  4. Profiling: surveys, records, purchases
  5. Monitoring: real time (GPS, networks, phones)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Big brother

A

George Orwell where lack of privacy taken to the extreme (everything is observed) how would people act?

Initially only applied to the government
Us created 1974 privacy act

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

First gen Fair information principles

A
  • No personal data record keeping systems in gov secret
  • Individual able to find out what information is in a record and how used
  • Prevent information about them being used for another purpose without consent
  • Correct information if it is incorrect
  • Organization storing records must assure reliability of data for intended use
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Federal legislation

A

Gov computer systems used for certain purposes and goals (law, fraud)
Canada: privacy act of 1983
Legislation normally introduced as a result of political, legal, and constitutional considerations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

US constitution

A

Made is 1776 and amended to changes in society

Four amendment: used if privacy related legislation but the word privacy does not appear in the amendment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Canadian constitution

A

Repatriation in 1982
Section 8: for privacy, everyone has the right to be secure against unreasonable search and seizure
This protects people and not places
Protects the person that owns the device
Privacy protection restricted to information which is personal and confidential and serves to promote the individuals dignity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Pipedas fair information principles

A
  1. Accountability
  2. Identifying purposes
  3. Consent
  4. Limiting collection
  5. Limiting use, disclose, and retention
  6. Accuracy
  7. Safeguards
  8. Openess
  9. Individual access
  10. Challenging compliance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. Accountability
A

Orgainisation is responsible for information that is under its control and should have someone accountable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. Indentifying purposes
A

Purposes for which personal information is collected shall be identified by the organization at or before collection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. Consent
A

The knowledge and consent of the individual are required for collection, use, or disclosure of personal information except where inappropriate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. Limiting collection
A

Collection of personal information shall be limited to that which is necessary for the purposes identified by the organization. Collected by fair and lawful means

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q
  1. Limiting use, disclosure, and retention
A

Personal info shall not be used or disclosed for purposes other than those for which it was collected execpt with consent of the individual or as required by law. Info retained only as long as necessary

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q
  1. Accuracy
A

Personal info shall be accurate, complete, and up to date for purposes used

19
Q
  1. Safeguards
A

Personal info shall be protected by security safeguards appropriate to the sensitivity of the information

20
Q
  1. Openness
A

Make readily available to individuals specific info about its policies and practices relating to management of personal info

21
Q
  1. Individual access
A

Upon request, individual shall be informed of the existence, use, and disclosyre of personal info and shall be given access to the info. An individual shall be able to challenge accuracy of info and have it amended

22
Q
  1. Challenging compliance
A

An individual shall be able to address a challenge concering compliance with the above principles

23
Q

Second gen privacy laws for ICTs

A
Eight principles 
Collection limitation
Data quality 
Purpose specification
Use limitation
Security safeguards
Openness
Individual participation 
Accountability
24
Q

Pipeda

A

Applies to commercial organization (businesses)
If business want to collect use or disclose personal info needs consent
First canada wide legislation to require fair information principles to be followed
Limited to commercial entities

25
Q

Pipa (personal information privacy act)

A

Introduced in bc in 2003
Applies to commercial organizations and private sector organizations (churches, stratas, charites)
Applies to private sector organizations

26
Q

Fippa (freedom of information and personal privacy act)

A

Public sector organizations with governance under BC statues
(Provincial gov ministries, universites, schools, hospitals, municipalities)
Introduced along side pipa

27
Q

Privacy commissioner

A

Pipeda: office of the privacy commissioner of canada (opc)
Pipa, fippa: office of information privacy commissioner of bc (oipc)

Advocate best practice in privacy
Educate organizations
Deal with complaints from individuals

28
Q

Complaints

A

Office staff examine the complaint to find ir well founded or not
Early resolution: admitted problem and change
Discontinued
Settled
Well-founded: go to federal court (worst case)
No jurisdiction

29
Q

General data protection regulation (GDPR)

A

Into force in EU in 2018
Replaced EU privacy directive from 1995
Goals: protect data in EU, strengthen privacy rights, natural persons given control over data, rights enforced
Gives direction for individual EU nations
Affects businesses anywhere in world collecting or holding PI on EU citizens

30
Q

GDPR protection

A

Protects name, address, phone, bank, email, ip address, cookies, biometric data
If in repository, has some structure, with some manual labour (sorting)
Ex)paper filling cabinet sorted
Need consent, transparency in collection and use, right to modify
Focus in natural persons
Right to be forgotten
Right to data portability
Right to restriction of processing
Right to explanation~ AI decisions
Relatively technology neutral
More modern privacy

31
Q

Data subject

A

An individual resident of EU whose personal data are protected “natural person”

32
Q

Data controller

A

An institution business or person processing personal data

33
Q

Data processor

A
A subject (company) processing data in behalf of the controller 
Could be company storing data on cloud or customer relationship management app
34
Q

Data collector

A

Both a controller and a processor

35
Q

Data protection officer

A

A person appointed by data controller responsible for overseeing data protection

36
Q

Data authorities

A

Public institution monitoring implementation of regulations in EU country

37
Q

Third parties

A

A person or entity under authority of the collector authorized to process personal data

38
Q

Recipient

A

Any person to whom personal data is disclosed

39
Q

CCPA california consumer privacy act 2020

A

Similar to GDPR
Individual people can now sue for violations
Has more detail about what is personal data
Have to tell who data was shared with

40
Q

CPPA consumer privacy protection act bill C11

A

Intented to repeal pipeda
New way to deal with complaints
Revised requirements for obtaining consent, more rights over own data, algorithmic transparency: right to explanation
Bill not passed due to election in 2021

41
Q

Privacy as a human right

A

Universal declaration of human rights ~ interference with privacy, family, home, or correspondence, nor attacks upon honour and reputation
Legal right ~ granted by legal statue
Right~ aspirational or object of political action
Human rights are really strong ethical pronoucements as to what should be done

42
Q

Perspectives of privacy

A

Privacy as secrecy: concealing info about onesself
Privacy as control over personal information: protect all info want to retain control
Privacy as personhood: 1. Respect for persons as choosers 2. Not determined by what is “normal”
Privacy as intimacy: sharing of intimate info

43
Q

Free market view

A

Parties of a transaction viewed as having equal standing
Truth in information gathering enforced by the market
String reliance in contracts
Facts can be disclosed if not violate other rights

44
Q

Consumer protection view

A

Comsumers have little power to negotiate with corporation
Consent needed in business transactions better then those required by law
Self regulation by business often does not work so some protect for the consumer