in ,

Privacy

Strategic Cybersecurity, Module 12

Strategic Cybersecurity, Module 12: Privacy.

This lecture discusses privacy concerns on the Internet. The module clarifies that concerns exist not just in the United States but also in the rest of the world.

The Objectives

Once you have completed the readings, lecture, activity, and assessment, you will be able to

  • Describe the Internet of Things (IoT) and the problems it presents for individual privacy
  • Describe the purpose of the Privacy Act of 1974.

Welcome to Strategic Cybersecurity, Module 12. As you have likely realized through personal experience, retaining anonymity while engaging with modern information technology, especially social media, has become nearly impossible.

Tracking

Websites are tracking your activity and selling the data to third-party companies that, in turn, sell the information to other corporations seeking to market their own wares and services. In addition, as you heard in the last module, even intelligence operatives struggle to hide or operate covertly, as modern technology enables governments to track using tools like facial and gate recognition software.

Complicating the issue in the United States is that legal infrastructure written to protect individual privacy rights was codified in the Privacy Act of 1974, a time before the creation of both the Internet and the desktop computer.

The Issue of Privacy

This module, as you have likely guessed, focuses on the issue of privacy. Dictionary.com defines “privacy” as the “state “of being free from unwanted or undue intrusion “or disturbance in one's private life or affairs; freedom to be left alone.” Rosenzweig notes that privacy reflects a desire for the independence of personal activity, which is also a form of autonomy.

This notion of autonomy is important with respect to privacy because, as Rosenzweig highlights, it allows us the ability to walk through the world without being critically examined, and it requires law enforcement agencies to have good cause to scrutinize the data they may capture about us while operating in the public sphere.

As the technology to perform dataveillance increases, privacy concerns will become more salient, and as Rosenzweig notes, limitations will need to be placed on consequences for committing certain unlawful behaviors.

Red Light Cameras

As an example, consider the increasing presence of red light cameras in communities throughout the United States. At some point in the future, traffic cameras could become so widespread that running a red light automatically results in the guilty party's identification and sanctioning in some manner. Should that occur, the consequences of such a crime would require some limitations.

Barring a backlash in which voters elect officials promising to abolish such cameras, a likely scenario might include narrowing the definition of wrongful conduct or reducing the penalties for such behavior.

Our society is likely to face similar dilemmas in a myriad of other ways.

Technology has historically been a great force multiplier for law enforcement, but as technology continues to advance exponentially, it will require our legal system to either narrow the definitions of criminal behavior or minimize the extent to which we sanction individuals for it.

Right to be Forgotten

Privacy concerns are by no means localized in the United States. In 2014, the European Union's highest court stunned global Internet companies with a ruling that required search engines to allow European citizens the “right to be forgotten.”

The right to be forgotten is essentially the right to not have personal information, including such information as old criminal convictions, financial matters, or misdeeds, in other words, outdated or irrelevant information, show up in Internet searches.

For all intents and purposes, the ruling gave private citizens veto power over the information that Internet search engines aggregate about them. Opponents denounced the decision on the basis of free speech, and critics in the United States charged that the ruling was in opposition to our First Amendment.

EU vs. US Laws

However, the European court held its ground, countering that an individual's right to privacy, that is, to be forgotten, takes precedence over the public's need to locate information on the Internet.

As Rosenzweig notes, the ruling is “going “to be a challenge for the rule of law in cyberspace,” as countries and multinational companies outside the European Union will operate two separate sets of privacy rules.

The Privacy War

Rosenzweig also notes the possibility of a “privacy war,” as the European Union could restrict international corporations from access to European markets if they fail to comply with “right-to-be-forgotten” guidelines.

Considering the enormous Google system alone, Google has agreed to remove data when requested for country-specific Google search sites, such as Google France or Google England.

However, Google has so far refused to remove data from its primary Google.com site. This situation has already been problematic, as in 2015, France asked that Google.com remove information on a French citizen, but Google.com has refused thus far.

The case is yet to be adjudicated in court, but a European court is likely to support France's request. If this happens, it may be the opening shot in the world's first cyberprivacy war.

Privacy is clearly a major concern with major ramifications in our future.

Quiz

Quiz Question 1: Which of the following best describes the threat that the Internet of Things poses to individual privacy?

A: Through the purchase of networked products, corporations may know when consumers are due for product upgrades.

B: Police may legally obtain warrants to hack into household devices to determine if a suspected criminal is home.

C: Because of the networked nature of household appliances and other electronic items, the Internet of Things could allow third parties to illegally spy on conversations and constantly monitor one's movements and location.

D: Living off the grid will be increasingly difficult.

The answer is C: Because of the networked nature of household appliances and other electronic items, the Internet of Things could allow third parties to illegally spy on conversations and constantly monitor one's movements and location.

Quiz Question 2: What is the central U.S. statute intended to protect individual privacy against government intrusion?

A: Dataveillance.

B: The Fourth Amendment.

C: The Privacy Act of 1974.

D: The First Amendment.

The answer is C: The Privacy Act of 1974.

Quiz Question 3: Which of the following is the best definition of the Internet of Things?

A: An apocalyptic prediction.

B: The network used for e-commerce.

C: The linking of physical devices to the Internet.

D: Artificial intelligence.

The answer is C: the linking of physical devices to the Internet.

Activity

The activity for this module asks that you perform an assessment of how many IoT devices you have in your home. Do you have a connected climate control system like Nest? If so, do you know the types of data it collects on you, such as the times you are home or which rooms you have been in? What about other devices or appliances such as refrigerators? What types of data are these devices collecting on you? Make sure and check the privacy settings on your alarm system. Can microphones be engaged without your knowledge?

Go to: Module 13: Economics, Government Regulation, and Cybersecurity

Strategic Cybersecurity” by Augusta University is licensed under CC BY 4.0 / Original video transcribed and re-structured.

What do you think?

15 points
Upvote Downvote
The Concept of Dataveillance

Dataveillance

Economics, Government Regulation, and Cybersecurity

Economics, Government Regulation, and Cybersecurity