Here are some notes to remind you of the Readings of the Week, on Privacy. Feel free to skim some papers.
Canadian government PIPEDA, right to privacy, European GDPR: - PIPEDA: 10 key items for organizations to respect: identify purpose, obtain consent, limit collection, limit disclosure, be accurate, use safegaurds, give access, etc.: were you aware of these? do you think this is respected? -- recourse is: inform Privacy Commissioner of Canada if unhappy: does this work? - GDPR: recent European effort, suddenly causing US firms and such to be more careful: why did this cause greater change? - mandatory reporting of data breaches: is this happening? - Supreme Court ruled that we do have a right to privacy at work: scrutiny at times required in order to protect assets and increase productivity
Google tracking its users: - do you ever stop to think about just how much Google knows about you? - this includes not only search history but gmail, Streetview, etc. - the article discusses how some of your privacy can be "restored" but are you content with this arrangement? - are privacy policies clear enough?
US and Canadian government info gathering: - justifying surveillance due to need to counter terrorism: standard tension between privacy and security - are you willing to allow? - NSA scrutinizing US citizens - CSIS keeping data
NSA and Snowden: - major news story in 2013: leaked documents about NSA activity (Snowden) - tech companies later revealing how many requests for information they had - PRISM: private communications on servers requested: when registering we agree to some privacy loss
Cambridge Analytica and Data Breaches: - Facebook knew personal info of Canadians was in third party hands but did nothing - huge breach of trust - Facebook threatening to pull out of Canada if we demanded too much of them - public hearings - stories of data breaches at organizations appear to be increasing (Capital One is just one example): poor security and hackers? insider efforts? social security numbers, credit card info
Our nature to share and ioT Privacy: - tendency to be very open on social media - just the perception of being watched may lead to low self-esteem - we are afraid to be left out - is attitude really: I have nothing to hide? - instinct should be not to reveal unless truly required to: are we required to reveal too much? - access to our private information through household devices (e.g. baby monitors) - true lack of awareness from consumers - a market for our personal data: do we benefit?
ANNOUNCEMENTS: - A2 is due May 19 - A3 is due on Jun 2; it requires references and research and is a longer essay - RPEs continue May 25 (unusually an online RPE) and everyone who is not presenting becomes the audience for the day, asking questions; read position papers in advance - come to class May 27 to enjoy our discussion of the pandemic and computerization; we will likely poll you before class to help to organize the discussion (and this is another online class)- there is homework for Week 5 when we discuss productivity:: select one 24 hour period between now and then and track the number of hours you are attached to a computer and then estimate the number of hours you feel you were productive; be prepared to reveal your responses in class Jun 1 or Jun 3 - - when A1 grading is done, general feedback will be posted in Instructor folder on Piazza (aim is for May 30) - also look out for a post in the Instructor Folder on Piazza on May 16 for more information on how to attend our online classes