sen-material: comparison handouts/ho07.tex

equal deleted inserted replaced

-:c3ad0cf9db50
+:98ee5f760a8c
+\documentclass{article}
+\usepackage{../style}
+\begin{document}
+\section*{Handout 7 (Privacy)}
+The first motor car was invented around 1886. For ten years,
+until 1896, the law in the UK and elsewhere required a person
+to walk in front of any moving car waving a red flag. Cars
+were such a novelty that most people did not know what to make
+of them. The person with the red flag was intended to warn the
+public, for example horse owners, about the impending
+novelty---a car. In my humble opinion, we are at the same
+stage of development with privacy. Nobody really knows what it
+is about or what it is good for. All seems very hazy. The
+result is that the world of ``privacy'' looks a little bit
+like the old Wild West. For example, UCAS, a charity set up to
+help students apply to universities, has a commercial unit
+that happily sells your email addresses to anybody who forks
+out enough money in order to bombard you with spam. Yes, you
+can opt out very often, but in case of UCAS any opt-out will
+limit also legit emails you might actually be interested
+in.\footnote{The main objectionable point, in my opinion, is
+that the \emph{charity} everybody has to use for HE
+applications has actually very honourable goals (e.g.~assist
+applicants in gaining access to universities), but in their
+small print (or better under the link ``About us'') reveals
+they set up their organisation so that they can also
+shamelessly sell email addresses the ``harvest''. Everything
+is of course very legal\ldots{}moral?\ldots{}well that is in
+the eye of the beholder. See:
+\url{http://www.ucas.com/about-us/inside-ucas/advertising-opportunities}
+or
+\url{http://www.theguardian.com/uk-news/2014/mar/12/ucas-sells-marketing-access-student-data-advertisers}}
+Verizon, an ISP who provides you with connectivity, has found
+a ``nice'' side-business too: When you have enabled all
+privacy guards in your browser, the few you have at your
+disosal, Verizon happily adds a kind of cookie to your
+HTTP-requests.\footnote{\url{http://webpolicy.org/2014/10/24/how-verizons-advertising-header-works/}}
+As shown in the picture below, this cookie will be sent to
+every web-site you visit. The web-sites then can forward the
+cookie to advertisers who in turn pay Verizon to tell them
+everything they want to know about the person who just made
+this request, that is you.
+\begin{center}
+\includegraphics[scale=0.21]{../pics/verizon.png}
+\end{center}
+\noindent How disgusting? Even worse, Verizon is not known for
+being the cheapest ISP on the planet (completely the
+contrary), and also not known for providing the fastest
+possible speeds, but rather for being among the few ISPs in
+the US with a quasi-monopolistic ``market distribution''.
+Well, we could go on and on\ldots{}and that has not even
+started us yet with all the naughty things NSA \& Friends are
+up to.
+Why does privacy matter? Nobody, I think, has a conclusive
+answer to this question. Maybe the following four notions
+clarify the picture somewhat:
+\begin{itemize}
+\item \textbf{Secrecy} is the mechanism used to limit the
+number of principals with access to information (e.g.,
+cryptography or access controls). For example I better
+keep my password secret, otherwise people from the wrong
+side of the law might impersonate me.
+\item \textbf{Confidentiality} is the obligation to protect
+the secrets of other people or organisations (secrecy
+for the benefit of an organisation). For example as a
+staff membee at King's I have access to data, even
+private data, I am allowed to use in my work but not
+allowed to disclose to anyone else.
+\item \textbf{Anonymity} is the ability to leave no evidence of
+an activity (e.g., sharing a secret). This is not equal
+with privacy---anonymity is required in many
+circumstances, for example for whistle-blowers,
+voting, exam marking and so on.
+\item \textbf{Privacy} is the ability or right to protect your
+personal secrets (secrecy for the benefit of an
+individual). For example, in a job interview, I might
+not like to disclose that I am pregnant, if I were
+a woman, or that I am a father. Similarly, I might not
+like to disclose my location data, because thieves might
+break into my house if they know I am away at work.
+Privacy is essentially everything which `shouldn't be
+anybodies business'.
+\end{itemize}
+\noindent While this might provide us with some rough
+definitions, the problem with privacy is that it is an
+extremely fine line what should stay private and what should
+not. For example, since I am working in academia, I am very
+happy to be essentially a digital exhibitionist: I am happy to
+disclose all `trivia' related to my work on my personal
+web-page. This is a kind of bragging that is normal in
+academia (at least in the CS field). I am even happy that
+Google maintains a profile about all of my academic papers and
+their citations.
+On the other hand I would be very peeved if anybody had a too
+close look on my private live---it shouldn'd be anybodies
+business. The reason is that knowledge about my private life
+usually is used against me. As mentioned above, public
+location data might mean I get robbed. If supermarkets build a
+profile of my shopping habits, they will use it to
+\emph{their} advantage---surely not to \emph{my} advantage.
+Also whatever might be collected about my life will always be
+an incomplete, or even misleading, picture---I am sure my
+creditworthiness score was temporarily(?) destroyed by not
+having a regular income in this country (before coming to
+King's I worked in Munich). To correct such incomplete or
+flawed data there is, since recently, a law that allows you to
+check what information is held about you for determining your
+creditworthiness. But this concerns only a very small part of
+the data that is held about me/you.
+This is an endless field. I let you ponder about the two
+statements that are often float about in discussions about
+privacy:
+\begin{itemize}
+\item \textit{``You have zero privacy anyway. Get over it.''}\\
+\mbox{}\hfill{}Scott Mcnealy (CEO of Sun)
+\item \textit{``If you have nothing to hide, you have nothing
+to fear.''}
+\end{itemize}
+\noindent There are some technical problems that are easier to
+discuss and that often have privacy implications. The problem
+I want to focus on is how to safely disclose datasets. What
+can go wrong with this can be illustrated with three examples:
+\begin{itemize}
+\item In 2006 a then young company called Netflix offered a 1
+Mio \$ prize to anybody who could improve their movie
+rating algorithm. For this they disclosed a dataset
+containing 10\% of all Netflix users (appr.~500K). They
+removed names, but included numerical ratings as well as
+times of ratings. Though some information was perturbed
+(i.e., slightly modified).
+Two researchers took that data and compared it with
+public data available from the International Movie
+Database (IMDb). They found that 98 \% of the entries
+could be re-identified: either by their ratings or by
+the dates the ratings were uploaded.
+\item In the 1990, medical databases were routinely made
+publicised for research purposes. This was done in
+anonymised form with names removed, but birth dates,
+gender, ZIP-code were retained.
+\end{itemize}
+\end{document}
+http://randomwalker.info/teaching/fall-2012-privacy-technologies/?
+http://chronicle.com/article/Why-Privacy-Matters-Even-if/127461/
+http://repository.cmu.edu/cgi/viewcontent.cgi?article=1077&context=hcii
+https://josephhall.org/papers/NYU-MCC-1303-S2012_privacy_syllabus.pdf
+%%% Local Variables:
+%%% mode: latex
+%%% TeX-master: t
+%%% End:

changeset 307	98ee5f760a8c
child 308	2a814c06ae03