Class+Notes+4

Privacy 1. Google combines information in two databases. The first database ties phone numbers to addresses. The second database ties addresses to locations on a map. By combining information in these databases, Google can associate a location on a map with a phone number. 2. Students will come up with many different responses to this question. Next edition I need to remember to move this question to the “Discussion Questions” section! 3. Privacy is a negative right in the sense that all I have to do to give you privacy is leave you alone. 4. The Third Amendment to the U.S. Constitution gives people the right to refuse to let the government quarter soldiers in their homes in peacetime. 5. When the author says privacy is a prudential right, he means that granting people this right provides a net benefit to society. Hence it is prudent for a society to choose to give its members some privacy. 6. With the invention of air conditioning and television, people spend more time in their own apartments than they did 100 years ago. Automobiles and taxicabs give people more privacy than subway cars. Young adults are more likely to live away from their parents than they were 100 years ago. 7. A public record contains information reported to a government agency for the purpose of informing the public. Public information is information that is provided to an organization that has the right to share it with other organizations. 8. Disclosure of information that becomes part of a public record is typically required by law. For example, you must disclose certain information in order to get a marriage license. For this reason, it is easier for a person to control public information. 9. Here are a few examples: legal name, address, list of property owned, property tax records, political party, date of birth, date of marriage, date of divorce, date of death 10. Here is one possible answer. If you want to check out a book from a public library, you must provide certain information (such as your name, address, and phone number). 11. Here is one possible answer. People called to testify at a trial may be forced to reveal personal information, whether or not they consent.

12. Here is one possible answer. Many organizations keep track of the Web sites accessed by their computers. By monitoring the packets flowing from Web sites to particular machines, a company can determine the Web sites each of its employees is visiting. 13. A digital video recorder records television shows on a hard disk instead of a tape. It may have features making it much easier to program. It may connect with a central database and report viewing patterns. 14. Enhanced 911 service raises new concerns about privacy because in order to implement this service, cell phone companies must install technology that enables them to track the positions of all active cell phones. 15. Spyware is a program that communicates over your Internet connection without your knowledge or consent. Free software downloaded from the Internet often contains spyware. 16. Information about criminal convictions may be kept indefinitely, and bankruptcy information may be held for 10 years. 17. The Fair and Accurate Credit Transactions Act helps consumers verify the accuracy of their credit reports by giving them the right to request a free copy of their credit report once a year from each of the three major credit reporting bureaus. 18. The Family Education Rights and Privacy Act gives students 18 years old and older the right to review their educational records. It also gives them the right to request changes to records containing errors. Students may prevent others from accessing these records without permission, except under certain circumstances. If a student is less than 18 years old, these rights are held by the student’s parents or guardians. 19. The Video Privacy Protection Act enhances privacy by making it illegal for videotape service providers to disclose rental records without the consent of the customer. The law also requires stores to destroy information about who rented what within a year of when the information is no longer needed for the purposes of the original transaction. 20. The Employee Polygraph Protection Act helps jobs applicants and company employees maintain their privacy by making it illegal for companies to require polygraph tests as a condition of employment (except for a few types of job). The EPPA also makes it illegal for companies to give polygraph tests to current employees, with a few exceptions. The most significant loophole of the Employee Polygraph Protection Act is that it does not apply to federal, state, or local government agencies. 21. The major provisions of the Financial Services Modernization Act are: allowing banks to offer insurance and brokerage services, requiring financial institutions to disclose their privacy policies to their customers at least once a year, and requiring financial institutions to take measures to prevent the unauthorized access of customers’ confidential information. 22. The purpose of the Children’s Online Privacy Protection Act is to reduce the amount of public information gathered from children using the Internet. 23. The Health Insurance Portability and Accountability Act limits how doctors, hospitals, pharmacies, and insurance companies can use medical information collected from patients. The regulations forbid health care providers from releasing information to life insurance companies, banks, or other businesses without specific signed authorization from the person being treated. Health care providers must provide their patients with a notice describing how they use the information they gather. Patients have the right to see their medical records and request corrections to errors they find in those records.

24. DuringWorld War I, the Census Bureau provided the names and addresses of young men to the military, which was searching for draft resistors. After the attack on Pearl Harbor, the Census Bureau provided the Justice Department with information about the general location of Japanese-Americans. The Army used this information to round up Japanese-Americans and send them to internment camps. 25. Consumer groups complained about H&R Block’s Web-based Free File tax filing service because H&R Block used this service to do cross-marketing of a mortgage refinancing service. 26. The National Crime Information Center helped the FBI identify James Earl Ray as the assassin of Dr. Martin Luther King, Jr. The NCIC helped the FBI capture Timothy McVeigh, who was later convicted of the bombing of the Federal Building in Oklahoma City. 27. The purpose of the One DOJ database is to give state and local police officers access to information generated by five federal law enforcement agencies. Since the database contains incident reports, interrogation summaries, and other such information, there is information about people who have never been arrested or charged with a crime. Critics say local police should not have access to this kind of information, which may include unsubstantiated and erroneous reports that will never be corrected or removed. 28. The Privacy Act is criticized because it applies only to government databases, only covers records indexed by a personal identifier, does not assign any federal agency the responsibility of enforcing its provisions, and allows federal agencies to share records. 29. The Fourth Amendment to the U.S. Constitution people from unreasonable searches and seizures of their property by law enforcement authorities. 30. In Charles Katz v. United States, the U.S. Supreme Court affirmed that citizens should be protected from all electronic surveillance conducted without warrants, including bugs. 31. The Patriot Act expands the kinds of information that law enforcement officials can gather with pen registers and tap-and-trace devices. It allows the use of pen registers on the Internet to track email addresses and URLs. It allows warrants to be issued without probable cause. It gives judges nationwide jurisdiction to issue warrants. It expands the number of circumstances under which roving surveillance can take place. It allows searches to be conducted without serving a search warrant in certain circumstances. It makes it easier for the FBI to collect business, medical, educational, library, and church/mosque/synagogue records. 32. Secondary use refers to when information collected for one purpose is put to another purpose. 33. Collaborative filtering is a way of helping an individual wade through a large amount of choices and focus in on the best ones. It uses information about the preferences of a large number of people to predict those items an individual is more likely to like. On-line retailers and DVD-rental sites uses collaborative filtering to make recommendations. 34. The IRS uses data mining to determine whom it should audit. New York City’s Syndromic Surveillance System looks for epidemics, environmental problems, or bioterrorism. The Terrorist Information Awareness project is a third example of data mining by the U.S. government. 35. The Platform for Privacy Preferences is designed to help Internet users control the use of their personal information by the sites they visit. Web browsers can use P3P to compare a user’s preferences with a site’s privacy policy, steering users away from sites that are not compatible. However, the standard is voluntary, and P3P cannot monitor whether a site is actually abiding by its stated policy. 20 CHAPTER 5. PRIVACY 36. The most common form of identity theft in the United States is credit card fraud. 37. Yes, a private company can legally ask for your Social Security number. 38. Social Security numbers are not unique. They are rarely checked, so criminals can get away with supplying fake SSNs. They have no error-detecting capability, so SSNs are prone to data-entry errors. 39. This answer assumes that the implementation of the REAL ID Act will result in a de facto national identification card. Here are a few benefits touted by proponents of a national ID card. A national ID card would be harder to forge than a Social Security card. A national ID card would make it harder to people to enter the United States illegally. A national ID card would make it harder for illegal aliens to work in the United States. A national ID card would reduce crime. Here are a few harms suggested by opponents of a national ID card. Even hard-to-forge ID cards cannot prevent fakes from being made. There is no evidence that a national ID card would reduce crime. A national ID card would make governmental data mining easier. A national ID card would give agencies easier access to old files, even those containing incorrect or obsolete information. 40. In a traditional, symmetric encryption scheme the same key is used both to encode and decode the message. Since the sender must send the key to the receiver somehow, that introduces a security risk. In a public-key encryption scheme different keys are used to encode a decode the message. This eliminates the security risk of having to pass keys. 41. The U.S. government tried to stop the distribution of the Pretty Good Privacy (PGP) program because the widespread use of this program would make it more difficult to U.S. intelligence agencies to read messages. 42. The Justice Department advocated adoption of the Clipper chip, because the government had the Clipper’s mathematical decryption key. With the key in hand, the government knew it could listen in on conversations encrypted with the Clipper chip. 43. Criminals can steal information at ATMs by looking over someone’s shoulder to learn their PIN number, by installing a skimmer to capture the information stored on the access card, or by collecting receipts that customers have left behind. 44. Digital cash is anonymous electronic money. It differs from an ordinary credit card in that when you use it to purchase an item, a computer cannot link you with the purchase. It differs from ordinary cash in that it is stored electronically, rather than in physical form. 45. A blind signature protocol is a way for a bank to endorse the validity of digital cash without leaving an electronic “mark” that would enable the bank to determine the identity of someone making a purchase. Blind signatures are needed to preserve the anonymity of digital cash. 46. These pieces of legislation increased personal privacy rights: the Privacy Act of 1974, the Fair Credit Reporting Act, the Fair and Accurate Credit Transactions Act, the Family Educational Rights and Privacy Act, the Video Privacy Protection Act, the Employee Polygraph Protection Act, the Financial Services Modernization Act, the Children’s Online Privacy Protection Act, and the Health Insurance Portability and Accountability Act. These pieces of legislation gave the government greater surveillance powers: Title III of the Omnibus Crime Control and Safe Streets Act of 1968, the Electronic Communications Privacy Act, the Communications Assistance for Law Enforcement Act, and the USA PATRIOT Act.