UNIT 6 – Privacy

TABLE OF CONTENTS

CONTENT .......................................................................................................................... 2
1. PRIVACY LEGISLATION ............................................................................................ 2
1.1 THE HUMAN RIGHTS ACT ........................................................................................... 2
1.2 AMENDMENTS TO THE CONSTITUTION OF THE U NITED STATES ..................................... 2
1.3 DATA PROTECTION ACT, 1998.................................................................................... 2
1.4 FURTHER NOTES ON THE DATA PROTECTION ACT ........................................................ 4
1.5 PROVISION OF ADEQUATE PROTECTION FOR PERSONAL DATA TRANSFERRED FROM THE
EUROPEAN UNION ............................................................................................................ 6
1.6 THE FREEDOM OF INFORMATION ACT .......................................................................... 7
2. PROFESSIONAL DUTY TO ENSURE PRIVACY RIGHTS....................................... 8
2.1 THE BRITISH COMPUTER SOCIETY CODE OF PRACTICE ................................................. 8
2.2 THE ACM CODE OF ETHICS AND PROFESSIONAL CONDUCT ......................................... 8
3. PROTECT YOUR ONLINE PRIVACY ........................................................................ 9
4. SURVEILLANCE IN THE WORKPLACE ................................................................ 14
4.1 DEFENCE FOR COMPUTER MONITORING IN THE WORKPLACE ..................................... 14
4.2 ARGUMENTS AGAINST C OMPUTER MONITORING IN THE WORKPLACE ......................... 14
5. CIVIL LIBERTIES VERSUS THE DUTIES OF THE STATE .................................. 15
5.1 GEORGE ORWELL: A V ISION OF THE FUTURE ............................................................ 15
5.2 DUTIES OF THE STATE: THE US NATIONAL SECURITY AGENCY (NSA)....................... 15
5.3 CIVIL LIBERTIES: THE ELECTRONIC FRONTIER FOUNDATION (EFF)............................ 16
5.4 THE ISSUES INVOKED IN THE DEBATE ........................................................................ 17
5.5 CONFUCIUS AND THE AVOIDANCE OF DICTATORSHIP ................................................. 17
6. ENCRYPTION ............................................................................................................. 18
7. CLIPPER CHIP............................................................................................................ 19
8. SUMMARY................................................................................................................... 20

BIS2061 1 Unit 6
Content

1. Privacy Legislation

1.1 The Human Rights Act

Article 8: Right to privacy

(1) Everyone has the right for his private and family life, his home and his
correspondence
(2) There shall be no interference by a public authority with the exercise of
this right except such as is in accordance with the law and is necessary in a
democratic society in the interests of national security, public safety or the
economic well-being of the country, for the prevention of disorder or
crime, for the protection of health or morals, or for the protection of the
rights and freedoms of others

1.2 Amendments to the Constitution of the United States

Amendment IV (1791)

The right of the people to be secure in their persons, houses, papers, and effects,
against unreasonable searches and seizures, shall not be violated, and no warrants
shall issue, but upon probable cause, supported by oath or affirmation, and
particularly describing the place to be searched, and the persons or things to be seized.

1.3 Data Protection Act, 1998

The present UK Data Protection Act became law in 1998 and superseded the original
Act of 1984. The intention is to control the misuse of personal data. The Data
Protection Commissioner who is appointed by and answerable to Parliament
administers the Act.

It has been described as a sledgehammer to miss a nut in that only 45% of

organisations have actually registered. There is very little case law. However it has
served to raise public awareness of abuse in the public and private sectors. This
subject raises some important social and ethical issues.

The Act is based on Eight Principles:

FIRST PRINCIPLE

Personal data shall be processed fairly and lawfully and, in particular, shall not be
processed unless: at least one of the conditions in Schedule 2 (see below) is met, and
in the case of sensitive personal data, at least one of the conditions in Schedule 3 (see
below) is also met.

BIS2061 2 Unit 6
SECOND PRINCIPLE

Personal data shall be obtained only for one or more specified and lawful purposes,
and shall not be further processed in any manner incompatible with that purpose or
those purposes.

THIRD PRINCIPLE

Personal data shall be adequate, relevant and not excessive in relation to the purpose
or purposes for which they are processed.

FOURTH PRINCIPLE

Personal data shall be accurate and, where necessary, kept up to date.

FIFTH PRINCIPLE

Personal data processed for any purpose or purposes shall not be kept for longer than
is necessary for that purpose or those purposes.

SIXTH PRINCIPLE

Personal data shall be processed in accordance with the rights of data subjects under
this Act.

SEVENTH PRINCIPLE

Appropriate technical and organisational measures shall be taken against unauthorised

or unlawful processing of personal data and against accidental loss or destruction of,
or damage to, personal data.

EIGHTH PRINCIPLE

Personal data shall not be transferred to a country or territory outside the European
Economic Area, unless that country or territory ensures an adequate level of
protection for the rights and freedoms of data subjects in relation to the processing of
personal data.

SCHEDULE 2

At least one of the following conditions must be met in the case of all processing of
personal data (except where a relevant exemption applies):

§ The data subject has given their consent to the processing

§ The processing is necessary:

1. For the performance of a contract to which the data subject is a party, or
2. For the taking of steps at the request of the data subject with a view to entering
into a contract

BIS2061 3 Unit 6
§ The processing is necessary to comply with any legal obligation to which the data
controller is subject, other than an obligation imposed by contract

§ The processing is necessary in order to protect the vital interests of the data
subject

§ The processing is necessary:

For the administration of justice,

For the exercise of any functions conferred by or under any enactment,
For the exercise of any functions of the crown, a minister of the crown or a
government department, or
For the exercise of any other functions of a public nature exercised in the public
interest

§ The processing is necessary for the purposes of legitimate interests pursued by the
data controller or by the third party or parties to whom the data are disclosed.
However, there is the exception where the processing is unwarranted in any
particular case because of prejudice to the rights and freedoms or legitimate
interests of the data subject. The Secretary of State may by order specify particular
circumstances in which this condition is, or is not, to be taken to be satisfied.

SCHEDULE 3

The Act introduces categories of sensitive personal data, namely, personal data
consisting of information as to:

§ The racial or ethnic origin of the data subject,

§ Their political opinions,
§ Their religious beliefs or other beliefs of a similar nature,
§ Whether they are a member of a trade union,
§ Their physical or mental health or condition,
§ Their sexual life,
§ The commission or alleged commission by them of any offence, or
§ Any proceedings for any offence committed or alleged to have been committed by
them, the disposal of such proceedings or the sentence of any court in such
proceedings.

1.4 Further Notes on the Data Protection Act

The Meaning of Data within the Act

Information relating to a living individual, known as the data subject, which is

processed by a person or organisation, known as the data user, using equipment
operating automatically in response to instructions. Usually, but not necessarily a
computer. Manual data, hitherto exempt, which is structured either by reference to
individuals or a criteria relating to individuals in such a way that it is readily
accessible (as opposed to an exhaustive search) will come within the Act from the
year 2007.

BIS2061 4 Unit 6
Notification (previously Registration)

The Act requires that all data users are legally bound to notify (register) relevant
automated systems giving such information as: name and address of data user and for
access requests, source and description of data held or to be held, intended or possible
recipients, overseas locations and bureau services. A small fee is payable (currently
£75).
Areas to be notified include personal data on payroll, pensions, personnel files,
attendance records, absence, performance, customers, suppliers, accounting and credit
control, maintenance and service, training, medical, mailing lists, membership
records, data derived from an outside source and telephone monitoring systems.

Exemptions from Notification

Exceptions from notification include text only preparation; national security;

personal; household and family matters.

Restrictions of Access

Exceptions from access by data subject include: criminal, tax and immigration
control; legal and professional privilege; statistical research provided printouts do not
identify persons by name; physical, mental and social work data, employment by or
under the Crown, confidential references, management forecasting and planning and
intentions in negotiations with the data subject.

Sensitive data

There are restrictions on the holding of sensitive data. These include: racial or ethnic
origin, political opinions, religious and similar beliefs, trade union membership,
physical and mental health, sexual orientation and life, commission of and
proceedings for an offence. It is important to be familiar with any new secondary
legislation.
Breaches of the law by companies may lead to liability of the ‘body corporate’.
However an individual director may become liable if he/she is personally party to any
offence under the Act.

Rights of the Data Subject:

§ The right of information about the processing of their personal data (for example:
the individual has the right to be informed either at the time the data is first
processed or when that data is first disclosed to a third party)
§ The right of access to their personal data
§ The right to prevent processing likely to cause damage or distress
§ The right to prevent processing for the purposes of direct marketing (note ‘opt in‘
and ‘opt out’principles)
§ The right to prevent decision making solely by automatic means (e.g.: automated
CV sifting for job applicants and loan assessment)
§ The right of compensation for damage or distress arising from failure to comply
with the Act
§ The right of rectification, blocking, erasure or destruction of personal data where
it is inaccurate or which contains an opinion which appears to be based on
inaccurate data

BIS2061 5 Unit 6
However, the data subject data may not restrict the use of his personal details for
journalistic, literary and artistic purposes where it is deemed to be ‘in the public
interest’.

A written request must be made by the Data Subject to the Data Controller clearly
specifying the requirement. The latter must respond within 40 days but may be
charged a nominal fee of £10 for all data not, as previously, each single entry. The
Data Subject may request that any incorrect data is corrected or erased to comply with
the eight principles. Failure can lead to a case before a tribunal or by court order.
Compensation will be given based on provable damages in the event of a breach of
any one of the eight principles. For any proceedings it will be a defence to prove that
'reasonable care' has been taken.

The debate will continue to consider a reduction in bureaucracy and damage claims
being addressed through the Small Claims Court rather than their office. In addition,
the removal of the small fee payable by individuals to see data held by data users; and
further discussion on how to address the impact of data on the Internet.

1.5 Provision of Adequate Protection for Personal Data Transferred from

the European Union

EU Adopts Decision on US Safe Harbour Scheme

The European Commission has adopted a 'Decision' approving the US safe harbour
arrangement. The scheme will involve organisations in the States committing
themselves to comply with a set of data protection principles backed up by guidance
provided through a number of frequently asked questions. Commitment to safe
harbours will provide an adequate level of protection for transfers of personal data to
the US from EU Member States. This will of course provide a basis for compliance
with the 8th Principle of the Data Protection Act in the UK in relation to transfers to
US organisations that have signed up to the scheme. It is expected that the US
Department of Commerce will have safe harbours up and running by November.

EU Approved List

The European Commission is considering the data protection laws of a number of

non-EU countries to ascertain whether those states provide adequate protection for
personal data transferred from the EU. Countries that are considered to do so will be
subject to a Community Finding allowing EU data controllers to transfer personal data
to those states without further consideration of the adequacy of the protection
provided for the data transferred. Hence, UK data controllers will be able to transfer
personal data to any country subject to a Community Finding and comply with the 8th
Principle on that basis. The Commission has adopted a Decision to the effect that
Switzerland and Hungary provide adequate protection for personal data transferred to
those countries from the EU. Over time a number of other countries will appear on the
Commission approved list. The Commission has stated that they will shortly start the
process of determining whether Canada's new privacy law provides adequate
protection.

BIS2061 6 Unit 6
1.6 The Freedom of Information Act

The Freedom of Information Act provides for freedom to every citizen to secure
access to information under the control of public authorities, consistent with public
interest in order to promote openness, transparency and accountability in
administration. Subject to a number of provisions in the Act, all citizens shall have
freedom of information. Information means any material relating to the affairs,
administration or decisions of a public authority.

The Act assigns obligations to every public authority. The duties include:

(a) Maintain all its records, in such a manner and form as is consistent with its
operational requirements duly catalogued and indexed;
(b) Publish at such intervals as may be prescribed by the appropriate Government or
competent authority:
§ The particulars of its organisation, functions and duties;
§ The powers and duties of its officers and employees and the procedure
followed by them in the decision making process;
§ The norms set by the public authority for the discharge of its functions;
§ Rules, regulations, instructions, manuals and other categories of records under
its control used by its employees for discharging its functions;
§ The details of facilities available to citizens for obtaining information; and
§ The name, designation and other particulars of the Public Information Officer
(c) Publish all relevant facts concerning important decisions and policies that affect
the public while announcing such decisions and polices;
(d) Give reasons for its decisions, whether administrative or quasi judicial to those
affected by such decisions;
(e) Before initiating any project publish or communicate to the public generally or to
the persons affected or likely to be affected by the project in particular, the facts
available to it or to which it has reasonable access which in its opinion should be
known to them in the best interests of maintenance of democratic principles.

The provisions of the Freedom of Information Act state that the following information
shall be exempted from disclosure, namely:

(1) Information, the disclosure of which would prejudicially affect the sovereignty
and integrity of the country, security of the state, strategic scientific or economic
interest of the state or conduct of international relations
(2) Information, the disclosure of which would prejudicially affect public safety and
order, detection and investigation of an offence or which may lead to an
incitement to commit an offence or prejudicially affect fair trial or adjudication of
a pending case
(3) Information, the disclosure of which would prejudicially affect the conduct of
Centre-State relations, including information exchanged in confidence between
the Central and State Governments or any of their authorities or agencies
(4) Cabinet papers including records of the deliberations of the Council of Ministers,
Secretaries and other officers
(5) Minutes or records of advice including legal advice, opinions or recommendations
made by an officer of a public authority during the decision making process prior
to the executive decision or policy formulation

BIS2061 7 Unit 6
(6) Trade or commercial secrets protected by law or information, the disclosure of
which would prejudicially affect the legitimate economic and commercial
interests or the competitive position of a public authority; or would cause unfair
gain or loss to any person
(7) Information, the disclosure of which may result in the breach of privileges of
Parliament or the Legislature of a State, contravention of a lawful order of a court.

Interestingly, the Act has an overriding effect. The Official Secrets Act and every
other Act in force ceases to be operative to the extent to which they are inconsistent
with the provisions of the Freedom of Information Act. In addition, nothing contained
in this Act applies to the intelligence and security organisations. A request for
information may also be rejected if it relates to information which would cause
unwarranted invasion of the privacy of any person.

Now do Review Questions 1 -3

2. Professional Duty to Ensure Privacy Rights

2.1 The British Computer Society Code of Practice

The British Computer Society sets the professional standards of competence, conduct
and ethical practice for computing in the United Kingdom. This Code of Practice
consists, essentially, of a series of statements, which prescribe minimum standards of
practice, to be observed by all computing professionals.

As a computing professional you must take all reasonable measures to protect

confidential information from inadvertent or deliberate improper access or use.

As a computing professional you must ensure that competent people are assigned to
be responsible for the accuracy and integrity of the data in the data file and each part
of an organisation's database.

2.2 The ACM Code of Ethics and Professional Conduct

As a computing professional you have a general moral imperative to respect the

privacy of the others, cite general moral imperative 1.7:

1.7 Respect the privacy of others

Computing and communication technology enables the collection and exchange of

personal information on a scale unprecedented in the history of civilisation. Thus
there is increased potential for violating the privacy of individuals and groups. It is the
responsibility of professionals to maintain the privacy and integrity of data describing
individuals. This includes taking precautions to ensure the accuracy of data, as well as
protecting it from unauthorised access or accidental disclosure to inappropriate

BIS2061 8 Unit 6
individuals. Furthermore, procedures must be established to allow individuals to
review their records and correct inaccuracies.

This imperative implies that only the necessary amount of personal information be
collected in a system, that retention and disposal periods for that information be
clearly defined and enforced, and that personal information gathered for a specific
purpose not be used for other purposes without consent of the individual(s). These
principles apply to electronic communications, including electronic mail, and prohibit
procedures that capture or monitor electronic user data, including messages, without
the permission of users or bona fide authorisation related to system operation and
maintenance. User data observed during the normal duties of system operation and
maintenance must be treated with strictest confidentiality, except in cases where it is
evidence for the violation of law, organisational regulations, or this Code. In these
cases, the nature or contents of that information must be disclosed only to proper
authorities.

3. Protect Your Online Privacy

> is an organisation www.eff.orgThe Electronic Frontier Foundation (EFF) <link to:
that protects rights and promotes freedom in the electronic frontier, including an
individuals basic right to privacy. They advocate the following twelve ways to protect
your online privacy.

Do not reveal personal information inadvertently

You may be "shedding" personal details, including e-mail addresses and other contact
information, without even knowing it unless you properly configure your Web
browser. In your browser's "Setup", "Options" or "Preferences" menus, you may wish
to use a pseudonym instead of your real name, and not enter an e-mail address, nor
provide other personally identifiable information that you don't wish to share. When
visiting a site you trust you can choose to give them your info, in forms on their site;
there is no need for your browser to potentially make this information available to all
comers. Also be on the lookout for system wide "Internet defaults" programs on your
computer (some examples include Window's Internet Control Panel, and MacOS's
Configuration Manager, and the third party Mac utility named Internet Config). While
they are useful for various things, like keeping multiple Web browser and other
Internet tools consistent in how the treat downloaded files and such, they should
probably also be anonymised just like your browser itself, if they contain any fields
for personal information. Households with children may have an additional security
problem - have you set clear rules for your children, so that they know not to reveal
personal information unless you OK it on a site-by-site basis?

Turn on cookie notices in your Web browser, and/or use cookie management
software
Cookies are titbits of information that Web sites store on your computer, temporarily
or more-or-less permanently. In many cases cookies are useful and innocuous. They
may be passwords and user IDs, so that you do not have to keep retyping them every
time you load a new page at the site that issued the cookie. Other cookies however,
can be used for "data mining" purposes, to track your motions through a Web site, the
time you spend there, what links you click on and other details that the company

BIS2061 9 Unit 6
wants to record, usually for marketing purposes. Most cookies can only be read by the
party that created them. However, some companies that manage online banner
advertising are, in essence, cookie sharing rings. They can track which pages you
load, which ads you click on, etc., and share this information with all of their client
Web sites (who may number in the hundreds, even thousands.) It is unknown whether
all of these cookie rings (some examples of which are Double Click and Link
Exchange) do in fact share user data, but they certainly can do so potentially.

Browsers are starting to allow user control over cookies. Netscape, for example,
allows you to see a notice when a site tries to write a cookie file to your hard drive,
and gives you some information about it, allowing you to decide whether or not to
accept it. (Be on the lookout for cookies the function of which is not apparent, which
go to other sites than the one you are trying to load, or which are not temporary). It
also allows you to automatically block all cookies that are being sent to third parties
(or to block all cookies, entirely, but this will make some sites inoperable). Internet
Explorer has a cookie management interface in addition to Netscape like features,
allowing you to selectively enable or disable cookies on a site by site basis, even to
allow cookies for a site generally, but delete a specific cookie you are suspicious
about. With Internet Explorer you can also turn on cookies for a site temporarily then
disable them when you no longer need them. For example, at an online bookstore that
requires cookies to process an order, but whom you don't want to track what books
you are looking at, what links you are following, etc., the rest of the time. Turning on
cookie warnings will cause alert boxes to pop up, but after some practice you may
learn to hit "Decline" so fast that you hardly notice them any more. The idea is to only
enable cookies on sites that require them AND whom you trust.

You can also use cookie management software and services. One example is the
>. It runs on www.junkbusters.com/ht/en/ijb.htmlInternet Junkbuster Proxy <link to:
Win 95/98/NT and Unix (no Mac version), and can selectively block cookies for you
> does http://www.intermute.com/(and banner ads, to boot). InterMute <link to:
likewise (and more - blocks popup windows, etc.; only runs under Windows). A Java
> is also available. While http://muffin.doit.org/based solution called Muffin <link to:
it will run on Mac, Win and Unix systems, it is definitely for "power users", as it is
complicated to set up and operate effectively. There are also numerous "cookie eater"
applications, some which run on a schedule or in the background, that delete cookie
files for you. As with turning off cookies entirely, you may have trouble accessing
sites that require certain cookies (though in most cases the worst that will happen is
that you'll have to re-enter a login ID and password you thought were saved.) "Eating"
the cookies periodically still permits sites to track what you're doing for a short time
(i.e., the time between successive deletion of your cookie file), but thwarts attempts to
discern and record your actions over time.

The best solution doesn't exist yet: Full cookie management abilities built into the
browsers themselves. Only increased user pressure on Microsoft, Netscape and other
browser makers can make this happen. Users should ultimately be able to reject
cookies on a whole domain basis, and reject all cookies that are not essential for the
transaction at hand. In addition, be able to receive notice of exactly what a cookie is
intended for, and be able to set default behaviours and permissions rather than have to
interact with cookies on a page-by-page basis. This just isn't possible yet.

BIS2061 10 Unit 6
Keep a "clean" e-mail address
When mailing to unknown parties; posting to newsgroups, mailing lists, chat rooms
and other public spaces on the Net; or publishing a Web page that mentions your e-
mail address, it is best to do this from a "side" account some pseudonymous or simply
alternate address, and to use your main or preferred address only on small, members
only lists and with known, trusted individuals. Addresses that are posted (even as part
of message headers) in public spaces can be easily discovered by spammers (online
junk mailers) and added to their list of targets. If your public "throw away" address
gets spammed enough to become annoying, you can simply kill it off, and start a new
one. Your friends, boss, etc., will still know your "real" address. You can use a free
(advertising supported) e-mail service provider like Yahoo Mail or Hotmail for such
"side" accounts. It is best to use a "real" Internet service provider for your main
account, and to examine their privacy policies and terms of service, as some "free
mail" services may have poor privacy track records. You may find it works best to use
an e-mail package that allows multiple user IDs and addresses (i.e. "personalities",
"aliases") so that you do not have to switch between multiple programs to manage and
use more than one e-mail address.

Don't reveal personal details to strangers or just met "friends"

The speed of the Internet is often reflected in rapid online acquaintanceships and
friendships. But it is important to realise that you don't really know who these people
are or what they are like in real life. A thousand miles away, you don't have friends of
friends or other references about this person. Be also wary of face-to-face meetings. If
you and your new e-friend wish to meet in person, do it in a public place. Bringing a
friend along can also be a good idea. One needn't be paranoid, but one should not be
an easy mark, either. Some personal information you might wish to withhold until you
know someone much better would include your full name, place of employment,
phone number, and street address (among more obvious things like credit card
numbers, etc.) Needless to say, such information should not be put on personal home
pages. (If you have a work home page, it may well have work contact information on
it, but you needn't reveal this page to everyone you meet in a chat room.) For this an
(sic) other reasons, many people maintain two personal home pages, a work related
one, and an "off duty" version.

Realise you may be monitored at work, avoid sending highly personal e-mail to
mailing lists, and keep sensitive files on your home computer
In most states, employees have little if any privacy protection from monitoring by
employers. When discussing sensitive matters in e-mail or other online media, be
certain who you are talking you. If you replied to a mailing list post, check the
headers - is your reply going to the person you think it is, or to the whole list? Also be
aware that an increasing number of employers are monitoring and recording employee
Web usage, as well as email. This could compromise home banking passwords and
other sensitive information. Keep private data and private Net usage private, at home.

Beware sites that offer some sort of reward or prize in exchange for your contact
or other information
There's a high probability that they are gathering this information for direct marketing
purposes. In many cases your name and address are worth much more to them
(because they can sell it to other marketers, who can do the same again - a snowball
effect) than what you are (supposedly) getting from them. Be especially wary of

BIS2061 11 Unit 6
sweepstakes and contests. You probably won't win, but the marketer sure will if you
give them your information.

Do not reply to spammers, for any reason

Spam, or unsolicited bulk e-mail, is something you are probably already familiar with
(and tired of). If you get a spammed advertisement, certainly don't take the sender up
on whatever offer they are making, but also don't bother replying with "REMOVE" in
the subject line, or whatever (probably bogus) unsubscribe instructions you've been
given). This simply confirms that your address is being read by a real person, and
you'll find yourself on dozens more spammer's lists in no time. If you open the
message, watch your outgoing mail queue to make sure that a "return receipt"
message was not generated, to be sent back to the spammer automatically. (It is best
to queue your mail and send manually, rather than send immediately, so that you can
see what's about to go out before it's actually sent.) If you have a good Internet service
provider, you may be able to forward copies of spam e-mail to the system
administrators. They can route a complaint to the ISP of the spammer (or if you know
a lot about mail headers and DNS tools, you can probably contact these ISPs yourself
to complain about the spammer.)

Be conscious of Web security

Never submit a credit card number or other highly sensitive personal information
without first making sure your connection is secure (encrypted). In Netscape, look for
an closed lock (Windows) or unbroken key (Mac) icon at the bottom of the browser
window. In Internet Explorer, look for a closed lock icon at the bottom (Windows) or
near the top (Mac) of the browser window. In any browser, look at the URL (Web
address) line - a secure connection will begin "https://" instead of "http://". If you are
at page (sic) that asks for such information but shows "http://" try adding the "s"
yourself and hitting enter to reload the page (for Netscape or Internet Explorer; use
whatever method is required by your browser to reload the page at the new URL). If
you get an error message that the page or site does not exist, this probably means that
the company is so clue less - and careless with your information and your money -
that they don't even have Web security. Take your business elsewhere.

Be conscious of home computer security

On the other side of the coin, your own computer may be a trouble spot for Internet
security. If you have a DSL line or other connection to the Internet that is up and
running 24 hours, unlike a modem and phone line connection, be sure to turn your
computer off when you are not using it. Most home PCs have pitifully poor security
compared to the Unix workstations that power most commercial Web sites. System
crackers search for vulnerable, unattended DSL connected home computers, and can
invade them with surprising ease, searching through files looking for credit card
numbers or other sensitive data. They can even take over the computer and quietly
using it for their own purposes, such as launching attacks on other computers
elsewhere - attacks you could initially be blamed for.

Examine privacy policies and seals

When you are considering whether or not to do business with a Web site, there are
other factors than a secure connection you have to consider that are equally important
to Web security. Does the site provide off-line contact information, including a postal
address? Does the site have a prominently posted privacy policy? If so, what does it
say? (Just because they call it a "privacy policy" doesn't mean it will protect you -

BIS2061 12 Unit 6
read it for yourself. Many are little more than disclaimers saying that you have no
privacy! So read them carefully.) If the policy sounds OK to you, do you have a
reason to believe it? Have you ever heard of this company? What is their reputation?
And are they backing up their privacy statement with a seal program such as TRUSTe
>? http://www.bbbonline.org> or BBBonline <link to: http://www.truste.org<link to:
(Such programs hold Web sites to some baseline standards, and may revoke seal
licenses, with much fanfare, of bad acting companies that do not keep their word.) If
you see a seal, is it real? Check with the seal-issuing site to make sure that the seal
isn't a fake. And examine terms carefully, especially if you are subscribing to a
service rather than buying a product. Look out for auto rebilling scams and hidden
fees.

Remember that YOU decide what information about yourself to reveal, when,
why, and to whom
Don't give out personally identifiable information too easily. Just as you might think
twice about giving some clerk at the mall your home address and phone number, keep
in mind that simply because a site asks for or demands personal information from you
does not mean you have to give it. You do have to give accurate billing information if
you are buying something, of course, but if you are registering with a free site that is a
little too nosy for you, there is no law against providing them with pseudonymous
information. (However, it would probably be polite to use obviously fake addresses,
such as "123 No Such Street, Nowhere, DC 01010". If they are generating mailings
based on this information presumably in accordance with the terms of their privacy
policy - they can probably weed such addresses out and not waste the postage on
them.)

Use encryption
Last but certainly not least, there are other privacy threats besides abusive marketers,
nosy bosses, spammers and scammers. Some of the threats include industrial
espionage, government surveillance, identity theft, disgruntled former associates, and
system crackers. Relatively easy to use e-mail and file encryption software is
>, http://www.pgpi.orgavailable for free, such as Pretty Good Privacy (PGP) <link to:
which runs on almost all computers and even integrates seamlessly with most major
e-mail software. Good encryption uses very robust secret codes, which are difficult if
not impossible to crack, to protect your data. You can also use specialised services
http://www.anonymizer.com(some free, some pay), such as the Anonymizer <link to:
>, which can completely disguise to Web sites where you are coming from and who
you are (and block all cookies). Some ISPs are beginning to offer secure, encrypted
dial up accounts and other security features. Hopefully some day soon, good
encryption and computer security will simply be included in all such services, but for
now you have to actively seek out good service providers.

Now do Review Question 4

Activity 1 – The Electronic Frontier Foundation (EFF) Philosophy

BIS2061 13 Unit 6
4. Surveillance in the Workplace
Consider the following case presented in (Forestor and Morrison, 1990):

At Pacific South West Airlines offices in San Diego and Reno, the main computer
records exactly how long each of their 400 reservation clerks spends on every call and
how much time passes before they pick up the next one. Workers earn negative points
for such infractions as repeatedly spending more than the average 109 seconds
handling a call and taking more than 12 minutes in bathroom trips beyond the total
one hour allocation they have for lunch and coffee breaks. If employees accrue more
than 37 points in any single year, they can lose their jobs.

4.1 Defence for Computer Monitoring in the Workplace

As part of this general defence, supporters of computer monitoring argue:

‘That it is also used to provide incentives for employees and effectively rewards
individuals for true merit and reward. They also point out that what is being measured
is factual and hard, and that workers tend to favour such systems, they have seen too
many cases of the wrong people being promoted for the wrong reasons. With the facts
that the computer gathers, diligent workers can legitimately argue a case for better pay
and conditions and this case does not rely upon personal opinions and personalities.
Furthermore, these systems can help eliminate rampant waste, for example,
employees calling long distance for private uses, a team carrying the load for an
unproductive team member, identifying the theft of materials by matching the stock
used with the amount processed by line workers (and discovering discrepancies).
Finally, monitoring on a computer network can assist in troubleshooting and fine
tuning of a system, as well as streamlining job design and fairly apportioning
workloads.’

4.2 Arguments against Computer Monitoring in the Workplace

However, there is also the danger of turning workers into better paid battery hens,
denying them job satisfaction and eliminating the human element from their work.
For example, although reservation clerks may be given an incentive to process more
calls when they are being monitored, it may also eliminate any human spontaneity or
friendliness in their communication. There is question of balance between the rights
and expectations of employees versus the obligations and objectives of employers.

Forestor and Morrison (1990) state that clearly profits are important to the continued
functioning of capitalist societies and profit itself is dependent upon competitiveness.
However, just how far we are willing to proceed in the pursuit of competitiveness and
profitability is a matter of judgement.
For example:
‘The use of cheap child labour was once regarded as a sensible business strategy, but
now our ethical sense and labour protection laws prohibit this practice. It remains to
be seen in which direction our ethical intuitions will take us in determining the nature
of future employment, whether we can all be monitored in the interest of profit and
accountability, or whether we shall see a renewed interest in designing jobs for
people.’

BIS2061 14 Unit 6
In addition, we need to ask what kind of precedent computer based monitoring of
employees will set for other invasive practices. For example, similar arguments can be
marshalled for the compulsory drug testing of key personnel such as pilots, train
drivers, and power plant operators. If these people have the potential to kill thousands
by accident, then do we not have the right to ensure that they are in a fit state to work?
On the other hand, why not also monitor the alcohol purchases of convicted drunk
drivers? This highlights the most contentious aspect of any form of computer based
monitoring: it is not so much the harm it may currently be causing, but what it
represents.

Now do Review Question 5

5. Civil Liberties versus the Duties of the State

5.1 George Orwell: A Vision of the Future

British writer George Orwell's novel Nineteen Eighty-Four was published in 1949.
The novel describes a future in which every aspect of life is controlled by the
government. In his imaginary country every citizen must worship Big Brother, the
head of the ruling political party, and history is rewritten to fit in with the present. The
book's hero, Winston Smith, tries to resist but is arrested and tortured by the Thought
Police. Orwell attempted to warn of what might happen if a strong central government
was taken to its logical extreme.

5.2 Duties of the State: The US National Security Agency (NSA)

The National Security Agency co-ordinates, directs, and performs highly specialised
activities to protect U.S. information systems and produce foreign intelligence
information. A high technology organisation, NSA is on the frontiers of
communications and data processing. It is also one of the most important centres of
foreign language analysis and research within the Government.

Signals Intelligence (SIGINT) is a unique discipline with a long and storied past.
SIGINT's modern era dates to World War II, when the U.S. broke the Japanese
military code and learned of plans to invade Midway Island. This intelligence allowed
the U.S. to defeat Japan's superior fleet. The use of SIGINT is believed to have
directly contributed to shortening the war by at least one year. Today, SIGINT
continues to play an important role in maintaining the superpower status of the United
States.

As the world becomes more and more technology oriented, the Information Systems
Security (INFOSEC) mission becomes increasingly challenging. This mission
involves protecting all classified and sensitive information that is stored or sent
through U.S. Government equipment. INFOSEC professionals go to great lengths to

BIS2061 15 Unit 6
make certain those Government systems remain impenetrable. This support spans
from the highest levels of U.S. Government to the individual war fighter in the field.

The NSA Mission Statement:

The Information Assurance mission provides the solutions, products and services, and
conducts defensive information operations, to achieve information assurance for
information infrastructures critical to U.S. national security interests. The foreign
signals intelligence or SIGINT mission allows for an effective, unified organisation
and control of all the foreign signals collection and processing activities of the United
States. NSA is authorised to produce SIGINT in accordance with objectives,
requirements and priorities established by the Director of Central Intelligence with the
advice of the National Foreign Intelligence Board.

5.3 Civil Liberties: The Electronic Frontier Foundation (EFF)

The Electronic Frontier Foundation was founded in July of 1990 to ensure that the
principles embodied in the US Constitution and Bill of Rights (and the UN Universal
Declaration of Human Rights) are protected as new communications technologies
emerge.

EFF works to make sure that common carriage principles are upheld in the
information age. Common carriage principles require that network providers carry all
speech, regardless of its controversial content. EFF supports a new common carriage
system in which system operators are shielded from liability for the actions of users,
but without the regulatory burden presently associated with common carriage.

EFF also works to convince Congress that measures that support broader public
access to information should be enacted into law. EFF supports an Electronic
Freedom of Information Act and other legislation to make government information
more accessible to citizens.

EFF supports both legal and technical means to enhance privacy in communications.
We, therefore, advocate measures that ensure the public's right to use the most
effective encryption technologies available, and have testified before Congress as well
as conducted online campaigns and legal actions against the NSA / FBI Clipper Chip,
key recovery/escrow, digital wiretapping and other anti privacy initiatives.

EFF supports an Open Platform model of the global information infrastructure,

providing non-discriminatory access, based on open, private sector standards, and free
from burdensome regulations and monopolisation.

Finally, EFF works to craft policies that enable public and private information
providers to distribute and sell their information products over the Internet. We
encourage the government to provide support for schools, universities, and research
labs that buy Internet services on the open market. We work on policies that
encourage the government to stimulate the development of experimental, pre
competitive, network technologies and to fund the development of applications that
are of use to "low end" users, who are traditionally under served by advanced digital
media.

BIS2061 16 Unit 6
5.4 The Issues Invoked in the Debate

The NSA was not created in some political or social vacuum. It emerged as a response
to perceived threats and social circumstances that alarmed governments of the day.
For example, during the Kennedy administration, far-reaching efforts were initiated to
keep track of civil rights' activists such as:
§ Dr Martin Luther King
§ Members of Congress such as Abner Mikva
§ Members of civil liberties' organizations like the American Civil Liberties Union,
the American Friends Services Committee and the National Association for the
Advancement of Coloured Peoples (NAACP)

During the Johnson administration, concern about race riots, civil rights
demonstrations and anti-war protests prompted the president to order the army to
increase its surveillance activities. In 1990 it was reputed that the NSA had the
computing capability to intercept and analyse perhaps 70 percent of all telephone,
telex, data and radio transmissions generated on this planet.

The operations of the NSA and the work of the EFF illustrate the classic tug of war
between perceived role of the state in preserving law and order and its own national
security, versus the rights of individuals to fundamental democratic freedoms.

Forestor and Morrison (1990) argue that we must bear in mind that in many
circumstances the need for surveillance appears patently obvious and totally
warranted. They cite the following example:

'.... In the war against drugs and terrorism, the application of sophisticated technology
would appear to be an appropriate and much needed source of counter measures. In
accordance with this, the US Defence Advanced Research Projects Agency (DARPA)
is now involved in a multi million dollar program to apply artificial intelligence and
parallel processing techniques to the detection and elimination of drug related
criminal activities. These initiatives will involve tracking currency, cargo shipments
and telephone usage so those subtle and telling patterns are revealed to investigating
authorities. By tracing serial numbers of cash and monitoring the movements of
container shipments, DARPA also hopes that almost real time control and detection of
narcotics activities can be provided.’

Many social commentators argue that society is a finely balanced construction of the
rights and obligations of the individual versus the rights and obligations of the group.
The process of public debate, information released by the press, hackers and that
released by informants or ethically troubled members of such groups (whistle
blowers) can help to preserve a rough semblance of balance. In addition, legislation
such as the Data Protection Act and the Freedom of Information Act is assisting in
maintaining this balance.

5.5 Confucius and the Avoidance of Dictatorship

There is a remarkable parallel between Confucius and Plato, both of whom were
deeply immersed in philosophising about the ideal state in which justice would be
administered by a wise and virtuous ruler, and in which the concept of the common

BIS2061 17 Unit 6
good, benevolently supervised, would form the governing consideration. They
differed to this extent, that whereas Plato advocated the principle of guardianship
whereby a ruling class would be educated and fashioned to rule the state without fear
of contradiction in their just rule, Confucius considered the populous as an intelligent
and critical check against wrong tendencies in government.

Confucius' theory of government was at once paternal and democratic. The ruler is
father of his people, and his right to rule is the order of nature. He is moreover
responsible in detail for the welfare, both material and moral, of his people. On the
other hand, the highest source of wisdom is the people themselves - they know what is
good for them - vox populi, vox dei. His humblest subject is the ruler's equal, and
revolution against tyranny is a duty.

Thus it could be argued that legislation, for example the Freedom of Information Act,
presents the humblest subject the tool to carry out the duty to revolt against the
tyranny of a totalitarian state. The legislation truly embodies the true sense of
Confucianism, helping to avoid the creation of a more centralised and totalitarian
government.

Now do Review Question 6

6. Encryption
In an open network such as the Internet, message privacy, particularly for e-commerce
transactions, requires encryption and decryption.

PGP (Pretty Good Privacy)

PGP is a popular program used to encrypt and decrypt e-mail over the Internet. It can
also be used to send an encrypted digital signature that lets the receiver verify the
sender's identity and know that the message was not changed en route. Available both
as freeware and in a low-cost commercial version, PGP is the most widely used
privacy-ensuring program by individuals and is also used by many corporations.
Developed by Philip R. Zimmermann in 1991, PGP has become a de facto standard
for e-mail security. PGP can also be used to encrypt files being stored so that they are
unreadable by other users or intruders.

How It Works
PGP uses a variation of the public key system. In a public key system, each user has a
publicly known encryption key and a private key known only to that user. You
encrypt a message you send to someone else using their public key. When they
receive it, they decrypt it using their private key. Since encrypting an entire message
can be time-consuming, PGP uses a faster encryption algorithm to encrypt the
message and then uses the public key to encrypt the shorter key that was used to
encrypt the entire message. Both the encrypted message and the short key are sent to
the receiver who first uses the receiver's private key to decrypt the short key and then
uses that key to decrypt the message. (In other words this is a two stage-encrypton
process.)

BIS2061 18 Unit 6
PGP comes in two public key versions - RSA and Diffie-Hellman. The RSA version,
for which PGP must pay a license fee to RSA, uses the IDEA algorithm to generate a
short key for the entire message and RSA to encrypt the short key. The Diffie-
Hellman version uses the CAST algorithm for the short key to encrypt the message
and the Diffie-Hellman algorithm to encrypt the short key.

For sending digital signatures, PGP uses an efficient algorithm that generates a hash
code from the user's name and other signature information. This hash code is then
encrypted with the sender's private key. The receiver uses the sender's public key to
decrypt the hash code. If it matches the hash code sent as the digital signature for the
message, then the receiver is sure that the message has arrived securely from the
stated sender. PGP's RSA version uses the MD5 algorithm to generate the hash code.
PGP's Diffie-Hellman version uses the SHA-1 algorithm to generate the hash code.

To use PGP, you download or purchase it and install it on your computer system.
Typically, it contains a user interface that works with your customary e-mail program.
You also need to register the public key that your PGP program gives you with a PGP
public key server so that people you exchange messages with will be able to find your
public key. Network Associates maintains an LDAP / HTTP public key server that
has 300,000 registered public keys. This server is mirrored at other sites around the
world.

Where Can You Use PGP

Originally, the U.S. government restricted the exportation of PGP technology. Today,
however, PGP encrypted e-mail can be exchanged with users outside the U.S if you
have the correct versions of PGP at both ends. Unlike most other encryption products,
the international version is just as secure as the domestic version.

The freely available PGP cannot legally be used for commercial purposes - for that,
one must obtain the commercial version from Network Associates (formerly PGP,
Inc.). There are several versions of PGP in use. Add-ons can be purchased that allow
backward compatibility for newer RSA versions with older versions. However, the
Diffie-Hellman and RSA versions of PGP do not work with each other since they use
different algorithms. This term was originally written by Sabrina Dei Giudici from
Web Marketing, Perth, Western Australia.

7. Clipper Chip
The Clipper Chip was a cryptographic device being promoted by the U.S.
government. Its purported advantage is that it provides a standard for securing private
voice communication. With Clipper, however, the government had the opportunity to
obtain decryption keys that were held in escrow by two government agencies.
Although the Clipper proposal required legal authorisation to obtain these keys, the
history of illegal domestic surveillance by Federal agencies made the existence of this
"back-door" decryption channel a cause for concern. There was a legitimate claim
about the potential intrusiveness of the Clipper Chip. In its efforts to balance national
security needs and privacy, this technology put too much emphasis on national
security by creating a system in which the risks to privacy invasions were

BIS2061 19 Unit 6
unacceptable and unnecessarily high. As a result of this overwhelming criticism and
steady negative publicity, the original clipper chip proposal was soon defunct.

The Clipper Chip itself is a microprocessor with an encoded algorithm known as

Skipjack that was to be installed in every telephone. When two individuals using
phones equipped with these Clipper Chip encryption devices decide that they want to
secure their communications, they activate those devices to exchange a packet of
information called LEAF (Law Enforcement Access Field). The LEAF includes a
special session key, which allows the callers to encode and decode the contents of the
phone call. The LEAF also includes the chip's serial numbers. The Federal Bureau of
Investigation (FBI) would have a universal family key that would decode the serial
number but not the session key. When the FBI was granted a legal warrant to wiretap,
it could then extract from the LEAF the serial numbers of the clipper chips in use.

As part of this plan, the government would maintain in escrow the master key to each
Clipper Chip. The proposal was to have these unique numeric keys divided between
two government agencies that would effectively act as custodial agents. One agency
would hold one half of the key, and the other agency would hold the other half. Once
the FBI has the proper serial number, they can request the two portions of the unique
key from the respective government agencies holding them in escrow. Each agency
looks up the serial number provided by the FBI and provides its portion of the
corresponding key to that number. The FBI combines the two halves of the key,
enabling it to decode the session key in the LEAF along with the contents of the
encrypted call.

Activity 2 – Public Policy Proposals on Encryption

8. Summary
This unit has introduced some of the key concepts and legislation relating to the
privacy issue. You have seen what privacy is about and why it is important as a basic
human right. You have also been given an overview of the duty of the state and
reasons as to why the privacy issue is a tale of a finely balanced construction of the
rights and obligations of the individual versus the rights and obligations of the group.

BIS2061 20 Unit 6