Privacy And Data Protection Information Technology Essay

With the rapid growth of information technology and population of internet usage, according to Yves Poullet more than 1.5 billions of people use internet and email today. Information technology will be increasingly used to collect personal information with consequences that are potentially both beneficial and harmful to individuals (Dinev and Hart, 2006). The internet has brought us huge advantages, and the same time it might put our privacy at risk. Our information is circulating everywhere on the internet. Technology and the internet pose privacy issues, for instance, when you doing online shopping, you may concern what they store your personal information and credit card details for any other purpose or is it secure to give the information. Wondering why you getting spam? Heard on the news a bank’s network has been hacked and credit card and customer information has been stolen? There are potential privacy threats and risks when online, we need aware the potential privacy breaches and increase our privacy self-protection knowledge to minimise threats and risks.

Privacy

Defining the term “privacy” is difficult as it is not the same to every person and culture. In general, privacy is exchange with others using various artifices such as barriers or boundaries (Gustave-Nicolas Fischer 1997). In a legal context, privacy is “right to be let alone” (Warren and Brandeis 1890), while others have argued privacy is the right to prevent the disclosure of personal information to others (Westin 1970), my personal opinion on privacy is the right to not telling other something that don’t want them to know, personal life not to be disturbed and personal information not to be illegally collected, stored, disclosed and used.

Information privacy principles

The Privacy Act 1993 applies to almost every person, business or organisation in New Zealand. It sets out 12 information privacy principles, and guide how personal information can be collected, used, stored and disclosed. (Privacy Act 1993 NZ)

Purpose of collection of personal information – collected for lawful purpose.

Source of personal information – collect directly from the individual concerned or publicly available information

Collection of information from subject – the individual concerned is aware of the fact that the information is being collected.

Manner of collection of personal information – information shall not be collected by unlawful means, unfair and intrude to an unreasonable extent upon the personal affairs.

Storage and security of personal information – ensure the information is protected against loss, use, modification or disclosure except with the authority.

Access to personal information – holds information in such a way that can be readily retrieved by the concerned individual.

Correction of personal information – concerned individual shall be entitled to request correction of information

Accuracy, etc, of personal information to be checked before use – information shall not be used having regard to the purpose for which the information is proposed to be used, is accurate, up to date, relevant and not misleading.

Agency not to keep personal information for longer than necessary

Limits on use of personal information – information that was obtained in connection with one purpose shall not use the information for any other purpose.

Limits on disclosure of personal information – disclosure of the information is one of the purposes in connection with which the information was obtained or with individual concerned or authorised

Unique identifiers – shall not assign a unique identifier to an individual unless the assignment of that identifier is necessary for its functions efficiently or assign only to individuals whose identity is clearly established.

Characteristics of Privacy

The concept of privacy has been defined as a way of managing the communication of information about oneself in a given environment (Westin 1970). And Westin has identified the following characteristics:

Solitude is a situation in which the individual is isolated away from others; it implies physical isolation. In theory solitude allows personal reflection, self evaluation and emotional relaxation.

Intimacy is a situation that applies to a couple or a small group that is also physically isolated from the outside world. Intimacy permits protected communication within a social unit, such as unrestricted expression of emotions.

Anonymity is a situation in which the individual has no identity for others; he or she can thus neither be identified or supervised.

Withdrawal is a situation in which there are psychological barriers to communication.

Invasion of Privacy

In today’s world, Internet is part of our life. Privacy breaches over the internet are increasing. Below is a list of activities considered violating the privacy act.

Intrusion – illegally hack into someone’s computer or a network without the person knowledge or consent.

Information Interception – information being intercepted or modified during transmission.

Monitoring – most employers have company policy to monitor email usage with their work email, and keep track and monitor internet activities at work.

Virus/Malware/Trojan – deploy harmful programs to someone’s computer with malicious intent, copying, altering, deleting files, stealing passwords without the person’s consent.

Harassment – spam, Advertising pop ups, Denial o Service attacks, etc causing a computer malfunction or annoying activities.

Revealing information – reveal and use the information not having regard to the purpose for which the information is proposed to be used or no authority of the person.

Tracking – use of GPS phone to track employees’ location.

Risks to internet privacy

A statistical analyses study on major concern about privacy when online shows the top 5 concerns are: Viruses, Spam, Spyware, Hackers, Access to personal information (Carina Paine, Ulf-Dietrich Reips, Stefan Stieger, Adam Jionson, and Tom buchanan, 2007).

Internet Security

Internet security involves the protection of the computer’s internet account and files from intrusion of an unknown user, security attack can be defined as any action that compromises the security of information (Bumsuk Jun, Ingoo Han and Sangjae Lee, 2001). Networks are vulnerable to many kinds of attacks, hackers can gain access to a network and alter the data without being detected.

Cookies

A cookie is information that a website puts on a computer hard disk so that it can remember something about it at a later time. The main use for cookies is to provide customized web pages according to a profile of the user’s interests. There are two types of cookies: Persistent cookies and session cookies. Session cookies are temporary will be discarded when browser exits, but the persistent cookies remain on the users’ hard drive until they expire or users to delete them. However, cookies can be used for potentially unethical procedures such as linking online behaviour to personally identifiable information and re-selling this information without the consumer’s consent (Sylvia Mercado Kierkegaard, 2005).

Internet Service Provider(ISP)

When consumers connect to the internet, they obtain internet access through an ISP. All internet data that the consumer download and upload must pass through the ISP. Given this, the Internet Service provider has the ability to observe everything that is not encrypted. However, every ISPs usually prevented from participating in such activities due to legal issues.

Internet security and privacy protection technology and tools

Information protection technology

Data encryption and digital signature – this is a very effective way to prevent the information revealed if intercepted during transmission, encrypted and digitally signed data only the intended receiver able to decrypt and read it, it usually use on email.

Secure Socket Layer/Transport Layer Security (SSL/TLS) – The SSL/TLS protocol allows client/server applications to communicate across a network in a way designed to prevent eavesdropping, tampering and message forgery. SSL/TLS provides endpoint authentication and communications confidentiality over the internet using cryptography.

Virtual Private Network – A connection through a network utilising encryption technology to privatise data for transmission between tow trusted parties (Perry B. Gentry, PricewaterhouseCoopers 2001).

Internet security protection tools

Anti-virus software – Anti-virus software can protect you from viruses, worms, Trojans, spyware.

Firewall – Firewall is a piece of hardware or a software program placed at the point of entry between a private network and the outside internet such all incoming and outgoing packets have to pass through it, examines data passing into a computer or network to block attacks from the internet, it act as the first line of defence against internet security attacks (Mohamed G. Gouda and Alex X. Liu 2007)

Action to take to protect privacy online

Network Security

Network security is one of the common main problems for individual and organisations. To maximise the security of your network, install and configure top rated firewall for your internet connection and anti-virus software with latest virus definition updates, real-time monitoring to detect virus, spyware and Trojan horse that might harm your computer or hidden in your computer collect your information silently. Install the latest patch updates for your operating system regularly to fix known vulnerability to prevent potential attacks. Use virtual private network if remote access work from home.

Email security

Use your personal email account for your personal emails, as your employer has legal policy to monitor all email. Email is not secure in its nature; it can be rerouted and read by unintended third parties, when sending confidential or sensitive information use encryption to prevent it.

Web security

Be conscious of the web, when buying online or sign up for services which require provide highly sensitive personal information such as credit card number, you need to make sure the connection is securely encrypted using SSL/TLS. Turn on the cookie notices in your web browser, reject unnecessary cookies

Use common sense

If seen something too good to be true, forget it, they just attempt to defraud computer users. Never disclose personal information to unsolicited emails, don’t publish your email on the internet, it will be targeted for spam. Beware of “phishing”, where malicious people pretend to be a trusted company (e.g. bank) and get information from the targeted user so they can change or steal valuable information. Look for website privacy policies if the website requires information to sign up to access the website.

Conclusion

Internet privacy has attracted attention for internet users due to privacy breach incidents increasing as technology evolving. Most of the breaches are due to inadequate security measures have been taken, following some of the tips here will help internet users have a better understand on what will be required to protect from unauthorised intrusions and minimise the risk of being a victim of privacy breaches, information security continually evolves new issues and concerns as technology change.