Wednesday, March 17, 2010 : FTC Privacy Briefings - Sensitive Data Parry Aftab to Join FTC Panel Today
Wednesday, March 17, 2010 : FTC Privacy Briefings - Sensitive Data Parry
Aftab to Join FTC Panel Today
Parry Aftab's Blog
Where Parry Aftab Blogs on Cybersafety, Privacy and Cybersense
What is sensitive data?
Sensitive Data categorically includes but is not limited to data related
to an individuals health or medical condition, sexual behavior or
orientation, or detailed personal finances, information that appears to
relate to children under 13, racial or ethnic origin, political opinions,
religious or philosophical opinions or beliefs and trade union membership.
Four common ways in which sensitive data is exposed
The first three listed are far less prevalent, combined, than the fourth.
Intruders gain access to data through a weakness in the computer system
or poor digital hygiene allowing access to computers, desktop and wireless
Involves a method of extracting sensitive data from unsuspecting
individuals through fraudulent emails and communications from seemingly
reputable companies and organizations
Intruders obtain sensitive data by posing as representatives of a
legitimate company or organization
3. Social Engineering
Involves gathering public information that can be gleaned from social
networks, online services and community sites, including games, and
offline legal sources and combining it in such a way as to understand
sensitive and otherwise personal information through de-anonymizing data.
4. Voluntary Sharing of PII
Online community network users share a tremendous amount of PII all at
once or in small portions with the public or with a broad user group
Some is intentional, while others are shared through poor digital hygiene
and failure to use privacy settings or the lack of privacy settings
This information can be direct disclosure or available through profiling
the users preferences, groups and surfing patterns, much of which is made
publicly available by the user him or herself
Children are often the source of public disclosures of sensitive data,
not only about themselves, but about their friends and family. They may do
this intentionally, to harass or torment the person whose information is
being disclosed or they may do it without realizing the harm
Some information is shared, unwittingly, by adults and businesses when
disclosing communications, employee information and other sensitive data.
In addition, adults, as well as children, share personal information about
others either intentionally to harm them or without realizing the harm
Differing definitions of sensitive data
There has been a difference in what sensitive data means among marketers
and privacy advocates in the current push to regulate online advertising.
For the most part, the government has had a hands-off approach toward
online marketing, giving companies relatively free rein in how they use
tools that track what people do online and then use the data gathered to
deliver tailored marketing messages.
On July 2, 2009, advertising/marketing industry groups proposed a set of
guidelines for self-regulation (http://www.ana.net/news/content/1801) in
which they proposed the following definition of sensitive data:
The Principle calls for entities not to collect financial account numbers,
Social Security numbers, pharmaceutical prescriptions, or medical records
about specific individuals for Online Behavioral Advertising purposes
Many users have expressed concerns about their location being exposed
in ways they don control and in effect, adversely impacting their
safety and freedom. However, others believe that treating location data
like medical data will only shroud it in complete privacy and present a
detriment to the location service ecosystem. In addition, with GPS
built-into most cell phones and many computers and games and other
social networks using location to help pair users and locate
on-the-ground stores, services and points of interest, how desirable is
it to block access to and use of location data?
The complete article may be read at the URL above.
Bonnie Bracey Sutton
CyberEd Resources : ICT's and Education (owner)
Games and Education (owner)
Science without Frontiers STEM Initiatives K-12 (owner)
Technology Applications for learning in the portal
Technology Applications for Learning
The Technology Applications for
Learning Network is a catalog of technology
applications for learning.
Improve Your Chances for Indoor Gardening Success
Health Diet Fitness Recreation Sports Tourism
Please Ignore All Links to JIGLU
in search results for Net-Gold and related lists.
The Net-Gold relationship with JIGLU has
been terminated by JIGLU and these are dead links.