"Protect Your Digital Privacy", Glee Harrah Cady/Pat McGregor, 2002,
%A Glee Harrah Cady glee@...
%A Pat McGregor
%C 201 W. 103rd Street, Indianapolis, IN 46290
%I Macmillan Computer Publishing (MCP)
%O U$29.99/C$44.95/UK#21.99 800-858-7674 317-581-3743 info@...
%P 652 p.
%T "Protect Your Digital Privacy: Survival Skills for the
Part one sets the stage. Chapter one gives vague ideas about
protecting your privacy in the twenty first century, mostly about
e-commerce. A variety of definitions of privacy, from differing
perspectives, are listed in chapter two.
Part two discusses privacy and the individual. From celebrity
magazines to publicly available government databases to e-commerce
loyalty programs, chapter three discusses who might want to know
different types of information about people. Chapter four presents
the usual information about kids and the net: the net is potentially
dangerous for kids, talk to your kids about their net use, and safe
sites. Although there is nothing new here, the material is reasonable
and well presented. Email address harvesting and cookies are reviewed
in chapter five. Chapter six talks about high speed Internet access,
including little content on security or privacy, but an odd bit on
malware. There is a similar discussion of cellular phones and
technology in chapter seven. Chapter eight examines cell phone
location systems, "pay-fobs," face recognition and other miscellaneous
Part three talks about taking control of your privacy and information.
Chapter nine suggests taking an inventory of your personal information
(available online) and looks at Web search engines and the inaccuracy
of commercial search services. Chapter ten is a mixed bag of security
topics, including a little cryptography, something on passwords, and
cookies again. Although there are some good tips on protecting online
transactions, chapter eleven suffers from a lack of structure. The
advice to know where you are and who you are dealing with, for
example, is on page 308, but the material on server authentication is
on page 294. Neither location actually demonstrates the ability to
verify the certificate, or the "Paypal/Paypa1" fraud. Chapter twelve
deals with what to do if your information is compromised, but doesn't
cover the topic particularly well. There is mention of spam filters,
but not the dangers of losing email; there are directions for
reporting frauds, but few details on the levels below which the
agencies aren't interested; addresses of credit agencies, but little
useful information on identity theft.
Part four looks at legal protection. Chapter thirteen is an excellent
overview of laws regarding privacy, covering both the United States
and a number of other countries. (While the rest of the book is
primarily directed at home users, this chapter alone may be worth the
price of the volume for security practitioners. I am not aware of any
other text that deals with current laws as well.) Advocacy groups are
listed in chapter fourteen, with self-regulation programs in fifteen.
Electronic voting is examined in chapter sixteen, concentrating on
Internet or online voting, although most of the studies cited dealt
with other forms of voting technology. Chapter seventeen asks where
we are going, and meanders around so much that it is hard to say.
There is a vague wrapup in chapter eighteen.
A number of other authors have attempted to provide a book about
privacy for the masses. Chris Peterson's attempt (cf. BKILIWMP.RVW)
was about privacy, but not really about the net. David Brin's "The
Transparent Society" (cf. BKTRASOC.RVW), which gets a mention in the
current work, is fascinating, but doesn't really cover the present
situation. "Privacy Defended" (cf. BKPRVDFN.RVW) is only nominally
about privacy. Cady and McGregor have managed to stick pretty close
to the topic. They present a good deal of useful information,
although the book would definitely benefit from an improved framework
and a general tightening up of the writing: with a trimming of
verbiage and a more focussed thread to the ideas the volume could be
lightened by a third or more. However, for those who want some
guidance on the topic and don't want the academic classics like
"Privacy on the Line" (cf. BKPRIVLN.RVW) or "Technology and Privacy"
(cf. BKTCHPRV.RVW), this would be a good choice.
copyright Robert M. Slade, 2002 Permission to distribute free electronic
copies is hereby granted but printed copy or copy distributed for financial gain is
forbidden BKPYDPRV.RVW 20020924
rslade@... rslade@... slade@... p1@...
Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
December 16, 2002 December 20, 2002 San Francisco, CA
February 10, 2003 February 14, 2003 St. Louis, MO
March 31, 2003 April 4, 2003 Indianapolis, IN