REVIEW: "Privacy", J. C. Cannon
- BKPRVACY.RVW 20051023
"Privacy", J. C. Cannon, 2005, 0-321-22409-4, U$49.99/C$71.99
%A J. C. Cannon jc_msft@...
%C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
%I Addison-Wesley Publishing Co.
%O U$49.99/C$71.99 416-447-5101 fax: 416-443-0948 bkexpress@...
%O Audience i- Tech 1 Writing 2 (see revfaq.htm for explanation)
%P 347 p. + CD-ROM
%T "Privacy: What Developers and IT Professionals Should Know"
The preface states that this book should help people learn about
privacy technologies. (The cover refines this: it contains what
developers and information technology professionals should know.)
Part one examines privacy for everyone. Chapter one is a vague review
of privacy. A list of privacy related technologies is in chapter two.
There is a brief look, in chapter three, at privacy lawsuits and
legislation. Chapter four discusses privacy settings in Windows,
including the metadata in Word files. Spam, and anti-spam
technologies, are surveyed in chapter five. Privacy invasive
technologies are examined in chapter six, concentrating on radio-
frequency identity chips.
Part two looks at privacy and the organization. Chapter seven
suggests some corporate structures to do with security, such as having
a chief privacy officer and a privacy council. A "Privacy Response
Center" is recommended in chapter eight. (I thought they used to call
this an "ombudsman" or something.)
Part three concerns privacy factors for the developer. Chapter nine
outlines the Platform for Privacy Preferences Project (P3P). Advice
on developing "privacy aware" software programs is given in chapter
ten, although most of it seems to be fairly standard system
development methodology. A not-terribly-clear-or-helpful system of
diagramming information flow to analyze privacy distribution is
suggested in chapter eleven. (An effort to demonstrate a data flow
diagrammatic approach to privacy chooses to put error data,
administrative activities, and system settings inside the privacy
boundary.) Chapter twelve attempts to give an example of how the
foregoing three chapters would work in building an application. Some
considerations for databases are discussed in chapter thirteen.
Another attempt to present a privacy aware program is given in chapter
fourteen. Rather oddly, chapter fifteen talks about technologies that
protect intellectual property.
It is very hard to say what this book is about. Some of part one is
not bad, although hardly inspired. The corporate material, in part
two, is turgid, and seemingly applicable only to the most massive of
corporations. Part three's suggestions about privacy aware
applications appear not only unhelpful but pointless, at least in
terms of real privacy issues.
copyright Robert M. Slade, 2005 BKPRVACY.RVW 20051023
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... slade@... rslade@...
Children are messages we send to a time we will not be here.
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade