| Your place or mine?: privacy concerns and solutions for server and client-side storage of personal information |
| Full text |
 Pdf
(84 KB)
|
| Source
|
Computers, Freedom and Privacy
archive
Proceedings of the tenth conference on Computers, freedom and privacy: challenging the assumptions
table of contents
Toronto, Ontario, Canada
Pages: 81 - 84
Year of Publication: 2000
ISBN:1-58113-256-5
|
|
Authors
|
|
| Sponsor |
|
| Publisher |
|
| Bibliometrics |
Downloads (6 Weeks): 2, Downloads (12 Months): 40, Citation Count: 3
|
|
|
 REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
We are using a broad definition of personal, meaning identifiable: the use of information relating to an individual that identifies that individual -- this may include linking information with personally identifiable information from other sources or combining information so as to infer a person's identity. That is: name, address, ID number, etc. as well as IP address, email address, psychographic information, etc.
|
| |
2
|
In fact, Germany requires collection limitation as part of its data protection law. The Organization of Economic Cooperation and Development (OECD) Guidelines on the Protection of Privacy and Transborder Flows of Personal Data principles < http://www.cdt.org/privacy/guide/basic/ oecdguidelines.html>, adopted by hundreds of countries and companies, includes "collection limitation" as its first principle. Roger Clarke of Xamax consulting Pry. Ltd. in Australia has done some excellent work in helping build guidelines to determine when the collection of personally identifiable information is needed for authentication purposes. Clarke's work on this subject is available at http:/ /www.anu.edu.au/people/Roger.Clarke/EC/.
|
| |
3
|
CDT Senior Staff Counsel, James X. Dempsey, created this chart. Representatives of the Department of Justice agreed upon the accuracy of the chart, so it actually does represent the current state of the law, not just CDT's view. An online version is available at: http://www.cdt.org/privacy/govaccess/ accesschart.shtml.
|
| |
4
|
Senator Leahy (D-VT) has a bill in Congress that could close some, if not many, of these holes (S. 854 or the E-RIGHTS Act of the }06th Congress).
|
| |
5
|
Markoff, John. "An Online Extortion Plot Results in Release of Credit Card Data." New York Times. January 10, 2000. p. A}.
|
| |
6
|
While companies are reluctant to share exact statistics on this subject, we have anecdotal evidence that legal departments have exploded at online companies specifically to deal with this issue.
|
| |
7
|
Password technologies are clearly not the best authentication technique for such a system, but in reality they are currently the most often used. When password technologies are usedin such systemsnow, the companies have the ability to issue new passwords but no ability to see what the passwords are.
|
| |
8
|
Business Week/Louis Harris, "3/16/98 BW/Harris Poll: Online Insecurity," http:// www.busine ssweek.eom/} 998/1 }/b3569 } 07.htm
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
K.4