Difference between revisions of "Personal Privacy"

From MgmtWiki
Jump to: navigation, search
(Solutions)
(What is Personal Data)
 
(52 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
==Full Title or Meme==
 
==Full Title or Meme==
  
A list of various ways in which identity information can be misused or misappropriated on the internet.
+
A list of various ways in which user private information can be protected by user actions now and in the future.
  
 
==Context==
 
==Context==
  
User private data is required for release of web resources. Minimizing the amount of data released or its misuse after release is the object of this effort to collect a list of the various attacks and their mitigations.
+
Pages on the site where the broad definitions may be found:
 +
*[[Privacy]] is the page where the broad definitions may be found.
 +
*[[Identity Pathologies]] is the page where the various vulnerabilities are delineated.
 +
*[[User Private Information]] is the page were data is classified as to the Personal Information Exposure Risk is defined.
 +
*[[Privacy Regulation]] is the page where the thinking behind current [[Government]] actions is described and compared to the real problems that users would like to see corrected.
 +
 
 +
User private data is required for release of web resources. Minimizing the amount of data released or its misuse after release is the object of this effort to list the steps that can be taken today by user as well as the developments that are still evolving.
  
 
There are four entities that are in play here.
 
There are four entities that are in play here.
#The user on a user device (aka a user agent).
+
#The [[user]] on a user device (aka a user agent).
 
#The resource provider (aka a relying party.)
 
#The resource provider (aka a relying party.)
#Identifier and Attribute Providers.
+
#[[Identifier or Attribute Provider]]s.
 
#Data Harvester or Broker
 
#Data Harvester or Broker
  
 
==Problems==
 
==Problems==
  
Threats against authentication, federation or user private data, as that can be used in spoofing.
+
Users have a variety of reasons not to let their personal information be broadly available, some of those are:
 +
* The right to the "let alone" based on a legal theory of Warren and Brandies.
 +
** Intimidation by people with evil intent (an active reason to be "let alone").
 +
** Government harassment (not always your own government), or worse.
 +
** Harassment by organizations what want to change the government, or worse.
 +
** Annoyance by trolls or advertisements by scammers looking profit by your vulnerability.
 +
** The easiest feature for any web site is allowing the user anytime access to remove themselves from any email.
 +
** The best feature for any web site is allowing the user anytime access to remove all record of them.
 +
* The use of personal data to "steal you identity"; often lumped with privacy, this is usually criminal larceny.
 +
** Loss of potential (or real) earnings or direct attack on funds on deposit.
 +
** Tracking on-line makes you feel weird (where there is not any direct personal loss).
 +
** Pretending to be you in order to cause you legal or social problems, possibly as a means of blackmail.
 +
* Embarrassment over one's past behavior or attributes (may also create direct personal loss).
 +
* Discrimination based on one's personal attributes, health history or behavior.
 +
* You are a crook or deviant.
  
* Attacks at the user device or user agent.
+
 
**User private data, including credentials used in authentication or secret seed value.
+
There are benefits to sharing personal data:
**Theft of user device or second factor token
+
* The user experience is more personal and directed to your interests.
**Data of the user's contacts' email address for spamming.
+
* Lots of valuable content on the web is free.
**Insertion of malware on the user's device.
+
==What is Personal Data==
**Interception of legitimate user connections to valuable resources, including elevation of priviledge.
+
It pretty clear that a legal definition of person data is not likely to help technology providers.
* Attacks on the transmission of user private data.
+
* On the same day that the FTC announces in a blog that "Browsing and location data are sensitive. Full stop." <ref>FTC, ''FTC Cracks Down on Mass Data Collectors: A Closer Look at Avast, X-Mode, and InMarket'' https://www.ftc.gov/policy/advocacy-research/tech-at-ftc/2024/03/ftc-cracks-down-mass-data-collectors-closer-look-avast-x-mode-inmarket</ref> Three recent FTC enforcement actions reflect a heightened focus on pervasive extraction and mishandling of consumers’ sensitive personal data.
**Interception of legitimate user connections to steal authentication data.
+
* The DOJ, in its ANPRM accompanying Biden's sensitive data EO, states that web browsing data is NOT sensitive (p. 17).<ref>US DEPARTMENT OF JUSTICE, ''National Security Division; Provisions Regarding Access to Americans’ Bulk Sensitive Personal Data and Government-Related Data by Countries of Concern'' https://public-inspection.federalregister.gov/2024-04594.pdf</ref>
**Misdirection or misleading connection to attacker sites.
+
* To this obvious misalignment between federal agencies, add the various definitions of sensitive personal information in state laws (web browsing is typically not considered sensitive; precise geolocation information is, though not in Colorado) Note that some phones can be set to the level of precision that is reported. Be careful though the advertising location information is available on nearlly all smartphones unless the holder specifically disables it.
**Hijacking a legitimate user connection (Man in the middle attacks).
+
* Meanwhile, the master of privacy academics, Daniel Solove, suggests, "the sensitive data approach is a dead end." And that, "the sensitive data categories are arbitrary and lack any coherent theory for identifying them." <ref>GW Law, ''Data Is What Data Does: Regulating Based on Harm and Risk Instead of Sensitive Data'' https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4322198</ref>
* Spoofing attacks at the resource site.
+
* A similar message is available in Elizabeth Renieris book "Beyond Data"<ref>Elizabeth Renieris, ''Beyond Data'' ISBN ‎978-0262047821</ref>
**Online guessing, when user lock-out or time-out is not applied.
 
**Binding of attacker's token to the user's profile at the resource
 
**Reuse or Replay of user credentials
 
***User reliance on passwords alone is known to result in password reuse, so if an attack succeeds on one site, it may work on others.
 
**Using data acquired by social engineering, such as using a pretext for the user to enable the authentication.
 
***Complex passwords that are unique to one site or service will force users to write down passwords which can be found.
 
**Initiating connections through other compromised sites, including compromised Identifier or Attribute Providers.
 
* Misuse of user private data.
 
**Releasing data to others.
 
**Data breaches.
 
**Social engineering at provider based on partial knowledge of user private data
 
  
 
==Solutions==
 
==Solutions==
 
===These are the steps that should be considered now===
 
===These are the steps that should be considered now===
 +
# Newer browsers are more supportive of user privacy, but many of the most powerful features are off by default.
 +
## Firefox released <ref>Brian X. Chen ''Firefox Is Back, With Improved Privacy Tools And Speed'' 2018-06-21 New York Times</ref> new privacy tools like a feature for block ad-trackers, a container for web sites like Facebook, no video auto-start, etc.
 +
## Chrome and Microsoft Edge come with powerful cloud based site validation.
 +
# It is possible (albeit challenging) to install browser extensions on desktop computers that improve privacy:
 +
## Tunnel Bear and IPVN create a Virtual Private Network (VPN) to protect data in transit.
 +
## Ghostery, Privacy Badger, AdBlock and others block ads and web trackers, some web sites will not work with these features fully enabled.
 +
# Install two different browsers on your device and designate one of them for financial transactions with all security settings turned on.
 +
 +
 
===These are some of the steps under development===
 
===These are some of the steps under development===
 +
 +
# The [[GDPR]] is slowly going into effect starting on 2018-05-24. While this specifically targets EU residents, it is having world-wide effect.
 +
# [[Consent Receipt]] spec has been released to developers.
 +
# [[California Consumer Privacy Act of 2018]] is now law and will take full effect in 2019.
 +
# ...
 +
# DID, blockchain and a whole bunch of other blue sky musings.
  
 
==References==
 
==References==
Line 48: Line 72:
  
 
[[Category:Glossary]]
 
[[Category:Glossary]]
 +
[[Category:Privacy]]

Latest revision as of 22:01, 5 March 2024

Full Title or Meme

A list of various ways in which user private information can be protected by user actions now and in the future.

Context

Pages on the site where the broad definitions may be found:

  • Privacy is the page where the broad definitions may be found.
  • Identity Pathologies is the page where the various vulnerabilities are delineated.
  • User Private Information is the page were data is classified as to the Personal Information Exposure Risk is defined.
  • Privacy Regulation is the page where the thinking behind current Government actions is described and compared to the real problems that users would like to see corrected.

User private data is required for release of web resources. Minimizing the amount of data released or its misuse after release is the object of this effort to list the steps that can be taken today by user as well as the developments that are still evolving.

There are four entities that are in play here.

  1. The user on a user device (aka a user agent).
  2. The resource provider (aka a relying party.)
  3. Identifier or Attribute Providers.
  4. Data Harvester or Broker

Problems

Users have a variety of reasons not to let their personal information be broadly available, some of those are:

  • The right to the "let alone" based on a legal theory of Warren and Brandies.
    • Intimidation by people with evil intent (an active reason to be "let alone").
    • Government harassment (not always your own government), or worse.
    • Harassment by organizations what want to change the government, or worse.
    • Annoyance by trolls or advertisements by scammers looking profit by your vulnerability.
    • The easiest feature for any web site is allowing the user anytime access to remove themselves from any email.
    • The best feature for any web site is allowing the user anytime access to remove all record of them.
  • The use of personal data to "steal you identity"; often lumped with privacy, this is usually criminal larceny.
    • Loss of potential (or real) earnings or direct attack on funds on deposit.
    • Tracking on-line makes you feel weird (where there is not any direct personal loss).
    • Pretending to be you in order to cause you legal or social problems, possibly as a means of blackmail.
  • Embarrassment over one's past behavior or attributes (may also create direct personal loss).
  • Discrimination based on one's personal attributes, health history or behavior.
  • You are a crook or deviant.


There are benefits to sharing personal data:

  • The user experience is more personal and directed to your interests.
  • Lots of valuable content on the web is free.

What is Personal Data

It pretty clear that a legal definition of person data is not likely to help technology providers.

  • On the same day that the FTC announces in a blog that "Browsing and location data are sensitive. Full stop." [1] Three recent FTC enforcement actions reflect a heightened focus on pervasive extraction and mishandling of consumers’ sensitive personal data.
  • The DOJ, in its ANPRM accompanying Biden's sensitive data EO, states that web browsing data is NOT sensitive (p. 17).[2]
  • To this obvious misalignment between federal agencies, add the various definitions of sensitive personal information in state laws (web browsing is typically not considered sensitive; precise geolocation information is, though not in Colorado) Note that some phones can be set to the level of precision that is reported. Be careful though the advertising location information is available on nearlly all smartphones unless the holder specifically disables it.
  • Meanwhile, the master of privacy academics, Daniel Solove, suggests, "the sensitive data approach is a dead end." And that, "the sensitive data categories are arbitrary and lack any coherent theory for identifying them." [3]
  • A similar message is available in Elizabeth Renieris book "Beyond Data"[4]

Solutions

These are the steps that should be considered now

  1. Newer browsers are more supportive of user privacy, but many of the most powerful features are off by default.
    1. Firefox released [5] new privacy tools like a feature for block ad-trackers, a container for web sites like Facebook, no video auto-start, etc.
    2. Chrome and Microsoft Edge come with powerful cloud based site validation.
  2. It is possible (albeit challenging) to install browser extensions on desktop computers that improve privacy:
    1. Tunnel Bear and IPVN create a Virtual Private Network (VPN) to protect data in transit.
    2. Ghostery, Privacy Badger, AdBlock and others block ads and web trackers, some web sites will not work with these features fully enabled.
  3. Install two different browsers on your device and designate one of them for financial transactions with all security settings turned on.


These are some of the steps under development

  1. The GDPR is slowly going into effect starting on 2018-05-24. While this specifically targets EU residents, it is having world-wide effect.
  2. Consent Receipt spec has been released to developers.
  3. California Consumer Privacy Act of 2018 is now law and will take full effect in 2019.
  4. ...
  5. DID, blockchain and a whole bunch of other blue sky musings.

References

  1. FTC, FTC Cracks Down on Mass Data Collectors: A Closer Look at Avast, X-Mode, and InMarket https://www.ftc.gov/policy/advocacy-research/tech-at-ftc/2024/03/ftc-cracks-down-mass-data-collectors-closer-look-avast-x-mode-inmarket
  2. US DEPARTMENT OF JUSTICE, National Security Division; Provisions Regarding Access to Americans’ Bulk Sensitive Personal Data and Government-Related Data by Countries of Concern https://public-inspection.federalregister.gov/2024-04594.pdf
  3. GW Law, Data Is What Data Does: Regulating Based on Harm and Risk Instead of Sensitive Data https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4322198
  4. Elizabeth Renieris, Beyond Data ISBN ‎978-0262047821
  5. Brian X. Chen Firefox Is Back, With Improved Privacy Tools And Speed 2018-06-21 New York Times