The University of Jammu: Topic of Assignment: Data Protection: The Right To Privacy
The University of Jammu: Topic of Assignment: Data Protection: The Right To Privacy
The University of Jammu: Topic of Assignment: Data Protection: The Right To Privacy
TOPIC OF ASSIGNMENT:
DATA PROTECTION : THE RIGHT
TO PRIVACY
SUBJECT:
IT APPLICATIONS IN
MANAGEMENT
Healthcare records
Criminal justice investigations and proceedings
Financial institutions and transactions
Biological traits, such as genetic material
Residence and Geographic records
Privacy breach
Location-based service and Geolocation
Web surfing behavior or user preferences using persistent cookies
Academic research
The challenge of data privacy is to utilize data while protecting an
individual's privacy preferences and their personally identifiable
information. The fields of computer security, data security,
and information security design and utilize software, hardware, and
human resources to address this issue. Since the laws and regulations
related to Privacy and Data Protection are constantly changing, it is
important to keep abreast of any changes in the law and to continually
reassess compliance with data privacy and security regulations.Within
academia, Institutional Review Boards function to assure that adequate
measures are taken to insure both the privacy and confidentiality of
human subjects in res
INFORMATION TYPES
Various types of personal information often come under privacy
concerns.
Internet
The ability to control the information one reveals about oneself over the
internet, and who can access that information, has become a growing
concern. These concerns include whether email can be stored or read by
third parties without consent, or whether third parties can continue to
track the websites that someone has visited. Another concern is if the
websites that are visited can collect, store, and possibly share personally
identifiable information about users.
The advent of various search engines and the use of data mining created
a capability for data about individuals to be collected and combined
from a wide variety of sources very easily. The FTC has provided a set
of guidelines that represent widely accepted concepts concerning fair
information practices in an electronic marketplace called the Fair
Information Practice Principles.
In order not to give away too much personal information, emails should
be encrypted. Browsing of web pages as well as other online activities
should be done trace-less via anonymizers, in case those are not trusted,
by open-source distributed anonymizers, so called mix nets, such
as I2P or Tor – The Onion Router.
Email isn't the only internet content with privacy concerns. In an age
where increasing amounts of information are going online, social
networking sites pose additional privacy challenges. People may be
tagged in photos or have valuable information exposed about themselves
either by choice or unexpectedly by others. Caution should be exercised
with what information is being posted, as social networks vary in what
they allow users to make private and what remains publicly
accessible. Without strong security settings in place and careful attention
to what remains public, a person can be profiled by searching for and
collecting disparate pieces of information, worst case leading to cases
of cyberstalking or reputational damage.
Cable television
This describes the ability to control what information one reveals about
oneself over cable television, and who can access that information. For
example, third parties can track IP TV programs someone has watched
at any given time. "The addition of any information in a broadcasting
stream is not required for an audience rating survey, additional devices
are not requested to be installed in the houses of viewers or listeners, and
without the necessity of their cooperations, audience ratings can be
automatically performed in real-time.”
Medical
People may not wish for their medical records to be revealed to others.
This may be because they have concern that it might affect their
insurance coverages or employment. Or, it may be because they would
not wish for others to know about any medical or psychological
conditions or treatments that would bring embarrassment upon
themselves. Revealing medical data could also reveal other details about
one's personal life. There are three major categories of medical privacy:
informational (the degree of control over personal information), physical
(the degree of physical inaccessibility to others), and psychological (the
extent to which the doctor respects patients’ cultural beliefs, inner
thoughts, values, feelings, and religious practices and allows them to
make personal decisions). Physicians and psychiatrists in many cultures
and countries have standards for doctor-patient relationships, which
include maintaining confidentiality. In some cases, the physician-patient
privilege is legally protected. These practices are in place to protect the
dignity of patients, and to ensure that patients will feel free to reveal
complete and accurate information required for them to receive the
correct treatment. To view the United States' laws on governing privacy
of private health information, see HIPAA and the HITECH Act.
Financial
Information about a person's financial transactions, including the amount
of assets, positions held in stocks or funds, outstanding debts, and
purchases can be sensitive. If criminals gain access to information such
as a person's accounts or credit card numbers, that person could become
the victim of fraud or identity theft. Information about a person's
purchases can reveal a great deal about that person's history, such as
places he/she has visited, whom he/she has contacted with, products
he/she has used, his/her activities and habits, or medications he/she has
used. In some cases, corporations may use this information to target
individuals with marketing customized towards those individual's
personal preferences, which that person may or may not approve.
Locational
As location tracking capabilities of mobile devices are advancing
(location-based services), problems related to user privacy arise.
Location data is among the most sensitive data currently being
collected.A list of potentially sensitive professional and personal
information that could be inferred about an individual knowing only his
mobility trace was published recently by the Electronic Frontier
Foundation. These include the movements of a competitor sales force,
attendance of a particular church or an individual's presence in a motel,
or at an abortion clinic. A recent MIT study by de Montjoye et al.
showed that four spatio-temporal points, approximate places and times,
are enough to uniquely identify 95% of 1.5 million people in a mobility
database. The study further shows that these constraints hold even when
the resolution of the dataset is low. Therefore, even coarse or blurred
datasets provide little anonymity.
Political
Political privacy has been a concern since voting systems emerged in
ancient times. The secret ballot is the simplest and most widespread
measure to ensure that political views are not known to anyone other
than the voters themselves—it is nearly universal in modern democracy,
and considered to be a basic right of citizenship. In fact, even where
other rights of privacy do not exist, this type of privacy very often does.
Educational
In the United Kingdom in 2012, the Education Secretary Michael
Gove described the National Pupil Database as a "rich dataset" whose
value could be "maximised" by making it more openly accessible,
including to private companies. Kelly Fiveash of The Register said that
this could mean "a child's school life including exam results, attendance,
teacher assessments and even characteristics" could be available, with
third-party organizations being responsible for anonymizing any
publications themselves, rather than the data being anonymized by the
government before being handed over. An example of a data request that
Gove indicated had been rejected in the past, but might be possible
under an improved version of privacy regulations, was for "analysis on
sexual exploitation."
Key Principles
Individual Rights Are At The Center Of Privacy And
Data Protection
The law on privacy must empower an individual and advance their right
to privacy, as an individual and her rights are primary. The Code
furthers this principle in the following ways:
The Code builds on the basis that privacy is a fundamental right and
that personal data should be handled fairly and lawfully.
It looks at innovation from the perspective of user trust where it will
grow in a sustainable manner by creating frameworks for data
collectors and processors to handle resident's data.
The Code provides individuals with certain Rights with respect to their
Data. These are:
Right to Access: An individual has the right to access information on
what data of theirs has been collected, and how it has been handled.
Right to Rectification: Individuals can correct and change data
collected about them.
Right to Erasure And Destruction of Personal Data: Individuals can
request their personal data to be erased at any time.
Right to Restriction Of Processing: An individual can stop their data
from being processed further.
Right to Object: Individuals can object to the processing of their data in
a particular way.
Right to Portability of Personal Data: Individuals can ask to receive
their personal data or for it to be transferred to another data collector.
Right to Seek Exemption from Automated Decision-Making:
Individuals can opt-out from machine made decisions taken based on
their data, like profiling.
If an individual’s privacy is compromised and if this Act, which protects
privacy is not adhered to, the offender is liable to face punitive action
taken by Privacy Commissions and Surveillance Tribunals created
through this Act. These penalties can go up to fines of Rs 10 crore and a
five year jail term - for committing a cognisable and non-bailable
offence.