Online Privacy Issues Overview | slideum.com

Online Privacy Issues Overview

Download Report

Transcript Online Privacy Issues Overview

Regulating Online Speech

Week 3 - January 30, February 1

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 1

Administrivia

 Questions about retaking the quiz?

• Questions about proper citations and avoiding plagiarism?

 Homework #2 now posted http://cups.cs.cmu.edu/courses/compsoc sp07/homework/hw2.html

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 2

Homework 1 discussion

 How would your life be different without computers?

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 3

Research and Communication Skills

CMU Libraries (http://www.library.cmu.edu)

 Engineering and Science (a.k.a. E&S) • • Location: 4 th floor, Wean Hall Subjects: Computer Science, Engineering, Mathematics, Physics, Science, Technology  Hunt (CMU’s main library) • Location: its own building (possibly 2 nd ugliest on campus behind Wean), between Tepper and Baker • Subjects: Arts, Business, Humanities, Social Sciences  Software Engineering Institute (a.k.a. SEI) • • Location: 4500 5 th Avenue Subjects: “Security, Software, Technology”

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 4

Research and Communication Skills

Coolest Thing in CMU Libraries

 Posner Memorial Collection at Posner Center • • • Rare books Early prints of famous works

Original copy of the Bill of Rights

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 5

Research and Communication Skills

START HERE: Cameo

 Cameo is CMU’s online library catalog  Catalogs everything CMU has – books, journals, periodicals, multimedia, etc.

 Search Cameo online at http://cameo.library.cmu.edu

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 6

Research and Communication Skills

If it’s not in Cameo, but you need it today: Local Libraries

 Carnegie Library of Pittsburgh http://www.carnegielibrary.org/index.html

 University of Pittsburgh Libraries http://pittcat.pitt.edu/

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 7

Research and Communication Skills

If it’s not in Cameo, and you can wait: ILLiad and E-ZBorrow

 ILLiad and E-ZBorrow are catalogs of resources available for Interlibrary Loan from other libraries nationwide (ILLiad) and in Pennsylvania (E-ZBorrow)  Order items online (almost always free)  Wait for delivery – average 10 business days  Find links to ILLiad and E-ZBorrow online catalogs at http://www.library.cmu.edu/Services/ILL/

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 8

Research and Communication Skills

Special needs: Other Useful Databases

 Links to these and many more databases available at http://www.library.cmu.edu/Search/AZ.html

 Lexis-Nexis • Massive catalog of legal sources – law journals, case law, news stories, etc.

 IEEE and ACM journal databases • IEEE Xplore and ACM Digital Library  INSPEC database • Huge database of scientific and technical papers

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 9

Research and Communication Skills

And of course…

 Reference librarians are available at all CMU libraries, and

love

to help people find what they need – just ask!

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 10

Bill of Rights

 First Amendment • Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the government for a redress of grievances.

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 11

The Internet can’t be censored

“The Net treats censorship as damage and routes around it.”

- John Gillmore

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 12

Cartoon dogs are anonymous on the Internet Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 13

Real dogs are anonymous on the Internet too!

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 14

Actually, none of this is true

 It is easy to adopt a pseudonym or a persona on the Internet, but it is difficult to be truly anonymous • Identities can usually be revealed with cooperation of ISP, local sys-admins, web logs, phone records, etc.

 The Internet can put up a good fight against censorship, but in the end there is still a lot of Internet censorship • Repressive governments and intellectual property lawyers have been pretty successful at getting Internet content removed

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 15

Communications Decency Act

 Title V of the Telecommunications Act of 1996  Prohibited Internet distribution of indecent or patently offensive material to minors  Created restrictions for the Internet similar to broadcast media  Introduced by Sen. James Exon (D-Nebraska) • • Cited Marty Rimm study http://www.swiss.ai.mit.edu/6095/articles/cda/saga.html

 Immediately challenged in court  Supreme Court struck down CDA in 1997 (Reno v. American Civil Liberties Union)

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 16

Opposition to the CDA

  Over-broad, vague, unenforceable CDA includes “indecency standard” • Obscenity and child pornography are already illegal to distribute (child pornography is also illegal to possess) • • Obscenity - Miller test:  Whether the average person, applying contemporary community standards, would find that the work, taken as a whole, appeals to the prurient interest,  Whether the work depicts/describes, in a patently offensive way, sexual conduct specifically defined by applicable state law,  Whether the work, taken as a whole, lacks serious literary, artistic, political, or scientific value.

But indecency is defined in CDA as “any comment, request, suggestion, proposal, image, or other communications, that, in context, depicts or describes, in terms patently offensive as measured by contemporary community standards, sexual or excretory activities or organs.”  What community do we look at when regulating the Internet?

   Internet should not be regulated like broadcast Law would chill free speech Internet filters are a better solution

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 17

Support for the CDA

 Senator James Exon (D-Nebraska), sponsor of Bill: Need to protect children from online pornography  Laws that restrict selling porn to children in other media should apply to the Internet  Filters are not sufficient • Parents may not be able to figure out how to use them • Children may access computers away from home

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 18

Platform for Internet Content Selection (PICS)

 Developed by the World Wide Web Consortium  Specification for associating metadata with Internet content • • Supports self-labels and third-party labels Supports the development of many rating systems  Implemented in MS Internet Explorer and other products

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 19

How technology tools work

Internet content

Web Usenet Email Chat Gopher FTP

Person or tool classifies content

For what age group is it appropriate?

Is it educational?

Is it fun?

Tool takes an action

Suggest Search Inform Monitor Warn Block

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 20

Who does the classification?

 Third-party experts  Automated tools  Local administrators  Content providers  Survey or vote

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 21

Classification scheme

Good for kids Bad for kids Characteristics of content Age suitability Who created content Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 22

Rating systems and vocabularies Math Science English Spelling History French Spanish Gym Art Music Drama

A B B+ D C A F A+ B C B

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 23

Descriptive versus subjective

Many variables complex Few variables simple Subjective Descriptive Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 24

Can’t derive descriptive from subjective Characters not well developed Gratuitous sex and violence Bad acting?

Boring plot?

?

Unoriginal?

Too much violence?

Not enough violence?

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 25

 Web sites  FTP, gopher, etc.

 Chat  Instant messaging

Scope

 Newsgroups  Email  Telnet

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 27

Actions

Suggest Search Inform Monitor Warn Block Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 28

Mechanisms and interface

 Location  Updates  Customizability  Other features

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 29

Where are the tools located?

 Personal computer  Internet service provider  Server • LAN or local proxy • Remote proxy  Search engine  Web site

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 30

Updates

 How are tools updated?

• • • Manual updates required Automatic updates No updates required

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 31

Customizability

 Action  Allow and block list elements  Categories of content  Words and phrases  Time of day  Policies for each user

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 32

Other features

 Time limits  Separate settings for each child  Protect parents’ files  Block individual words and pictures vs. full page or whole site  Explanation of why blocked vs. silent blocking

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 33

Discussion

 Diversity of tools in the marketplace is important  Need for increased transparency from vendors about the criteria used to classify content

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 34

CDA Sequels

 Child Online Protection Act (COPA) - passed in 1998 • • Banned commercial distribution of material harmful to minors ACLU challenged this law - Supreme Court has twice upheld lower court injunctions against enforcement, back to lower court in October 2006 • http://www.aclu.org/freespeech/internet/onlinefreespeech.html

 Children’s Internet Protection Act (CIPA) passed in 1999 • Requires schools and libraries that receive federal funds for Internet access to filter out child pornography, obscene materials, and materials harmful to minors • Upheld by Supreme Court in 2003  Many state laws • Most have been declared unconstitutional

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 35

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 36

Anonymous censorship-resistant publishing

 The printing press and the WWW can be powerful revolutionary tools • • • Political dissent Whistle blowing Radical ideas  but those who seek to suppress revolutions have powerful tools of their own • • • • Stop publication Destroy published materials Prevent distribution Intimidate or physically or financially harm author or publisher

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 37

Anonymity increases censorship-resistance

 Reduces ability to force “voluntary” self censorship  Allows some authors to have their work taken more seriously • Reduces bias due to gender, race, ethnic background, social position, etc.

 Many historical examples of important anonymous publications • In the Colonies during Revolutionary War when British law prohibited writings suggesting overthrow of the government • Federalist papers

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 38

Publius design goals

 Censorship resistant  Tamper evident  Source anonymous  Updateable  Deniable  Fault tolerant  Persistent  Extensible  Freely Available

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 39

Publius Overview

Publishers Servers Retrievers

 Publius Content – Static content (HTML, images, PDF, etc)  Publishers – Post Publius content  Servers – Host Publius content  Retrievers – Browse Publius content

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 40

Publishing a Publius document

Publishers Servers

  Generate secret key and use it to encrypt document Use “secret splitting” to split key into n shares • This technique has special property that only

k

needed to put the key back together out of

n

shares are   Publish encrypted document and 1 share on each of

n

servers Generate special Publius URL that encodes the location of each share and encrypted document – example: http://!publius!/1e6adsg673h0==hgj7889340==345lsafdfg

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 41

Retrieving a Publius document

Publishers Servers Retrievers

    Break apart URL to discover document locations   Retrieve encrypted document and share from Reassemble key from shares

k

locations Decrypt retrieved document Check for tampering View in web browser

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 42

Publius proxies

Publishers P R O X Y Servers P R O X Y Retrievers

 Publius proxies running on a user’s local machine or on the network handle all the publish and retrieve operations  Proxies also allow publishers to delete and update content

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 43

Threats and limitations

 Attacks on server resources • • • 100K Content Limit (easy to subvert) Server limits # of files it will store Possibility: use a payment scheme  Threats to publisher anonymity  “Rubber-Hose Cryptanalysis” • Added “don’t update” and don’t delete bit  Logging, network segment eavesdropping  Collaboration of servers to censor content • A feature?

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 44

Discussion

 Technology that can protect “good” speech also protects “bad” speech  What if your dog does publish your secrets to the Internet and you can't do anything about it?

 Is building a censorship-resistant publishing system irresponsible?

 If a tree falls in a forest and nobody hears it….

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 48

For further reading

 Publius web site

http://cs.nyu.edu/waldman/publius.html

 Publius chapter in

Peer-to-Peer: Harnessing the Power of Disruptive Technologies

edited by Andy Oram  The Architecture of Robust Publishing Systems.

ACM Transactions on Internet Technology

1(2):199-230

http://doi.acm.org/10.1145/502152.502154

Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 49