Privacy in computing & interlectual property

Privacy in computing
What is privacy?
•How would you define it?
•What do you think its aspects are?
– Three key aspects:
• Controlled disclosure.
• Sensitive data
• Affected subject.

Computer Related Privacy Problems
• Data collection: what issue do you see?
• No informed consent:
– Examples: real age.
• Loss of control: class discussion.
– Example: posting on a blog.
• What are the ramifications vs. writing a letter?
• Ownership of data.

Protections provided
• Privacy Policies;
– First step: fair information policies:
• Regulate these;
– Collection of information.
– Data quality.
– Purpose specification (use of information)
– Use limitation.
– Security safeguards.
– Openness.
– Individual participation.
– Accountability.

U.S privacy laws
– Are usually applied to individual data types:
– HIPAA
– Financial organizations: Gramm-Leach-Bliley Act
(GLBA)
– Important in Radford: Federal Educational Rights and
Privacy Act (FERPA).
• Somethings are not clear: example class
discussion.

U.S govt. websites.
• Privacy laws controlled by the FTC.
• Address 5 factors:
– Notice (must be informed)
– Choice
– Access (contest accuracy of data collected)
– Security. (data collectors must secure against
unauthorized use).
– Enforcement (sanctions on noncompliance)
• In 2002, the US e-government act.

What about commercial
websites?
• Federal trade commission can prosecute for
deceptive practices. (e.g., false advertising)
– E.g., JetBlue and the DOD.
Other issues with Privacy
• Anonymity.
– Issues with anonymity.
• Multiple identities (online id)

How to protect against privacy
loss?
• Get/give as little data as possible.
• Data anonymization.
• Audit trail: record who has accessed what
data.
• Security and controlled access
• Training, quality, Restricted usage, data left
in place.
• Policy.

Issues in Computer Security:
Data mining and privacy.
• Government data mining.
• Privacy preserving data mining:
– Data mining is “extracting hidden patterns from
large amounts of data”
– Solutions to preserve privacy:
• Remove id information. Doesn’t work.
– E.g., Sweeney’s report: > 87% US population can be
identified by: 5 digit zip code, gender and date of birth.
• Data perturbation. Example. Needs to be done
carefully.

Privacy on the web
• Think about this:
– On the web: every word you speak (blog) can
be read
– Someone selling something may have ads on
their site for something else.
– Identity of the other person may not be known!
• Some issues on the web are protected.
– Can you name them?

Privacy on the web
• Credit card payments are protected.
– But not necessarily private.
– Paypal etc.. May solve the privacy issues.
• Site and portal registrations:
– Beware of “we will enhance your browsing experience”
– Using email as id on some sites. Issues?
• Third party ads.
• Contests and offers: Free Iphones!

Privacy issues
• Cookies:
– Be-aware
• Third party cookies. E.g., Double Click and online profiling.
• Adware
• Web-bug.
• Spyware: keystroke loggers.

Email security
• Interception of email.
– Can be encrypted using PGP or S/MIME
– Email monitored legallly.
• Anonymous E-mail and remailers
– Sending anonymous emails.
• Spoofing and spamming.

Digital Rights Management
(DRM)

History of DRM
• In the pre-digital era, people's ability to do various things to or with content
were limited.
• The networked digital age makes it possible to do just about anything to digital
content, instantaneously and at virtually no cost.
• While this is a great opportunity for new content business models, it threatens
the livelihood of content creators by making rampant piracy possible
• Also, more and more public and private entities are going digital and doing
business online. Information is increasing retrieved through computer networks
by customers, employees and partners etc.
 Thus, we see the need for a technology that enables the secure creation,
management, distribution and promotion of digital content on the Internet.

DRM
 Set of technologies that enable content owners to specify and control:
 the access they want to give consumers and
 the conditions under which it is given.
 It includes:
– Persistent Protection: Technology for protecting files via encryption and allowing access
to them only after the entity desiring access has had its identity authenticated and its rights
to that specific type of access verified
– Business rights: Capability of associating business rights with a content by contract, e.g.
author’s rights to an article or musician’s rights to a song
– Access tracking: Capability of tracking access to and operations on content
– Rights licensing: Capability of defining specific rights to content and making them
available by contract

DRM Functional
Architecture
• IP Asset Creation and Capture Module
– Rights Validation to ensure content being created
includes the rights to do so
– Rights Creation to allow rights to be assigned to new
content
– Rights Workflow to allow for content to be processed
through series of workflow steps
• IP Asset Management Module
– Repository functions to enable the access/retrieval of
content in potentially distributed databases and the
access/retrieval of metadata
– Trading functions to enable assignment of licenses to
parties who have traded agreements for rights over
content, including payments from licensees to rights

Interested Players in
DRM• Government Agencies
– Interested in controlled viewing and sharing of highly secure and
confidential documents, audio and video data.
– “Need to know basis”
• Private Corporations
– Want to limit the sharing of their proprietary information
– Track accesses and any modifications made to it.
– E.g. news agencies like Reuters
• Owners of commercial content
– Content owners, artists, and publishers want to gain revenue through sale and
promotions
– But are concerned about protecting their copyrighted works from illegal use

Interested Players in DRM
contd.• Intermediaries (service providers, content distributors etc.)
– Concerned about minimizing costs of providing services
– Cautious about protecting themselves from lawsuits over illegal distribution
• Producers of end user equipment (PCs, players, etc.)
– Concerned about minimizing design and production costs
– Unwilling to pay for features that only some users need
• End users
– Interested in immediate access to desired content
– Want to use the content conveniently

Thus, we see…
 DRM can help ensure companies, corporations, and other
entities who share similar business that:
 Rights are tracked at ingestion
 Access is controlled during production processes
 Protection for the content extends throughout product lifecycles
 Additionally, DRM can integrate persistent content protection
with content management to ensure:
 Proper business practices
 Implementation of new business models
 Compliance with regulatory requirements in industries such as financial
services, healthcare, and government

Business Imperatives for DRM:
Control Access During Workflow
 Controlling allowed uses of digital content is a critical function of DRM
technology.
 By predetermining and controlling the exact use(s) for content, DRM
technology extends and enhances the traditional role-based access.
 Example: A draft manufacturing guideline is circulated among an international
standards committee and participating qualified companies. Using DRM
technology, this becomes a closed circulation.
The draft guidelines are in a tamper-proof format, with print-only user-rights,
limited to a pre-determined timeframe, after which the draft is withdrawn and
replaced by the final set of guidelines.
The owner of the content, in this instance the standards committee, can withdraw,
alter, or grant permissions related to the content at any time.

Downstream Use
 Companies need to deliver controlled access downstream so that
content can be licensed, deployed and repurposed by business partners
in accordance with the terms of agreements.
 Example: Music publishers license DRM-enabled content to online
transactional or subscription services. The DRM-enabled content allows
both distributors and consumers to choose from multiple fee/free business
models.
For example, the content could be included in both the free-play list for one-
time use on multiple devices, or it could be licensed on a fee-for play use
by media companies, publishers corporate, government or institutional
users.
Further, with DRM-enabled content, owners may chose to permit licensees
the ability to re-distribute or enter into republication agreements.

Modification of Rights Over Time
 Systems must be able to accommodate changes by updating parameters of rights and
usage as needed to accommodate new distribution models.
 Lack of ability to change access rights to content can be a serious business liability,
cost a lot of money and be a disincentive to customers.
 Example: The U.S. Supreme Court decision in New York Times v. Tasini (2001)
compelled content industry vendors to remove or modify core research records in
database archives, because creators of content in those archives were not being
properly compensated. Compliance costs for vendors included additional staffing
to re-code or remove records, systems development expenses, along with
increased demand on customer service and marketing departments.
 DRM, in such cases, can facilitate collaboration, creating the ‘trusted environment’
needed for collaboration by persistently protecting critical Intellectual Property (IP)
beyond the boundaries of business processes and corporate organizations.

Regulatory and Business Standards
 Integrity, authentication, security, privacy and accountability are
‘watchwords’ for new legislative and regulatory standards.
 Example: HIPPA regulations mandate new levels for privacy and
authentication for document management in healthcare institutions and
the medical community.
 Example: Warranties and liability requirements demand strict
assurances that the latest, most comprehensive, and appropriate
instructions, product information and warning of potential hazards are
in the hands of the users.
 Integrated DRM-CMS solutions can offer corporations, public sector
institutions and regulated industries enterprise-wide assurance that
content and document operations comply with current regulatory
regimes, accountability, privacy, and security legislation.

Business Imperatives for DRM: Outsourcing
• Offshore processing and data-conversion service bureaus have long been a
staple of trade, technical, professional and database publishers.
• Software and entertainment products are routinely outsourced. There is a
growing trend to rely on outsourced personnel for the roles companies
traditionally reserved for employees.
• Bottom line is many people working on digital content products and processes
do not have long-term commitment or loyalty to the company.
• Security and communication become large issues and require a level of
embedded knowledge within core business processes.
 DRM ensures that information expressed in a standard format to minimize
uncertainty, provide an efficient and accurate way to update operational
routines, and assure appropriate levels of accountability.

Protection throughout Content Lifecycles
 Piracy, whether of software, music, film, images, or text, costs
billions of dollars each year.
 It squanders valuable company time and resources by
requiring costly efforts to detect and deter theft.
 Further, it creates an atmosphere of distrust that can become
counterproductive to developing new business models for
digital content.
 DRM-enabled protection continues throughout the distribution
of the content, auditing its use and accounting for its fees and
licenses.

The Divide
• The content development industry, which consists of the recording industry
and the movie studios, has repeatedly emphasized the need for immediate
DRM solutions that stop all unauthorized copying and distribution.
• Meanwhile, the IT industry is emphasizing that DRM solutions should
support the concept of "fair use," which allows consumers to make copies
of some types of copyrighted content for their own personal use.

Fair Use
 Copyright principle based on the belief that the public is
entitled to freely use portions of copyrighted materials for
purposes of commentary and criticism.
 Unfortunately, if the copyright owner disagrees with your fair
use interpretation, the dispute will have to be resolved by
courts or arbitration.
 The four factors for measuring fair use:
 the purpose and character of your use
 the nature of the copyrighted work
 the amount and substantiality of the portion taken, and
 the effect of the use upon the potential market.

Digital Copyright Millennium Act (DCMA)
• 1998 law designed to increase copyright holders' rights.
• Creates civil and criminal penalties for creation or distribution of
DRM circumvention tools.
• As a result, a user attempting to circumvent copyright protection, even
for legitimate reasons, violates federal law.
• What this means?
– Open-source software developers rely on reverse engineering to write
programs that can interact with hardware. This practice is illegal under the
DCMA.
– Reverse Engineering and Cryptanalysis can also be interpreted as illegal
under the DCMA.
– Is Norton Anti-Virus illegal?

The Future of DRM
• DRM is emerging as a formidable new challenge, and it is essential for
DRM systems to provide interoperable services.
• Solutions to DRM challenges will enable untold amounts of new
content to be made available in safe, open, and trusted environments.
• The technology can be expected to be heavily used in the future to
support digital library collections, code and software development,
distance education, and networked collaboration, among other
applications.

The Future of DRM
contd.
• DRM standardization is occurring in a number of open
organizations.
• The OpenEBook Forum [OEBF] and the MPEG group
[MPEG] are leading the charge for the ebook and multimedia
sectors.
• The Internet Engineering Task Force [IETF] and the World
Wide Web Consortium [W3C] have also commenced work on
DRM issues.
• Their work will be important for the entire DRM sector, and
it is also important that all communities be heard during these
standardization processes in industry and sector-neutral
standards organizations.

Are you a thief?
Plagiarism
Plagiarism is THEFT!
It is theft of intellectual property

Plagiarism
Plagiarism is the use of other
people's ideas without due
acknowledgment.
It is about presenting other people's
ideas as your own.

Plagiarism
Plagiarism can be intentional – which is unethical and
totally unacceptable. It may also be illegal or actionable
and your employment prospects can be severely affected
Likewise your academic prospects!

Plagiarism
Plagiarism can also be unintentional – you don't realise
you are doing it. This is lazy,sloppy and unprofessional

Plagiarism
Plagiarism can also be unintentional – you don't realise
you are doing it. This is lazy,sloppy and unprofessional
Whatever the case, plagiarism is plagiarism and cases
are always treated in the same way

Plagiarism
Here are some examples:
Copying someone's project report, with or without
their knowledge
Claiming to have done something someone else did
Fabricating experimental results
Pasting text or pictures straight from the web
Typing in passages from text books

Plagiarism
The first is usually easy to spot and
the penalties can be severe
Complicit copying (collusion): 50% of mark down to zero
and possibly a note in student progress record - usually
up to module leader or Degree Programme Director.

Plagiarism
The first is usually easy to spot and
the penalties can be severe
Complicit copying (collusion): 50% of mark down to zero
and possibly a note in student progress record - usually
up to module leader or Degree Programme Director.
Explicit copying: usually zero marks plus a warning.
In repeat or outrageous cases, appearance before
HoS – perhaps even report to Registrar
Explicit copying also covers using a work from a
previous year

Plagiarism
Claiming someone else's work as
their own can also be spotted from
a knowledge of a student's capability
An example might be where a student submits a
design report using work that someone else in
the group actually did

Plagiarism
Fabricating results:
Some famous examples of scientists fabricating
results – but students also do it.
Miss the labs and make up the data.
Easy to spot – data is usually too good and the student
misses the obvious flaws of the equipment.

Plagiarism
Pasting text or pictures straight
from the web or typing in passages
from text books and journals

Plagiarism
Nothing wrong with this if it is done correctly and the
audience knows what's going on.

Plagiarism
Nothing wrong with this if it is done correctly and the
audience knows what's going on.
Sometimes you may need permisssion

Plagiarism
Text, quotations, ideas from other
sources may be used to support
your arguments – but they must
be referenced, and due credit given.

Plagiarism (Some examples)
It is a truism that everyone
cares about the environment and agrees that actions
must be taken but no one wants to take responsibility
for actions which directly affect members of the public
as individuals.
The recent statements emanating from
the USA that in fact global warming might well increase
agricultural production challenge popular opinion even
further. We do not concur with this point of
view ...........

Plagiarism
Chunks of actual text, such as quotations,
should be put between quote marks (“text”).
Use a referencing system or a footnote to
acknowledge.
According to Harvey [2004] “It is a truism that everyone cares about
the environment and agree that actions must be taken but no one
wants to take responsibility for actions which directly affect members
of the public as individuals. The recent statements emanating from
the USA that in fact global warming might well increase agricultural
production challenge popular opinion even further.” We do not concur
with this point of view ...........

Plagiarism
Alternatively, you may want to make a statement but the
statement is derived from some other work. The source
must be acknowledged (referenced).
........ Commitments from various countries to energy reduction
may have been perceived to be relevant to ordinary members of
the public until the refusal of the USA to implement the Kyoto
agreement challenged popular opinion [Fells, 2000]

Finally
Basic rules for students:
DO NOT:
+ write about someone else’s ideas as if they were your own
+ write about someone else’s ideas without giving a reference
+ use someone else’s words exactly without indicating
that it is a direct quote and referencing it
+ use more or less the same words as another writer even if you
acknowledge their work
+ copy another student’s work
+ submit work written for you by another person
+ cut and paste material from the internet, putting pieces of text together
to form an essay.
ALWAYS:
+ cite your references

Introduction to
Intellectual Property and
Intellectual Property
Rights

What is meant by “intellectual property” and
“intellectual property rights”?
Which are the IP protection tools available?
•Patent
•Utility Model
•Industrial Design
•Trademark
•Copyright

• What is meant by “intellectual property” and
“intellectual property rights”?
Intangible assets:
• Results of creative efforts from the human intellect
• Such creations cannot be materially measured

Business assets
• Tangible Assets e.g. buildings, machinery,
infrastructures ...
• Intangible Assets (intellectual property)
e.g. know-how, human resources, business
relationships, brands …

Privacy in computing & interlectual property

The IP Chain of Activities
• Creation
• Innovation
• Commercialization
• Protection
• Enforcement

IP as a property
• Can be sold
• Can be bought
• Can be lease or rent
• Can pass under a will
• Can be assigned

The Legal Framework for IP
• MyIPO is the legal custodian.
• Three machinery of administration
• - the IP office
• - the external machinery
• - the court

International Convention for IP
• Paris Convention for Protection of
Industrial Property 1967 ( 1989)
• Berne Convention for the Protection of
Literary and Artistic Works 1971 ( 1990)
• Trade-related aspects of Intellectual
Property Agreement 1994 ( 1995)

The Laws For Intellectual Property
Protection
• Copyright Act 1987
• Trademarks Act 1976
• Patent Act 1983
• Industrial Design Act 1996
• Geographical Indications Act 2000
• Law of Tort
• -passing-off
• Confidential information

References
benjaminvibez@gmail.com
END

Privacy in computing & interlectual property

More Related Content

What's hot (20)

Similar to Privacy in computing & interlectual property (20)

Recently uploaded (20)