Showing papers on "Information privacy published in 1976"

Intentional resolution of privacy protection in database systems

Abstract: Traditionally, privacy protection in database systems is understood to be the control over what information a given user can get from a database. This paper is concerned with another, independent, dimension of privacy protection, the control over what a user is allowed to do with a piece of information supplied to him by the database. The ability to condition the supply of information on its intended use is called here “intentional resolution” of privacy protection.The practical importance of intentional resolution is demonstrated by several examples, and its realization is discussed. It is shown that intentional resolution can be achieved, but that it involves a radical change from the traditional approach to the process of user-database interaction. In particular, it appears to be necessary for the database to impose a certain amount of control over the internal behavior of users' programs which interact with it. A model for user-database interaction which admits such a control is developed.

Privacy and Security Issues in Information Systems

Abstract: A law now in effect in the United States requires protection of individual privacy in computerized personal information record-keeping systems maintained by the federal government. Similar laws apply in certain state and local governments. Legislation has also been introduced to extend the requirements for privacy protection to the private sphere. Central in privacy protection are the rights of an individual to know what data are maintained on him, challenge their veracity and relevance, limit their nonroutine use or dissemination, and be assured that their quality, integrity, and confidentiality are maintained. In all computer systems that maintain and process valuable information, or provide services to multiple users concurrently, it is necessary to provide security safeguards against unauthorized access, use, or modifications of any data file. This difficult problem has not yet been solved in the general case. Computer systems must also be protected against unauthorized use, disruption of operations, and physical damage. The growing number of computer applications involving valuable information or assets plus the growing number of criminal actions directed against computer applications and systems or perpetrated by using computers underscore the need for finding effective solutions to the computer security problem. In the future, concerns for privacy and security must become integral in the planning and design of computer systems and their applications.

Classification of personal information for privacy protection purposes

Abstract: Laws now in effect require protection of individual privacy in personal information record-keeping systems maintained by the federal government and by several states. These requirements will be extended to the private sphere in the future. It is necessary for their implementation in record-keeping systems to establish a standard sensitivity scale and classification system for personal information. This paper surveys several classification systems that have been discussed in the literature, examines the criteria for setting up such systems, proposes a new sensitivity scale and corresponding classification system, discusses the information integrity and security provisions that should be adequate for each classification level, and examines the problems that arise in assigning sensitivity and classification levels to personal information items, records, and record-keeping systems.

Privacy and Security in Centralized vs. Decentralized Databank Systems

Abstract: This paper explores the questions of whether or not a centralized personal-information databank system presents a greater threat to the privacy and other related rights of the persons on whom data are kept than does a decentralized system that collectively holds the same data, and which databank system can provide better data security. It is concluded that, except possibly in the case of a coup d'etat, a properly designed and controlled centralized databank system is a smaller threat to privacy and provides more effective security than a decentralized system.

Social research and the protection of privacy: a review of the Norwegian development.

Abstract: The development of social science research policies reflects an increased emphasis upon government and political control of the research, while at the same time researchers are confronted with stronger restrictions regarding their access to and utilization of certain types of data. The paper gives a review of proposed legislation concerning data systems and the protection of privacy in Norway. According to the proposal a new agency, the Data Inspection, will be given the authority to decide whether or not to permit the establishment of personal data systems to be used by agencies of state or municipality. The provisons of the proposed act will apply even to data systems for research purposes. The paper gives a consideration of a number of intended as well as presumably unintended consequences of such legislation. It is stressed that social scientists fully endorse efforts to build a protective shield around the integrity and privacy of individuals who furnish data for research. However, such efforts should not be allowed to introduce serious obstacles to the search for improved knowledge about social processes.

Privacy Issues and the Private Sector

Abstract: : GUIDE represents a large portion of the private sector of this country; at the moment, of course, the recordkeeping processes of non-Federal organizations are being examined for possible legislative safeguards Information in modern day record systems is used directly to affect everyone The future will be one in which information about individuals will be used even more extensively than it is today, and in very broad ways This society levies heavy demands upon government for services This results in extensive social programs that not only have to be administered, but monitored as well That all adds up to information about people, and it is not likely to get less The essential thing is to make sure that a proper balance between such legitimate needs and adequate safeguards are developed that can protect individuals against harm as a result of the existence of record systems The privacy issue is forcing the country and its institutions into a very thorough reexamination of recordkeeping practices The Privacy Act of 1974 created the Privacy Protection Study Commission to examine the private sector and non-Federal government The Commission is to recommend to Congress and the President first, what aspects of the 1974 Act should be applied to the private sector; secondly, to recommend to Congress and the President what further legislative safeguards are indicated for the private sector

Public policy on privacy

Abstract: The following article is excerpted from testimony presented by Dr. Brandin, Gene P. Altshuler, Peter D. Miller, and Donn B. Parker before the Privacy Protection Study Commission, September 8, 1975 on behalf of Stanford Research Institute. Since the testimony comments on privacy as an issue for public it is included in this issue of Computers & Society.

Privacy, privilege, and transportation research

Abstract: The increasing danger of legal entanglement for researchers who disregard the rights of human subjects used in research, in particular their right of privacy, is examined. The broad definition of a human subject and the equally broad definition of injury are discussed. The implications of the Privacy Act of 1974 are noted, and the critical need for a researcher-privilege statute set forth.

A control systems model of privacy

Abstract: Concerns about individual privacy, specifically in relation to automated data systems containing personal information, are considered in terms of a feedback control system model. This model provides a framework which appears to relate many separate concerns which individuals or groups have expressed about privacy. It also provides a framework which may be suitable for analyzing legislation or regulations promulgated for the protection of privacy. The model may assist in defining needed research on the need for privacy, or on the impact of inadequate protection of privacy.The model posits that data systems pose various "threats" to privacy depending on the extent and manner in which the existence of such information systems hinders the ability of individuals or groups to provide feedback to systems which affect them.

A Comprehensive System for the On-line Implementation of Privacy and Security Measures.

Abstract: Overview: The CASA database is ready for the next stage of implementation. Access to the system is obtained by: Attending and Completing Basic CASA database training (refresher courses are also available). This training is scheduled by OCCF and offered by the CASA database design team. Activation of a login by OCCF Web-support. CASA database training involves an interactive, hands-on 2 hour web-based training session. The sessions are limited to a maximum of 4 participants per session. The training gives basic level instruction on how to use and access the system. If you haven't done so already, you can sign up by emailing occfwebsupport@fc.state.or.us. All users MUST sign and fax back a 2h systems user agreement form and HIPAA Confidentiality Agreement. OCCF web support will activate the CASA user once all forms are signed and received by OCCF. A fax cover sheet is included in this packet.