Showing papers on "Information privacy published in 1993"

Privacy policies and practices: inside the organizational maze

Abstract: How are corporations handling sensitive personal information today? How are they cufting the policies and practices that govern the use of such information? This article establishes a new foundation for examining information privacy issues by first assessing the value - laden process through which information privacy policies and practices are created in corporations and then reviewing corporate approaches to information privacy in light of implied societal expectations. The findings of this study are sobering. Corporations that routinely handle personal information (medical, financial, purchase records) operate without policies in many areas. Even where policies do exist, they often conflict with practices in the organization

Privacy and Security of Personal Information in a New Health Care System

Abstract: A COMPLEX health care information infrastructure will exist under a reformed health care system as proposed in the American Health Security Act of 1993. The success of the new system will depend in part on the accuracy, correctness, and trustworthiness of the information and the privacy rights of individuals to control the disclosure of personal information. All participants in the new system (consumers and patients, health plans, health alliances, and a national health board) will need access to high-quality information for informed decision making. At the same time, everyone must have confidence that information of a private nature is adequately protected. American society places a high value on individual rights, autonomous decision making, and the protection of the private sphere from governmental or other intrusion. Concerns about privacy transcend the health care setting.1-3Americans believe that their privacy rights are not adequately protected. In a 1993 Harris-Equifax poll4

Privacy, additional information and communication

Abstract: Two parties, each holding one input of a two-variable function, communicate in order to determine the value of the function. Each party wants to expose as little of its input as possible to the other party. The authors prove tight bounds on the minimum amount of information about the individual inputs that must be revealed in the computation of most functions and of some specific ones. They also show that a computation that reveals little information about the individual inputs may require many more message exchanges than a more revealing computation. >

Commercial Data Masking

Abstract: A method and system are disclosed for the implementation of a weakened privacy channel. This is achieved through use of a weakened symmetric cryptographic algorithm called commercial data masking. The masked text is created from clear text at one system and may to transported electronically to another system where the masked text may be unmasked to produce the clear text. The reason to use the commercial data masking algorithm for data privacy is that it is exportable to organizations to which products which contain the Data Encryption Algorithm when used for data privacy are not exportable. In addition, a method and system is disclosed by which the key when used for commercial data masking may be transformed into a key that may be used with the Data Encryption Algorithm.

Eavesdropping games: a graph-theoretic approach to privacy in distributed systems

Abstract: We initiate a graph-theoretic approach to study the (information-theoretic) maintenance of privacy in distributed environments in the presence of a bounded number of mobile eavesdroppers ("bugs"). For two fundamental privacy problems-secure message transmission and distributed database maintenance-we assume an adversary is "playing eavesdropping games," coordinating the movement of the bugs among the sites to learn the current memory contents. We consider various mobility settings (adversaries), motivated by the capabilities (strength) of the bugging technologies (e.g., how fast can a bug be reassigned). We combinatorially characterize and compare privacy maintenance problems, determine their feasibility (under numerous bug models), suggest protocols for the feasible cases, and analyze their computational complexity. >

Privacy and data: an empirical study of the influence of types of data and situational context upon privacy perceptions

Abstract: Computers influence virtually every aspect of modern life. A primary area of concern is the impact of computers on personal privacy. This concern results from the computers capacity to receive, store, process, and output large quantities of information. This study examines the privacy sensitivity of 56 pieces of personal information in four situations including a mortgage loan application, an employment application, an insurance policy application, and a mailed marketing survey. The results will be of practical value to all holders and users of personal information. Understanding what type of personal information may or may not be privacy sensitive in a specific situation could provide specific guidance to privacy policy makers. To study privacy concerns, a survey containing 56 types of personal data was given to 1031 Alabama residents. The data was collected at five malls located throughout Alabama in the late summer of 1992. The respondents were presented a questionnaire describing one of the four situational uses. They were asked to score each of 56 types of data on a six-point, Likert-type scale. The points of the scale ranged from very unconcerned to very concerned. A Hotelling T$\sp2$ and Duncan's range tests found there is a statistically significant difference $(\alpha$ = 0.05) in privacy concern between different types of personal data. Individuals, in general, were found to have a low level of privacy sensitivity for 13 types of personal information and a high level of privacy sensitivity for 8 types. Further examination using factor analysis resulted in the grouping of the data items into eight factors. A statistically significant difference in privacy sensitivity for different situational uses of the data was also found using Hotelling T$\sp2$ and Duncan's range tests $(\alpha$ = 0.05). Marketing surveys have the highest privacy sensitivity mean score followed by an employment application, an insurance application, and the lowest was a mortgage loan application. A framework for the study of data privacy was developed and used as a basis for this research. The framework places privacy variables into an input-process-output model. This framework can be used for further research in the study of data privacy.

Capability-based protection in the Mungi operating system

Abstract: A single address space operating system is an excellent environment for the implementation of distributed object-based systems. The tissue of providing effective and efficient protection of objects in such an environment has, however, not been addressed satisfactorily. This paper presents the protection mechanism of Mungi, which is based on password capabilities. A system-maintained data structure called the capability tree is used for the long-term storage of capabilities, and reflects the hierarchical structure of object privacy. A second system data structure, the active protection domain, allows the system to find capabilities quickly when validating memory accesses. The model supports inheritance of protection domains, as well as temporary extension of protection domains to support privileged procedures. Untrusted programs can be confined to run in a restricted protection domain. The protection system performs efficiently on conventional architectures, and is simple enough that most programs do not need to be aware of its operation. >

The Globalization of Privacy: Implications of Recent Changes in Europe

Abstract: I Introduction THE DEVELOPMENT of global economic and communication systems is receiving much attention. But no global system is designed and constructed at the international level; all evolve out of the interconnection of national systems. In constructing global systems, national governments, regional consortia and international organizations all struggle with the task of enacting rules and standards that allow national systems to work together as global systems. The global economic and communications systems are fundamentally global information systems. These collect, transmit, exchange and manipulate vast quantities of information, and overcome the traditional barriers to the international movement of information, "time, language, distance and cost."(1) Much of this information is about people--their purchases, travel plans, investments, employment, entertainment preferences, health care and personal contacts. Most industrialized countries have laws relating to the collection and exchange of personal information.(2) Given the diversity of political cultures and systems, it is not surprising that these national laws vary.(3) But, this variation can be a barrier to the transfer of personal information from one country to another and a barrier to the operation of the global economic system. In order to move towards one European market, "Europe 92," the European Community is harmonizing national laws that affect the workings of the European economic market. Included among such proposals is one that requires the twelve countries in the European Community to harmonize their privacy or data protection legislation.(4) The proposed "Directive on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data"(5) (hereafter referred to as Data Protection Directive) has provoked discussion not only among the members of the European Community, but also in countries that trade or deal commercially with members of the European Community. Much discussion is occurring in the United States, which will be affected by the Data Protection Directive both because of its extensive trade with the European Community and also because many observers believe that the privacy laws of the United States do not provide the level of protection that the Data Protection Directive will require. The construction of the European Market is likely to lead to a strengthening of privacy laws in the United States. This event outside American borders will affect the development of American public policy and be able to accomplish something that privacy advocates within the United States have been unable to for over twenty years, i.e., establish an independent agency to oversee personal information practices and establish more legal requirements for certain private sector entities, such as direct marketing and health care. It appears somewhat ironic that protection of a basic cultural value within a country would occur in response to a perceived economic threat from outside that country.(6) But a simple economic argument is not adequate to explain the likely American response to the European Data Protection Directive. To American corporations, this issue has been one of economic competitiveness since the late 1960s and their view of this policy issue has not changed. The likelihood of changes is instead explained by the more complex social, economic and political environment of the 1990s. The European Directive provides a "policy window"(7) through which policy changes can occur. II The International Privacy Environment CONCERN FOR protecting the privacy of personal information began in the late 1960s as a result of two related developments: the computerization of personal information, and the increased reliance public and private organizations placed on the collection, use, storage and exchange of personal information. Policy discussions about information privacy have occurred on three levels: national governments, regional consortia and international organizations. …

Your Right to Privacy: A Selective Bibliography

Abstract: An awareness of relevant contemporary legal thought in the area of privacy is especially important today in light of what appears to be an increasing hostility to the notlon of individual privacy. The following bibliography considers privacy in terms of concept and application, and should prove useful to scholars, practitioners, and those seeking to gain more knowledge about this very important and complicated area of law.

Access and privacy of distribution land related information

Abstract: Introduction Increasing computing power and sophisticated telecommunications technology are making the development of distributed information systems a reality. The use of such a distributed environment provides a new and powerful means of gathering, processing and disseminating a vast array of information products. There are, however, some facets to this environment which are not adequately dealt with by current policies in many jurisdictions. Some of the institutional issues which appear to be floundering in the wake of rapid advances in information technology relate to the ownership of information, the role of the private and public sectors in the distribution of information, the rights of access to information, and information privacy.

Design of the commercial data masking facility data privacy algorithm

Abstract: This paper presents the details of the new Commercial Data Masking Facility (CDMF) data privacy algorithm1. When implemented appropriately, products containing the CDMF algorithm can, in general, be freely exported from the United States. A short discussion of the requirements and rationale of the new algorithm is given.This paper is an abbreviated version of a paper scheduled to be published in the March 1994 issue of the IBM Journal of Research and Development. The full paper will include a more extensive discussion of the requirements and rationale as well as a discussion of its strength under various threat scenarios and testcases to help ensure a correct implementation.

Legal issues for information professionals. Part III: Data protection and the media—background to the Data Protection Act 1984 and the EC Draft Directive on Data Protection

Abstract: British law recognises no statutory right to privacy The Data Protection Act 1984 was the first Act to address this right, albeit in the limited area of the automatic processing of personal data. The debate over the opposing requirements of privacy and freedom of expression, especially with reference to the media has, over the last decade, generated a lot of discussion and disagreement. This paper addresses the at tempts to balance the conflicting concerns of individual pri vacy and freedom of expresion and the rights of the individ ual vis a vis those of economic and political needs This paper examines the background to both the 1984 UK Data Protec tion Act and the EC Draft Directive on data protection, and also considers the balance between privacy and the need for public disclosure in the media.

Dimensions of concern over telecommunications privacy in the United States

Abstract: Analyses of attitudes and concerns about privacy from a national survey sample of 1,532 adult Americans in 1988 revealed several separate dimensions A modification of Tryon's method of clustering variables (third‐order correlations) yielded groups of variables whose meanings were much more interpretable than they had been when factor analysis was initially used We tested the validity of the clustering by a highly comprehensive system of item analyses The main findings were that (1) respondent concerns over telephone privacy were not related to other aspects of privacy, (2) interest in devices like Caller ID that enable recipients to know the number of the caller were not related to other aspects of telephone privacy, and (3) general privacy concerns under conditions where the respondent and the other party know each other were independent of those conditions where they do not know each other Implications for telecommunications policy and new services are discussed

Protection of patient data in multi-institutional medical computer networks: regulatory effectiveness analysis.

Abstract: Privacy protection is one of the major issues in the development of multi-institutional clinical information networks. Judicial decisions have confirmed patient's rights to protection of a "reasonable expectation of privacy". Incorporating this protection into a system requires analysis of appropriate models. The National Practitioner Data Bank (NPDB) contains confidential data concerning physician competence. The medical profession had substantial input into the privacy protection features of the NPDB, which are much more comprehensive than those used in many clinical information systems. The NPDB represents the privacy protection which physicians expect for their own data. Regulatory Effectiveness Analysis can be used to analyze the suitability of the NPDB as a model for patient privacy protection. Judicial opinions set public policy and legal structures for privacy, and the NPDB provides an inventory of useable technical tools. After eliminating minor discontinuities, the NPDB can be used as a model to create a useable standard for privacy for multi institutional data transfers.

IVHS and the Law of Privacy

Abstract: This paper briefly examines the Constitutional, common law and statutory protections for privacy and information security in regard to Intelligent Vehicle Highway Systems (IVHS) technologies. It includes a discussion of the issues involved in balancing the privacy interests of individuals and organizations against the public interest in access to information.