- 1.We are using a broad definition of personal, meaning identifiable: the use of information relating to an individual that identifies that individual -- this may include linking information with personally identifiable information from other sources or combining information so as to infer a person's identity. That is: name, address, ID number, etc. as well as IP address, email address, psychographic information, etc.Google Scholar
- 2.In fact, Germany requires collection limitation as part of its data protection law. The Organization of Economic Cooperation and Development (OECD) Guidelines on the Protection of Privacy and Transborder Flows of Personal Data principles < http://www.cdt.org/privacy/guide/basic/ oecdguidelines.html>, adopted by hundreds of countries and companies, includes "collection limitation" as its first principle. Roger Clarke of Xamax consulting Pry. Ltd. in Australia has done some excellent work in helping build guidelines to determine when the collection of personally identifiable information is needed for authentication purposes. Clarke's work on this subject is available at http:/ /www.anu.edu.au/people/Roger.Clarke/EC/.Google Scholar
- 3.CDT Senior Staff Counsel, James X. Dempsey, created this chart. Representatives of the Department of Justice agreed upon the accuracy of the chart, so it actually does represent the current state of the law, not just CDT's view. An online version is available at: http://www.cdt.org/privacy/govaccess/ accesschart.shtml.Google Scholar
- 4.Senator Leahy (D-VT) has a bill in Congress that could close some, if not many, of these holes (S. 854 or the E-RIGHTS Act of the }06th Congress).Google Scholar
- 5.Markoff, John. "An Online Extortion Plot Results in Release of Credit Card Data." New York Times. January 10, 2000. p. A}.Google Scholar
- 6.While companies are reluctant to share exact statistics on this subject, we have anecdotal evidence that legal departments have exploded at online companies specifically to deal with this issue.Google Scholar
- 7.Password technologies are clearly not the best authentication technique for such a system, but in reality they are currently the most often used. When password technologies are usedin such systemsnow, the companies have the ability to issue new passwords but no ability to see what the passwords are.Google Scholar
- 8.Business Week/Louis Harris, "3/16/98 BW/Harris Poll: Online Insecurity," http:// www.busine ssweek.eom/} 998/1 }/b3569 } 07.htmGoogle Scholar
Index Terms
- Your place or mine?: privacy concerns and solutions for server and client-side storage of personal information
Recommendations
Protecting sensitive place visits in privacy-preserving trajectory publishing
Highlights- We propose a method for privacy-preserving trajectory publishing.
- It aims at ...
AbstractThe rise of mobile computing has generated huge amount of trajectory data. Since these data are valuable for many people, publishing them while providing adequate individual privacy protection has been a challenging task. In this paper,...
Let's do it at my place instead?: attitudinal and behavioral study of privacy in client-side personalization
CHI '14: Proceedings of the SIGCHI Conference on Human Factors in Computing SystemsMany users welcome personalized services, but are reluctant to provide the information about themselves that personalization requires. Performing personalization exclusively at the client side (e.g., on one's smartphone) may conceptually increase ...
Demand paging for OneNAND™ Flash eXecute-in-place
CODES+ISSS '06: Proceedings of the 4th international conference on Hardware/software codesign and system synthesisNAND flash memory can provide cost-effective secondary storage in mobile embedded systems, but its lack of a random access capability means that code shadowing is generally required, taking up extra RAM space. Demand paging with NAND flash memory has ...
Comments