The most interesting for me was the Chapter 52 Online Privacy. It was interesting to know how Government was involved in the online activities of their nationals in the scandal of 2013 when National Security Agency unveiled the surveillance practices after which a sizeable number of internet users and IT professionals do not believe that governments should have access to encrypted information systems, and many online users have adopted strategies to hide their information from the government.
I learned about Privacy enhancing technologies (PETs) which is a general term for a set a computer tools, applications, protocols and mechanisms aiming at protecting and enhancing the privacy of user’s PII.
I also found Chapter 52 most interesting with reference to the abuses and unacceptable practices conducted by governmental agencies that claim to be from democratic, free, and open societies. It is really interesting to reflect on how the events that transpired on U.S soil on September 11, 2001, would forever change Americans’ attitudes and concerns about safety, surveillance, and privacy. I actually wrote a paper examining how the unrestricted nature of the framework within the Patriot Act, and the NSA’s Terrorist Surveillance Program prompted by the War on Terror violated Americans’ constitutional rights and disproportionately affected certain groups, for example, Muslim Americans. For example, by participating in President Bush’s warrantless wiretapping program, the NSA avoided the Foreign Intelligence Surveillance Act (FISA)’s procedures of electronic surveillance and collection and safeguards altogether. Every day there is more controversy about how much data we are comfortable applications such as Facebook, Alexa, Ring security systems, etc. obtaining.
Higgins
Higgins is a species of Tasmanian long-tailed mouse and the name of an open source collaboration of IBM, Novell, Oracle, and Parity with multiple digital identities and an interoperability framework for identity management. The main goals of Higgins as an identity management system are interoperability, security, and privacy within a decoupled architecture. This system is user-centric based on a federated identity management. The user has the ability to use a pseudonym or simply reply anonymously in case you would not give your name.
We use the term context to cover a range of underlying implementations. A context can be thought of as a distributed container-like object that contains digital identities of multiple people or processes. The platform intends to address four challenges:
• The need to manage multiple contexts
• The need for interoperability
• The need to respond to regulatory, public, or customer pressure to implement solutions based on trusted infrastructure that offers security and privacy
• The lack of common interfaces to identity/networking systems
And Higgins delivers a consistent user experience based on i-cards, any identity protocol, token data type, any kind of identity data, data source and platform based.
Overall, I found Chapter 52 on Online Privacy very interesting because it talked about the different scandals and abuses that governmental agencies have been exposed concerning the surveillance of citizen’s private communications ex. Section 215 of the Patriot Act. The struggle between privacy values, business dynamics, and technological advancements is a topic that interests me because it connects my background with law and our course in Protection of Information Assets. The following quote really resonated with me, “The processing of personal data should be designed to serve mankind. The right to the protection of personal data is not an absolute right; it must be considered in relation to its function in society and be balanced with other fundamental rights, in accordance with the principle of proportionality” (Vacca Chapter 52). This chapter also taught me how browser cookies work and their controversies; whenever visiting a website, I would always accept cookies not really understanding what they were or what information they stored. Similar to the idea of identity management, cookies serve as a unique identifier and all the data collected is stored at the server site. However, there is also such a thing as flash cookies (local shared objects), also known as “zombie cookies” since they can be used to recreate deleted HTTP cookies.
I saw privacy in mobile health applications in 52, built-in tools on smart mobile devices, such as GPS, programs that automatically detect health behaviors, upload physiological data, etc. The information transmitted by these devices is personal privacy. But what is interesting is that these big data help some government departments to prevent or reduce collective health problems. Although the company has significant commercial interests in collecting private health data of customers and sharing it with insurance companies, research institutions and even government agencies, big data analysis can also provide discovery and help for the overall health of people across the country.
Chapter 59 of VACCA Identity Theft is very interesting. Identity theft, in my cognition, usually refers to a person impersonating another person’s identity or information. Interestingly, the definition here is “Identity theft is commonly defined as unwanted appropriation of access credentials that allow creation and access of accounts and that allow the aggressor to pose as the victim. Phishing is a type of identity theft implemented on the Internet , Usually rely on social engineering to obtain the victim’s access credentials”. In the experiment, I was surprised that the testers were able to judge the authenticity of the emails by using different fonts, web page layouts, and other small changes to the screenshots of the web pages. The link placed in the phishing email presents a very slight gap with the real web page, such as Without Secure Sockets Layer (SSL) and endorsement logo. With SSL and endorsement logo; no SSL/endorsement logo; SSL/endorsement detail. . . The user’s perception of the authenticity of emails and web pages depends on the context of the email message, and the background is more shaped by the narrative strength of the information rather than its underlying authenticity. When the content of the message is short and unsurprising, third-party recognition and glossy graphics prove to be effective authenticity stimuli. When applied to more involved messages, the same document characteristics failed to affect the authenticity judgment in a significant way.
I believe most of the identify thefts happen when there a data breach happens. For example, the recent data breach of Robinhood investment platform. Personal information of more than 7 million of its customers were exposed. The hackers take advantage of this personal data to crack into their personal accounts and steal information.
Shubham Patil says
The most interesting for me was the Chapter 52 Online Privacy. It was interesting to know how Government was involved in the online activities of their nationals in the scandal of 2013 when National Security Agency unveiled the surveillance practices after which a sizeable number of internet users and IT professionals do not believe that governments should have access to encrypted information systems, and many online users have adopted strategies to hide their information from the government.
I learned about Privacy enhancing technologies (PETs) which is a general term for a set a computer tools, applications, protocols and mechanisms aiming at protecting and enhancing the privacy of user’s PII.
Elizabeth Gutierrez says
Hi Shubham,
I also found Chapter 52 most interesting with reference to the abuses and unacceptable practices conducted by governmental agencies that claim to be from democratic, free, and open societies. It is really interesting to reflect on how the events that transpired on U.S soil on September 11, 2001, would forever change Americans’ attitudes and concerns about safety, surveillance, and privacy. I actually wrote a paper examining how the unrestricted nature of the framework within the Patriot Act, and the NSA’s Terrorist Surveillance Program prompted by the War on Terror violated Americans’ constitutional rights and disproportionately affected certain groups, for example, Muslim Americans. For example, by participating in President Bush’s warrantless wiretapping program, the NSA avoided the Foreign Intelligence Surveillance Act (FISA)’s procedures of electronic surveillance and collection and safeguards altogether. Every day there is more controversy about how much data we are comfortable applications such as Facebook, Alexa, Ring security systems, etc. obtaining.
Oluwaseun Soyomokun says
Higgins
Higgins is a species of Tasmanian long-tailed mouse and the name of an open source collaboration of IBM, Novell, Oracle, and Parity with multiple digital identities and an interoperability framework for identity management. The main goals of Higgins as an identity management system are interoperability, security, and privacy within a decoupled architecture. This system is user-centric based on a federated identity management. The user has the ability to use a pseudonym or simply reply anonymously in case you would not give your name.
We use the term context to cover a range of underlying implementations. A context can be thought of as a distributed container-like object that contains digital identities of multiple people or processes. The platform intends to address four challenges:
• The need to manage multiple contexts
• The need for interoperability
• The need to respond to regulatory, public, or customer pressure to implement solutions based on trusted infrastructure that offers security and privacy
• The lack of common interfaces to identity/networking systems
And Higgins delivers a consistent user experience based on i-cards, any identity protocol, token data type, any kind of identity data, data source and platform based.
Elizabeth Gutierrez says
Overall, I found Chapter 52 on Online Privacy very interesting because it talked about the different scandals and abuses that governmental agencies have been exposed concerning the surveillance of citizen’s private communications ex. Section 215 of the Patriot Act. The struggle between privacy values, business dynamics, and technological advancements is a topic that interests me because it connects my background with law and our course in Protection of Information Assets. The following quote really resonated with me, “The processing of personal data should be designed to serve mankind. The right to the protection of personal data is not an absolute right; it must be considered in relation to its function in society and be balanced with other fundamental rights, in accordance with the principle of proportionality” (Vacca Chapter 52). This chapter also taught me how browser cookies work and their controversies; whenever visiting a website, I would always accept cookies not really understanding what they were or what information they stored. Similar to the idea of identity management, cookies serve as a unique identifier and all the data collected is stored at the server site. However, there is also such a thing as flash cookies (local shared objects), also known as “zombie cookies” since they can be used to recreate deleted HTTP cookies.
Yangyuan Lin says
Hi Elizabeth,
I saw privacy in mobile health applications in 52, built-in tools on smart mobile devices, such as GPS, programs that automatically detect health behaviors, upload physiological data, etc. The information transmitted by these devices is personal privacy. But what is interesting is that these big data help some government departments to prevent or reduce collective health problems. Although the company has significant commercial interests in collecting private health data of customers and sharing it with insurance companies, research institutions and even government agencies, big data analysis can also provide discovery and help for the overall health of people across the country.
Yangyuan Lin says
Chapter 59 of VACCA Identity Theft is very interesting. Identity theft, in my cognition, usually refers to a person impersonating another person’s identity or information. Interestingly, the definition here is “Identity theft is commonly defined as unwanted appropriation of access credentials that allow creation and access of accounts and that allow the aggressor to pose as the victim. Phishing is a type of identity theft implemented on the Internet , Usually rely on social engineering to obtain the victim’s access credentials”. In the experiment, I was surprised that the testers were able to judge the authenticity of the emails by using different fonts, web page layouts, and other small changes to the screenshots of the web pages. The link placed in the phishing email presents a very slight gap with the real web page, such as Without Secure Sockets Layer (SSL) and endorsement logo. With SSL and endorsement logo; no SSL/endorsement logo; SSL/endorsement detail. . . The user’s perception of the authenticity of emails and web pages depends on the context of the email message, and the background is more shaped by the narrative strength of the information rather than its underlying authenticity. When the content of the message is short and unsurprising, third-party recognition and glossy graphics prove to be effective authenticity stimuli. When applied to more involved messages, the same document characteristics failed to affect the authenticity judgment in a significant way.
Shubham Patil says
Lin,
I believe most of the identify thefts happen when there a data breach happens. For example, the recent data breach of Robinhood investment platform. Personal information of more than 7 million of its customers were exposed. The hackers take advantage of this personal data to crack into their personal accounts and steal information.