meta data for this page
  •  

Critical Thinking and Argumentation: Personal tasks

Search and select three (3) documents (web pages, articles, videos, …) of the topic of your course (Data & Privacy in Critical thinking and Sustainability in Green IT course) and explain why those documents are relevant for the course.

Three links that are relevant to the topic of Data & Privacy

http://www.howtogeek.com/187645/htg-explains-should-you-regularly-change-your-passwords/

This article is perfect because even the University is enforcing us to change the passwords every few months and I tend to just alternate between three passwords in the University whenever I need to change it. So is it really necessary for people to be changing their passwords if they are already strong and secure?

https://security-today.com/articles/2015/12/30/worst-data-breaches-of-2015.aspx

Well can't get much closer to data and privacy with this link as it shows the three worst data breaches of 2015. It is highly relevant because data should always be protected and the more data someone has, the more likely it is to be a target of hacking. And looking at the three cases, one is a dating site, another is U.S. goverment's office of Personnel Management and the last one is a health insurance company. The second in the list is probably the most terrifying as the information could lead to for example terrorist attacks.

http://www.pcmag.com/article2/0,2817,2498157,00.asp

“Privacy Groups to FCC: Make Sure ISPs Aren't Abusing Customer Data”. This article is interesting because with the information the ISPs could collect, it would be fairly simple to catch people pirating files. But then again would that collide with privacy issues or not? And if I recall, U.S. government had an idea some time ago to monitor their people through the ISPs to catch potential terrorists but I'm not sure was that idea shot down or not.

I will be doing the Philosophy and Critical Thinking webcourse.

4 Exam Questions

1) Explain the following arguments in few sentences: Nothing to hide argument, pendulum argument, national-security argument, luddite argument, suspicionless-searches argument Basic terminology that should've stuck in your head if you read the first book.

2) A company has promised the clients that their data is private and their userbase exceeds tens of thousands users. Government has found out that there is a possible terrorist as one of their client and demands the company to hand over all of their data about all of their clients. Explain how would you handle this situation if you were the company manager and why? How could the government officials improve on their request? 3rd party doctrine is a huge issue in the U.S. so it was an important topic in the first book. The second part of the questions is more about the ways how government could improve their investigations without mass surveillance for example: Give the company manager a profile (they have one) of sorts to limit the data they need to look at.

3) Should we let government have backdoors installed in software? Explain why / why not One of the topics in both books actually but better resonated in the second one. It rains on the just and unjust.

4) How can we increase privacy? Give examples for government, companies and individuals The last part in Data and Goliath book and something we should strive for. There should be ways to limit mass surveillance and increase privacy even without neglecting security.

Bonus: What data do you consider private and what data are you willing to share with other people? More of an opinion based question. Hard to grade in any way but wanted to add it as a bonus option

Find two digital services, study what kind of data they collect, if that data is sold to anyone, if it can be linked with any other data etc. Deadline by final presentation.

For this personal task I wanted to choose Finnish companies because we have talked a lot about U.S. companies during the course so I wanted to see how it is in Finland. I chose Sports Tracker which is owned by Amer Sports Corporation and then I chose VR - Finnish Railways.

Headline

http://www.sports-tracker.com/privacy-policy

Sport Tracker is a mobile app developed and owned by a finnish company called Amer Sports Oy. It can be used to track your walking, running, cycling etc. routes, time, speed and it can even calculate your average kcal consumption. With an external device, it can be used to monitor heart rate as well. It is given that using GPS information is necessary for this kind of service but there were also other data the app gathered:

Technical information gathered when using the services:

  • IP-address, access times
  • Websites the user linked from, pages visited
  • Links the user uses, adbanners and other content the user views
  • Information about the device used and other information the browser may provide

Information the user provides:

  • Name, address
  • Username, password, email address
  • Other credentials used to identify the user

Information uploaded by the user:

  • Location
  • Route information
  • Pictures

Data Amer Sports may collect:

  • Training data
  • Demographic information: age, gender, postal code, language preferences
  • Biometrical data: blood pressure, heart rate, fingerprints, DNA, face recognition
  • Consents, preferences, feedback

Information related to services or products used by the user

  • Products and services provided
  • Financial details
  • Details of agreements between user and Amer Sports
  • Records of contacts and communications

In addition to these, the mobile app asks for permissions to use:

  • GPS
  • Add or delete files from SD card
  • Bluetooth settings
  • Phone ID
  • Internet access
  • Prevent sleepmode
  • Connect with bluetooth devices

So Amer Sports collects a variety of data. How is this then used? According to their privacy policy -document, they only use it for few things:

  • Provision of products and services
  • Development of products and services
  • Communicating and marketing (targeted advertisement)

Amer Sports also writes that they do NOT sell, lease, rent or otherwise disclose the personal data to third parties UNLESS hey have user conent OR from mandatory reasons like law. Even with user consent, there are limitations but they only apply to biometrical data:

  • Third parties may not use biometrical data for advertising or other used-based data mining purposes
  • Biometrical data is not allowed to be stored in a “cloud” service
  • Without consent, further sharing of biometrical data is not allowed

Lastly the user can ask what data Amer Sports has about them and can have the data corrected or deleted. Users also have the option to ask to stop the usage of their personal data for marketing purposes.

VR

https://www.vr.fi/cs/vr/fi/tietosuojaseloste

VR or the Finnish Railway is a company owned by the government. Just the fact that it is governed by the government makes you think they don't collect much data but you couldn't be more wrong. Here is what they say in their website:

  • name, date of birth, gender
  • account name and ID
  • language
  • address, phone number
  • email
  • job
  • transaction informations
  • service usage information
  • personalized information like favorite seats or connections
  • social security number in some case: saved encrypted
  • passport number, papers needed for border crossing
  • car information for car transport
  • client analysis and grouping information (?)
  • direct marketing acceptance or declines
  • information needed for direct marketing and customer connections
  • helpdesk calls
  • information from external sources (like civil registry)
  • data about information handling
  • information related to customer feedback

Luckily the information is not shared to parties outside the VR Group without legal rights. The VR Mobile app of course uses GPS and phone ID information.

UQx: META101x Philosophy and Critical Thinking