Personal homework

Task 1

Search and select three (3) documents (web pages, articles, videos, …) of the topic of your course (Data & Privacy in Critical thinking and Sustainability in Green IT course) and explain why those documents are relevant for the course.



http://www.digitaltrends.com/mobile/how-can-we-trust-google-drive-or-any-cloud-storage-service/

Cloud based services, such as Dropbox, have certainly made it easier to manage and syncronize documents and data between your devices. The ease of use comes with a cost though, as we are no longer actually in charge of the privacy of our own data when using services like these.

At the first glance the problem does not seem so bad, as one would assume that big and reputable companies would have standards regarding the way user data is handled. However, the problem is that big players such as goverments and entertainment industry companies have been able to push laws, especially in the US, where most of the cloud based services are based on, that justify the scanning of personal data on grounds such as national security or copyright claims.

http://www.theguardian.com/technology/askjack/2015/aug/15/windows-10-microsoft-should-privacy-problems-worry-me

The trend of using analytics, big data concepts, and tying the operating system with an online account seems like a good idea from the ease-of-use standpoint. However, for a tech savvy person the direction of development can seem a bit unsettling as these things are starting to be a part of the operating system and not something you need to opt-in consciously. Even if you opt-out of these features manually, how can you be sure that you haven't missed something that might threaten your privacy, when the features were built-in and enabled in the operating system on default?

http://www.nytimes.com/2015/08/11/opinion/zeynep-tufekci-why-smart-objects-may-be-a-dumb-idea.html?smid=tw-share&_r=3

Internet of Things brings us new concerns when it comes to privacy. Adding ”smartness” to everyday objects may make our life easier and more comfortable, but provides a new surface for malicious parties to attack us. Part of the problem is that the industries developing kitchen appliances or automobiles may not have the experience and know-how when it comes to information security, as proven by the cars that could be hacked and remote controlled that were mentioned in the article.

The security aspects needs to be taken in account seriously in IoT – we can look back a decade or so, and think how prone traditional computer systems were for viruses and the like, and compare it to the evolving area of IoT enabled devices. There shouldn't be the need to repeat the same flaws and design mistakes when it comes to security?

Task 2

Find out information gathered of you in one physical and one digital service. What is collected, how it is used, who is using that etc.



S-ryhmän asiakasrekisteri (S-Group customer registry)

Physical service related to shopping in stores owned by S-ryhmä (S-group)

Information about the registry available at (in Finnish): https://www.s-kanava.fi/web/s/s-kanavan-rekisteriseloste


What is collected:

Personal information

Name, date of birth, etc…

Contact information

Address, phone number, email…

Information concerning your staff status (if you happen to work for S-ryhmä)

(Staff members get discounts on purchases)

Information concerning your membership to the S-ryhmä co-operative business

Membership share payment status

Information about membership dividends paid

Information about your affiliation with partners of S-ryhmä

..for example bonuses paid for affiliation with certain insurance companies etc.

Bank account information

Account number and type where S-bonus benefits are paid to

S-Bonus card information

Card type, number and expiry dates

Information about the household the card belongs to

Login information to S-group services

Login credentials

Information about services in use

I.e. newsletters and other services

Information entered to such services

Information about payments made with the S-bonus card and the bonuses gained

Time of purchase

Where the purchase was made

Information about purchases made (up to the level of individual products bought)

Product warranty information (some products bought may have this)

Bonuses gained from purchases

How it is used:

The information is mainly used to pay bonuses to the customer as an incentive to shop in S-group owned stores.

The information can also be used to upkeep the customer relationship, provide services to the user, to customize the marketing material presented to the user and to plan and optimize the functions of the S-group by using the user data. The purchase history of the customer can be used for targeted advertisements, unless the customer has opted out from this.



Facebook

Digital social media service. Information about data collected can be found from: https://www.facebook.com/about/privacy

The information provided about the collected data is very vague, though. However, Facebook provides you a way to download the data they have on you, which provides some more details.


What is collected:

Personal information

Name, date of birth, gender

Optionally other information that you may have provided such as marital status, education, where you work, etc…

Contact information

Email address, possibly other information like phone number if provided.

Facebook apps that you use or have used

Your “likes”

Groups you belong to

Timeline of your actions

I.e. status updates, friends added, events participated…

Photos uploaded

With EXIF-metadata if available.

IP-address of upload location.

List of friends

History of all conversations you have taken part in

History of all locations you have logged in from / devices you have used for login

Timestamp, browser user-agent, ip-address

Ads topics

Ad topics that are aimed for you based on your interests / activity

How it is used:

The Facebook content is personalized based on the interests and actions of the user.

However, as the service is free to use, that means that the user is the product. Facebook uses the data to show relevant/targeted ads to the user based on his/her actions.

Facebook can be used to login/use 3rd party services, in which case your public Facebook data can be shared with these parties as well.

Facebook shares anonymized user data to third-party partners for advertisement, measurement and analytics purposes.



CDON.com -webstore

(EXTRA TASK) digital service. Data policy information available here (in Finnish): http://cdon.fi/asiakaspalvelu/osto-_ja_toimitusehdot/#tietosuojakaytanto


What is collected:

Personal information provided by user (or collected via cookies!)

Name, gender, email, purchase and payment history, credit card numbers, shipping addresses, ip-addresses, phone numbers

How it is used:

Data is used for user identification, targeting ads to users, sending newsletters to users and to collect analytics data. Targeted advertisements can be sent via snail- or e-mail, text-messages or phone calls if the user has not opted out from this kind of targeted advertising.

Data is used to analyze the purchase behavior of users of the site, so that the service can be improved at a general level, and also personalized per user activity.

Some of the personal information is shared with payment processors when making purchases.

Task 3

Society vs. individual. Select one community/society/group where you belong and reflect the societal pressures from society and individual perspectives. Point here is to analyze you perception of these pressures to both directions.


Group / community: Having the status of a university student

Individual perspectives: It is useful to retain your student status as long as possible to reap the gains from different kinds of systems / services that give you discounts for having a student status (e.g. train tickets, restaurants, shops, etc.). Also, in Finland, if your annual income is not too high, a financial aid is provided if you advance in your studies.

Societal pressures: Your right to study is limited to a given amount of years by the universities / law, albeit the time given is quite long (7 years). There are also periodic fees that are, however, easily negated by the benefits if you travel a lot by train for example. Also, in some cases your student status may clash with the other benefits that you might otherwise be eligible for (e.g. support for being unemployed).

Having the student status or deliberately prolonging your studies can be frowned upon by other people. This applies especially when you have no intention of studying, but just have the status for the benefits of it. For example, even when you have finished your studies/have a degree, you can apply and get chosen for another degree program just to have the status of a student again. This can be relatively easy if you have a good high school diploma for example. The nasty part here is that, by doing this, you effectively block someone else's chance to get the position in the program.

Even though the legistlation on this subject has evolved a lot during the few years, I feel that there is still a lot of room for abuse in the way the system works (taking your sweet time with your studies vs. graduating in a timely manner, or being a student just for the status), especially when the tuition fees are nonexistent.

Final works

edX Course: Philosophy and Critical Thinking

4 exam questions representing the course contents

The nothing to hide –argument can be seen as flawed, why / why not?

One of the main points presented in the J. Solove's book was the nothing to hide -argument. The reader should be able to argue why this kind of mindset can be seen as wrong, (e.g. privacy as a right, ”give me the data, I'll find the crime”), but also give some empathy for the argument, at least in the form of explaining that a good security doesn't necessarily mean or come from the total loss of privacy.

What kind of problems can you recognize with automatized data mining, for example, done by the governments?

As this is a hot topic for discussion and also handled in the books, the student should be able to have good arguments to this topic. A good answer should at least question the transparency of data mining, one's ability to appeal against the predictions made by data mining (lack of due process), and to bring forward the point that even when data mining is done by the computers there is a always a human aspect involved as well.

How do societal pressures fail?

This question asserts that the reader has understood the concept of societal pressures, but also is able to consider the side effects and unintended consequences that lead from them. This is a quite open question, so it allows a lot of own views in the answer, but a lot of good examples were found in the book and in the discussions that can be used to approach this as well.

How have the modern technological advancements changed the way we approach privacy, security and trust?

This question ties the concepts of both of the books together. The answer should bring forward the concept that the advancements have brought and will bring new dilemmas to us. Old laws no longer apply in the way they were intended to and making legislation that keeps up to date is hard. New systems bring more complexity, more flaws and more chances to defect. A good answer could also consider what kind of effects the Internet, Big data and IoT have on this matter.