meta data for this page

This is an old revision of the document!

Personal homeworks

Search and select three (3) documents (web pages, articles, videos, …) of the topic of your course (Data & Privacy in Critical thinking and Sustainability in Green IT course) and explain why those documents are relevant for the course. UK is preparing new law that updates the rules of monitoring of the communications between citizens. New law forces communication firms to hold a year's worth of communication data. This data can then be accessed by the law enforcement officers when necessary. The bill also covers interception and reading of communications, “interference” with computers and collection of massive amounts of internet or phone data. There has been some false rumors that state that this bill would make encryption of communications illegal. This isn't true. However the bill states that communication firms must be able to decrypt the communications in their systems if for example police needs that information. Article about the effects of Paris terrorist attack on privacy vs. security debate. Writer disagrees about common opinion that we should weaken our privacy (especially encryption methods) to get better protection against terrorist. Writer points out that terrorists aren't currently relaying on electronic communications even if it would be possible to use unbreakable encryption methods. He also argues that weakening of encryption methods doesn't only weaken our privacy but it also weakens our security since many daily service like money transfers and accessing our health records require encryption. Article about fitness trackers and how the data they collect can be accessed basically by one through the web. Even if there are laws that regulate the privacy of our medical data these laws apply only to medical institutes. Currently there are no laws that regulate the use of data collected by fitness tracking companies.

Find two digital services, study what kind of data they collect, if that data is sold to anyone, if it can be linked with any other data etc. Deadline by final presentation.

I selected two VPN-providers as my services. Private Internet Access which is a paid service and Hotspot Shield which offers both free and paid services. I had personal experience on Private Internet Access which I had used for a year in the past. I thought vpn-services would be interesting domain because their main feature is the protection of privacy. So for that reason it would be interesting to see if the companies could live up to that promise. As a source I used the companies privacy policy documentation because I couldn't find any reliable 3rd party sources. I don't think this is a problem because privacy policies are legally binding documents, so they should be accurate.

Private Internet Access's privacy policy states that they collect e-mail and payment data when the user registers for the service and furthermore they collect Google Analytics data, Apache Webserver logs, submissions on the “Contact Us” page and received e-mails from everyone who visits their page or contacts them. Additionally if the user chooses to use some additional feature of the service, one cookie will be saved to user's browser. According to the privacy policy data is used mainly to deliver the service and no unnecessary data is collected. However the use of Google analytics means that some additional data is collected and this data is probably accessible for Google.

Hotspot Shield's policy isn't as straightforward. It states that following data may be collected or user may choose to share it with the company: personal information (probably name, address etc.), e-mail, ip-address, device ID, location and phone number. Cookie or cookies may also be saved. This information is then used to improve the service and to optimize the advertisements displayed in service. In the last case the data is possibly shared with 3rd parties.

In this case it seems that the paid service preservers the users privacy much better. In Hotspot Shield's case it is somewhat disturbing that service that promises to improve the user's privacy is actually collecting relatively huge amount of data and using it aggressively. It is also interesting that the PIA's privacy policy is written in much clearer and more straightforward manner and thus it is easier to understand. This probably increases the customers' trust towards the company.

Reflection on Thinking Fast and Slow book


Presentation presentation1.pdf