What information about yourself do you really
What does it mean to own information?
Name & address
DNA & body parts
A great deal of information that we consider to be
highly personal is now sold on the open market to
anyone who believes they might be able to use the
information for profit.
This is done without our knowledge or consent.
Types of information sold
name & address
other . . .
Your name is really owned by several
different private companies
It is sold to other companies along with
other names to be used for mailing lists.
This forms the basis of the $600 billion dollar direct
mail marketing business
Historically, phone companies have
viewed the telephone number as
belonging to them
they assign them
they publish them
Should they own your number?
What about Caller ID - is it an invasion of
When you place an order over the phone you
are often asked for your phone number “…just
in case we need to call you about your order”
Real reason: phone numbers are used as I.D.s so the
next time you call, your file is referenced by the
Move to use phone numbers in a universal I.D.
assigned at birth
used as part of a Personal Communication System
If you use a cordless or cell phone you should be
concerned about privacy
In most cases, your cordless or cellular phone
conversations are probably overheard only briefly and
accidentally. But there are people who make it a hobby to
listen to cordless and cellular phone calls by using radio
Since others may be listening to your conversations, avoid
discussing financial or other sensitive personal
information on a cordless or cellular phone. For example,
if you buy something over the phone and give your credit
card number and expiration date, your cordless or
cellular call could be monitored and you might end up
the victim of credit card fraud.
We are poised on the edge of a new
frontier in personal data commerce--
We all sign many documents in the course of daily
living and it's generally assumed that signatures
have some validity as an identifier
And we also usually implicitly assume that our
signatures won't be made available to third parties
on any kind of routine basis.
the computerized boxes that UPS delivery persons
want you to sign when a package is delivered
capture your signature electronically, and it’s fed
back to UPS headquarters.
Consider this case
In 1976, John Moore had his cancerous spleen removed at
UCLA Med Center
In 1983 he received a call from UCLA asking him to sign a
consent form that he had failed to fill out correctly at the
time of the surgery allowing UCLA to use his tumor
It turns out that his tumor cells had been used to create a
This was a unique cell line because it produced a powerful
antibacterial and cancer fighting protein called GM-CSF
UCLA wanted to patent the cell
John Moore refused to sign the consent form and filed a
lawsuit seeking all profits from his tumor cells
What did the courts decide?
He lost his case in the trial court
It was overturned by the appellate court
The final decision by the California Supreme
Court went against Mr. Moore
The court ruled saying it was not prepared to create
a new property right to our own cells
There are several other cases which addressed
this same issue
Greenberg v. Miami Children’s Hospital
Washington University v. Catalona
In both cases the courts ruled that patients had
no property rights to their tissues or what was
derived from them
Companies have a less than stellar record
when it comes to handling data gathered
In mid-2000, Toysmart.com, a web-based retailer,
went out of business
Among the assess the company tried to sell was the
names, email and mailing addresses and shopping
histories of 250,000 Toysmart customers
explicitly stated that the company would never share
customer data with any third party
Who has heard of a company called
Well, they have heard of you
ChoicePoint maintains personal profiles of nearly
every US consumer – its databases contain 19 billion
public records including driving records
It sells this data to employers, landlords, marketing
companies, and government agencies
In Feb 2005, criminals posing as legitimate
businesses bought the personal records of 250,000
Why do companies promise to protect consumer
data and yet do a lousy job?
First, the cost of losing data is smaller than the cost
of protecting data
A recent study of 14 lost-data incidents found that the
average cost of a data breach is about $75 per lost
Second, companies can easily avoid legal penalties
for a data breach
There are nearly 36 states laws that require companies to
notify consumers if their private information has been
leaked and a risk of identity theft exists.
As long as these procedures are followed, companies are
free from criminal liability for the leak itself
An Ohio video surveillance company,
CityWatcher.com, has embedded silicon chips into
two of its employees.
The chips are planted in the person's upper right arm and
"read" by a device similar to a card reader.
The company says it is testing the technology as a way to
limit access to a security area.
In 2004, the Food and Drug Administration
approved the use of an implantable computer chip
for health care information applications.
Called the VeriChip, it is a radio frequency identification
(RFID) device about the size of a grain of rice.
A national system of electronic medical records could easily save your life.
Let’s say you have a heart attack. You could be swooshing down the water slide at
Walt Disney World’s Typhoon Lagoon, teeing off at the 16th hole at Pebble Beach, or
raking leaves in your backyard.
Your odds of survival would soar because the emergency-room computer would let
the doctor on duty connect to the Internet, type in a password, and with a few clicks,
view your medical history. He could see your most recent test and lab results, a list
of your allergies, and all your medications. With all that information, he could begin
treating you immediately.
The federal government, states, HMOs, and PPOs are developing a system to
store and link the medical records of every American.
The network would allow medical providers and insurers, among others, to view
records and enter information. The ramifications: •Doctors could provide better care
by instantly viewing medical histories.
The network could save money by eliminating duplicate tests.•Health officials could
quickly spot adverse drug reactions and epidemics.
But marketers could target patients with specific diseases to sell them drugs or to
solicit for related charities.
In the absence of safeguards, lenders and employers could use medical records to
disqualify people with health problems from obtaining loans and jobs.
Health Insurance Portability and
Accountability Act of 1996
aka the Kennedy-Kassebaum bill
To assure health insurance after leaving job
Congress added “Administrative
This resulted in privacy rules
Goal: Save money
Means: Standard electronic transactions
Standard record formats, code sets, and identifiers
For common transactions such as enrollment, claims,
remittance, eligibility, and referrals
The law was passed in 1996 but set a compliance
date of October 2002
Increased risk to information security
and patient privacy
So Congress added HIPAA requirements
US Dept. of Health and Human Services (HHS) to
develop security regulations
Rules apply directly to health care plans,
providers, and clearinghouses - called “covered
Rules apply only indirectly to “business
associates” of those covered (until a broader
privacy law is passed)
Rules do not apply to life insurers, workers
comp, etc. (until a broader privacy law is
Civil penalty for “failure to comply”: up to
$100/person/violation; maximum of
$25,000/person/violation/year (can add up!)
Criminal penalties for “wrongful disclosure”
“knowingly and in violation of HIPAA”
up to $50,000 and/or 1 year prison for knowing misuse
up to $100,000 and/or 5 years prison when under false
up to $250,000 and/or 10 years prison when intent to sell,
use for personal gain or commercial advantage, malicious
Receive copy of own record
Request record amendment/correction
Voluntarily authorize and revoke secondary
uses of own data
Receive report of certain disclosures
Receive Notice of Privacy Practices
File complaint of non-compliance
HIPAA also allows health-care providers to share
information with health-care business associates.
So notes from your psychotherapy session may be given
to your insurers’ employees for “training purposes.”
Information can also be used for fund-raisers.
For example, the agreement of Michael Bermant, a plastic
surgeon in Chester, Va., says, “We may use or disclose
your demographic information and the dates that you
received treatment from us in order to contact you for
fund-raising activities supported by our office.“
Thousands of doctors have stopped sending out
appointment-reminder postcards, figuring the cards
could be read by someone other than the patient.
Some doctors have stopped leaving messages on
patients' telephone answering machines, fearing that
other family members might listen to them.
Wives have been told they no longer could verify
dental appointments for their husbands.
Yet, such postcards, phone calls and spousal
verifications are allowed under the law
Some hospitals stopped providing information to
patients' family members and clergy.
Some weekly newspapers stopped publishing
birth announcements because hospitals stopped
providing the names.
In a few cases, new privacy policies at hospitals
have stymied police trying to investigate crimes.
Dean Akings, the police chief in Great Bend, Kan., could
not get information about the medical condition of two
murder suspects who were wounded in a shootout May
9. The hospital, 120 miles away in Wichita, also refused to
say when the suspects might be discharged
Dr. Salem, a cardiologist at Tufts-New England
Medical Center, was treating a heart-transplant
patient when he was told that the donor had
bacteria in his blood.
Dr. Salem needed to know what type of antibiotic
to prescribe to the heart recipient. But the hospital
that supplied the heart refused to identify the
bacteria, saying that would violate the donor's
As a result, Dr. Salem treated his patient with
Volunteer groups bringing holiday toys, teddy
bears, and brownies to Quad Cities hospital wards
are sometimes being told to leave the items with
hospital staffs rather than visit the wards
Santa Claus can make an appearance only if a separate
guardian's consent is obtained for each hospitalized child
And after Joynal Abedin became a victim of a fatal hit-
and-run in the Washington, D.C. suburb of Adelphi, Md.,
his family did not learn of his fate for two weeks until it
received a $17,000 bill from Washington Hospital Center
in the mail; the hospital's fear of medical privacy breaches
was one factor contributing to the delay.
doctors who believe their elderly patients
should not be driving anymore are less likely
to pass on the word to family members.
'We're [also] seeing more medication errors in
older patients because of this,' says John
Riesch, a vascular surgeon
The patients, who were used to having family
members or companions help them figure out their
medications, are now fending for themselves and
sometimes taking the wrong dosage,
The Medical Information Bureau of Weston,
Massachusetts serves as a nonprofit centralized
collection agency for 750 insurance companies,
providing access to the medical records of 15
Medical records held by insurance companies are unregulated
patients can be denied access to their own records
third parties with no role in the medical care of a patient
may freely access these records
Hackers could still gain
access to your records
We must balance the right of the government
to control crime with the right of individuals to
this is the concern of which amendment?
the government can not conduct an “unreasonable” search
the government must have a warrant based on
So, how does this work . . .
The police have a right to demand a strip search (body
cavity search) of anyone arrested.
Consider this case:
In Denver in 1984 a man was arrested for failing to appear in
court regarding a speeding ticket (it turns out he had paid
the ticket). He was taken to the police station and strip
searched in the lobby.
Was this a violation of the 4th amendment?
the District Court said no
But the 10th Circuit Court of Appeals said yes
Why are strip searches conducted and when are they justified?
What is reasonable? 35
The Sioux Falls police now routinely arrests teens
breaking the 11 p.m. curfew law. They are brought to
the Minnehaha County Juvenile Detention Center and
strip searched for weapons and illegal paraphernalia.
On December 4, in People v. Mitchell, an appellate
court in New York held that NYPD officers violated
the Fourth Amendment right against unreasonable
searches and seizures when they stripped a suspect in
the street, in front of a church, in the absence of
"circumstances that pose potentially serious risks to
the arresting officer or others in the vicinity." In other
words, according to the court, the simple fact that
police had probable cause to arrest a suspect did not
alone authorize them to perform a public strip search.
The police have a right to search the property of a
suspect if they have a warrant or permission
Consider this case:
An undercover police officer at a New York bus station noticed
nervous, agitated man standing in a bus line. He approached
the man, identified himself as a police office and asked, twice,
if he could look in the man’s bag. The man said yes both
times. Thirty-eight vials of cocaine were found in the bag.
Was the man convicted?
no - the court ruled that the office did not have enough suspicion
to allow a search of the bag even if the search was consented to. . .
Exclusionary rule is not in the 4th amendment but the
courts enforce it. Is it fair to society?
Perhaps the greatest problem is the
nature and use of law enforcement
There are a wide range of local, state
and national databases that now
communication with each other
NLETS is a nationwide network that links all states and
many federal agencies together for the exchange of a
criminal justice information.
Through those connections, any criminal justice agency on a
state law enforcement telecommunications systems in one state
can communicate with any criminal justice agency on a law
enforcement telecommunications system in any other state.
This includes all major police agencies and most smaller ones.
In addition, many prosecutors, probation departments, parole
offices, etc. communicate with each other and with local, state
and federal law enforcement agencies through these systems.
Law enforcement and criminal justice agencies use NLETS
more than 1,000,000 times everyday via nearly 327,000
INFORMATION AVAILABLE FROM OTHER STATES VIA
Vehicle Registration Information
Drivers License Information
Criminal History Records
Boat and Snowmobile Registration
Parole and Probation Information
Sex Offender Registration Information
NATIONAL FILES AVAILABLE TO NLETS USERS
ATF Gun Tracking Data
FAA Tracking Information
FAA Aircraft Registration Data
National Impound Vehicle File
National Drug Pointer Index
Hazardous Material information
INS’s Law Enforcement Support Center
Each state law enforcement telecommunications
system connects its users to the NCIC network.
The system has been in operation since its inception in
1967. Its current enhanced version, NCIC 2000, came on-
line in July 1999.
NCIC is a national index of theft reports, warrants and
other criminal justice information submitted by law
enforcement agencies across the country.
It provides real-time (end-to-end 12 second response time
required) notification of information regarding persons
and property to police officers by the side of the road, case
investigators, booking personnel, prosecutors, probation
and parole officers and others.
Through NCIC, almost all police departments in the
country share their theft reports, warrants, missing person
reports, etc. with each other in an on-line, real-time mode.
At present, users generate more than 2,000,000 transactions
CODIS-Combined DNA Index System, a national index of DNA
profiles, limited to convicted offenders and crime scene evidence
NIBIN-National Integrated Ballistics Information Network-an
attempt to unify BATF and FBI firearms databases
NDPIX-National Drug Pointer Index, a pointer system that allows
state, local and Federal agencies to determine if a suspect is under
investigation by any other participating agency
UCR/NIBRS-National Uniform Crime Reporting System, a
statistical system based on crime reporting by state and local
police agencies, not intended to include personally identifying
NICS-National Instant Criminal Background Check System for
pre-sale firearm background searches by licensed firearms dealers
(est. 7,000,000 checks to be performed in 2000)
The RISS network is under
development as a national internet
database of law enforcement
It involves three different types of
RISSNET is a law enforcement criminal intelligence database. It
includes information on a subject, criminal activity,
addresses, telephone numbers, vehicles, weapons, and other
RISSGang is a law enforcement criminal database. It includes
information on street gangs and prison gangs. The subjects
are entered by member agencies who are actively involved
in investigations of street gangs and security threat groups
(gangs) in the correctional institutions.
RISSLeads is essentially the same as the newsgroup function on
the Internet, except that it is totally secure within the RISS
Intranet. Users can post messages and receive replies. They
will be able to post specific criminal activity in their area, or
search for specific criminal activity in other jurisdictions.
Disclosing information to private
investigators in exchange for money, deleting
or altering information in records
Background investigation on applicants for
non-criminal justice employment
December 1991 20 individuals in New Jersey
and Florida indicted under federal bribery,
theft of government property, and computer
fraud statutes for selling criminal history
information obtained from NCIC.
A former law enforcement officer used
information obtained illegally from NCIC to
find his ex-girlfriend and murder her.
Should employers have access to the criminal
history (CH) of potential employees?
What about employees that will work with
What about employees whose offense was
minor and occurred a long time ago?
Social consensus: Certain CH is clearly relevant to
selection decisions for certain jobs, and should be
available to employers
Factors entering into relevancy:
Type of criminal offenses in the CH
Recency of the CH
Criminal offender's age at the time
Patterns of criminal offenses
Is certain CH relevant for all jobs?
Violent crimes against individuals?
Will negligent hiring suits create a category of
With exception of some clear cut “no brainers”,
relevancy is difficult to determine in many, many
Lack of guidelines for determining relevancy
Relevancy determinations complicated by gap
between CH and CH record
Conviction information without arrest and charge
CH record, even if complete, may not tell “the full story”
of what happened
What does a conviction for criminal trespass signify?
Mis-matches are not impossible when the basis of
identification of an individual is name, date of
birth, etc., as opposed to fingerprints
Congress recognized this in the 1997 FCRA
amendments by expanding employer
responsibilities in the area of candidate access
Completeness of a record is another significant
dimension of accuracy
Congress also improved accuracy by eliminating
the restriction to seven years of CH, unless the
salary exceeds $75,000