Somewhere, someone, or something is always probing and collecting data about you, your actions, and your current state. These data define you, profile you, and establish your future course of behavior. Data may be collected with your implicit or explicit approval. It may even be collected without your knowledge. The boundary between intrusion and incentive is a fleeting one, often determined by the user of the data and not by the owner of the data, namely you. There in lies the question of privacy.
Privacy is one side of a multifaceted object. Another side is security. Security is relative, in almost the same way privacy is. There is no absolute security. Absolute security exists when there is nothing to secure. Security is economics driven.
The role of the IS privacy and security professional is to define policies
and systems which will ensure acceptable levels of both privacy and security for
all concerned. This course combines technical, economic, legal, and policy
perspectives to present a holistic view of its role and value in the digital
age. It begins by comparing early definitions of privacy to the current
information-focused debate. It then focuses on:
- technological aspects of privacy (privacy concerns raised by new IT such as
the Internet, wireless communications, and computer matching; tracking
techniques and data mining; privacy enhancing technologies and anonymous
protocols;…)
- economic aspects (economic models of the market for privacy; financial risks
caused by privacy violations; the value of customer information; …);
- legal aspects (laissez-faire versus regulated approaches; US versus EU legal
safeguards; …)
- managerial implications (the emerging role of Chief Privacy Officers;
compulsory directives and self-regulative efforts;…)
- policy aspects (trade-offs between individual privacy rights and societal
needs; …)