Title: Privacy

As a legal concept, the right to privacy has four aspects: protection from unreasonable intrusion upon one's isolation, protection from appropriation of one's name or likeness, protection from unreasonable publicity given to one's private life, and protection from publicity that unreasonably places one in a false light before the public. The Federal Wiretap Act outlines processes to obtain court authorization for surveillance of all kinds of electronic communication, including e-mail, fax, Internet, and voice in criminal investigations. The Electronic Communications Privacy Act of 1986 set standards for access to stored e-mail and other electronic communications and records. The Foreign Intelligence Surveillance Act of 1978 allows wiretapping of aliens and citizens in the United States if probable cause is found that the target is a member of a foreign terrorist group or an agent of a foreign power. Executive Order 12333 is the legal authority for electronic surveillance outside the United States; it permits intelligence agencies to intercept communications outside the country without a court order. The Communications Assistance for Law Enforcement Act requires the telecommunications industry to build tools into its products that federal investigators can use - after getting court approval - to eavesdrop on conversations. The 2001 Patriot Act gave sweeping new powers to both domestic law enforcement and international intelligence agencies. Each of these acts was intended to authorize activities by law enforcement and intelligence agencies to better protect U.S. citizens. However, each act also raised considerable ethical issues of protecting individual privacy and the potential for misuse.

Identity theft occurs when someone steals important pieces of personal information to gain access to a person's financial accounts, apply for new credit or financial accounts, apply for loans or Social Security benefits, and create other obligations in someone else's name. The number of incidents of identity theft are increasing at a rapid pace. Identity thieves often resort to hacking databases, phishing, and using spyware to obtain identity information.

Marketing firms capture data from numerous sources to build databases that detail a large amount of consumer behavior data. Online marketers can place an electronic cookie on a user's hard drive so they can recognize consumers when they return to a Web site. Cookies can also be used to store information about consumers. Marketers employ personalization software to analyze a user's browsing habits and deduce his or her personal interests and preferences. The use of cookies and personalization software is controversial because it enables companies to discover information about consumers and potentially to share it with other companies without consumers' explicit permission. On the positive side, the use of such data enables organizations to customize the site visitor's experience and make it more convenient and effective.

A widely accepted approach to treating consumer data responsibly is the adoption of the Code of Fair Information Practices and the 1980 OECD privacy guidelines. Under these guidelines, an organization collects only the personal information that is necessary to deliver its product or service. The company ensures that the information is carefully protected and is accessible only by those with a need to know, and that it provides a process for consumers to review their own data and make corrections. In addition to adopting the OECD guidelines, many companies are appointing CPOs or other senior managers to oversee their data privacy policies and initiatives.

Employers record and review employee communications and activities on the job, including monitoring workers' phone calls, e-mail, Internet connections, and computer files. Society is struggling to define the extent to which employers should be able to monitor employees. On one hand, employers must be able to guarantee a work environment that is conducive to all workers, ensure a high level of worker productivity, and avoid the costs of defending against "nuisance" lawsuits. On the other hand, privacy advocates want federal legislation that keeps employers from infringing upon the privacy rights of employees.

Spamming is the transmission of the same e-mail to a large number of people. Some people consider spam a nuisance and an invasion of privacy, but it is actually an extremely inexpensive method of marketing used by many legitimate organizations. On the other hand, spam forces unwanted and sometimes objectionable material into e-mail boxes, detracts from an Internet user's ability to communicate effectively, and costs Internet users and service providers millions of dollars annually.

A number of advances in information technology, such as surveillance cameras, facial recognition software, and GPS systems that can pinpoint a person's position, provide exciting new security capabilities. However, these advances also can diminish individual privacy and complicate the issues of how much information should be captured about people's private lives - where they are, who they are, and what they do behind closed doors.

A number of laws have been enacted over the past 40 years that affect a person's privacy; most of these actions address invasion of privacy by the government rather than by private industry. In addition, there is no overarching national data privacy policy, so current legalization is sometimes inconsistent and even conflicting. This legislation includes the Communication Act of 1934, the Freedom of Information Act of 1966, the Privacy Act of 1974, the Electronic Communications Privacy Act of 1986, the 1994 Communications Assistance for Law Enforcement Act, the Children's Online Protection Act of 1998, the European Community Directive 95/46/EC of 1998, the 1998 Gramm-Leach-Bliley Act, and the 2001 Patriot Act.

Data encryption is an essential tool for ensuring confidentiality, integrity, and authenticity of messages and business transactions. A public key encryption system uses two keys to encode and decode messages. One key of the pair, the message receiver's public key, is readily available to the public; anyone can use the key to send the person encrypted messages. The second key, the message receiver' s private key, is kept secret and is known only by the message receiver. Its owner uses the private key to decrypt messages. A private key encryption system uses a single key both to encode and decode messages. Both the sender and receiver must know the key to communicate. It is critical that no one else learns the key, or all messages between the two can be decoded by others. The development of faster computers has increased the importance of developing stronger encryption methods that cannot be cracked

Question: Do the benefits of consumer profiling outweigh the loss of privacy? Explain your answer.