Untitled Page

Information Privacy in the Internet Era by Roman Wong, Ph.D. ClassroomActivities Description of Classroom Activities Lesson Plan Activity #1 Lesson Plan Activity #2 Lesson Plan Activity #3 Lesson Plan Activity #4 The widespread use of the internet has not only changed our day-to-day lives, but made us susceptible to an invasion of our privacy each time we make use of this technology. It is particularly important that students understand just how vulnerable they are. The following four activities will help them grasp the issues involved and introduce them to some of the things they can to do to protect their own privacy. Activity #1. Classroom Discussion: Profiling and Personalization Go to http://www.aclu.org/pizza/ and view the video "Want to Stop This from Happening." Then discuss the following issues: 1. Just how realistic is the situation in the video? Could it actually happen? 2. How many sources are there from which all the pizza customer's information could have been pulled together to form such a complete profile? 3. Should the government do something to stop this situation? Have students research "data mining." A particularly interesting and, perhaps, controversial application of data mining (gathering and correlating information from various sources) is the Pentagon's use of personal information obtained under the auspices of the No Child Left Behind legislation to personalize military marketing to high school students. See http://www.truthout.org/cgi-bin/artman/exec/view.cgi/47/17029 and http://www.thenation.com/doc/20070813/huq2. Students can discuss the competing moral imperatives of protecting privacy and maintaining a strong military. The Health Insurance Portability and Accountability Act (HIPAA) of 1996 imposes a strict restriction on how health and insurance institutions should store and use patients' health and medically related information. Ask students to discuss how many doctors/clinics/hospitals they have been to in the last five years and what type of information about them could be available as a result completing forms required for them to receive treatment. Have students discuss sites to which they have provided personal information such as name, address, and birthdate - such as contest, sweepstakes, retail, game, and newsletter sites. Activity #2: Phishing Review the following definition of Phishing (Phishing is the name for scams that deceive you into revealing your financial and credit card information, such as user identification and password.). Go to Federal Trade Commission website (http://www.ftc.gov/bcp/conline/ecards/phishing/index.html) and view their presentation on how to avoid being trapped by phishing. Following the presentation, ask the students to list as many suggestions as they can on how to prevent themselves and others from being "phished." Activity #3: Should IP Addresses be Considered Personal Information? In January 2006 the U.S. Department of Justice issued a subpoena asking each of the major search engine companies to provide a "random sampling" of one million of the IP addresses that used the search engine and search queries submitted over a one-week period. Microsoft, Yahoo, and AOL reportedly complied with the request, while Google refused. The government and the compliant search engine companies argue that the IP addresses do not reveal personal information. Discuss with the students whether search companies own user information. Should the Fourth Amendment protect the search engine companies from being forced to turn over their records? Ask students to consider why the data is being collected and stored by the search engine companies to begin with. Ask what benefits might accrue from allowing data to be mined - e.g., assisting law enforcement, protecting public health, preventing suicide, preventing acts of violence or terrorism, protecting people from fraud. Ask students to write a brief position paper of three or four paragraphs (100-150 words) defending their position on whether or not Google should turn in the requested information. Have them give reasons supporting their decision. They may want to go online to research the issue. If they quote material they find online they must be sure to give proper credit concerning their sources. Activity #4. Classroom Debate: Google-Based Employment Background Checks An increasing number of employers are using the search engine, Google, to screen prospective employees. The employers consider Google to be a cheaper and more convenient way to perform a background check on their prospective employees. Unfortunately for job applicants, this type of "background check" is not covered by the Fair Credit Reporting Act (FCRA). The FCRA only covers background checks done by a third party, such as a credit reporting service. Since the employer is doing the check itself, the law does not require disclosure to the applicant, nor does the prospective employer have a legal obligation to inform the applicant about his/her disqualification due to the Google check. Divide the class into two groups. Have each group take a position pro or con on whether the government should change the law to include employment screening using an internet search engine as part of the scope of the FCRA. Then have them research and discuss the question in order for them to be able to debate the issue. Have students choose a debate team to present their case. Arrange a classroom debate once students have completed their preparations. (NB: enforcing such a law would probably raise concerns about privacy.) You may wish to familiarize students with the standard ethical theories (utilitarianism, deontology, and virtue theory) that are appealed to in analyzing ethics. (See the home page of this project for an explication of those theories.)

Information Privacy in the Internet Era

by Roman Wong, Ph.D.

ClassroomActivities

Description of Classroom Activities

The widespread use of the internet has not only changed our day-to-day lives, but made us susceptible to an invasion of our privacy each time we make use of this technology. It is particularly important that students understand just how vulnerable they are. The following four activities will help them grasp the issues involved and introduce them to some of the things they can to do to protect their own privacy.

Activity #1. Classroom Discussion: Profiling and Personalization

Go to http://www.aclu.org/pizza/ and view the video "Want to Stop This from Happening." Then discuss the following issues:

1. Just how realistic is the situation in the video? Could it actually happen?

2. How many sources are there from which all the pizza customer's information could have been pulled together to form such a complete profile?

3. Should the government do something to stop this situation?

Have students research "data mining." A particularly interesting and, perhaps, controversial application of data mining (gathering and correlating information from various sources) is the Pentagon's use of personal information obtained under the auspices of the No Child Left Behind legislation to personalize military marketing to high school students. See http://www.truthout.org/cgi-bin/artman/exec/view.cgi/47/17029 and http://www.thenation.com/doc/20070813/huq2. Students can discuss the competing moral imperatives of protecting privacy and maintaining a strong military.

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 imposes a strict restriction on how health and insurance institutions should store and use patients' health and medically related information. Ask students to discuss how many doctors/clinics/hospitals they have been to in the last five years and what type of information about them could be available as a result completing forms required for them to receive treatment.

Have students discuss sites to which they have provided personal information such as name, address, and birthdate - such as contest, sweepstakes, retail, game, and newsletter sites.

Activity #2: Phishing

Review the following definition of Phishing (Phishing is the name for scams that deceive you into revealing your financial and credit card information, such as user identification and password.). Go to Federal Trade Commission website (http://www.ftc.gov/bcp/conline/ecards/phishing/index.html) and view their presentation on how to avoid being trapped by phishing.

Following the presentation, ask the students to list as many suggestions as they can on how to prevent themselves and others from being "phished."

Activity #3: Should IP Addresses be Considered Personal Information?

In January 2006 the U.S. Department of Justice issued a subpoena asking each of the major search engine companies to provide a "random sampling" of one million of the IP addresses that used the search engine and search queries submitted over a one-week period. Microsoft, Yahoo, and AOL reportedly complied with the request, while Google refused. The government and the compliant search engine companies argue that the IP addresses do not reveal personal information.

Discuss with the students whether search companies own user information. Should the Fourth Amendment protect the search engine companies from being forced to turn over their records? Ask students to consider why the data is being collected and stored by the search engine companies to begin with. Ask what benefits might accrue from allowing data to be mined - e.g., assisting law enforcement, protecting public health, preventing suicide, preventing acts of violence or terrorism, protecting people from fraud.

Ask students to write a brief position paper of three or four paragraphs (100-150 words) defending their position on whether or not Google should turn in the requested information. Have them give reasons supporting their decision. They may want to go online to research the issue. If they quote material they find online they must be sure to give proper credit concerning their sources.

Activity #4. Classroom Debate: Google-Based Employment Background Checks

An increasing number of employers are using the search engine, Google, to screen prospective employees. The employers consider Google to be a cheaper and more convenient way to perform a background check on their prospective employees. Unfortunately for job applicants, this type of "background check" is not covered by the Fair Credit Reporting Act (FCRA). The FCRA only covers background checks done by a third party, such as a credit reporting service. Since the employer is doing the check itself, the law does not require disclosure to the applicant, nor does the prospective employer have a legal obligation to inform the applicant about his/her disqualification due to the Google check.

Divide the class into two groups. Have each group take a position pro or con on whether the government should change the law to include employment screening using an internet search engine as part of the scope of the FCRA. Then have them research and discuss the question in order for them to be able to debate the issue. Have students choose a debate team to present their case. Arrange a classroom debate once students have completed their preparations. (NB: enforcing such a law would probably raise concerns about privacy.)

You may wish to familiarize students with the standard ethical theories (utilitarianism, deontology, and virtue theory) that are appealed to in analyzing ethics. (See the home page of this project for an explication of those theories.)