Dissertations / Theses on the topic 'Regulating Privacy'

This thesis is an exploration of privacy as it relates to the Internet in general, and e-mail communication in particular. It looks at the philosophy of privacy and tracks the privacy debate in both an academic and legal framework. It examines the Australian Privacy Act of 1988 and similar legislation overseas. Current government approaches to privacy and privacy regulation are also examined providing a legislative/political context for the research. The fieldwork component of the thesis attempts to unravel individual perceptions of privacy. It overlays those perceptions of privacy with an examination of the effects of Internet technology on a conceptual understanding of privacy. There is no doubt that the discussion of privacy and the electronic age is extensive but discussion with individuals about their place in the debate and, indeed, the legislation is yet to be tackled in an extensive manner. Until we mesh the views of individuals in the community about their place in the new communications technology and privacy debate, we will not reap the full benefits of advances in communications technology. Consumers will remain reluctant about and suspicious of breaches of their privacy via the Internet.

Thesis (S.M.)--Massachusetts Institute of Technology, Engineering Systems Division, Technology and Policy Program, 2007.<br>Includes bibliographical references (p. 82-87).<br>As applications of Radio Frequency Identification (RFID) become more profuse, the technology itself is stirring up some controversy. Due to its potential for amassing large amounts of information about both people and things, and the possibility of using the information for marketing, tracking, or even spying, numerous consumer groups are spearheading efforts to ensure that RFID does not breach their privacy rights. While there are some privacy laws regulating specific aspects of commerce, there are no laws which currently apply to the collection and use of information as it pertains to RFID. This lack of formal regulation allows companies to legally engage in practices which may encroach on consumers' privacy. However, RFID has the potential to optimize supply chain practices as well as provide other benefits to both consumers and businesses. As RFID use becomes more widespread, regulatory strategies should be considered to protect consumers' right to privacy while obtaining the benefits of using the technology. This thesis explores consumer and industry opinion of RFID through a customized survey. Results of the survey found that consumer and industry opinion are similar in many aspects, especially in the concern for protecting privacy and the desire for a regulatory mechanism to enforce those privacy rights. This thesis addresses the question of whether market-based solutions, self-regulation, or government regulation is the best option for addressing consumers' legitimate concerns of privacy while allowing businesses to reap the benefits of using the technology.<br>(cont.) The regulatory options are compared and then discussed based on the needs of consumers and industry members as determined by the survey. Finally, four recommendations are suggested to provide guidance for ensuring a positive acceptance of RFID while acknowledging the privacy rights of consumers.<br>by Deanna R. Laufer.<br>S.M.

The object of this research is the exploration of the effects of planning regulations on house form and privacy in low-density single-family dwellings (villas) in the context of Saudi Arabian cities. The research explores two main issues: firstly, the importance and the effects of privacy violation between neighbouring villas through overlooking on their residents' behaviour and use of house spaces; and secondly, to investigate the residents' preferred house form. To assess these two issues practically, seven suburbs from three different cities, representing large (Riyadh), medium (Tabuk) and small (Haqil) urban centres in Saudi Arabia were selected for carrying out a questionnaire survey. The selection of these suburbs was intended to represent, as far as possible, the different social groups in Saudi Arabian society. The population of the survey was the villa residents in these suburbs, who were asked questions regarding their use of house yards and windows, and tested on their awareness of planning regulations, and the effects of these regulations on house form and degree of privacy. The respondents were also asked about their preferred house form. The results indicated that privacy is considered an important issue by residents, and the effects of privacy violation, through neighbours overlooking each others' houses, were very clearly seen on the residents' reduced use of overlooked yards, compared to those not overlooked, as well as through the construction of extra fences to block overlooking from neighbouring houses. Although the residents showed a high degree of awareness about the effects of the villa house form on the high degree of overlooking, they showed a far greater preference for living in villas rather than attached courtyard house forms. The final conclusion of the research demonstrates the failure of the present planning regulations to promote an acceptable house form that allows for a reasonably sufficient degree of privacy protection. While some research and housing schemes have promoted house forms different from that of the villa, these have proved to be unacceptable and were rejected by residents. The recommendation of the current research is that efforts to find a solution to the problem should instead focus upon means to reduce the effects or degree of privacy violation between neighbouring houses, while maintaining the popular house form of the villa.

Communications-related investigatory powers are ostensibly regulated within the Regulation of Investigatory Powers Act (RIPA) 2000, under the descriptive headings: 'interception of communications'; 'acquisition and disclosure of communications data' and 'investigation of data protected by encryption'. The scope, legality and extent of these hitherto infrequently examined powers experienced increased scrutiny following the controversial 2013 disclosures of fugitive United States National Security Agency contractor Edward Snowden, scrutiny generally founded on subjective conceptions of 'privacy', 'intrusiveness' or 'security'. This research however, adopts 'communications' as its conceptual common denominator. It comprehensively explores the separate politico-legal evolution of RIPA's communications-related investigatory powers, whilst identifying and critically analysing alternative statutory provisions that permit circumvention of RIPA's purported human rights-centric integrity. The detailed chronology provides conclusive evidence that current UK Secretaries of State and their executive agencies possess virtually unlimited communications-related information acquisition powers bequeathed by their predecessors. Perhaps more importantly, its simultaneous exposure of an executive culture of secrecy and deference to the UK's intelligence community assists in explaining why any fettering of the current powers will be so difficult to achieve. Drawing from Intelligence Studies, Information Science and Computer Science, this research logically deconstructs RIPA's communications-related powers, finding them more accurately describable as narrowly defined techniques facilitating the acquisition of communications-related data. Consequently, RIPA fails to envisage or regulate all types of acquisition, such as that obtained extra-jurisdictionally or via Computer Network Exploitation, thus partially legitimizing the status quo. The research also examines RIPA's seemingly all-encompassing definition of 'communication', finding it under-utilised, in that communications from the mind into electronic storage ('expression-related data') are not included. Consequently, the boundaries between 'communication', 'expression' and 'property,' and between RIPA's powers and those enabling Computer Network Exploitation are currently unnecessarily complicated. It concludes by recommending the enactment of a single statute regulating all investigative expression-related data acquisition.

Thesis (MComm)--Stellenbosch University, 2002.<br>ENGLISH ABSTRACT: One of the phenomena's in the marketing industry of the past decade is the increased use of database marketing. Database marketing involves the collection, processing and dissemination of vast amounts of consumer information in order to compile detailed consumer databases. The increasing popularity of database marketing can be attributed to various factors. Consumer information can now be obtained easier, cheaper and faster due to the availability of information technology. It has become easier to segment consumer markets and it is possible to identify consumer trends. It is possible to make predictions of consumer behaviour or buying patterns because consumer databases provide a more complete consumer profile with information ranging from demographics, psycho graphics to life-style information. Database technology improves the efficiency and effectiveness of marketing campaigns because marketers can analyse the available information and select the most appropriate marketing strategies and tactics, while concentrating efforts on the most profitable consumer. Marketers therefore waste less effort, money, and other resources by not promoting to individuals who are unlikely to react upon such offers. Widespread databases assist marketers in offering products that are more reasonably priced and more precisely tailored for smaller, more homogeneous market segments. Improved product and service offerings as well as the availability of a wider variety of products and services will likely result in higher consumer satisfaction and could build consumer loyalty. Therefore, marketers use consumer information to improve the overall marketing strategy and individual customer service. Consumers are concerned about database marketing practices because consumers believe some data practices invade personal privacy. The need for privacy has always been inherent to human nature and the concept of privacy dates back to early mankind. One should however differentiate between an individual's basic need for privacy from a general perspective and privacy within a consumer-marketer context. Privacy from a general perspective refers to one's territoriality and need for physical seclusion, whereas consumer privacy mainly relate to the privacy of personal information. Bennett, as well as Stone and Stone proposed that a state of privacy exist when a consumer can control social interaction, unwanted external stimuli, and the dissemination of personal information as well as being able to make independent decisions without outside interference. Consumers' need for privacy is however, in conflict with the need for social interaction and the need to participate in commercial exchange relationships. The more a person interacts with other members of society, the more the person could expect to compromise some privacy. This implies that when consumers participate in a business transaction, or where an exchange relationship exists between the database marketer and consumer, consumers could expect that a degree of privacy will be lost. Consumer groups however, argue that some marketing practices invade the reasonable amount of privacy consumers should be able to expect. The raising consumer concern for privacy is attributable to several reasons. The primary driver of consumer concern is the general lack of knowledge on data collection and use. Other reasons for the raising privacy concern include the type of information collected and the amount of control consumers have over subsequent use of data; the use of personal information to identify specific individuals; collection and use of sensitive information, such as medical and financial data; the volume of information collected and used; secondary information use; the use and dissemination of inaccurate databases; the collection and use of children's data; the lack of tangible benefits received in exchange for information provided; and the use of consumer information for financial gain. Consumers have also expressed concern about electronic database marketing practices because of the secrecy in data collection and use. However, privacy concerns may vary depending on consumers' cultural orientation, age, perception on what constitutes good marketing ethics or the specific methods employed to obtain consumer data. One could distinguish between several consumer clusters when considering consumers" attitudes on database marketing practices and personal privacy. In this regard the typical South African consumer is classified as a "pragmatist". Pragmatists are concerned with privacy to the extent they are exposed to database marketing activities. The South African database marketing industry is still in its infancy phase and as the industry progress, and consumers become more knowledgeable, privacy concerns are likely to increase. It is important to address the issues that raise consumer privacy concerns and to find solutions for ensuring sustainable database marketing practice in future. Marketers' information needs and consumers' privacy needs should somehow be balanced in order to withhold government intervention. Compromises from both sides are necessary to reach a more balanced relationship between the two parties. The successful outcome of the privacy debate will depend on marketers' understanding of consumer privacy issues and by addressing these accordingly.Several approaches exist for regulating database marketing practices that invade consumer privacy: the implementation of information technology, self-regulation and government intervention. Self-regulation is preferred for regulating database marketing practices, whereas privacy-enhancing information technology is recommended as a supplemental tool for protecting consumer privacy. Government regulating seems to be the last resort because of unnecessary restrictions that might be imposed on database marketing activities. Recommended models for regulating database marketing activities and for protecting consumer privacy in South Africa are the Registration Model, together with elements of the Data Commissioner Model. These models were proposed after careful consideration of characteristics, unique to the South African database marketing industry. The models place the responsibility for data protection with the database marketer and the South African government, rather than with the consumer. The Registration Model and the Data Commissioner Model seems a viable combination for implementation in South Africa because these models acknowledge the fact that South African pragmatic consumers are not well educated and informed enough on privacy invading database marketing practices. This combination rarely involves any consumer participation and therefore suits the typical apathetic nature of South African consumers. The Registration Model acts like a notice system where an agency, currently the Direct Marketing Association of South Africa, develops principles of fair information practices to which registered marketers need to comply with. A commission, an element of the Data Commissioner Model, has power to investigate consumer complaints, constrain development of databases, review data practices and advise on improvements on data collectors' systems. The commission could also monitor advancements in information technology that may enhance consumer privacy. The only problem with these models seems to be that the agency and or the commission have no authoritative power to enforce compliance with principles and codes of conduct. Industry self-regulation in conjunction with some governmental control and the application of information technology seems to be useful in providing adequate levels of consumer privacy and data protection. Such a combination might strike a balance between South African consumers' need for privacy and South African marketers' need for consumer information.<br>AFRIKAANSE OPSOMMING: Een van die verskynsels in die bemarkingsindustrie oor die afgelope dekade is die toenemende gebruik van databasisbemarking. Databasisbemarking behels die insameling, prosessering en verspreiding van groot hoeveelhede verbruikersinligting met die doelom gedetailleerde verbruikersdatabasisse saam te stel. Die toenemende gewildheid van databasisbemarking kan toegeskryf word aan verskeie faktore. Inligtingstegnologie maak dit baie makliker, goedkoper en vinniger om verbruikersinligting te bekom. Dit raak al hoe makliker om verbruikersmarkte te segmenteer en dit is moontlik om verbruikers tendense te identifiseer. Voorspellings kan ook gemaak word ten opsigte van verbruikersgedrag en aankooppatrone omdat die omvang van inligting in verbruikersdatabasisse strek vanaf demografiese, psigografiese tot lewenstylinligting en daarom 'n baie meer volledige verbruikersprofiel bied. Databasistegnologie verbeter die doeltreffendheid en effektiwiteit van bemarkingsveldtogte omdat bemarkers beskikbare inligting kan analiseer en die mees gepaste bemarkingstrategieë en taktieke kan selekteer, terwyl programme gerig kan word op die mees winsgewinde verbruiker. Bemarkers sal dus minder moeite, geld en ander hulpbronne vermors deurdat bemarkingsprogramme nie gerig word op individue wat heel waarskynlik nie op sulke aanbiedinge sal reageer nie. Omvangryke databasisse help bemarkers om goedkoper produkte te bied wat meer presies ontwerp is op kleiner, meer homogene marksegmente te dien. Verbeterde produk en diens aanbiedinge tesame met die beskikbaarheid van 'n wyer verskeidenheid van produkte en dienste, sal heel waarskynlik hoër verbruikersatisfaksie tot gevolg hê en kan verbruikerslojaliteit bewerkstellig. Dus, bemarkers gebruik verbruikersinligting om die algehele bemarkingstrategie en individuele diens aan verbruikers te verbeter. Verbruikers het belang by databasis bemarkingspraktyke omdat verbruikers glo dat sommige data praktyke inbreuk maak op persoonlike privaatheid. Die behoefte aan privaatheid was nog altyd inherent aan die menslike natuur en die konsep van privaatheid dateer terug tot vroeë beskawings. Daar behoort egter 'n onderskeid getref te word tussen 'n individu se basiese behoefte aan privaatheid vanuit 'n algemene perspektief en privaatheid vanaf 'n verbruiker-bemarker konteks. Privaatheid, vanaf 'n algemene perspektief, verwys na 'n individu se persoonlike ruimte en die behoefte aan fisiese afsondering, teenoor verbruikersprivaatheid wat hoofsaaklik verband hou met die privaatheid van persoonlike inligting. Bennett, sowel as Stone en Stone het voorgestel dat 'n mate van privaatheid heers wanneer 'n verbruiker beheer het oor sosiale interaksies, ongewenste eksterne prikkels, die verspreiding van persoonlike inligting, sowel as om in staat te wees om onafhanklike besluite te neem sonder invloed van buite. Verbruikers se behoefte aan privaatheid is egter in konflik met die behoefte aan sosiale interaksie en die behoefte om deel te neem aan kommersiële transaksies. Hoe meer 'n persoon in wisselwerking tree met ander lede van die gemeenskap, hoe meer kan die persoon verwag om 'n mate van privaatheid op te offer. Dit impliseer dat wanneer verbruikers deelneem in 'n besigheidstransaksie of waar 'n ruilverhouding bestaan tussen die databasisbemarker en verbruiker, kan verbruikers verwag dat 'n mate van privaatheid verlore sal gaan. Verbruikers kan 'n redelike mate van privaatheid verwag, maar verbruikersgroepe argumenteer dat sommige bemarkingspraktyke inbreuk maak op hierdie redelike verwagting van privaatheid. Die toenemende verbruikersbelang by privaatheid is toeskryfbaar aan verskeie redes. Die primêre dryfkrag agter verbruikers se belang is die algemene gebrek aan kennis oor data insameling en gebruik. Ander redes wat bydrae tot die toenemende belang by privaatheid sluit in die tipe inligting ingesamel en die hoeveelheid beheer verbruikers het oor die daaropeenvolgende gebruik van data; die gebruik van persoonlike inligting om spesifieke individue te identifiseer; die insameling en gebruik van sensitiewe inligting, soos byvoorbeeld mediese en finansiële data; die hoeveelheid inligting wat ingesamel en gebruik word; sekondêre gebruik van inligting; die gebruik en verspreiding van onakkurate databasisse; en die insameling en gebruik van verbruikersinligting om finansieël voordeel daaruit te trek. Verbruikers het ook belang getoon teenoor elektroniese databasis bemarkingspraktyke as gevolg van die geheimhouding oor data insameling en gebruik. Die belang by privaatheid mag egter varieër afhangende van verbruikers se kulturele oriëntasie, ouderdom, persepsie van wat goeie bemarkingsetiek behels of die spesifieke metodes gebruik om data aangaande verbruikers te bekom. Daar kan onderskei word tussen verskeie verbruikersgroepe wanneer verbruikershoudings teenoor databasis bemarkingspraktyke en persoonlike privaatheid oorweeg word. In hierdie verband kan die tipiese Suid-Afrikaanse verbruiker geklassifiseer word as 'n pragmatis. Pragmatiste is besorg oor privaatheid tot die mate waartoe hulle blootgestel is aan databasisbemarkingsaktiwiteite. Die Suid-Afrikaanse databasis industrie is nog in die beginfase en soos die industrie groei en verbruikers meer ingelig raak, sal besorgdheid oor privaatheid heelwaarskynlik ook toeneem. Dit is belangrik om die kwessies wat besorgdheid oor verbruikersprivaatheid veroorsaak aan te spreek en om oplossings te vind om volhoubare databasisbemarkingspraktyke in die toekoms te verseker. Daar moet gepoog word om bemarkers se behoefte aan inligting en verbruikers se behoefte aan privaatheid in ewewig te bring om sodoende owerheidsinmenging te voorkom. Opofferings van beide partye is nodig om 'n meer gebalanseerde verhouding tussen die twee partye te bewerkstellig. Die suksesvolle uitkoms van die privaatheidsdebat sal afhang van bemarkers se begrip vir verbruikersprivaatheidskwessies en om dit dienooreenkomstig aan te spreek. Die regulering van databasisbemarkingspraktyke wat inbreuk maak op verbruikersprivaatheid kan verskillend benader word: die implementering van inligtingstegnologie, self-regulering en owerheids-inmenging. Self-regulering word verkies as basis om databasisbemarkingspraktyke te reguleer, terwyl privaatheids-bevorderende inligtingstegnologie aanbeveel word as bykomende gereedskap om verbruikersprivaatheid te beskerm. Owerheidsregulering word gesien as die laaste uitweg as gevolg van onnodige beperkinge wat dit mag plaas op databasisbemarkingsaktiwitei te. Die voorgestelde modelle vir die regulering van databasis bemarkingsaktiwiteite en vir die beskerming van verbruikersprivaatheid in Suid Afrika, is die Registrasie Model, tesame met elemente van die Data Kommissaris Model. Hierdie modelle is voorgestel nadat eienskappe, uniek aan die Suid Afrikaanse databasisbemarkingsindustrie, deeglik oorweeg IS. Die modelle plaas die verantwoordelikheid van data beskerming in die hande van die databasisbemarker en die Suid-Afrikaanse owerheid, eerder as by die verbruiker. Die Registrasie Model en die Data Kommissaris Model blyk 'n uitvoerbare kombinasie vir implementering in Suid Afrika te wees, omdat hierdie modelle die feit inagneem dat Suid Afrikaanse pragmatiese verbruikers nie goed genoeg opgevoed en ingelig is oor die databasisbemarkingsaktiwiteite wat inbreuk maak op privaatheid nie. Hierdie kombinasie behels selde verbruikersdeelname en is daarom gepas by die tipiese apatiese aard van Suid Afrikaanse verbruikers. Die Registrasie Model dien as 'n kennisgee-stelsel waar 'n agentskap, tans die Direkte Bemarkings Assosiasie van Suid Afrika, beginsels vir regverdige inligtingspraktyke ontwikkel waaraan geregistreerde databasisbemarkers moet voldoen. 'n Kommissie, 'n element van die Data Kommissaris Model, het mag om verbruikersklagtes te ondersoek, die ontwikkelling van databasisse aan bande te lê en om datapraktyke te hersien en advies te gee oor verbeteringe in die stelsels van data-insamelaars. Die kommissie kan ook ontwikkelinge in inligtingstegnologie wat verbruikersprivaatheid bevorder, monitor. Die enigste probleem met hierdie modelle blyk te wees dat die agenstkap en die kommissie geen gesag het om te verseker dat beginsels en kodes van goeie gedrag afgedwing word nie. Industrie self-regulering, tesame met 'n mate van owerheidsbeheer en die implementering van inligtingstegnologie blyk nuttig te wees om voldoende vlakke van verbruikers-privaatheid en data beskerming te verseker. Dié kombinasie kan moontlik 'n balans vind tussen Suid Afrikaanse verbruikers se behoefte aan privaatheid en Suid Afrikaanse bemarkers se behoefte aan verbruikersinligting.