Spring Semester 2009 IT Policy and Technology: Japan and Global IT Environment 世界のなかの日本としてのIT政策と技術 Jun Murai Masaaki Sato Jun Takei May 21, 2009 6. Privacy and Security #1: Introduction Schedule Plan 1. 2. 4/9 4/16 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 4/30 5/7 5/14 5/21 5/28 6/4 6/11 6/18 6/25 7/2 7/9 May 21, 2009 Introduction Internet & Digital Technology History, Technology Introduction Digital Contents Policy #1 Digital Contents Policy #2 Digital Contents Policy #3 Privacy and Security #1 Today Privacy and Security #2 Privacy and Security #3 Education and Health Care #1 Education and Health Care #2 Education and Health Care #3 Guest Session: Network and Cyber Law Conclusion IT Policy and Technology: Japan and Global IT Environment #6 2 Personal Information Leakage http://sankei.jp.msn.com/affairs/crime/090512/crm0905122249035-n1.htm http://sankei.jp.msn.com/affairs/crime/090424/crm0904241755032-n1.htm http://www.yomiuri.co.jp/net/security/ryusyutsu/20081027nt0b.htm http://mainichi.jp/select/jiken/news/20090429ddm041040033000c.html May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 3 Today’s Lecture • Privacy and security basics – What is personal information – OECD principles – Japanese implementation: Personal Information Protecting Act (PIPA) May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 4 UNDERSTANDING PRIVACY May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 5 What is Privacy? Privacy • The state of being private and undisturbed • A person’s right to reserve this • Freedom from intrusion or public attention • Avoidance of publicity May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 6 What is Personal Information? • Japanese definition – Information that can identify a person (must be alive) such as, name, address, phone number, ID, picture, audio – Above information include a item that doesn’t indicate a person but can be identify a person by combination with other information • Address + name • Phone May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 7 How Privacy Protection Act Affect ICT? • ICT environment allows exchange data beyond {group, company, organization, nation} boarders in quick and efficient manner • It fueled the growth of the global economy • What If it is not allowed to send customer data via net? May 21, 2009 distributer sales manufacturer consumer IT Policy and Technology: Japan and Global IT Environment #6 8 OECD Guideline • OECD: Organization for Economic Co-operation and Development – International organization for consulting global economics (economic growth, development, and trading) – 30 nations are participating • “OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data”, 1980 – Reference document of privacy protection laws – Main objective of the document is “help to harmonize national privacy legislation and, while upholding such human rights, would at the same time prevent interruptions in international flows of data” May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 9 Balancing Privacy and Social Benefit Protect basic human rights May 21, 2009 Smooth global data flow IT Policy and Technology: Japan and Global IT Environment #6 10 OECD 8 Principles 1. 2. 3. 4. 5. 6. 7. 8. Collection Limitation Principle Data Quality Principle Purpose Specification Principle Use Limitation Principle Security Safeguards Principle Openness Principle Individual Participation Principle Accountability Principle May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 11 Collection Limitation Principle • The collection of personal data and any such data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject. May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 12 Data Quality Principle • Personal data should be relevant to the purposes for which they are to be used, and, to the extent necessary for those purposes, should be accurate, complete and kept up-todate May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 13 Purpose Specification Principle • The purposes for which personal data are collected should be specified not later than at the time of data collection and the subsequent use limited to the fulfillment of those purposes or such others as are not incompatible with those purposes and as are specified on each occasion of change of purpose 2.data 1.purpose May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 14 Use Limitation Principle • Personal data should not be disclosed, made available or otherwise used for purposes other than those specified May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 15 Security Safeguards Principle • Personal data should be protected by reasonable security safeguards against such risks as loss or unauthorized access, destruction, use, modification or disclosure of data May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 16 Openness Principle • There should be a general policy of openness about developments, practices and policies with respect to personal data May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 17 Individual Participation Principle • An individual should have the right: – to obtain from a data controller, or otherwise, confirmation of whether or not the data controller has data relating to him; – to have communicated to him, data relating to him May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 18 Accountability Principle • A data controller should be accountable for complying with measures which give effect to the principles stated above. May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 19 Personal Information Protection Act • Japanese law that defines how to handle personal information • Based on OECD guideline • Effective since 2003 • Mid term review by committee in 2008 – No change the law itself May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 20 Issues in Japan • Over reactions by society – Ex) no more member list distribution with phone# • Too much overhead to economic activity – Ex) company must disclose the lost data or information leakage • Doesn’t help reducing personal information leakage – Ex) Intentionally and unintentionally information leakage are happening every day May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 21 Homework • Find over reaction for the Japanese PIPA and describe the cause and issue then propose your solutions – Ex: school teachers hesitate to distribute name, address and phone number list of the class. Of course it is personal information and must be treated with special care. But the law never say it is bad thing. This over reaction reduce teacher and class’s productivity • Due: Wednesday, May 27 at 11:59PM – Submit the assignment at SFC-SFS May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 22 Extra Credit Assignment • In lecture #3, we asked you to study Google Book Search to prepare for discussions that were done in lecture #4. If you have anything you've studied or thought in the process of researches, and if you wish to submit them for extra credits, please share your thoughts. • This assignment is not a mandatory assignment. The assignment may help your grade if you submit a decent assignment; even if you don't submit it, there will be no disadvantages for you. • Due: Wednesday, May 27 at 11:59PM – Submit the assignment at SFC-SFS May 21, 2009 IT Policy and Technology: Japan and Global IT Environment #6 23
© Copyright 2024 ExpyDoc