Bill Aiello
Email: aiello@research.att.com
Web: http://www.research.att.com/~aiello/
Phone:
973-360-7128
Office hours: by appointment
Patrick McDaniel
Email:pdmcdan@research.att.com
Web: http://www.patrickmcdaniel.org/
Phone: 973-360-5721
Office hours: by appointment
http://www.patrickmcdaniel.org/courses/nyu/b20-3156-sum04
Privacy issues have been getting increasing attention from law makers, regulators, and the media. As a result, businesses are under increasing pressure to draft privacy policies and post them on their web sites. Chief privacy officers are becoming essential members of many enterprises, and companies are taking proactive steps to avoid the potential reputation damage of a privacy mistake.
This course provides an overview of online privacy issues, privacy laws, and privacy-related technologies and self-regulatory efforts. Students will study the approaches that companies are taking to address their customers' online privacy concerns, as well as review recent privacy blunders. Students will also gain an understanding of both privacy-invading and privacy-enhancing technologies. Students will be prepared to assess the privacy practices of organizations in order to document these practices in privacy policies (including P3P policies), and evaluate the implications of these practices for the organization.
The Privacy Payoff: How Successful Businesses Build Customer Trust, Cavoukian and Hamilton, McGraw-Hill, 2002.
Note: this is subject to change. The class web site will have the most recent version of this syllabus. Additional readings will be handed out in class or made available online. Please do each reading assignment before you come to class -- this includes the reading assignments for the first class!
This class meets for only six sessions; therefore it is critical that students attend every session. Students who miss more than one class will find it very difficult to receive a passing grade. If you must miss a class, please submit any homework assignments prior to class via email.
There will be a reading assignment and homework questions due every week, which will account for 40% of your grade. There will be a group project that will account for 25% of your grade. There will be a final exam that will account for 25% of your grade. The remaining 10% of your grade will be based on attendance and participation in class and on the class discussion list.
A class mailing list will be setup for announcements, questions, and further discussion of topics discussed in class. Students will be expected to contribute to mailing list discussions. Students should post (non-personal) course-related questions to this mailing list rather than sending them to the instructors directly. Students are encouraged to post course-related items of interest to this mailing list.
This course considers topics involving personal and public privacy and security. As part of this investigation we will cover technologies whose abuse may infringe on the rights of others. As instructors, we rely on the ethical use of these technologies. Unethical use may include circumvention of existing security or privacy measurements for any purpose, or the dissemination or promotion of attacks against these services except in the process of reporting vulnerabilities through public and authoritative channels. Any activity of this nature will be reported to the proper authorities and may result in dismissal from the class. When in doubt, please come to us for advice.