Business cases for privacy-enhancing technologies

Computer Security, Privacy and Politics: Current Issues, Challenges and Solutions

Volumn , Issue , 2008, Pages 135-155

  Clarke, Roger ^a,b,c,d  

^a Xamax Consultancy Pty Ltd   (Australia)

^b UNIVERSITY OF NEW SOUTH WALES   (Australia)

^c AUSTRALIAN NATIONAL UNIVERSITY   (Australia)

^d UNIVERSITY OF HONG KONG   (Hong Kong)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 77954950280     PISSN: None     EISSN: None     Source Type: Book    
DOI: 10.4018/978-1-59904-804-8.ch007     Document Type: Chapter

References (55)

1. Except where otherwise noted, URLs were checked in January 2007.
2. Borking, J.J. (2003). The status of privacy enhancing technologies, Certification and security in e-services: From e-government to e-business. Kluwer.
3. Borking, J.J. & Raab, C. (2001). Laws, PETS and other technologies for privacy protection. Journal of Information, Law and Technology, 1(February).
4. Burkert, H. (1997). Privacy-enhancing technologies: Typology, critique, vision. In P.E. Agre & M. Rotenberg (Eds.), Technology and privacy: The new landscape. MIT Press.
5. Cameron, J. (2005). Ten concepts for an e-business collaborative project management framework. Proceedings of the 18th Bled eConference, Bled, Slovenia, June.
6. Cameron, K. (2005). The laws of identity. Microsoft, May. Retrieved from http://msdn2.microsoft.com/en-us/library/ms996456.aspx
7. Chaum, D. (1981). Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 4(2). Retrieved from http://world.std.com/~franl/crypto/chaum-acm-1981.html
8. Chaum, D. (1985). Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM, 28(10). Retrieved from http://www.chaum.com/articles/Security_Wthout_Identification.htm
9. Chaum, D. (1992), Achieving electronic privacy. Sci. Am., 96-101. Retrieved from http://www.chaum.com/articles/Achieving_Electronic_Privacy.htm
10. Clarke, I., Miller, S.G., Hong, T.W., Sandberg, O. & Wiley, B. (2002). Protecting free expression online with Freenet. IEEE Internet Computing (January-February). Retrived fromhttp://freenetproject.org/papers/freenet-ieee.pdf
11. Clarke, R. (1988). Information technology and dataveillance. Communications of the ACM, 31(5). Retrieved from http://www.anu.edu.au/people/Roger.Clarke/DV/CACM88.html
12. Clarke, R. (1992). Extra-organisational systems: A challenge to the software engineering paradigm. Proceedings of the IFIP World Congress, Madrid, September. Retrieved from http://www.anu.edu.au/people/Roger.Clarke/SOS/PaperExtraOrgSys.html
13. Clarke, R. (1994a). The path of development of strategic information systems theory. Xamax Consultancy Pty Ltd, July 1994, at http://www.anu.edu.au/people/Roger.Clarke/SOS/StratISTh.html
14. Clarke, R. (1994b). Human identification in information systems: Management challenges and public policy issues. Information Technology & People, 7(4), 6-37. Retrieved from http://www.anu.edu.au/people/Roger.Clarke/DV/HumanID.html
15. Clarke, R. (1996). Privacy, dataveillance, organisational strategy. Proceedings of the I.S. Audit & Control Association Conference (EDPAC'96), Perth, May 28, 1996. Retrieved from http://www.anu.edu.au/people/Roger.Clarke/DV/PStrat.html
16. Clarke, R. (1998a). Privacy impact assessment guidelines. Xamax Consultancy Pty Ltd, February 1998. Retrieved from http://www.xamax.com.au/DV/PIA.html
17. Clarke, R. (1998b). Platform for privacy preferences: An overview. Privacy Law & Policy Reporter, 5(2), 35-39. Retrieved from http://www.anu.edu.au/people/Roger.Clarke/DV/P3POview.html
18. Clarke, R. (1998c). Platform for privacy preferences: A critique. Privacy Law & Policy Reporter, 5(3), 46-48. Retrieved from http://www.anu.edu.au/people/Roger.Clarke/DV/P3PCrit.html
19. Clarke, R. (1999). Identified, anonymous and pseudonymous transactions: The spectrum of choice. In S. Fischer-Hübner, G. Quirchmayr, & L. Yngström (Eds.), User identification & privacy protection: Applications in public administration & electronic commerce. Kista, Schweden, IFIP WG 8.5 and WS 9.6, June 1999. Retrieved from http://www.anu.edu.au/people/Roger.Clarke/DV/UIPP99.html
20. Clarke, R. (2001a). Introducing PITs and PETs: Technologies affecting privacy. Privacy Law & Policy Reporter, 7(9), 181-183, 188. Retrieved from http://www.anu.edu.au/people/Roger.Clarke/DV/PITsPETs.html
21. Clarke, R. (2001b). P3P re-visited. Privacy Law & Policy Reporter, 7(10). Retrieved from http://www.anu.edu.au/people/Roger.Clarke/DV/P3PRev.html
22. Clarke, R. (2001c). Meta-Brands. Privacy Law & Policy Reporter, 7(11). Retrieved from http://www.anu.edu.au/people/Roger.Clarke/DV/MetaBrands.html
23. Clarke, R. (2001d). Person-location and person-tracking: Technologies, risks and policy implications. Information Technology & People, 14(2), 206-231. Retrieved from http://www.anu.edu.au/people/Roger.Clarke/DV/PLT.html
24. Clarke, R. (2002). Trust in the context of e-business. Internet Law Bulletin, 4(5), 56-59. Retrieved from http://www.anu.edu.au/people/Roger.Clarke/EC/Trust.html
25. Clarke, R. (2004). Identity management: The Technologies Their Business Value Their Problems Their Prospects. Xamax Consultancy Pty Ltd, March, Retrieved from http://www.xamax.com.au/EC/IdMngt.html
26. Clarke, R. (2005). Privacy statement template. Xamax Consultancy Pty Ltd, December. Retrieved from at http://www.anu.edu.au/people/Roger.Clarke/DV/PST.html
27. Clarke, R. (2006a). What's Privacy? Xamax Consultancy Pty Ltd, July 2006. Retrieved from http://www.anu.edu.au/people/Roger.Clarke/DV/Privacy.html
28. Clarke, R. (2006b). Vignettes of corporate privacy disasters. Xamax Consultancy Pty Ltd, September 2006. Retrieved from http://www.anu.edu.au/people/Roger.Clarke/DV/PrivCorp-0609.html
29. Clarke, R. (2006c). Make privacy a strategic factor - The why and the how. Cutter IT Journal, 19(11), 26-31. Retrieved from http://www.anu.edu.au/people/Roger.Clarke/DV/APBD-0609.html
30. Clauß, S., Pfitzmann, A., Hansen, M. & Van Herreweghen, E. (2002). Privacy-enhancing identity management. IPTS Report, Issue 67 (September). Retrieved from http://www.jrc.es/home/report/english/articles/vol67/IPT2E676.htm
31. CPSR (1991). CPSR co-sponsors meeting on encryption, privacy and communications. CPSR News Volume, 9(2). Archived at http://web.archive.org/web/20040705115955/http://www.cpsr.org/publications/newsletters/issues/1991/WinSpr1991/crypt.html
32. DCITA (2005). Taking care of spyware. DCITA, September 2005. Retrieved from http://www.dcita.gov.au/search/click.cgi?url=http://www.dcita.gov.au/_data/assets/pdf_file/30866/Taking_Care_of_Spyware.pdf&rank=2&collection=search
33. Dingeldine, R., Mathewson, N. & Syverson, P. (2004). Tor: The second-generation onion router. Proceedings of the 13th USENIX Security Symposium, August. Retrieved from http://tor.freehaven.net/cvs/doc/design-paper/tor-design.html
34. DOC (2000). Safe Harbor overview. U.S. Department of Commerce. Retrieved from http://www.export.gov/safeharbor/sh_overview.html
35. EPIC (1996-). EPIC online guide to practical privacy tools. Retrieved from http://www.epic.org/privacy/tools.html
36. EPIC (2000). Pretty poor privacy: An assessment of P3P and Internet Privacy. Electronic Privacy Information Center and Junkbusters, June. Retrieved from http://www.epic.org/Reports/prettypoorprivacy.html
37. EU (1995). Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. European Union, October 24. Retrieved from http://ec.europa.eu/justice_home/fsj/privacy/docs/95-46-ce/dir1995-46_part1_en.pdf
38. Freehaven (2000-). Anonymity bibliography. Retrieved from http://freehaven.net/anonbib/
39. Froomkin, A.M. (1995). Anonymity and its enmities. J. Online L., http://www.law.cornell.edu/jol/froomkin.htm, 1995, at http://www.wm.edu/law/publications/jol/95_96/froomkin.html
40. FTC (2000). Privacy online: Fair information practices in the electronic marketplace: A Federal Trade Commission report to Congress. Federal Trade Commission, May. Retrieved from http://www.ftc.gov/reports/privacy2000/privacy2000.pdf
41. Goldberg, I. (2000). A pseudonymous communications infrastructure for the Internet. PhD thesis, UC Berkeley, December. Retrieved from http://www.isaac.cs.berkeley.edu/~iang/thesis-final.pdf
42. Goldberg, I., Wagner, D., & Brewer, E. (1997). Privacy-enhancing technologies for the Internet. Proceedings of the 42nd IEEE Spring COMPCON, February.
43. IPCR (1995). Privacy-enhancing technologies: The path to anonymity. Information and Privacy Commissioner (Ontario, Canada) and Registratiekamer (The Neth erlands), 2 vols., August. Retrieved from http://www.ipc.on.ca/web%5Fsite.eng/matters/sum%5Fpap/papers/anon%2De.htm
44. ISO 10002 (2004). Quality management -- Customer satisfaction -- Guidelines for complaints handling in organizations. International Standards Organisation. Retrieved from http://www.iso.org/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=35539&ICS1=3&ICS2=120&ICS3=10
45. Microsoft (2006). The identity metasystem: Towards a privacy-compliant solution to the challenges of digital identity. Microsoft, October. Retrieved from http://www.identityblog.com/wp-content/resources/Identity_Metasystem_EU_Privacy.pdf
46. MIKR (2004). Privacy-enhancing technologies: White paper for decision-makers. Dutch Ministry of the Interior and Kingdom Relations, December. Retrieved from http://www.dutchdpa.nl/downloads_overig/PET_whitebook.pdf
47. Onion (1996-). Onion-Router.net. Retrieved from http://www.onion-router.net/Publications.html
48. OECD (1980). OECD guidelines on the protection of privacy and transborder flows of personal data. Organisation for Economic Co-operation and Development, Paris. Retrieved from http://www.oecd.org/document/18/0,2340,en_2649_201185_1815186_1_1_1_1,00.html
49. PET Workshops (2000-). Workshops on privacy enhancing technologies. Retrieved from http://petworkshop.org/
50. Rotenberg, M. (2004). The privacy law sourcebook: 2001. Electronic Privacy Information Center. Retrieved from http://www.epic.org/bookstore/pls2004/
51. Smith, R.E. (2002). Compilation of state and federal privacy laws. Privacy Journal, with a 2006 Supplement. Retrieved from http://www.privacyjournal.net/work1.htm
52. Stafford, T.F. & Urbaczewski, A. (2004). Spyware: The ghost in the machine. Commun. Association for Information Systems, 14, 291-306. Retrieved from http://web.njit.edu/~bieber/CIS677F04/stafford-spyware-cais2004.pdf
53. Syverson, P., Goldschlag, D., & Reed, M. (1997). Anonymous connections and onion routing. Proceedings of the 18th Symposium on Security and Privacy, Oakland. Retrieved from http://www.onion-router.net/Publications/SSP-1997.pdf
54. W3C (1998-). Platform for privacy preferences. World Wide Web Consortium, Retrieved from http://www.w3.org/P3P/
55. Wikipedia (2002-). Penet remailer. Retrieved from http://en.wikipedia.org/wiki/Penet_remailer