Case Study Irm
LAVARES, Prosper Jan Alfred D.
LUNA, Kier Erikko M.
Suppose that your local bank has a data mining system. The bank has been studying your debit card usage patterns. Noticing that you make many transactions at home renovation stores, the bank decides to contact you, offering information regarding their special loans for home improvements.
a. Discuss how this may conflict with your right to privacy.
R.A. 10173 or the Data Privacy Act is an act protecting individual personal information in information and communications systems in the government and the private sector, creating for this purpose a national privacy commission, and for other purposes. In this case, the bank used your personal information without you knowing. The bank is neither recognized as a PERSONAL INFORMATION CONTROLLER nor a PERSONAL INFORMATION PROCESSOR by the government so it does not have the right to use your personal information which caused your right to privacy to be violated. b. Describe another situation in which you feel that data mining can infringe on your privacy. * Your personal data and friends list is acquired through “Like”-ing Facebook pages. * Agreeing to the “access permissions”, such as contacts, upon installment of Android apps. * Turning on “Location Services” and “Geo-tagging” features of mobile devices. * Forced acceptance of software’s EULA before installation. * Yahoo Mail’s and Google Mail’s mandatory and automatic access to every user’s data on his/her email account which is sent to both Yahoo and Google’s business partners which results in Spam mails.
c. Describe a privacy-preserving data mining method that may allow the bank to perform customer pattern analysis without infringing on customers’ right to privacy.
First of all, the government must recognize the bank as a PERSONAL INFORMATION CONTROLLER and/or a PERSONAL INFORMATION PROCESSOR. The bank must then “request” for permission from the clients (waiver) if they would
LUNA, Kier Erikko M.
Suppose that your local bank has a data mining system. The bank has been studying your debit card usage patterns. Noticing that you make many transactions at home renovation stores, the bank decides to contact you, offering information regarding their special loans for home improvements.
a. Discuss how this may conflict with your right to privacy.
R.A. 10173 or the Data Privacy Act is an act protecting individual personal information in information and communications systems in the government and the private sector, creating for this purpose a national privacy commission, and for other purposes. In this case, the bank used your personal information without you knowing. The bank is neither recognized as a PERSONAL INFORMATION CONTROLLER nor a PERSONAL INFORMATION PROCESSOR by the government so it does not have the right to use your personal information which caused your right to privacy to be violated. b. Describe another situation in which you feel that data mining can infringe on your privacy. * Your personal data and friends list is acquired through “Like”-ing Facebook pages. * Agreeing to the “access permissions”, such as contacts, upon installment of Android apps. * Turning on “Location Services” and “Geo-tagging” features of mobile devices. * Forced acceptance of software’s EULA before installation. * Yahoo Mail’s and Google Mail’s mandatory and automatic access to every user’s data on his/her email account which is sent to both Yahoo and Google’s business partners which results in Spam mails.
c. Describe a privacy-preserving data mining method that may allow the bank to perform customer pattern analysis without infringing on customers’ right to privacy.
First of all, the government must recognize the bank as a PERSONAL INFORMATION CONTROLLER and/or a PERSONAL INFORMATION PROCESSOR. The bank must then “request” for permission from the clients (waiver) if they would