BBS INSTITUTE OF PROFESSIONAL

STUDIES
BACHELOR OF COMPUTER
APPLICATION(BCA)

UNIT – 03

“PRIVACY AND FREEDOM OF EXPRESSION”

BY – OMJI AWASTHI
ASSISTANT PROFESSOR

Mr. Omji Awasthi, BBSCET

 INFORMATION PRIVACY
• Information privacy refers to the protection of personal data
from misuse, unauthorized access, or breaches.
• This includes everything from sensitive personal information
(like social security numbers, health data, financial records) to
digital information (such as browsing history, location data,
and social media activity).
• With the growing importance of the internet and digital
technology, information privacy has become an essential issue
for individuals, corporations, and governments.

CYBER SECURITY UNIT - 3

 KEY ELEMENTS OF
INFORMATION PRIVACY
• Data Collection: The act of gathering personal information by
organizations, including government bodies, businesses, and
third parties.
• Data Storage and Processing: How and where personal data
is stored and processed, which should follow specific security
protocols to prevent unauthorized access.
• Data Sharing: The sharing or sale of personal data with third
parties, which needs to be done transparently and with proper
consent.

CYBER SECURITY UNIT - 3

 KEY ELEMENTS OF
INFORMATION PRIVACY
• Data Security: Measures to protect personal data from
cyberattacks, breaches, and theft.
• Data Deletion/Anonymization: The right of individuals to ask
for their personal information to be deleted or anonymized
when it is no longer needed.

CYBER SECURITY UNIT - 3

 PRIVACY LAWS
• Privacy laws are designed to protect individuals' personal data
and regulate how organizations can collect, store, use, and
share that data.
• These laws vary significantly across different countries,
reflecting the societal values and regulatory approaches of
each region.

CYBER SECURITY UNIT - 3

NOTABLE PRIVACY LAWS

CYBER SECURITY UNIT - 3

 GENERAL DATA PROTECTION
REGULATION (GDPR)
• European Union: One of the most comprehensive privacy
laws, the GDPR governs the collection, processing, and
storage of personal data of EU citizens. It provides individuals
with greater control over their data and imposes heavy
penalties for non-compliance.
• Key principles of GDPR:
• Right to access and rectify personal data.
• Right to be forgotten (data erasure).
• Data portability (transfer of data).
• Requirement for informed consent.
• Data minimization and purpose limitation.
CYBER SECURITY UNIT - 3
 CALIFORNIA CONSUMER
PRIVACY ACT (CCPA)
• United States: This law gives California residents the right to
access, delete, and opt out of the sale of their personal data. It's
seen as a pioneering effort in the U.S. to grant stronger privacy
protections for consumers.
Key elements:
• Right to know what personal information is collected.
• Right to request deletion of personal information.
• Right to opt-out of the sale of personal information.

CYBER SECURITY UNIT - 3

 HEALTH INSURANCE PORTABILITY
AND ACCOUNTABILITY ACT (HIPAA)
• United States: HIPAA regulates the protection of personal
health information, particularly in the healthcare industry.
• It sets standards for data security, confidentiality, and patient
privacy.

CYBER SECURITY UNIT - 3

 PERSONAL DATA PROTECTION
BILL (INDIA)
• A comprehensive data protection law modeled after the
GDPR, it aims to regulate the processing of personal data in
India, establishing rights for data subjects and obligations for
data controllers and processors.

CYBER SECURITY UNIT - 3

 PRIVACY AND ELECTRONIC
COMMUNICATIONS REGULATIONS (PECR)

• United Kingdom: PECR works in tandem with GDPR to

regulate how organizations can use electronic
communications, particularly concerning marketing, cookies,
and unsolicited communications.

CYBER SECURITY UNIT - 3

 APPLICATIONS OF PRIVACY
LAWS
• Privacy laws have widespread applications across multiple
sectors, especially those involving data processing and
technology.
• Technology: Privacy laws apply to tech companies that handle
user data, such as social media platforms, search engines, and
e-commerce businesses. They must comply with regulations
like the GDPR and CCPA to ensure user data is protected.
• Healthcare: Medical institutions and health insurers must
follow privacy regulations like HIPAA to protect patient data
and ensure confidentiality in medical records and treatment
plans.

CYBER SECURITY UNIT - 3

 APPLICATIONS OF PRIVACY
LAWS
• Finance: Banks, insurance companies, and financial institutions must
comply with privacy laws to protect sensitive financial data of
customers, as required by regulations like the Gramm-Leach-Bliley Act
(GLBA) in the U.S.
• Retail and Marketing: Companies in the retail and marketing sector
use customer data to personalize experiences and advertising, but they
must comply with laws like GDPR, CCPA, and others to ensure they
respect customer privacy rights.
• Surveillance and Law Enforcement: Governments and law
enforcement agencies need to balance privacy concerns with national
security requirements. Data collection and surveillance measures must
follow legal processes to ensure compliance with privacy rights.

CYBER SECURITY UNIT - 3

 COURT RULINGS ON PRIVACY
• Court rulings have played a significant role in shaping privacy
laws and setting legal precedents in cases of privacy
violations. These rulings reflect the evolving nature of privacy
in the digital age.
Notable Court Rulings:
• Carpenter v. United States (2018) – U.S. Supreme Court:
The Court ruled that law enforcement needs a warrant to
access historical cell phone location data, recognizing the
privacy rights individuals have over their personal data in the
digital realm.

CYBER SECURITY UNIT - 3

 COURT RULINGS ON PRIVACY
• Google Spain SL, Google Inc. v. Agencia Española de
Protección de Datos (2014) – European Court of Justice: This
landmark case established the "right to be forgotten" within the
EU, allowing individuals to request the removal of outdated or
irrelevant personal data from search engines.
• Facebook, Inc. v. Centro de Investigación y Docencia
Económicas (2018) – Mexican Supreme Court: This case
centered on the application of privacy rights under the
Mexican Constitution and international data protection laws,
emphasizing the importance of securing personal data in the
digital era.

CYBER SECURITY UNIT - 3

 COURT RULINGS ON PRIVACY
• Schrems II (2020) – Court of Justice of the European Union:
This ruling invalidated the EU-U.S. Privacy Shield agreement,
which allowed the transfer of personal data between the EU
and the U.S. The decision emphasized the need for stronger
protections for personal data transferred outside the EU.
• R. v. Spencer (2014) – Supreme Court of Canada: The
Canadian Supreme Court ruled that police cannot access the
subscriber information of individuals without a warrant,
reinforcing the importance of privacy and data protection even
in law enforcement investigations.

CYBER SECURITY UNIT - 3

 CHALLENGES IN PRIVACY
PROTECTION
• Data Breaches: The increasing frequency of data breaches and
cyberattacks has led to heightened concerns over the security
of personal data. Organizations face greater scrutiny over their
data protection measures.
• Globalization of Data: With the rise of global data flows,
there is a need for international agreements on data protection
standards. The lack of universal standards complicates privacy
protection efforts across borders.

CYBER SECURITY UNIT - 3

 CHALLENGES IN PRIVACY
PROTECTION
• Artificial Intelligence and Big Data: AI technologies and
data analytics present privacy risks as they often require vast
amounts of personal data. The need to balance innovation with
privacy rights is a key challenge.
• Surveillance: The growth of surveillance technologies (e.g.,
facial recognition, drones) by both governments and private
entities raises concerns about the erosion of privacy.

CYBER SECURITY UNIT - 3

KEY PRIVACY AND ANONYMITY
ISSUES CONSUMER PROFILING

CYBER SECURITY UNIT - 3

 CONSUMER PROFILING
• Consumer profiling refers to the collection and analysis of
consumer data to build detailed profiles about individuals
based on their behaviors, preferences, and personal
information.
• This data is often used for targeted advertising, personalized
services, and market research.
• While profiling can enhance consumer experiences, it raises
significant privacy and anonymity concerns.

CYBER SECURITY UNIT - 3

 KEY ISSUES OF CONSUMER
PROFILING
• Data Collection: Companies often collect vast amounts of
data, sometimes without clear consumer consent or awareness.
This can include tracking online activities, purchase histories,
and even personal details like income or location.
• Informed Consent: Consumers may not fully understand
what data is being collected or how it will be used, leading to
concerns over lack of transparency and informed consent.
• Data Security: The massive amounts of data collected for
profiling need to be secured. If there are data breaches,
sensitive personal information could be exposed, leading to
identity theft, financial fraud, or reputational harm.

CYBER SECURITY UNIT - 3

 KEY ISSUES OF CONSUMER
PROFILING
• Discrimination and Bias: Profiling systems can lead to
discrimination or reinforce biases. For example, targeted ads
or service offerings may unintentionally exclude certain
groups or exploit vulnerable populations.
• Privacy Invasion: Consumers often feel that their privacy is
violated when their behaviors, preferences, and personal
information are used to create profiles without their explicit
permission. This leads to feelings of surveillance and loss of
control.

CYBER SECURITY UNIT - 3

REGULATORY APPROACHES IN
CONSUMER PROFILING
• REGULATORY APPROACHES
• GDPR (General Data Protection Regulation) in the EU
mandates that companies disclose their data collection
practices, obtain explicit consent, and provide individuals with
the right to access, correct, and delete their personal data.
• CCPA (California Consumer Privacy Act) offers consumers
the right to request the deletion of their data, opt-out of data
sales, and access the information companies have collected
about them.

CYBER SECURITY UNIT - 3

 ELECTRONIC DISCOVERY (E-
DISCOVERY)
• Electronic Discovery refers to the process of identifying,
collecting, and producing electronic documents and data
during litigation or regulatory investigations.
• In the context of legal cases, e-Discovery has become a critical
tool, but it also raises significant privacy and confidentiality
issues.

CYBER SECURITY UNIT - 3

 KEY ISSUES OF ELECTRONIC
DISCOVERY
• Access to Personal Data: In the course of legal proceedings,
personal data (emails, texts, social media messages, and
documents) may be accessed, which can violate an individual’s
privacy if not handled properly.
• Data Retention: Many organizations retain vast amounts of
data that could be subject to discovery in litigation, including
emails and other forms of communication that may have
personal or sensitive content.

CYBER SECURITY UNIT - 3

REGULATORY APPROACHES IN
ELECTRONIC DISCOVERY
• Over-Collection: In some cases, e-Discovery processes may
involve the collection of excessive amounts of irrelevant data,
resulting in privacy violations for individuals whose
information is not central to the case.
• Security Risks: The collection, storage, and transfer of
electronic data can expose it to security risks, such as hacking
or data leaks, which could compromise personal or
confidential information.

CYBER SECURITY UNIT - 3

 WORKPLACE MONITORING
• Workplace monitoring refers to the use of technology by
employers to track employee activities during work hours,
which could include monitoring email communications,
internet usage, physical location tracking, and even
performance metrics.

CYBER SECURITY UNIT - 3

 KEY ISSUES IN WORKPLACE
MONITORING
• Privacy Invasion: Monitoring employee activities,
particularly personal communications or actions that are
unrelated to their job duties, can be seen as an invasion of
privacy.
• Scope and Transparency: Employees may not be fully aware
of the extent to which their activities are being monitored,
leading to concerns about the lack of transparency in employer
surveillance practices.
• Data Security: Employers must ensure that personal data
collected through monitoring is securely stored and not
misused or exposed to unauthorized access.

CYBER SECURITY UNIT - 3

 KEY ISSUES IN WORKPLACE
MONITORING
• Workplace autonomy and trust: excessive monitoring can
create an environment of distrust, affecting employee morale,
job satisfaction, and overall productivity.
• Health and well-being: continuous monitoring can contribute
to stress and anxiety among employees, impacting their mental
health and well-being.

CYBER SECURITY UNIT - 3

REGULATORY APPROACHES IN
WORKPLACE MONITORING
• General Data Protection Regulation (GDPR) in the EU
requires that employers disclose how they collect and use
personal data, including monitoring data. Employers must also
justify the necessity of monitoring and ensure that it does not
violate employee privacy.
• Electronic Communications Privacy Act (ECPA) in the U.S.
restricts employers' ability to monitor personal
communications but allows monitoring of work-related
communications.
• National Labor Relations Act (NLRA) protects employees'
rights to discuss work conditions, which may include
discussing monitoring practices if they are perceived as
unreasonable. CYBER SECURITY UNIT - 3
 SURVEILLANCE
• Surveillance refers to the systematic monitoring or observation
of individuals or groups, often carried out by governments,
law enforcement, or private entities.
• With the rise of technologies such as facial recognition, GPS
tracking, and public CCTV systems, surveillance has become
increasingly pervasive.

CYBER SECURITY UNIT - 3

 KEY ISSUES IN SURVEILLANCE
• Loss of Anonymity: Surveillance systems, particularly facial
recognition technology, can erode personal anonymity, as
individuals are increasingly tracked and identified in public
spaces.
• Chilling Effect: People may alter their behavior or limit their
participation in public activities if they believe they are being
constantly watched, which can infringe on civil liberties such
as freedom of speech and assembly.

CYBER SECURITY UNIT - 3

KEY ISSUES IN SURVEILLANCE
• Mass Surveillance: Governments and private companies may
engage in mass surveillance programs that gather extensive
data on individuals without their consent, often for purposes
like national security, marketing, or public order.
• Data Misuse: Surveillance data, particularly if stored or
shared improperly, can be misused for purposes beyond the
original intent (e.g., for political profiling or targeted
harassment).
• Security Risks: Surveillance systems are vulnerable to
hacking and breaches, which could expose sensitive
information about individuals' movements, behaviors, or
private lives.

CYBER SECURITY UNIT - 3

REGULATORY APPROACHES IN
SURVEILLANCE
• GDPR includes provisions around the surveillance of
individuals, particularly concerning the use of technologies
like CCTV or location tracking in public spaces.
• The U.S. Foreign Intelligence Surveillance Act (FISA) and
The USA PATRIOT Act govern surveillance activities related
to national security but have been subject to scrutiny and
reform over concerns about the erosion of privacy.
• UK's Investigatory Powers Act (2016), known as the
"Snooper's Charter," allows extensive government surveillance
but includes safeguards to prevent abuse.

CYBER SECURITY UNIT - 3

FIRST AMENDMENT RIGHTS: FREEDOM
OF EXPRESSION AND KEY ISSUES
• The First Amendment to the United States Constitution
protects the fundamental rights to freedom of speech,
freedom of the press, freedom of religion, freedom of
assembly, and the right to petition the government for
redress of grievances.
• Among these, freedom of expression is one of the most
central components of democratic society, ensuring that
individuals can voice their opinions, criticize the government,
and engage in open discourse.

CYBER SECURITY UNIT - 3

 KEY ASPECTS OF FIRST
AMENDMENT RIGHTS
• Freedom of Speech:
• The right to express opinions, ideas, and beliefs without
government interference or punishment. This is a foundational
right for democracy and is considered a cornerstone of
individual liberty.
• Freedom of the Press:
• Journalists and news outlets can report freely without
censorship. This is crucial for holding public officials
accountable and informing the public.

CYBER SECURITY UNIT - 3

 KEY ASPECTS OF FIRST
AMENDMENT RIGHTS
• Freedom of Religion:
• Individuals are free to practice their religion of choice without
government interference, and the government is prohibited
from establishing a national religion (Establishment Clause).
• Right to Peaceable Assembly:
• Citizens have the right to gather peacefully for demonstrations,
protests, or meetings to express collective views.
• Right to Petition the Government:
• Citizens can make complaints or seek assistance from the
government without fear of punishment or reprisal.

CYBER SECURITY UNIT - 3

 KEY ISSUES IN FREEDOM OF
EXPRESSION
• While the First Amendment guarantees robust protections for
freedom of expression, it is not without limits. Over time, the
courts have established certain exceptions where freedom of
speech can be curtailed to protect other interests.
• Hate Speech:
– In the U.S., the First Amendment generally protects hate
speech unless it incites violence or poses an imminent
threat (e.g., in the case of the "fighting words" doctrine).
However, there is significant debate over the extent to
which hate speech should be protected.

CYBER SECURITY UNIT - 3

 KEY ISSUES IN FREEDOM OF
EXPRESSION:
• Obscenity and Pornography:
• The First Amendment does not protect obscene content,
defined by the Supreme Court as material that meets a specific
legal test (e.g., the Miller test) to determine if it is offensive
and lacks serious artistic, literary, political, or scientific value.
• Defamation:
• False statements that harm an individual's reputation are not
protected by the First Amendment. Laws exist for slander
(spoken defamation) and libel (written defamation), though
public figures must meet a higher standard to claim defamation
(e.g., proving actual malice).

CYBER SECURITY UNIT - 3

 KEY ISSUES IN FREEDOM OF
EXPRESSION:
• National Security and Sedition:
• Speech that endangers national security (e.g., revealing
classified information or advocating for the violent overthrow
of the government) is not protected by the First Amendment.
This includes sedition laws prohibiting speech that incites
rebellion against government authority.
• Freedom of Speech in the Workplace:
• Employees have limited free speech rights in the workplace,
particularly regarding speech that may interfere with the
employer's operations or violates workplace policies.

CYBER SECURITY UNIT - 3

 KEY ISSUES IN FREEDOM OF
EXPRESSION
• Social Media and Censorship:
• As social media platforms become the primary channels for
public discourse, issues of speech regulation, censorship, and
"cancel culture" have become increasingly prominent.
• Social media companies, while private entities, are often
expected to balance free speech with combating harmful
content like misinformation, hate speech, and harassment.

CYBER SECURITY UNIT - 3

 SOCIAL NETWORKING
ETHICAL ISSUES
• The rise of social networking platforms like Facebook, Twitter,
Instagram, and TikTok has fundamentally changed how people
communicate, share ideas, and express themselves.
• While these platforms provide enormous benefits in terms of
connectivity and access to information, they also raise
complex ethical issues regarding privacy, free speech, and the
role of tech companies in moderating content.

CYBER SECURITY UNIT - 3

 KEY ETHICAL ISSUES IN
SOCIAL NETWORKING
• Privacy and Data Collection:
• Social networking platforms collect vast amounts of personal
data, including user behaviors, preferences, and even sensitive
information. The ethical concern is whether users are fully
aware of what data is being collected and how it is being used.
• There are ongoing debates about the informed consent of
users and whether platforms are transparent enough about their
data collection practices. Additionally, data breaches and
misuse of data for targeted advertising or political influence
(e.g., Cambridge Analytica scandal) have raised concerns
about user privacy.

CYBER SECURITY UNIT - 3

 KEY ETHICAL ISSUES IN
SOCIAL NETWORKING
• Freedom of Expression vs. Content Moderation:
• Social media companies are increasingly faced with the
challenge of content moderation—deciding what constitutes
hate speech, misinformation, or harmful content. The ethical
issue lies in balancing free speech with protecting users from
harm (e.g., cyberbullying, harassment, extremist content).
• The decision to censor or de-platform individuals or groups
(e.g., banning users for spreading misinformation or hate
speech) raises ethical questions about the boundaries of free
expression on private platforms and the potential for bias in
decision-making.

CYBER SECURITY UNIT - 3

 KEY ETHICAL ISSUES IN
SOCIAL NETWORKING
• Misinformation and Fake News:
• The spread of false information on social media has become a
major ethical concern, particularly when it comes to political
manipulation, public health misinformation (e.g., COVID-19
vaccine myths), or false advertising. The ethical issue is
whether social media companies are doing enough to combat
fake news without infringing on free speech.
• Platforms like Facebook, Twitter, and YouTube have taken
steps to flag or remove false content, but the line between
censorship and protecting the public from harmful
misinformation remains a point of contention.

CYBER SECURITY UNIT - 3

 KEY ETHICAL ISSUES IN
SOCIAL NETWORKING
• Cyberbullying and Harassment:
• The anonymity provided by social media platforms often leads
to harmful behaviors like cyberbullying, harassment, and
trolling. Ethical concerns center on the platform’s role in
preventing and responding to these behaviors, ensuring that
users’ emotional and mental well-being is protected.
• Social media companies must balance the rights of the bully
and the victim, taking care not to infringe on users' freedom of
expression while preventing harm to others.

CYBER SECURITY UNIT - 3

 KEY ETHICAL ISSUES IN
SOCIAL NETWORKING
• Addiction and Mental Health:
• Social media platforms are designed to be engaging, with
algorithms that encourage users to spend more time on the
platform. The ethical concern is whether these platforms
contribute to addiction and mental health problems,
especially among teenagers and young adults.
• Research has shown that excessive use of social media can
lead to issues such as anxiety, depression, and body image
issues, prompting calls for greater responsibility from tech
companies in addressing these effects.

CYBER SECURITY UNIT - 3

 KEY ETHICAL ISSUES IN
SOCIAL NETWORKING
• Influence on Democracy and Political Polarization:
• Social media has a significant role in shaping public opinion
and influencing elections. The ethical issue arises when
platforms become tools for political manipulation, such as
through foreign interference or the spreading of polarizing
content.
• The rise of echo chambers, where individuals only engage
with content that reinforces their existing beliefs, has
contributed to political polarization. This raises concerns about
the role of platforms in promoting a healthy, informed public
discourse.

CYBER SECURITY UNIT - 3

 KEY ETHICAL ISSUES IN
SOCIAL NETWORKING
• Commercialization of User Data:
• Many social media platforms operate on a business model that
involves monetizing user data for advertising revenue. The
ethical dilemma is whether users are adequately informed
about how their data is being used and whether they should
have more control over the commercialization of their personal
information.

CYBER SECURITY UNIT - 3

THANK YOU

CYBER SECURITY UNIT - 3