CS 491 Computer and Network Privacy and Security: Ethical, Legal, and Technical Considerations

---

You have zero privacy anyway. Get over it.

Scott Mcnealy, CEO Sun Microsystems, January 1999

History will record what we, here in the early decades of the information age, did to foster freedom, liberty, and democracy. Did we build information technologies that protected people’s freedoms even during times when society tried to subvert them? Or did we build technologies that could easily be modified to watch and control?

Bruce Schneier, Risks of Data Reuse, CRYPTO-GRAM, July 15, 2007

Technopolicy involves a complex interplay betweeen science, engineering, psychology, law and economics. There is altogether too little serious cross-disciplinary research. . . . It's extraordiarily easy for technopolicy arguments to get detached at one or more corners from reality.

Ross Anderson, Security Engineering, 2nd edition, p. 813

---

Welcome to this team-taught course between UIC's Computer Science Department and Kent-IIT Law School. As there are two instructors, there are two course web pages. You'll need to follow both. This is Prof. Sloan's UIC page; you also need to look at Prof. Warner's course page. Most readings are posted only there.

Prof. Richard Warner, Kent IIT Law School and Prof. Robert H. Sloan, University of Illinois at Chicago Department of Computer Science.

Class: Tuesdays and Thursdays, 2:00–3:15 p.m.

Tuesdays: Kent IIT Law School Adams & Clinton; Kent Classroom: 170
(UIC students: Walk North on Halsted, turn right at Adams; if you get to Union Station you've overshot.)
Thursdays: UIC classroom: Lecture Center A4.

January 12 and 14, only UIC students will meet at UIC for a tutorial on law.
No class for UIC students week of March 23–25 (Spring break).
All other weeks: Tuesday class at Kent; Thursday class at UIC.

Prof. Sloan office hours: Mondays 11–12, and additionally both drop ins and appointments very very welcome.

Materials

Required Book for technological side of course:

• Ross Anderson, Security Engineering, Wiley, 2nd edition, 2009. (2001 edition will not be sufficient.)

Except for that book, unless otherwise indicated, all readings are available on the course websites, mostly on Prof. Warner's course page.

Assigned Reading

Current list by date of reading assignments

Syllabus

Clike here for current version of syllabus

Lecture Slides from Prof. Sloan's Lectures

Will appear as they are given

---

Useful links (a few may be required or optional readings)

• Cory Doctorow, "Scroogled," optional additional short story to accompany Asimov's "The Dead Past", written for Radar magazine, (Creative Commons licensed), currently posted at Google Blogoscoped web site.
• Hal Abelson, Ken Ledeen, and Harry Lewis, Blown to Bits: Your Life, Liberty, and Happiness after the Digital Explosion, 2008.
• About Facebook, The Nation, Jan. 7, 2008. (Facebook and students' notion of privacy)
• Recent changes in Facebook Privacy Settings: are they illegal?
  • http://trueslant.com/KashmirHill/2009/12/17/did-facebook-break-the-law-when-it-changed-privacy-settings/
  • http://bits.blogs.nytimes.com/2009/12/17/privacy-group-files-complaint-on-facebook-privacy-changes/?ref=technology
• The case of "Officer Scott": A Hoax Most Cruel, The Courrier Journal (Lexington, KY), Oct. 19, 2005.
• National security vs. privacy:
  • The Spymaster: Can Mike McConnell fix America's Intelligence Community?, The New Yorker, Jan. 21, 2008.
  • Bruce Schneir's response, Wired, Jan. 24, 2008.
• Bruce Schneier, "Why 'Anonymous' Data Sometimes Isn't", Wired, December 13, 2007.
• Public-key Cryptography:
  • Obtaining free peronal Certificates for S/MIME email
    • Comodo
    • StartCom
  • Plugin for Firefox to add S/MIME to Gmail for the case of using GMail via Firefox browser, of course.
  • Software—Gnu Privacy Guard (primarily for OpenPGP not S/MIME): Gnu Privacy Guard
• University of Illinois & UIC policies related to Info Assurance
  • University of Illinois Information Security Policy
  • UIC Acceptable Use Policy
  • UIC Networking Policy
• Illinois Institute of Technology and Kent Law School policies related to Info Assurance
  • IIT (Acceptable) Use of Computer Resources Policy

---

Academic Integrity; Plagiarism

For UIC students, this is a 400-level course with much more writing than a typical graduate course. The minimum penalty for any acts of academic dishonesty will be a grade of F for the course; the maximum expulsion from UIC.

Plagiarism is using another's ideas or words without proper acknowledgment. You must cite any sources you have used. In addition to citing a source generally in a bibliography, you must indicate any phrases you use from sources by putting them in quotation marks (short to medium quotes) or setting them as block quotes (longer excerpts) with an immediately following citation.

Back to UIC CS Home page

-- Main.sloan - 17 Jan 2010

• Syllabus_Jan21.pdf: Course Syllabus, January 21 version