Lecture # 07

Privacy refers to the right of individuals

to keep their personal information secure and control how
it's shared. For example, when you use a social media
app, your privacy means that your personal details, like
your address or phone number, should not be shared
without your permission. Protecting privacy ensures your
sensitive information remains safe from unauthorized
access.

Benefits of Privacy in
IT:
1.Protects Personal Information: Keeps sensitive data
like passwords and financial details safe from
unauthorized access.
2.Enhances Security: Reduces risks of hacking and
data breaches.
3.Builds Trust: Users feel more secure and confident in
sharing information.
4.Compliance: Meets legal requirements like GDPR.
5.Prevents Identity Theft: Safeguards users from fraud
and impersonation.

Disadvantages of
Privacy in IT:
1.Hinders Security: Excessive privacy can limit the
ability to detect and prevent cyber threats.
2.Reduces Transparency: It can make tracking illegal
activities difficult.
3.Misuse of Anonymity: Users may engage in unethical
behavior.
4.Limits Data Sharing: Reduces innovation and
collaboration.
5.Increased Costs: Implementing strong privacy
measures can be expensive.

Data Gathering and

Privacy Implications
1. Facebook Tags
 Definition: Facebook tags are labels you can add to
posts, photos, or statuses to identify people or
 businesses. When you tag someone, it connects your
post to their profile.
 Purpose: To link people or businesses to content,
making it easier for users to engage with or find
relevant posts.
 Example: If you upload a photo from a party and tag
your friend, they get notified, and the photo may
appear on their profile.
2. Enhanced 911 Services (E911)
 Definition: Enhanced 911 (E911) is a system that
allows emergency services to automatically receive a
caller's location when they dial 911 from a mobile
phone.
 Purpose: To provide faster and more accurate
responses to emergency situations.
 Example: If someone calls 911 from their mobile
phone after a car accident, E911 can help
dispatchers find the exact location even if the caller
is unable to speak.
3. Rewards or Loyalty Programs
 Definition: Programs that offer customers points,
discounts, or special offers for making purchases or
engaging with a brand.
 Purpose: To encourage repeat business and build
customer loyalty.
 Example: A supermarket's loyalty card that gives
customers discounts based on the points they collect
from shopping.
4. Body Scanners
 Definition: Devices used at airports and other
secure locations to scan a person's body for
weapons, explosives, or other prohibited items.
 Purpose: To enhance security by detecting hidden
items without physical contact.
 Example: The full-body scanners used at airport
security checkpoints to detect hidden items under
clothing.
5. RFID Tags (Radio-Frequency Identification Tags)
 Definition: Small electronic devices that use radio
waves to track and identify objects automatically.
 Purpose: To enable quick identification and tracking
of items without direct line-of-sight.
 Example: RFID tags are used in stores for inventory
management, where items can be scanned quickly
as they move through the supply chain.
6. Implanted Chips
 Definition: Small microchips implanted under the
skin that can store information or provide a unique
identifier for a person or animal.
 Purpose: To offer identification, tracking, or medical
information access.
 Example: Pets often have implanted chips with their
owner's contact information, so they can be returned
if lost.
7. OnStar
  Definition: A subscription-based service in vehicles
that provides emergency response, navigation, and
vehicle diagnostics.
 Purpose: To offer drivers assistance in emergencies,
directions, and vehicle maintenance alerts.
 Example: If a car gets into an accident, OnStar can
automatically contact emergency services with the
vehicle's location.
8. Automobile “Black Boxes”
 Definition: Devices installed in vehicles to record
information about the car's performance and events
leading up to a crash.
 Purpose: To help understand the cause of accidents
by recording speed, braking, and other driving data.
 Example: After a collision, investigators might use
data from the black box to determine if the driver
was speeding or if the brakes were applied.
9. Medical Records
 Definition: Documents that contain a patient’s
medical history, including diagnoses, treatments, test
results, and medications.
 Purpose: To provide a comprehensive view of a
patient's health for better diagnosis and treatment.
 Example: A doctor uses a patient's medical record to
check their history of allergies before prescribing
medication.
10. Digital Video Recorders (DVRs)
  Definition: Devices that record live TV or video
content onto a hard drive for later viewing.
 Purpose: To allow users to watch and manage TV
programs at their convenience.
 Example: A DVR records a live football match so the
user can watch it later without missing any part.
11. Cookies and Flash Cookies
 Definition: Cookies are small data files stored on a
user's device by websites to remember preferences
or track activity. Flash cookies are similar but are
stored using Adobe Flash.
 Purpose: To enhance the user experience by
remembering settings or tracking behavior for
personalized content.
 Example: An online store uses cookies to remember
items in your shopping cart even if you leave the site
and return later.

Data Mining is the process of

discovering patterns, trends, and useful information from
large sets of data. It involves analyzing data to find
hidden relationships and insights.
Example: An online store uses data mining to analyze
customer purchase history, identifying that customers
who buy smartphones often buy phone cases too. This
helps the store recommend related products.
Google’s Personalized Search
Google's Personalized Search tailors search results based
on a user's past activity, location, and preferences. For
example, if you frequently search for "football," Google
might show you more results related to your favorite
teams or recent matches, even if you just type "game."
This makes the search experience more relevant to
individual users.

Collaborative Filtering
Collaborative Filtering is a technique used in
recommendation systems to predict a user's interests
based on preferences of similar users. For example, on
Netflix, if User A and User B both like action movies, and
User A watches a new action film, Netflix may
recommend that film to User B as well, assuming similar
tastes.

Opt-in Policies
 Definition: Individuals must actively choose to
participate or agree to a service.
 Example: Email marketing where users must check
a box to receive promotional emails.
 Advantages:
o Promotes user consent and privacy.
o Ensures that only interested individuals are
involved.
 Disadvantages:
o Potential for lower participation rates.
o Can be perceived as a barrier to engagement.

Opt-out Policies
 Definition: Individuals are automatically enrolled,
but can choose to withdraw or decline participation.
 Example: Data collection in apps where users are
automatically enrolled, but can turn off tracking in
settings.
 Advantages:
o Higher participation rates.
o Easier for organizations to gather data or
engagement.
 Disadvantages:
o Can lead to user frustration or privacy concerns.
o Might be seen as intrusive or misleading.
Examples of consumer
backlash
1. Privacy Concerns
 Example: When WhatsApp updated its privacy policy
in 2021, many users felt their data was at risk of
being shared with Facebook. This led to a massive
backlash, with millions of users switching to
alternatives like Signal and Telegram.
2. Price Hikes
 Example: Netflix faced backlash when it increased
its subscription prices multiple times. Many users
complained and even canceled their subscriptions
because they felt the service was becoming too
expensive.
3. Product Quality Issues
 Example: Apple's iPhone 6 had a "Bendgate" issue
where the phone bent easily under slight pressure.
This led to a significant backlash, with consumers
expressing their disappointment on social media.
4. Software Bugs and Glitches
 Example: When a new version of a video game like
"Cyberpunk 2077" was released with numerous bugs,
players demanded refunds, and the company faced
criticism for releasing an unfinished product.
5. Data Breaches
  Example: Facebook's Cambridge Analytica scandal
revealed that user data was being harvested without
consent. This caused widespread outrage and led
many users to delete their accounts.
6. In-App Purchases and Microtransactions
 Example: Gamers criticized Electronic Arts (EA) for
including excessive in-game purchases in titles like
"FIFA" and "Star Wars Battlefront II." Players felt that
the company was exploiting them for extra money.
7. Unwanted Features or Changes
 Example: When Instagram shifted its focus from
photo sharing to promoting videos and reels, many
users complained, saying the app was losing its
original purpose.
8. Customer Service Issues
 Example: Internet service providers like Comcast
have faced backlash due to poor customer service
and slow response times, leading to frustration
among consumers.
9. Removal of Popular Features
 Example: YouTube's decision to remove the dislike
count from videos in 2021 upset many users who felt
this was a way to hide negative feedback from the
public.
Pakistan Data Protection Act
(PDPA): Overview and Impact
on IT Industry
1. Introduction to Pakistan Data Protection Act
(PDPA)
The Pakistan Data Protection Act (PDPA) aims to
protect personal data and regulate its processing in
Pakistan. It was introduced to safeguard individuals'
privacy and ensure data security across various sectors,
particularly focusing on digital data. This law applies to
both public and private entities involved in collecting,
storing, or processing personal data.
2. Key Features of PDPA
 Data Collection and Consent: Organizations must
obtain explicit consent from individuals before
collecting their personal data. This ensures
transparency and gives individuals control over their
information.
 Data Security Measures: The act mandates
companies to implement strict security measures to
protect personal data from unauthorized access,
theft, or breaches. This includes encryption and
secure storage practices.
 Right to Access and Erasure: Individuals have the
right to access their data and request its deletion if it
is no longer needed. This right enhances user control
over their personal information.
  Data Breach Notification: Organizations are
required to promptly inform the relevant authorities
and affected individuals in case of a data breach to
mitigate potential harm.
3. Impact on the IT Industry
The PDPA has a significant impact on the IT industry,
particularly on companies handling large volumes of
personal data, such as tech firms, e-commerce platforms,
and financial services.
 Increased Compliance Costs: IT companies must
invest in upgrading their data protection
infrastructure, implementing encryption, and
conducting regular security audits. For instance, e-
commerce businesses like Daraz need to ensure
robust data protection mechanisms to comply with
the law.
 Enhanced Trust and Security: The law helps build
trust among users, as they feel more secure sharing
their data. This can increase user engagement for IT
services, such as mobile apps and online platforms,
improving business prospects.
 Operational Changes: IT professionals need to
adopt new practices for handling personal data. For
example, software developers must design
applications that comply with data protection
standards, incorporating features like user consent
forms and data anonymization.
4. Challenges for IT Professionals
  Awareness and Training: Many IT professionals
may need additional training to understand the legal
requirements and implement them effectively.
 Legal Risks: Non-compliance with PDPA can result
in heavy fines and legal consequences, which can
affect the reputation and financial stability of IT
companies.
5. Conclusion
The Pakistan Data Protection Act is a crucial step
towards enhancing data privacy in the country. While it
imposes additional responsibilities on the IT industry and
professionals, it also provides opportunities for improving
data security and building user trust. Adapting to this law
will require strategic changes, but it can lead to a safer
digital environment in Pakistan.

Case Study -Book