Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Contextual Integrity in PORTIA PI: Helen Nissenbaum Students: Timothy Weber & Michael Zimmer New York University In collaboration with: Sam Hawala (U.S. Census) Dan Boneh (Stanford) Embedding Values in Design: Constitutive Activities • Discovery Discovering the values relevant to a project • Translation Realizing values in design features – Operationalization** Finding correct concrete expression of value – Implementation** Specifying design features per operationalized values • Verification Verifying that it worked Privacy as Contextual Integrity In a given setting, contextual integrity is maintained when norms of information flow -- appropriateness and transmission --are respected; it is violated otherwise. Norms of Contextual Integrity • Norms of Appropriateness – Govern types/categories of information (e.g. fields in a database) • Norms of Transmission – Principles governing of flow of information from agent to agent • A1 shares info voluntarily with A2 • A2 infers information about A1 • A1 is mandated to share info with A2 (e.g. earnings to IRS) • Confidentiality: A1 shares with A2; A2 may not share further • Commercial exchange: A2 buys information about A1 • Reciprocity? Information about A1 flows to A2; vice versa? • Entitlement: A2 is entitled to information about A1 • Etc. Applying CI as a Decision Heuristic A. What is the governing context? B. What type of information is at issue? C. According to what transmission principles (flow and actors)? Red flag if CI is violated. CI in PORTIA: Current work 1. Refine conceptual framework • Book 2. “Proof of Concept” in User spaces • Model information flow policies and question selection in context of US Census in terms of norms of information flow (Hawala & Weber) P • Cybercrime and cyber-policing 3. Implement CI in PORTIA technical projects • Vehicle Safety Communication System (Boneh & Zimmer) P CI in PORTIA: Future work 1. Conceptual Framework • Address problem of conservatism • Complete book 2. Analysis of User Spaces • More cases (healthcare; cyber-policing) 3. Technical Implementation • More cases (“privacy-sensitive data mining”; aggregation and profiling, e.g. Choicepoint, differential authorization)