Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS Technology and Privacy Teresa Lunt Palo Alto Research Center In collaboration with Victoria Bellotti, Richard Chow, Glenn Durfee, Philippe Golle, Diana Smetters, Jessica Staddon, and others… 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS Hot Privacy Technology Research • Identity management and access control – Credentials, reputation, pseudonyms, unlinkability, phishing • Data privacy, data mining and inference control – Census data, medical data • Location privacy – Location-based cell-phone services, friend locator • Usable privacy – Privacy policy languages, automatic negotiation • Anonymous communication Name Street address … Gender ZIP code Date of Birth Gender ZIP code Date of Birth Cancer Type – Web-browsing, censorship resistant publishing, voting 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE Voter Registration Patient Records 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS Hot Privacy Technology Research • Privacy in ubiquitous computing environments – Sensors, RFID tags • Private information retrieval – Look-up of patents, medical conditions, DNA sequences • Private computations (secure function evaluation) x – Millionaire problem, collaborative forecasting, intrusion detection y Private Computation • Search on encrypted data – Classification of encrypted emails, encrypted documents • And More… – Economics of privacy, policy, law, etc. 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE f (x, y) 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS Technology is a Moving Target • Examples of current research at PARC – Ubiquitous Computing • Embedded everywhere, often with sensors – Context Aware Computing • Able to make inferences and act based on sensing – Social Computing • Interaction and collaboration online – Privacy and Security Research • Increased IT capabilities imply greater need for control 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS Privacy Appliance privacy appliance Privacy-preserving transformations and knowledge extraction customer query Information storefront Enable sale of transformed data while providing privacy protection for individuals represented in the data PARC started research here but more work is needed 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE Ubicomp & sensor data data source data source Transaction data data source Outsourced data 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS Personal Privacy Appliance 3. She enables the mall to read her profile from her phone. No identity is needed Personal Privacy Appliance 1. Her shopping and other activities are reported to her PPA Profile Database 2. She synchs her phone with her profile 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS User Control of Profile Dissemination Privacy software in the PDA can inform the user of the privacy consequences of releasing certain data Clothing Colors: B Size: 16 Extra tall Medium sensitive Books History Mysteries X Music Opera Baroque Children Aged 3 and 5 Not sensitive Very sensitive X Stores could offer incentives to users to enable their profiles: coupons, discounts, … Users can disable portions of their profile when entering certain stores, friends houses, etc. 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS In-document Security Document appears different to people based on their Property Address: access rights 1234 Main St. Fence with adjacent Mortgage Application Credit Report SSN: 123-45-6789 property, 1234 Elm St. , is damaged. Home Inspection Report Social Security Number: 123456789 Property Address: 1234 Main St. Natural Language understanding aids content analysis Property Appraisal Property has view of Golden Gate Bridge. 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE Property Address: 1234 Main St. Police Report Atherton, CA …outside the apartment building… 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS A Never-Ending Story • Technology and privacy are often seen as opposing forces • Privacy advocates feel like Sisyphus versus his stone • But some technologists feel the same way Technology Privacy • Both sides need to work together continuously 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS