29e CONF
29e CONFÉÉRENCE INTERNATIONALE DES COMMISSAIRES RENCE INTERNATIONALE DES COMMISSAIRES ÀÀLA PROTECTION DES DONNLA PROTECTION DES DONNÉÉES ET DE LA VIE PRIVES ET DE LA VIE PRIVÉÉE 29E 29ththINTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERSINTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS
Technology and Privacy
Technology and Privacy
Teresa Lunt
Palo Alto Research Center
Teresa Lunt
Palo Alto Research Center
In collaboration with Victoria Bellotti, Richard Chow, Glenn
Durfee, Philippe Golle, Diana Smetters, Jessica Staddon, and
others…
In collaboration with Victoria Bellotti, Richard Chow, Glenn
Durfee, Philippe Golle, Diana Smetters, Jessica Staddon, and
others…
Gender
ZIP code
Date of Birth
Cancer Type
Patient Records
Voter Registration
Name
Street address
…
Gender
ZIP code
Date of Birth
Voter Registration
Name
Street address
…
Gender
ZIP code
Date of Birth
Hot Privacy Technology Research
Hot Privacy Technology Research
•
Identity management and access
control
–
Credentials, reputation, pseudonyms,
unlinkability, phishing
•
Data privacy, data mining and
inference control
–
Census data, medical data
•
Location privacy
–
Location-based cell-phone services,
friend locator
•
Usable privacy
–
Privacy policy languages, automatic
negotiation
•
Anonymous communication
–
Web-browsing, censorship resistant
publishing, voting
•
Identity management and access
control
–
Credentials, reputation, pseudonyms,
unlinkability, phishing
•
Data privacy, data mining and
inference control
–
Census data, medical data
•
Location privacy
–
Location-based cell-phone services,
friend locator
•
Usable privacy
–
Privacy policy languages, automatic
negotiation
•
Anonymous communication
–
Web-browsing, censorship resistant
29e CONF
29e CONFÉÉRENCE INTERNATIONALE DES COMMISSAIRES RENCE INTERNATIONALE DES COMMISSAIRES ÀÀLA PROTECTION DES DONNLA PROTECTION DES DONNÉÉES ET DE LA VIE PRIVES ET DE LA VIE PRIVÉÉE 29E 29ththINTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERSINTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS
Hot Privacy Technology Research
Hot Privacy Technology Research
•
Privacy in ubiquitous computing
environments
–
Sensors, RFID tags
•
Private information retrieval
–
Look-up of patents, medical
conditions, DNA sequences
•
Private computations (secure
function evaluation)
–
Millionaire problem, collaborative
forecasting, intrusion detection
•
Search on encrypted data
–
Classification of encrypted emails,
encrypted documents
•
And More…
–
Economics of privacy, policy, law, etc.
•
Privacy in ubiquitous computing
environments
–
Sensors, RFID tags
•
Private information retrieval
–
Look-up of patents, medical
conditions, DNA sequences
•
Private computations (secure
function evaluation)
–
Millionaire problem, collaborative
forecasting, intrusion detection
•
Search on encrypted data
–
Classification of encrypted emails,
encrypted documents
•
And More…
–
Economics of privacy, policy, law, etc.
In
d
e
x
i
R
e
c
o
rd
i
Private
Computation
x
y
f (x, y)
Technology is a Moving Target
Technology is a Moving Target
•
Examples of current research at PARC
–
Ubiquitous Computing
•
Embedded everywhere, often with sensors
–
Context Aware Computing
•
Able to make inferences and act based on sensing
–
Social Computing
•
Interaction and collaboration online
–
Privacy and Security Research
•
Increased IT capabilities imply greater need for
control
•
Examples of current research at PARC
–
Ubiquitous Computing
•
Embedded everywhere, often with sensors
–
Context Aware Computing
•
Able to make inferences and act based on sensing
–
Social Computing
•
Interaction and collaboration online
–
Privacy and Security Research
•
Increased IT capabilities imply greater need for
control
29e CONF
29e CONFÉÉRENCE INTERNATIONALE DES COMMISSAIRES RENCE INTERNATIONALE DES COMMISSAIRES ÀÀLA PROTECTION DES DONNLA PROTECTION DES DONNÉÉES ET DE LA VIE PRIVES ET DE LA VIE PRIVÉÉE 29E 29ththINTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERSINTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS
Ubicomp &
sensor data
Outsourced
data
Transaction data
data
source
data
source
data
source
Privacy-preserving
transfor
m
ations and
knowledge extraction
privacy
appliance
customer
query
Infor
m
ation storefront
Enable sale of transformed data
while providing privacy protection for
individuals represented in the data
PARC started research here but
more work is needed
Privacy Appliance
Personal Privacy Appliance
Personal Privacy Appliance
Profile
Database
Profile
Database
3.
She enables the
mall to read her profile
from her phone. No
identity is needed
1.
Her shopping and
other activities are
reported to her PPA
2.
She synchs her
Personal
29e CONF
29e CONFÉÉRENCE INTERNATIONALE DES COMMISSAIRES RENCE INTERNATIONALE DES COMMISSAIRES ÀÀLA PROTECTION DES DONNLA PROTECTION DES DONNÉÉES ET DE LA VIE PRIVES ET DE LA VIE PRIVÉÉE 29E 29ththINTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERSINTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS
User Control of Profile Dissemination
User Control of Profile Dissemination
Clothing
Colors: B
Size: 16
Extra tall
Books
History
Mysteries
Music
Opera
Baroque
Children
Aged 3 and 5
X
X
Privacy software in the PDA can inform the
user of the privacy consequences of releasing
certain data
Stores could offer incentives to users to enable
their profiles: coupons, discounts, …
Users can disable portions of their profile when
entering certain stores, friends houses, etc.
Not
sensitive
Very
sensitive
Medium
sensitive
29e CONF
29e CONFÉÉRENCE INTERNATIONALE DES COMMISSAIRES RENCE INTERNATIONALE DES COMMISSAIRES ÀÀLA PROTECTION DES DONNLA PROTECTION DES DONNÉÉES ET DE LA VIE PRIVES ET DE LA VIE PRIVÉÉE 29E 29ththINTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERSINTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS
In-document Security
In-document Security
Credit Report
Mortgage
Application
SSN: 123-45-6789
Social Security Number:
123456789
Home Inspection
Report
Property Address:
1234 Main St.
Fence with adjacent
property, 1234 Elm St. , is
damaged.
Property
Appraisal
Property Address:
Property has view of
Golden Gate Bridge.
Police Report
Atherton, CA
…outside the apartment
Property Address:
1234 Main St.
Natural Language
understanding
aids content
analysis
Document appears different to people based on their
access rights
Document appears different to people based on their
access rights
29e CONF
29e CONFÉÉRENCE INTERNATIONALE DES COMMISSAIRES RENCE INTERNATIONALE DES COMMISSAIRES ÀÀLA PROTECTION DES DONNLA PROTECTION DES DONNÉÉES ET DE LA VIE PRIVES ET DE LA VIE PRIVÉÉE 29E 29ththINTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERSINTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS
•
Technology and privacy are
often seen as opposing forces
•
Privacy advocates feel like
Sisyphus versus his stone
•
But some technologists feel the
same way
•
Both sides need to work
together continuously
•
Technology and privacy are
often seen as opposing forces
•
Privacy advocates feel like
Sisyphus versus his stone
•
But some technologists feel the
same way
•
Both sides need to work
together continuously
Privacy
Privacy
Technology
Technology
A Never-Ending Story
A Never-Ending Story