Transcript Privacy from Theory

Privacy from Theory
Data mining, national security, privacy and civil
liberties, ACM SIGKDD Explorations Newsletter,
4(2), December 2002.
Bhavani Thuraisingham
The Inference Problem
“Inference is the process of users posing
queries and deducing unauthorized
information from the legitimate responses
that they receive” [p. 1]
e.g. salaries and individuals
Ease of Inference
and Computer Tools
• E.g., data mining tools make inference
easy and the threat to privacy great.
• Issue of control: purpose and intent
Secrecy vs. Privacy
• Database techniques developed in the
context of protecting “secret” data (“need
to know”)
• Assumption and analogy: these
techniques should apply to protecting
privacy.
Restricting Tools
• Detecting motive?
• Restricting inference (instead of access)
• Modifying private data to be public (e.g.
“average salary” vs. “salary”)
• Restricting “services”
• Enforced controls
Social Issues –
Extensions to the Ideas in the Paper
• Legal aspects
– Making Private Information Public
• For accountability
– Protecting Private Information
• Criminal Consequences of Misuse of Information
• Civil Consequences
• Political aspects
– Trade-off of a Public Service for Private Information
– Prejudice against Minority View
• Software Requirements
Unpacking “Privacy” for a Networked World,
Proceedings of the ACM Conference on Human
Factors in Computing Systems (CHI 03—Fort
Lauderdale, FL), April 2003, pp. 129-136.
Leysia Palen and Paul Dourish
Privacy is …
• “a dialectic and dynamic boundary
regulation process” [p. 129]
Privacy is …
• “a dialectic and dynamic boundary
regulation process” [p. 129]
or
• “a process of give and take”
Privacy is an On-going Process
• “Give and take between and among
technical and social entities”
– Individuals
– Institutions
– Tension (trade off)
– “Need for publicity”
Boundaries
• A boundary is a conceptual division
between two states (“A goes to B”)
• Three boundaries [p. 131]
– Disclosure
– Identity
– Temporality
The Three Boundaries
(and “control”)
• Disclosure
– Think about control from last lecture
• Identity
– Affiliation, discrimination
• Temporality
– Permanence of ephemeral information
Other Interesting Ideas
• Succession or sequence of decisions
– No one decision or action regarding privacy is
separate or independent
• Genres
– Social + representational
– Think about different “media”
• Discrete nature of software vs. this dynamic
process definition
– “privacy regulation is neither static nor rule-based” [p.
130]
• Example contrast of software parameters
Question for You
• What information do you control (provide
and restrict / make public and keep
private) to establish identity in this class.
• Optional: what previous decisions or
expectations are these choices based on.
Question for You
• What information do
you control (provide
and restrict / make
public and keep
private) to establish
identity in this class.
• Optional: what
previous decisions or
expectations are
these choices based
on.
•
•
•
•
•
•
•
•
•
•
•
FAIZAL, ERWIN
CHEW, VICTOR TSE
KANG, CHASE KYUNGNAM
CHANDRA, ANDREAS
KURNIAWAN
NIP, KAREN
BUSTILLOS, OMAR MARCOS
NODA, TAKAHIRO
AHLUWALIA, JASJIT SINGH
KIM, TAE YONG
LI, SHUNSUEN
TAYLOR, BRAD JAMES