Transcript Slide

Privacy and Accountability:
Introduction to Workshop
Themes
JOAN FEIGENBAUM
http://www.cs.yale.edu/homes/jf
June 28, 2006; Cambridge MA
1
PORTIA: Privacy, Obligations, and
Rights in Technologies of
Information Assessment
Large-ITR, five-year, multiinstitutional, multi-disciplinary,
multi-modal research project on
sensitive information in a
networked world
http://crypto.stanford.edu/portia/
2
Motivation
• Sensitive Information: Info that can harm data
subjects, data owners, or data users if it is
mishandled. Not all of it is strictly “private.”
• There’s a lot more of it than there used to be!
– Increased use of computers and networks
– Increased processing power and algorithmic knowledge
 Decreased storage costs
• “Mishandling” can be very harmful.
− ID theft
− Loss of employment or insurance
− “You already have zero privacy. Get over it.”
(Scott McNealy, 1999)
3
PORTIA Goals
• Produce a next generation of technology for
handling sensitive information that is
qualitatively better than the current
generation’s.
• Enable handling of sensitive information over
the course of its lifetime.
• Formulate an effective conceptual framework
for policy making and philosophical inquiry into
the rights and responsibilities of data
subjects, data owners, and data users.
4
Academic–CS Participants
Stanford
Dan Boneh
Hector Garcia-Molina
John Mitchell
Rajeev Motwani
Univ. of NM
Stephanie Forrest
(“computational immunology”)
Yale
Joan Feigenbaum
Ravi Kannan
Avi Silberschatz
Stevens
Rebecca Wright
NYU
Helen Nissenbaum
(“value-sensitive design”)
5
Research Partners
J. Balkin (Yale Law School)
C. Dwork (Microsoft)
S. Hawala (Census Bureau)
B. LaMacchia (Microsoft)
K. McCurley (Google)
P. Miller (Yale Medical
School)
J. Morris (CDT)
T. Pageler (Secret Service)
B. Pinkas (Hewlett Packard)
M. Rotenberg (EPIC)
A. Schäffer (NIH)
D. Schutzer (CitiGroup)
Note participation by the software industry, key user
communities, advocacy organizations, and non-CS
academics.
6
See PORTIA Website for:
• Papers, talks, and software
• Educational activities
– Courses
– Grad students and postdocs
• Media coverage
• Programs and slides from workshops
• Related links
[ Google “PORTIA project” ]
7
“Policies” for the Handling of
Sensitive Data
•
•
•
•
•
•
Collection
Retention, destruction
Use, mining
Sharing, selling
Updating, cleaning, correcting
De-identifying, scrubbing, re-identifying
•. . .
8
Basic Questions (1)
• What are the best tools for expressing
and analyzing policies?
• How can an organization ensure that it
is following its own data-management
policies?
• How can those who transmit data to an
organization ensure themselves that the
organization is following its datamanagement policies?
9
Basic Questions (2)
• What recourse does one have when an
organization that handles one’s data
violates a policy?
• Are there “implicit policies” or, more
generally, when should one be held
accountable for actions not clearly
governed by a specific policy?
10
Who is Accountable to Whom?
•
•
•
•
•
•
Individuals
Organizations
Governments
Technology vendors
Network operators
...
11
When is it ok NOT to be
Accountable?
• Anonymous activity?
• Unobservable activity?
• “Pseudonymous” = Unidentifiable
but accountable?
• Offline analogs
•...
12
Workshop Goals
• Learn more about the state of
the art
• Formulate research-agenda
items, both short- and longterm
13