March 13, 2004Securing Privacy Conference1 SENSOR NETWORKS & PRIVACY Pamela Samuelson, UC Berkeley, Securing Privacy Conference, March 13, 2004.

Slides:

Advertisements

Similar presentations

Privacy and Security Lowell Meeting Joe Hellerstein.

Advertisements

Institutional Telecomms and Computer Network Monitoring Andrew Charlesworth University of Bristol 10 June 2002.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.

Hart District Acceptable Use Policy Acceptable Use Policy.

anywhere and everywhere. omnipresent A sensor network is an infrastructure comprised of sensing (measuring), computing, and communication elements.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Domain Name Registrant Data: The Privacy Questions Alan Davidson Center for Democracy and Technology

Protecting User Data in Ubiquitous Computing: Towards Trustworthy Environments Yitao Duan and John Canny UC Berkeley.

Strand 1 Social and ethical significance. Reliability and Integrity Reliability ◦Refers the operation of hardware, the design of software, the accuracy.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

Jan. 28, 2004UCB Sensor Nets Day1 TOWARD A LEGAL FRAMEWORK FOR SENSOR NETWORKS Pamela Samuelson, Law/SIMS UCB Sensor Nets Day January 28, 2004.

Chapter 1  Introduction 1 Overview  What is a secure computer system?  Concerns of a secure system o Data: Privacy, Integrity, Availability o Users:

Privacy and Sensor Networks: Do Sensor Networks fit with Fair Information Practices Deirdre K. Mulligan Acting Clinical Professor of Law Director, Samuelson.

Security and Privacy in Ubiquitous Computing. Agenda Project issues? Project issues? Ubicomp quick overview Ubicomp quick overview Privacy and security.

Research Directions for the Internet of Things Supervised by: Dr. Nouh Sabry Presented by: Ahmed Mohamed Sayed.

Control of Personal Information in a Networked World Rebecca Wright Boaz Barak Jim Aspnes Avi Wigderson Sanjeev Arora David Goodman Joan Feigenbaum ToNC.

Hippocratic Databases Paper by Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, Yirong Xu CS 681 Presented by Xi Hua March 1st,Spring05.

Managing Privacy in the Smart Grid Jennifer M. Urban Assistant Clinical Professor of Law Director, Samuelson Law, Technology & Public Policy Clinic UC.

Property of Common Sense Privacy - all rights reserved THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.

Data Protection Act. Lesson Objectives To understand the data protection act.

Lawyer at the Brussels Bar Lecturer at the University of Strasbourg Assistant at the University of Brussels Data Protection & Electronic Communications.

Final Exam Part 1. Internet Regulation Internet regulation according to internet society states that it is about restricting or controlling certain pieces.

An Analysis of Security and Privacy Issues in Smart Grid Software Architectures on Clouds Dresden, 22/05/2014 Felipe de Sousa Silva Simmhan, Kumnhare,

RFID Policy Update 1/23/08 Dan Caprio President DC Strategies, LLC.

Privacy and Ubiquitous Computing Deirdre K. Mulligan Acting Clinical Professor of Law Director Samuelson Law, Technology & Public Policy Clinic, Boalt.

Presented by Amira Ahmed El-Sharkawy Ibrahim.  There are six of eight turtle species in Ontario are listed as endangered, threatened or of special concern.

© 2007 The MITRE Corporation. MITRE Privacy Practice W3C Government Linked Data Working Group Michael Aisenberg, Esq. 29 June 2011 Predicate for Privacy.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

7-Oct-15 Threat on personal data Let the user be aware Privacy and protection.

Federated or Not: Secure Identity Management Janemarie Duh Identity Management Systems Architect Chair, Security Working Group ITS, Lafayette College.

EU Data Protection IT Governance view Ger O’Mahony 12 th October 2011.

IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.

Europe's work in progress: quality of mHealth Pēteris Zilgalvis, J.D., Head of Unit, Health and Well-Being, DG CONNECT Voka Health Community 29 September.

Location, Location, Location: The Emerging Crisis in Wireless Data Privacy Ari Schwartz & Alan Davidson Center for Democracy and Technology

Privacy & How IT Will Help JEFF NORTHROP, CTO

IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It.

A presentation on SMART DUST

Privacy and the Law in Demand Response Energy Systems Deirdre K. Mulligan, Jack I. Lerner Erin Jones, Jen King, Caitlin Sislin, Bethelwel Wilson, Joseph.

The Impact of Evolving IT Security Concerns On Cornell Information Technology Policy.

Privacy by Design – Principles of Privacy-Aware Ubiquitous Systems Marc Langheinrich - Swiss Federal Institute of Technology, Zurich Whitney Hess.

1 The Challenges of Globalization of Criminal Investigations Countries need to: Enact sufficient laws to criminalize computer abuses; Commit adequate personnel.

Approximate Information Flows: Socially-based Modeling of Privacy in Ubiquitous Computing Xiaodong Jiang Jason I. Hong James A. Landay G r o u p f o r.

Switch off your Mobiles Phones or Change Profile to Silent Mode.

Information Technology & Ethics. Impact The impact of IT on information and communication can be categorized into 4 groups: privacy, accuracy, property,

Android Permissions Remystified: A Field Study on Contextual Integrity Presenter: Hongyang Zhao Primal Wijesekera (UBC) Arjun Baokar (UC Berkeley) Ashkan.

Understand Audit Policies LESSON Security Fundamentals.

Objectives  Legislation:  Understand that implementation of legislation will impact on procedures within an organisation.  Describe.

Personal data protection in research projects

Data Protection and research Rachael Maguire Records Manager.

Lecture 3 Page 1 CS 236 Online Security Mechanisms CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Legal, Regulations, Investigations, and Compliance Chapter 9 Part 2 Pages 1006 to 1022.

IS3220 Information Technology Infrastructure Security

Blogs How to use the bog safely and secure? Create new username. Create a strong password to your account. Create the password to your uploaded files.

Business Challenges in the evolution of HOME AUTOMATION (IoT)

Firewalls and Tunneling Firewalls –Acts as a barrier against unwanted network traffic –Blocks many communication channels –Can change the design space.

Framework of engagement : big data for official use Roy D. Ibay AVP Regulatory PLDT – Smart.

Regulation models addressing data protection issues in the EU concerning RFID technology Ioannis Iglezakis Assistant Professor in Computers & Law Faculty.

Principles Identified - UK DfT -

DATA SECURITY FOR MEDICAL RESEARCH

Decrypting Data Compliance in China

Working to Keep our Children Safe in a World Filled with Technology

GENERAL DATA PROTECTION REGULATION (GDPR)

Internet of Things Vulnerabilities

All data occupies physical space, even if we don't think of it as such.

Mobile Computing.

The GDPR & Schools - An Introduction -

Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .

TRUST:Team for Research in Ubiquitous Secure Technologies

PLANNING A SECURE BASELINE INSTALLATION

Presentation transcript:

March 13, 2004Securing Privacy Conference1 SENSOR NETWORKS & PRIVACY Pamela Samuelson, UC Berkeley, Securing Privacy Conference, March 13, 2004

Securing Privacy Conference2 SENSOR NETWORKS Considerable amount of R&D underway to develop tiny computers equipped with radio capabilities to sense physical phenomena and transmit data to processing points Wide array of application domains: smart buildings that can detect internal structural damage or adjust light & heat settings, measuring weather/water info on GG Bridge/redwood trees, monitoring activities of the elderly, sensing for bioterrorism weapons

March 13, 2004Securing Privacy Conference3 TECHNICAL CHALLENGES Making tiny processors capable of deployment in wide array of applications (buildings, forests, animals, whatever) Designing ways to generate and preserve power for sensors and transmitting data Transmission protocols, radio transmitters Tiny operating system programs, security Database designs for processing sensed data

March 13, 2004Securing Privacy Conference4 CITRIS Center for Information Technology Research in the Interests of Society at UC Berkeley Technologists designing sensor and sensor network technologies are aware that deployment of such technologies raise privacy and other policy concerns Deirdre Mulligan & I have begun work with EECS Professors David Culler, Joe Hellerstein, & David Wagner on privacy & sensor network issues

March 13, 2004Securing Privacy Conference5 COLLABORATION Technologists want quick and certain answers –Want to submit query about how law applies, have it processed, & get right answer as output –Have a sense that there may be a short window for developing right technology policy Lawyers have to educate technologists about different modality of law, and need to know fair amount about the technology & how it will be deployed before able to assess how law applies

March 13, 2004Securing Privacy Conference6 PRIVACY ISSUES Many applications for deploying sensor networks involve collecting personally identifiable information (PII) –Sensing persons in building as part of embedded sensors for disaster preparedness –Monitoring activities of the elderly so they can safely live at home –FastTRAK devices being read at more than toll booths No law as such on this new domain, but wouldn’t it be nice if fair information practices applied?

March 13, 2004Securing Privacy Conference7 FAIR INFO PRACTICES Limitations on collection of data (only what need); destroy data after need is fulfilled Right to collect data for specific purpose only; if want to reuse for other purpose, you have to get new permission Notice and consent Right of access to check data Obligations to keep data accurate, secure Accountability if screw up

March 13, 2004Securing Privacy Conference8 SENSOR NETS POOR FIT? Data collection is norm, may be always on Absence of cues indicating data is being collected Porous barriers between public and private spaces Everyone is a potential data collector New kinds of data being sensed, created, stored Increased ability to create patterns, knowledge out of seemingly unrevealing bits of data Once data has been collected, reuse may be easy to do, but difficult to detect and hence to regulate May not be feasible to enable access to PII to ensure integrity (lots of sensor network data will be lousy)

March 13, 2004Securing Privacy Conference9 ISSUES FROM CASELAW US v. Miller: persons have no protectable privacy interest in data about them held by third parties (e.g., bank records of individual accounts) Kyllo v. US: use of heat-sensing technology violated 4 th A because reasonable expectation of privacy in home, & such technology not in general public use

March 13, 2004Securing Privacy Conference10 WHAT TO DO? May be possible to design privacy-sensitive technology –Encrypt PII so can only be used for one purpose? –Use authentication/access control systems? –Store data only where security can be strong? –Aggregate data to anonymize? Hide mapping? –Don’t log or flush out data when no longer needed? –Give users ability to turn sensors off? detector devices? Adapt FIPs for sensor networks? New laws?

March 13, 2004Securing Privacy Conference11 CONCLUSION May be possible to build and deploy sensor networks in socially responsible way Worth thinking about whether possible to develop new FIPs for sensor networks, and what role for technology, what role for law? Law will certainly kick in when disputes arise or some flagrant, well-publicized abuse occurs Good idea to think about legal framework before problems start arising