Presentation is loading. Please wait.

Presentation is loading. Please wait.

Unlinking Private Data

Published by罐 阮 Modified over 7 years ago

Similar presentations

Presentation on theme: "Unlinking Private Data"— Presentation transcript:

1 Unlinking Private Data
Alex Vaynberg 04/11/2006 Yale University Sensitive Information in the Wired World

2 Privacy and Privacy Loss
Ability to give information to certain individuals, while retaining the ability to keep that information secret from others Privacy loss occurs when information becomes known to those from whom it is kept secret

3 Aggregation = Privacy Loss
Possible Cause: One bit of data is considered private, but is public without being directly connected to an individual One bit of data is not private, but gives out more information about an individual allows connection with other record Put together: private information is known about a person

4 Story Time A priest has been asked if people tell interesting stories during confessions. He tells that his first confessor actually confessed to a murder Later a new person comes in and greets the priest. People ask him, how does he know the priest? He answers, “I was his first confessor”.

5 The Point Seemingly nameless private data, can be combined with non-anonymous data, resulting in a privacy loss.

6 Linking Data to People Types of identification Permanent
Uniquely identifies individual, follows him wherever Examples: SSN, Passport ID, Name* Semi-permanent May id a real person, changing may involve a cost Name*, address, telephone, credit card # Transient Almost no cost to change Pseudonym, user id,

7 Linking Data to People Types of Data: Public Data
Driver's license, property records Kept open by government Managed by applicable laws (HIPPA, ???) Linked Private Almost all business transactions Data collected when dealing with business Connected to person via (semi)permanent id Unlinked Private Website ids No (semi)permanent id was recorded

8 Databases and Aggregation
Semipermanent and permanent ids permit aggregation of data from private and public sources Results in digital dossiers, which many consider to be privacy concern Worse, these dossiers are scattered, unreliable, and frequently inaccessible by the person who they describe

9 Fixing The Problem Reduce public data to minimum
specifically remove associations between permanent and semipermanent Ids Force private data to be unlinked by creating a reliable system of certified pseudonyms Allow for undeletable, but commentable reports (with low privacy value) on pseudonyms that follow a real identity from pseudonym to pseudonym.

10 Certified Pseudonyms A UID, but can be created at any time
Comes attached with information that a person has authorized for a pseudonym Issued by a licensed pseudonym issuer No (semi)permanent Ids Not linkable, except by issuer Issuers operate under strict legal guidelines Connection may be restored by courts upon necessity (lawsuit, etc.)

11 Ensuring Privacy A person creates as many identities as he wishes, selecting information that can be revealed by each one One of these identities will be used when dealing with another entity The other entity will be able to get authorized info from issuer Business dealing can proceed if enough information is attached to that identity Identity itself is completely throw-away

12 Pseudonym Issuers Private organizations
government will not get credit history without warrant, etc. Regulated by laws minimum requirements / privacy guarantees Compete on ease of use, features, etc Compare to credit card issuers Unify data from many pseudonyms many ids, one credit history, no SSN involved One place to keep track / contest data

13

14 Advantages Businesses can not aggregate data no (semi)permanent Ids
Accountability preserved Free market / legal protections Anonymous guaranteed payment similar to credit cards Ability to keep track of all personal data Can coexist with current system Allows for statistics for marketing use

15 Disadvantages Central point of failure
identity theft can be disastrous Complex management interface Standard protocol required for use similar to credit cards Who will be charged, and how much? Inability for direct customer communication Semipermanent Id required for deals house painting requires an address

16 Dealing with Difficulties
Communication Direct Communication requires semipermanent information about a person Indirection needed; easy with , harder with phone and address Deals where semipermanent Id is required Example: shipping, house painting, cable TV Bad: can be aggregated with public data Good: cannot be aggregated with private data Similar to current method: trust

17 Portia Objectives Internet architecture
Protocols for sensitive information exchange Personal Information management Gives users ability to monitor sensitive information about themselves Enables placing of comments or contesting records about you

18 Portia Objectives (cont.)
Enterprise Information Management Ability to get reliable information about individuals Unique ids that enable customer management Decreased risk due to security leaks Cyber Rights + Responsibilities Cheap pseudonimity without loss of accountability Use of Fair Information Principles Mandated at pseudonym issuer level No longer critical for every business

Download ppt "Unlinking Private Data"

Similar presentations

HIPAA Health Insurance Portability and Accountability Act 1.

HIPAA Health Insurance Portability and Accountability Act 1.
1.3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge.

1.3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge.
The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,

The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,
Section 6.3 Protecting Your Credit. Billing Errors and Disputes Notify your creditor in writing Notify your creditor in writing Pay the portion of the.

Section 6.3 Protecting Your Credit. Billing Errors and Disputes Notify your creditor in writing Notify your creditor in writing Pay the portion of the.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
Slides prepared by Cyndi Chie and Sarah Frye A Gift of Fire Third edition Sara Baase Chapter 2: Privacy.

Slides prepared by Cyndi Chie and Sarah Frye A Gift of Fire Third edition Sara Baase Chapter 2: Privacy.
1 CPSC156: The Internet Co-Evolution of Technology and Society Lectures 16 and 17: March 27 and 29, 2007 Solove’s taxonomy of privacy.

1 CPSC156: The Internet Co-Evolution of Technology and Society Lectures 16 and 17: March 27 and 29, 2007 Solove’s taxonomy of privacy.
Chapter 8 Web Security.

Chapter 8 Web Security.
IT Security Challenges In Higher Education Steve Schuster Cornell University.

IT Security Challenges In Higher Education Steve Schuster Cornell University.
Privacy in Computing Legal & Ethical Issues in Computer …Security Information Security Management …and Security Controls Week-9.

Privacy in Computing Legal & Ethical Issues in Computer …Security Information Security Management …and Security Controls Week-9.
COMPUTING AT CARNEGIE MELLON SECTION I2 Privacy. Introduction Lauren Milisits.

COMPUTING AT CARNEGIE MELLON SECTION I2 Privacy. Introduction Lauren Milisits.
Privacy and Encryption The threat of privacy due to the sale of sensitive personal information on the internet Definition of anonymity and how it is abused.

Privacy and Encryption The threat of privacy due to the sale of sensitive personal information on the internet Definition of anonymity and how it is abused.
Online and Mobile Banking. Online banking Online Banking  Online banking is a fairly established practice in our internet-saturated world.  Many people.

Online and Mobile Banking. Online banking Online Banking  Online banking is a fairly established practice in our internet-saturated world.  Many people.
Digital Cash By Gaurav Shetty. Agenda Introduction. Introduction. Working. Working. Desired Properties. Desired Properties. Protocols for Digital Cash.

Digital Cash By Gaurav Shetty. Agenda Introduction. Introduction. Working. Working. Desired Properties. Desired Properties. Protocols for Digital Cash.
Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.
Secure Electronic Transaction (SET)

Secure Electronic Transaction (SET)
Florida Information Protection Act of 2014 (FIPA).

Florida Information Protection Act of 2014 (FIPA).
CS 474 Database Design and Application Terminology Jan 11, 2000.

CS 474 Database Design and Application Terminology Jan 11, 2000.
7-Oct-15 Threat on personal data Let the user be aware Privacy and protection.

7-Oct-15 Threat on personal data Let the user be aware Privacy and protection.
Slides prepared by Cyndi Chie and Sarah Frye1 A Gift of Fire Third edition Sara Baase Chapter 2: Privacy.

Slides prepared by Cyndi Chie and Sarah Frye1 A Gift of Fire Third edition Sara Baase Chapter 2: Privacy.

Similar presentations

Ads by Google