Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy protection in Wi-Fi analytics systems

Published byLidia Woźniak Modified over 5 years ago

Similar presentations

Presentation on theme: "Privacy protection in Wi-Fi analytics systems"— Presentation transcript:

1 Privacy protection in Wi-Fi analytics systems
Month Year doc.: IEEE yy/xxxxr0 July 2019 Privacy protection in Wi-Fi analytics systems Date: Authors: Name Affiliation Contact Mathieu Cunche Univ. Lyon, INSA Lyon, Inria, CITI Slide 1 Mathieu Cunche Page 1 John Doe, Some Company

2 Month Year doc.: IEEE yy/xxxxr0 July 2019 Abstract Systems collecting network information for analytics and tracking purposes have been used for some time. Data collected by those systems can result in privacy threats and may be conflicting with data protection regulations. Slide 2 Mathieu Cunche Page 2 John Doe, Some Company

3 Privacy protection principles
Month Year doc.: IEEE yy/xxxxr0 July 2019 Privacy protection principles Desirable privacy enhancing features in any data collection system User information Consent & Opt-out Data anonymization Slide 3 Mathieu Cunche Page 3 John Doe, Some Company

4 Month Year doc.: IEEE yy/xxxxr0 July 2019 Subject Information State of the art subject information in Wi-Fi tracking Slide 4 Mathieu Cunche Page 4 John Doe, Some Company

5 Consent & Opt-out Consent is never asked
Month Year doc.: IEEE yy/xxxxr0 July 2019 Consent & Opt-out Consent is never asked Opt-out solution may be offered (e.g. Slide 5 Mathieu Cunche Page 5 John Doe, Some Company

6 Wombat: An experimental Wi-Fi tracking system
Month Year doc.: IEEE yy/xxxxr0 July 2019 Wombat: An experimental Wi-Fi tracking system Detects Wi-Fi devices and collect mobility data Deployed as demonstrator at Cité Des Sciences et de l’Industrie (Paris) for 1 year Slide 6 Mathieu Cunche Page 6 John Doe, Some Company

7 Wombat: Wi-Fi based opt-out mechanism
Month Year doc.: IEEE yy/xxxxr0 July 2019 Wombat: Wi-Fi based opt-out mechanism Dummy AP with explicit SSID, e.g. "Wi-Fi Do not track" User connect to AP to opt-out MAC address of STA collected during Association process MAC address added to a black-list Data coming from black-listed devices is dropped Slide 7 Mathieu Cunche Page 7 John Doe, Some Company

8 Wombat: Wi-Fi based opt-out mechanism
Month Year doc.: IEEE yy/xxxxr0 July 2019 Wombat: Wi-Fi based opt-out mechanism Slide 8 Mathieu Cunche Page 8 John Doe, Some Company

9 Consent in new regulations
Month Year doc.: IEEE yy/xxxxr0 July 2019 Consent in new regulations Opt-out is not a valid solution under GDPR: prior consent is required e-Privacy directive may relax this requirement How to to collect consent in Wi-Fi tracking context ? Slide 9 Mathieu Cunche Page 9 John Doe, Some Company

10 Framework for information and consent
Month Year doc.: IEEE yy/xxxxr0 July 2019 Framework for information and consent Leverage discovery mechanism of wireless technologies (802.11, BLE) Tracking system broadcast information Data collected, privacy policies, data controler coordinates ... Data carried in Vendor/Manufacturer specific fields Subject connect to communicate consent Slide 10 Mathieu Cunche Page 10 John Doe, Some Company

11 Framework for information and consent
Month Year doc.: IEEE yy/xxxxr0 July 2019 Framework for information and consent Slide 11 Mathieu Cunche Page 11 John Doe, Some Company

12 Data anonymization Wi-Fi presence data should must be anonymized
Month Year doc.: IEEE yy/xxxxr0 July 2019 Data anonymization Wi-Fi presence data should must be anonymized Hashing the identifiers (MAC addr.) do not work Simple hashing can be reversed Still considered by some as sufficient Slide 12 Mathieu Cunche Page 12 John Doe, Some Company

13 Datastructures with Differential Privacy
Month Year doc.: IEEE yy/xxxxr0 July 2019 Datastructures with Differential Privacy Bloom-Filter supporting cardinal estimation Perturbation to enforce Differential Privacy Slide 13 Mathieu Cunche Page 13 John Doe, Some Company

14 Datastructures with Differential Privacy
Month Year doc.: IEEE yy/xxxxr0 July 2019 Datastructures with Differential Privacy No information about single identifiers can be learned from the datastructure Estimation of the number of stored identifier is possible Slide 14 Mathieu Cunche Page 14 John Doe, Some Company

15 Datastructures with Differential Privacy
Month Year doc.: IEEE yy/xxxxr0 July 2019 Datastructures with Differential Privacy Evaluation on a real world data set of MAC addr. Slide 15 Mathieu Cunche Page 15 John Doe, Some Company

16 Datastructures with Differential Privacy
Month Year doc.: IEEE yy/xxxxr0 July 2019 Datastructures with Differential Privacy Strong privacy requirements (GDPR ...) May seem difficult or impossible to implement But technical solutions may be possible ... Some are currently being developed Exception in regulations are not necessarily required (e.g. ePrivacy 8-b) Slide 16 Mathieu Cunche Page 16 John Doe, Some Company

17 Month Year doc.: IEEE yy/xxxxr0 July 2019 References Levent Demir, Mathieu Cunche, and Cédric Lauradoux. “Analysing the privacy policies of Wi-Fi trackers”. In: Workshop on Physical Analytics. Bretton Woods, United States: ACM, June doi: / Célestin Matte and Mathieu Cunche. “Wombat: An experimental Wi-Fi tracking system”. In: 8e édition de l’Atelier sur la Protection de la Vie Privée (APVP). Correncon, France, July url: Mathieu Cunche, Daniel Le Métayer, and Victor Morel. “A Generic Information and Consent Framework for the IoT”. In: TRUSTCOM th IEEE International Conference on Trust, Security and Privacy in Computing and Communications url: Mohammad Alaggan, Mathieu Cunche, and Sébastien Gambs. “Privacy-preserving Wi-Fi Analytics”. en. In:Proceedings on Privacy Enhancing Technologies (Apr. 2018), pp. 4–26. doi: /popets Slide 17 Mathieu Cunche Page 17 John Doe, Some Company

Download ppt "Privacy protection in Wi-Fi analytics systems"

Similar presentations

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.
Regulation models addressing data protection issues in the EU concerning RFID technology Ioannis Iglezakis Assistant Professor in Computers & Law Faculty.

Regulation models addressing data protection issues in the EU concerning RFID technology Ioannis Iglezakis Assistant Professor in Computers & Law Faculty.
Security in Internet of Things Begins with the Data

Security in Internet of Things Begins with the Data
Privacy Issues in Networks

Privacy Issues in Networks
chownIoT Secure Handling of Smart Home IoT Devices Ownership Change

chownIoT Secure Handling of Smart Home IoT Devices Ownership Change
Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [On IETF LPWAN] Date Submitted: [10 July.

Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [On IETF LPWAN] Date Submitted: [10 July.
ETSI Software Reconfiguration Overview

ETSI Software Reconfiguration Overview
Month Year doc.: IEEE yy/xxxxr0 May 2012

Month Year doc.: IEEE yy/xxxxr0 May 2012
Proposed SFD Text for ai Link Setup Procedure

Proposed SFD Text for ai Link Setup Procedure
Teleconference Agenda

Teleconference Agenda
TGaq Service Transaction Protocol for ANDSF Discovery Service

TGaq Service Transaction Protocol for ANDSF Discovery Service
Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [On IETF LPWAN] Date Submitted: [10 July.

Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [On IETF LPWAN] Date Submitted: [10 July.
Discussions on FILS Authentication

Discussions on FILS Authentication
Relay Threat Model for TGaz

Relay Threat Model for TGaz
Relay Threat Model for TGaz

Relay Threat Model for TGaz
Security and Privacy Consideration of aq

Security and Privacy Consideration of aq
OmniRAN Introduction and Way Forward

OmniRAN Introduction and Way Forward
P802.11aq Waiver request regarding IEEE RAC comments

P802.11aq Waiver request regarding IEEE RAC comments
P802.11aq Pre-Association Service Discovery Summary

P802.11aq Pre-Association Service Discovery Summary
Relay Threat Model for TGaz

Relay Threat Model for TGaz

Similar presentations

Ads by Google