HKU Big Data and Privacy Workshop. Privacy Risks of Big Data Analytics From a Regulator s Point of View
|
|
|
- Austin Blake
- 10 years ago
- Views:
Transcription
1 HKU Big Data and Privacy Workshop Privacy Risks of Big Data Analytics From a Regulator s Point of View 30 November 2015 Henry Chang, IT Advisor Office of the Privacy Commissioner for Personal Data, Hong Kong
2 Big Data Analytics and Mobile Apps 1. Data protection principles 2. Big data analytics and privacy 1
3 Collection OECD Privacy Framework Principles Personal Data Flow Storage, Use or Processing Retention/ Erasure IT System Collection Limitation Data Quality Purpose Specifications Use Limitation Security Safeguards Openness Individual Participation Accountability 2
4 Big Data Analytics and Mobile Apps 1. Data protection principles 2. Big data analytics and privacy 3
5 Big Data and Privacy Failures of Big Data Analytics 4
6 Failures of Big Data Analytics Google Flu Prediction It does not always work Underestimated by half in 2009 when comparing with CDC data Overestimated by half in 2012 when comparing with CDC data Predictor of flu or predictor of winter? A black-box approach makes it hard for people to judge 5
7 Failures of Big Data Analytics US Presidential Election Past performance does not guarantee future results Colorado professors built a data model that correctly backward predicted the eight US presidential election results since 1980 It failed to forward predict the 2012 election 6
8 Big Data and Privacy Privacy risks of big data analytics 7
9 Privacy Risks of Big Data Analytics 1. Sense of rights violation or surprise 2. Re-identification 3. Negative impact/discrimination 8
10 Privacy Risks of Big Data Analytics 1. Sense of rights violation or surprise 2. Re-identification 3. Negative impact/discrimination 9
11 Big Data and Privacy Correct predication can still be creepy 10
12 The Surprise of Big Data Analytics Target s Pregnancy Prediction If it works in this way 11
13 The Surprise of Big Data Analytics Target s Pregnancy Prediction Target learnt this lesson: Then we started, in the same mailer, mixing baby items with other things we know they would never buy, like lawn mower as long as the pregnant woman doesn t know she has been spied on, it works and she would use the coupons 12
14 Privacy Risks of Big Data Analytics 1. Sense of rights violation or surprise 2. Re-identification 3. Negative impact/discrimination 13
15 Big Data and Privacy The myth of anonymisation 14
16 The Myth of Anonymisation AOL released anonymised search records of 650,000 people over a three-month period User was found to be Ms Arnold of Lilburn of Georgia through the keywords she entered Her searches also included nicotine effect, dry mouth, hand tremors, bipolar disorder do we need to worry about Ms Arnold s physical and mental health? 15
17 The Myth of Anonymisation Anonymised Massachusetts state employee hospital records State employee hospital records released for research Governor reassured the public that the data was deidentified Governor s own record reidentified by a researcher by matching date of birth, gender and ZIP code with a voter database that costed US$20. 16
18 The Myth of Anonymisation How much data do you need to identify someone? 87% US population can be identified by using Zip code, gender and date of birth; 53% by place, gender and date of birth; and 18% by county, gender and date of birth. 17
19 The Myth of Anonymisation The only way to make data anonymous is to make it useless Professor Paul Ohm (University of Colorado Law School) 18
20 Privacy Risks of Big Data Analytics 1. Sense of rights violation or surprise 2. Re-identification 3. Negative impact/discrimination 19
21 Big Data and Privacy Before we look at discrimination, let s look at the reality of big data analytics 20
22 The Reality of Big Data Analytics Big data analytics: Correlation Causation 21
23 The (Academic) Reality of Big Data Analytics US spending on science, space, and technology reveals Suicides by hanging, strangulation and suffocation? 22
24 The (Academic) Reality of Big Data Analytics Number of Nicolas Cage films reveals swimming-pool drowning? 23
25 The (Academic) Reality of Big Data Analytics Divorce rate in Maine reveals Per capita consumption of margarine? 24
26 The Reality of Big Data Analytics But, do we really care about the difference between correlation and causation? 25
27 The (Commercial) Reality of Big Data Analytics Do you care about correlation or causation if you were the Samaritans at this point? 26
28 The (Commercial) Reality of Big Data Analytics Do you care about correlation or causation if you were a pool-side lifeguard at this time? 27
29 The (Commercial) Reality of Big Data Analytics What would you do if you are a margarine producer in the US and learn about the divorce rate in Maine at this time? 28
30 The Reality of Big Data Analytics 29
31 The Reality of Big Data Analytics Marketers are not interested in theories, they are interested in results. So if it works, what s the problem? So if users of table feet protectors pay back their loans promptly, what s wrong in lending to them? The problem lies with the have not, those that you are not targeted. You ve denied them of things that they may otherwise entitle to 30
32 The Reality of Big Data Analytics Is there a solution to this? Need to know what big data is and isn t good at IS Pattern matcher Gives recommendations ISN T Substitutes for proper data collection and analysis, and theory generation (big data hubris) Hand-free predictor 31
33 Privacy Challenge of Big Data Analytics Risks recap: 1. The (unintended) impacts on people when it is working; 2. The risks of re-identifying people from anonymised sensitive data; and 3. The targeted not. There is a human being behind all those data analytics and decisionmaking. Can things be redressed when something goes wrong? 32
34 Big Data Analytics 33
Big Data + Smart City = Weak Privacy + Weak Security?
Big Data + Smart City = Weak Privacy + Weak Security? Professor John Bacon-Shone Director, Social Sciences Research Centre The University of Hong Kong Benefits and Risks Is it an inevitable consequence
Romans 13:8 is an often misunderstood verse because it says, Owe nothing to anyone.
Debt and Credit Introduction We will be discussing the subject of debt from a biblical perspective. But before we begin looking at biblical principles concerning economics and finances, we need to put
ADVISORY GUIDELINES ON THE PERSONAL DATA PROTECTION ACT FOR SELECTED TOPICS ISSUED BY THE PERSONAL DATA PROTECTION COMMISSION ISSUED 24 SEPTEMBER 2013
ADVISORY GUIDELINES ON THE PERSONAL DATA PROTECTION ACT FOR SELECTED TOPICS ISSUED BY THE PERSONAL DATA PROTECTION COMMISSION ISSUED 24 SEPTEMBER 2013 REVISED 16 MAY 2014 PART I: INTRODUCTION AND OVERVIEW...
Big Data, Not Big Brother: Best Practices for Data Analytics Peter Leonard Gilbert + Tobin Lawyers
Big Data, Not Big Brother: Best Practices for Data Analytics Peter Leonard Gilbert + Tobin Lawyers March 2013 How Target Knew a High School Girl Was Pregnant Before Her Parents Did just because you can,
De-Identification of Health Data under HIPAA: Regulations and Recent Guidance" " "
De-Identification of Health Data under HIPAA: Regulations and Recent Guidance" " " D even McGraw " Director, Health Privacy Project January 15, 201311 HIPAA Scope Does not cover all health data Applies
Which flu vaccine should you or your child
have? Click on an age group to find out Birth to under six months Babies of this age cannot have flu vaccine so the best way to protect them is for their mother to have the vaccination while pregnant.
Application for Health Coverage & Help Paying Costs (Short Form)
Form Approved OMB No. 0938-1191 Application for Health Coverage & Help Paying Costs (Short Form) Use this application to see what coverage you qualify for Affordable private health insurance plans that
Application for Health Coverage & Help Paying Costs
Application for Health Coverage & Help Paying Costs Use this application to see what coverage choices you qualify for Who can use this application? Affordable private health insurance plans that offer
HIPAA POLICY REGARDING DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION AND USE OF LIMITED DATA SETS
HIPAA POLICY REGARDING DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION AND USE OF LIMITED DATA SETS SCOPE OF POLICY: What Units Are Covered by this Policy?: This policy applies to the following units
HIPAA-Compliant Research Access to PHI
HIPAA-Compliant Research Access to PHI HIPAA permits the access, disclosure and use of PHI from a HIPAA Covered Entity s or HIPAA Covered Unit s treatment, payment or health care operations records for
Application for Health Coverage & Help Paying Costs
Application for Health Coverage & Help Paying Costs Form Approved OMB No. 0938-1191 Use this application to see what coverage choices you qualify for Who can use this application? Affordable private health
Application for Health Coverage & Help Paying Costs
Application for Health Coverage & Help Paying Costs Use this application to see what coverage choices you qualify for Who can use this application? Affordable private health insurance plans that offer
Apply faster online at Compass.ga.gov.
GEORGIA DEPARTMENT OF HUMAN SERVICES Division of Family and Children Services Application for Health Coverage & Help Paying Costs Form Approved OMB No. 0938-1191 Use this application to see what coverage
Guide to Legal Costs the mystery explained
Guide to Legal Costs the mystery explained Let s be honest - No-one really wants to go and see a Solicitor. Like the emergency services, we are only welcome when things have gone wrong or in other cases
A Q&A with the Commissioner: Big Data and Privacy Health Research: Big Data, Health Research Yes! Personal Data No!
A Q&A with the Commissioner: Big Data and Privacy Health Research: Big Data, Health Research Yes! Personal Data No! Ann Cavoukian, Ph.D. Information and Privacy Commissioner Ontario, Canada THE AGE OF
Grandparent Custody and Visitation Issues
Chapter 14 Grandparent Custody and Visitation Issues Melody K. Fuller, Esq.* Melody K. Fuller, P.C. SYNOPSIS 14-1. Grandparent Visitation Issues 14-2. Custody of Grandchildren 14-3. Resources This chapter
Application for Health Coverage and Help Paying Costs
Iowa Department of Human Services Application for Health Coverage and Help Paying Costs Use this application to see what coverage choices you qualify for Affordable private health insurance plans that
Guidance on Personal Data Erasure and Anonymisation 1
Guidance on Personal Data Erasure and Anonymisation Introduction Data users engaged in the collection, holding, processing or use of personal data must carefully consider how to erase such personal data
CS377: Database Systems Data Security and Privacy. Li Xiong Department of Mathematics and Computer Science Emory University
CS377: Database Systems Data Security and Privacy Li Xiong Department of Mathematics and Computer Science Emory University 1 Principles of Data Security CIA Confidentiality Triad Prevent the disclosure
Credit Reports and How to Dispute Credit Report Errors
Credit Reports and How to Dispute Credit Report Errors The County Clerk's Office preserves and makes available to the public, including credit reporting agencies, all records affecting the title to real
Colorado s 2005 Tobacco Tax Increase, Cigarette Consumption, and Tax Revenues
Colorado s 2005 Tobacco Tax Increase, Cigarette Consumption, and Tax Revenues Tobacco Program and Evaluation Group University of Colorado at Denver and Health Sciences Center Theresa Mickiewicz, MSPH Arnold
privacy and credit reporting policy.
privacy and credit reporting policy. ME, we, us or our refers to Members Equity Bank Ltd and its subsidiary ME Portfolio Management Ltd. about ME Every Australian deserves to get the most out of their
1) Medical Website Design ~ Medical Website Design would also be the main keyword phrase to target. 500 Words.
1) Medical Website Design ~ Medical Website Design would also be the main keyword phrase to target. 500 Words. 2) Medical Marketing ~ target "medical marketing", but this pages is about SEO services. 500
Privacy: Legal Aspects of Big Data and Information Security
Privacy: Legal Aspects of Big Data and Information Security Presentation at the 2 nd National Open Access Workshop 21-22 October, 2013 Izmir, Turkey John N. Gathegi University of South Florida, Tampa,
Taking Care of Both of You
Taking Care of Both of You Understanding Mood Changes After the Birth of Your Baby We ve been there. We can help. National Depressive and Manic-Depressive Association Shortly after the birth of her first
Do you drink or use other drugs? You could be harming more than just your health.
Do you drink or use other drugs? You could be harming more than just your health. Simple questions. Straight answers about the risks of alcohol and drugs for women. 1 Why is my health care provider asking
our Health Your Rights Your Health, Your Rights
our Health Your Health, Your Rights Your Rights IF you re a teen in California, you have rights. And that s what this booklet is about your right to privacy and reproductive health care. It has lots of
De-identification Koans. ICTR Data Managers Darren Lacey January 15, 2013
De-identification Koans ICTR Data Managers Darren Lacey January 15, 2013 Disclaimer There are several efforts addressing this issue in whole or part Over the next year or so, I believe that the conversation
Estuardo R. Ponciano, J.D. Assistant Director of Admissions UCIrvine SchoolofLawof
Estuardo R. Ponciano, J.D. Assistant Director of Admissions UCIrvine SchoolofLawof There are some things you should think about before you start the application process. Why do you want to go to law school?
The U.K. Information Commissioner s Office Report on Big Data and Data Protection
reau of National Affairs, Inc. (800-372-1033) http://www.bna.com WORLD DATA PROTECTION REPORT >>> News and analysis of data protection developments around the world. For the latest updates, visit www.bna.com
Have you ever accessed
HIPAA and Your Mobile Devices Not taking the appropriate precautions can be very costly. 99 BY MARK TERRY Alexey Poprotskiy Dreamstime.com Have you ever accessed patient data offsite using a laptop computer,
How to Dispute Credit Report Errors Y
September 2008 How to Dispute Credit Report Errors Y our credit report contains information about where you live, how you pay your bills, and whether you ve been sued or arrested, or have filed for bankruptcy.
Challenges of Data Privacy in the Era of Big Data. Rebecca C. Steorts, Vishesh Karwa Carnegie Mellon University November 18, 2014
Challenges of Data Privacy in the Era of Big Data Rebecca C. Steorts, Vishesh Karwa Carnegie Mellon University November 18, 2014 1 Outline Why should we care? What is privacy? How do achieve privacy? Big
The Top Five. FMLA Compliance Mistakes That Could Land You in Court
The Top Five FMLA Compliance Mistakes That Could Land You in Court A slip of the tongue, a misplaced remark, the wrong job assignment: managers make mistakes every day. When the mistake involves FMLA,
Si Ud. no entiende esto, llame a su oficina local del Michigan Department of Health and Human Services.
Si Ud. no entiende esto, llame a su oficina local del Michigan Department of Health and Human Services. From One Parent to Another Raising a child today is not an easy task, even under the best of circumstances.
How to complain to your claims management company
How to complain to your claims management company Claims Management Regulation March 2013 HOW TO COMPLAIN TO YOUR CLAIMS MANAGEMENT COMPANY - CLAIMS MANAGEMENT REGULATION 3 Contents What should you expect
I C C R. Cigarettes: Stress Relief Or Just A Bunch Of Smoke? Gain Attention/Interest: www.circ.cornell.edu. Think & Write #1. Goals: Basic Idea:
Cigarettes: Stress Relief Or Just A Bunch Of Smoke? C R I C Source: Kassel, J.D., Stroud, L. R., & Paronis, C. A. (2003). Smoking, stress, and negative affect: Correlation, causation, and context across
IIA POSITION PAPER: THE ROLE OF INTERNAL AUDITING IN ENTERPRISE-WIDE RISK MANAGEMENT
IIA POSITION PAPER: THE ROLE OF INTERNAL AUDITING IN ENTERPRISE-WIDE RISK MANAGEMENT Revised: Page 1 of 8 Introduction The importance to strong corporate governance of managing risk has been increasingly
Governance. Information. Bulletin. Welcome to the nineteenth edition of the information governance bulletin
Welcome to the nineteenth edition of the information governance bulletin Our regular bulletin about information governance and the work of the IG transition programme Publication Gateway Reference: 02465
HEALTH CARE R E F O R M
HEALTH CARE What does the Affordable Care Act mean to you? HEALTH CARE On March 23, 2010, President Obama signed the Affordable Care Act (ACA) into law. This marked the beginning of health care reform.
Privacy Committee. Privacy and Open Data Guideline. Guideline. Of South Australia. Version 1
Privacy Committee Of South Australia Privacy and Open Data Guideline Guideline Version 1 Executive Officer Privacy Committee of South Australia c/o State Records of South Australia GPO Box 2343 ADELAIDE
You will need to mail or fax us copies of items that apply to your case. See the next page for a list of these items.
Getting started: Health care for children CHIP and Children s Medicaid These programs offer health-care benefits for newborns and children age 18 and younger who live in Texas. With these programs, your
Health Insurance Coverage
Protecting Your Health Insurance Coverage This booklet explains... Your rights and protections under recent Federal law How to help maintain existing coverage Where you can get more help For additional
Privacy Policy on the Collection, Use, Disclosure and Retention of Personal Health Information and De-Identified Data, 2010
pic pic Privacy Policy on the Collection, Use, Disclosure and Retention of Personal Health Information and De-Identified Data, 2010 Updated March 2013 Our Vision Better data. Better decisions. Healthier
Big Data Big Security Problems? Ivan Damgård, Aarhus University
Big Data Big Security Problems? Ivan Damgård, Aarhus University Content A survey of some security and privacy issues related to big data. Will organize according to who is collecting/storing data! Intelligence
(Big) Data Anonymization Claude Castelluccia Inria, Privatics
(Big) Data Anonymization Claude Castelluccia Inria, Privatics BIG DATA: The Risks Singling-out/ Re-Identification: ADV is able to identify the target s record in the published dataset from some know information
5. MY RIGHTS IN THE FAMILY
5. MY RIGHTS IN THE FAMILY 5.1 General Do I have a right to live with my family? Yes. You have a right to live with your family if this is in your best interests. What is guardianship? Guardianship is
How to Dispute Credit Report Errors
FTC Facts For Consumers Federal Trade Commission For The Consumer May 2006 www.ftc.gov 1-877-ftc-help How to Dispute Credit Report Errors Y our credit report contains information about where you live,
Lesson Seventeen: Uncovering the Facts about Adoption, Abortion and Teen Parenthood
Lesson Seventeen: Uncovering the Facts about Adoption, Abortion and Teen Parenthood Student Learning Objectives: The students will be able to... 1. Identify who can legally consent to have an abortion,
Unit One: The Basics of Investing
Unit One: The Basics of Investing DISCLAIMER: The information contained in this document is solely for educational purposes. CompareCards.com, owned by Iron Horse Holdings LLC is not a registered investment
De-Identification 101
De-Identification 101 We live in a world today where our personal information is continuously being captured in a multitude of electronic databases. Details about our health, financial status and buying
Oregon Department of Human Services (DHS) Vocational Rehabilitation (VR)
Oregon Department of Human Services (DHS) Vocational Rehabilitation (VR) SECTION 504 CONSUMER DISCRIMINATION COMPLAINT INFORMATION (3 pages) & VR SECTION 504 CONSUMER DISCRIMINATION COMPLAINT FORM (2 pages)
Generating Leads While You Sleep
Generating Leads While You Sleep May 2013 CommuniGator 2013 Page 1 of 14 Contents Introduction... 3 Setting up the right infrastructure... 4 Page Scoring, Link Scoring and Lead Scoring... 7 Generating
PUBLIC CONSULTATION ISSUED BY THE PERSONAL DATA PROTECTION COMMISSION
PUBLIC CONSULTATION ISSUED BY THE PERSONAL DATA PROTECTION COMMISSION PROPOSED ADVISORY GUIDELINES ON THE PERSONAL DATA PROTECTION ACT FOR SELECTED TOPICS 05 FEBRUARY 2013 PART I: INTRODUCTION AND OVERVIEW...
Frequently asked questions about whooping cough (pertussis)
Frequently asked questions about whooping cough (pertussis) About whooping cough What is whooping cough? Whooping cough is a highly contagious illness caused by bacteria. It mainly affects the respiratory
In order to adjudicate an appeal, OPM requires claimants or their authorized representatives to submit the following information:
SYSTEM NAME: Health Claims Disputes External Review Services. SYSTEM LOCATION: Office of Personnel Management, 1900 E Street NW., Washington, DC 20415. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
CORSISTA (COGNOME NOME) LUOGO E DATA DI NASCITA SEDE DI SERVIZIO TELEFONO SCUOLA RECAPITI TELEFONICI PERSONALI
SICILIA PALERMO WRITTEN PAPER - Time allowed: 1 hour 30 minutes CORSISTA (COGNOME NOME) LUOGO E DATA DI NASCITA SEDE DI SERVIZIO TELEFONO SCUOLA RECAPITI TELEFONICI PERSONALI Part One - Questions 1-5.
Guidance for Data Users on the Collection and Use of Personal Data through the Internet 1
Guidance for Data Users on the Collection and Use of Personal Data through the Internet Introduction Operating online businesses or services, whether by commercial enterprises, non-government organisations
Introduction to Big Data! with Apache Spark" UC#BERKELEY#
Introduction to Big Data! with Apache Spark" UC#BERKELEY# Course Goals" This Lecture" Brief History of Data Analysis" Big Data and Data Science Why All the Excitement?" Where Big Data Comes From" Course
Scottish Parliament Health and Sport Committee s Inquiry into Teenage Pregnancy in Scotland Evidence from CHILDREN 1 ST
Scottish Parliament Health and Sport Committee s Inquiry into Teenage Pregnancy in Scotland Evidence from CHILDREN 1 ST February 2013 For over 125 years CHILDREN 1 ST has been working to build a better
GOT TAX PROBLEMS? THINGS THE IRS DOESN T WANT YOU TO KNOW (BUT YOU WILL LEARN BY READING THIS!)
GOT TAX PROBLEMS? THINGS THE IRS DOESN T WANT YOU TO KNOW (BUT YOU WILL LEARN BY READING THIS!) When I was a young lawyer, I assumed the Internal Revenue Service was like my father strict and stern, but
Dartmouth College Information About the Family and Medical Leave Act
Dartmouth College Information About the Family and Medical Leave Act Frequently Asked Questions The following is a list of your rights and benefits as an eligible FMLA employee: 12 weeks of unpaid FMLA
Where s my real ROI? White Paper #1 February 2014. expert Services
Where s my real ROI? White Paper #1 February 2014 expert Services revenue costs The growing confidence of advertisers and agencies in mobile marketing requires an effective and veridical sort of ROI metrics.
How To Get A Better Home Loan Rate In Australia
AUSTRALIA S TOP 30 HOME LOAN MYTHS BUSTED Australia s Top 30 Home Loan Myths BUSTED! Fairer home loans for Australians Hi, I m Mark Bouris from Yellow Brick Road. Australia, it s time for a fairer deal
role of independent assessor
role of independent assessor I'm delighted that you re interested in the ombudsman service and the post of independent assessor. I thought you might like a note that goes beyond the formal job spec and
