Privacy and Transparency for Decision Making. Simone Fischer-Hübner Karlstad University, Sweden MDAI 2015

Similar documents
Big Data better business benefits

Privacy & data protection in big data: Fact or Fiction?

Privacy Policy and Notice of Information Practices

DATA Dr. Jan Krancke, VP Regulatory Strategy & Projects CERRE Expert Workshop, Brussels. re3rerererewr

BIG DATA AND THE INTERNET OF THINGS

INERTIA ETHICS MANUAL

ABC PRIVACY POLICY. The ABC is strongly committed to protecting your privacy when you interact with us, our content, products and services.

16 Electronic health information management systems

We may collect the following types of information during your visit on our Site:

Trusted Personal Data Management A User-Centric Approach

Database Forensics Secure Business Austria

Guidance for Data Users on the Collection and Use of Personal Data through the Internet 1

COPPA. How COPPA & Parental Intelligence Systems Help Parents Protect Their Kids Online. The Children s Online Privacy Protection Act

MAXPRO. Cloud CLOUD HOSTED VIDEO SERVICES TO PROTECT YOUR BUSINESS. Video Anytime, Anywhere

Consor;um (partners) ARES conference Toulouse, 24 August 2015

Privacy-preserving Data Mining: current research and trends

Guidelines on Data Protection. Draft. Version 3.1. Published by

Privacy(and(Data( Protection( (Part(II(

Privacy and Identity Management for Europe

Privacy Committee. Privacy and Open Data Guideline. Guideline. Of South Australia. Version 1

European Commission initiatives on e- and mhealth

Security Solutions

Oracle Financials Cloud Modernize Finance

Canada's Global Viewpoint: Emerging Technologies and Healthcare Interoperability

SECURITY IMPLICATIONS OF CROSS- AGENCY BIG DATA APPROACHES FOR TAX COMPLIANCE

DESTINATION MELBOURNE PRIVACY POLICY

Liability and Privacy Issues in Business

Novartis CardioEngagement Challenge

Declaration of Internet Rights Preamble

Risk management, information security and privacy compliance. new meeting of minds or ships in the night?

Legal compliance for developers. Training materials (prepared by Tilburg University)

IntelCenter Database (ICD) for Colleges & Universities 30 Jan info@intelcenter.com

Access Rights Management. Only much Smarter.

Privacy Policy. PortfolioTrax, LLC v1.0. PortfolioTrax, LLC Privacy Policy 2

Defending Behind The Device Mobile Application Risks

Document Control. Version Control. Sunbeam House Services Policy Document. Data Breach Management Policy. Effective Date: 01 October 2014

TECHNICAL SPECIFICATION: LEGISLATION EXECUTING CLOUD SERVICES

Secure Cloud Identity Wallet

Advanced Solutions. Uniformance Suite. Real-time Digital Intelligence Through Unified Data, Analytics and Visualization

IT Privacy Certification Outline of the Body of Knowledge (BOK) for the Certified Information Privacy Technologist (CIPT)

The Internet of Things... Hype or not?

Mobile multifactor security

"Secure insight, anytime, anywhere."

Horizontal IoT Application Development using Semantic Web Technologies

Associations today face more challenges and demands than ever

E-Democracy and e-voting

I. System Activities that Impact End User Privacy

Exploiting the power of Big Data

How To Understand Data Privacy In Cloud Computing

GUESTBOOK REWARDS, INC. Privacy Policy

May 18, Georgina Verdugo Director Office for Civil Rights United States Department of Health and Human Services

How To Protect Privacy In A Computer System

Internet Engineering Task Force Internet-Draft Intended status: Best Current Practice July 15, 2013 Expires: January 16, 2014

Prior checking opinion on the European Surveillance System ("TESSy") notified by the European Centre for Disease Prevention and Control ("ECDC

Whitepaper. Advanced Threat Hunting with Carbon Black

Associate Prof. Dr. Victor Onomza Waziri

RE: ITI s Comments on Korea s Revised Proposed Bill for the Development of Cloud Computing and Protection of Users

legal & ethical data sharing prof.dr. Ronald Leenes r.e.leenes@uvt.nl TILT - Tilburg Institute for Law, Technology, and Society

ATTPS Publication: Trustworthy ICT Taxonomy

A TapShield White Paper 618 E. South St., Suite 600 Orlando, FL (877) TapShield.com

Recommendations for companies planning to use Cloud computing services

Summary of the Dutch Data Protection Authority s guidelines for the Data Breach Notification Act

A HELPING HAND TO PROTECT YOUR REPUTATION

The Science of Challenging Customer Requirements

Security within a development lifecycle. Enhancing product security through development process improvement

HP Laptop & Apple ipads

Smart Cities. Photo used under Creative Commons from nigelhowe

Presenting Mongoose A New Approach to Traffic Capture (patent pending) presented by Ron McLeod and Ashraf Abu Sharekh January 2013

Corporate Investigations Management

A puzzle based authentication method with server monitoring

REMOTE ACCESS TO A HEALTHCARE FACILITY AND THE IT PROFESSIONAL S OBLIGATIONS UNDER HIPAA AND THE HITECH ACT

The Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst

H2020-EUJ-2016: EU-Japan Joint Call. EUJ : IoT/Cloud/Big Data platforms in social application contexts

Lunch & Learn: Big Data Analytics

Service Engineering for the Internet of Things

Journal of Electronic Banking Systems

PRIVACY POLICY. Effective date: February 11, Holiday Privacy Statement

Standard: Information Security Incident Management

3 Principles for Maximum Participation in Open Data on the Web Bob Schloss, IBM Research April 19, 2013

Demystifying Big Data Government Agencies & The Big Data Phenomenon

Knowledge based energy management for public buildings through holistic information modeling and 3D visualization. Ing. Antonio Sacchetti TERA SRL

DRAFT BILL PROPOSITION

Sticky Password 7. Sticky Password 7 is the latest, most advanced, portable, cross platform version of the powerful yet

Exploiting Data at Rest and Data in Motion with a Big Data Platform

The Connected Enterprise: Transformation through Mobility

End-to-end data protection solutions

Article 29 Working Party Issues Opinion on Cloud Computing

Data Analytics, Management, Security and Privacy (Priority Area B)

Securing the Internet of Things WHITEPAPER

Memorandum! Is Big Data the right recipe for Europe?

Big Data - Security and Privacy

E-commerce profiling in Romania Bogdan Manolea CRPE

Cloud Security under the EU Data Protection Directive and draft General Data Protection Regulation

Customer Timeline - New in Summer Web Lead Capture - New in Summer Built-In Dashboards - New in Summer 2012

CLOUD COMPUTING FOR ehealth DATA PROTECTION ISSUES

Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal Cloudlets

Code of Conduct For Subscribers

Luis Melo Head of CRM/CX. Capventis. Policy Automation. Knowledge Management. Field Service Management. Web Customer Service

Privacy by Design. Ian Brown, Prof. of Information Security and Privacy Oxford Internet Institute, University of

Transcription:

Privacy and Transparency for Decision Making Simone Fischer-Hübner Karlstad University, Sweden MDAI 2015

Content I. Profiling, Big Data & Decision Making - Privacy Challenges II. III. IV. Peer Profiling & Privacy in Smart Society Transparency-enhancing Tools (TETs) Conclusions

I. Profiling, Big Data & Decision Making: Privacy Risks & Challenges of Big Data The sheer scale of data collection, tracking, profiling & detail of the data, from many different sources Security of data Transparency Inaccuracy, discrimination, exclusion & economic imbalance Increased possibilities of government surveillance (Art. 29 WP - Opinion 03/2013 on purpose limitation)

New types of derived data

Personal Discrimination in Online Ad Delivery Source: Latanya Sweeney, dataprivacylab.org

Price Discrimination

What makes the further use of personal data for analytics compatible? (Art. 29 WP - Opinion 03/2013 on purpose limitation) If big data is analysed to detect general trends: Functional separation, security & confidentiality If processing of big data affects individuals: Opt-in consent Data subject rights (transparency & intervenability) in regard to profiles and algorithms Purpose limitation Data minimisation..

II. Smart Society & Privacy (EU FP7 FET IP) ICT and society today An ongoing accelerating deep integration Exponential increase in number of devices (sensors, PDAs, tablets, iwatch, ) Machines and humans interacting more and more closely Physical and virtual dimensions of life are more and more intertwined Lots of ad-hoc solutions and systems Social networking platforms (eg., Facebook) Chat systems (eg., Whatsapp) Mobile services anywhere anytime Smart city applications (!!!) What about building a smarter society? www.smart-society-project.eu, Source: Fausto Giunchiglia From: When Mobile is opposite of Social

The Smart Society vision Computers are great at storing, processing and communicating data People are great at interpreting context (semantics), interpersonal relationships and social norms Can we combine the best of both worlds to build a smarter society via hybrid social computation decentralized through society? An holistic approach, with the goal of building hybrid social systems, capable of handling, exploiting and composing, as social computations, human and machine diverse actions, towards a smarter society www.smart-society-project.eu, Source: Fausto Giunchiglia

www.smart-society-project.eu, Source: Fausto Giunchiglia An example: the Ride Sharing Desired properties o o o o o o o o Recommendation system Different profiles, dynamically changing Privacy, Provenance, trust and reputation Sensing and context recognition Effective communication among agents Coordinate actors [ ] With economic pressures pushing travelers to share resources whenever possible (and various online services making that ever easier), I wondered how this was possible. Did I do something wrong? Were the sites inadequate? Or were there simply not enough people out there looking for such a ride? The answer turned out to be a bit of each. Ride-sharing s move from campus bulletin board to Internet had been less successful than expected [New York Times September 17, 2013]

Privacy Challenges Peer Profiling and Search Provenance, Trust and Reputation Incentives and decision making Sensed Data Entangled Data who has control? Privacy of Collectives 24/09/2015 www.smart-society-project.eu 12

Privacy by information abstraction and sticky policies Peer s Information Peer s Profiles Name: Mario Rossi; Marito; Mario Gender: Male ABS Date of Birth: 1991-05-12 Address: Via Piave 5, Trento Age: 33 Position: 46.064199, 11.127730 Smoker: No Background: Artificial Intelligence Communication channels: [<Skype, m.rossi>, <email, mr123@gmail.com>, <cell phone, +39 3480070998>] User: Marito Age range: between 25 and 35 Neighborhood: Villazzano, Trento Smoker: No Communication channels: [<cell phone>] Agreed Requirements: ABS User: Marito Age range: between 25 and 35 City: Trento Smoker: No Communication channels: [<cell phone>] Agreed Requirements: www.smart-society-project.eu, Source: Alethia Hume

Privacy by information abstraction and sticky policies Peer s Information Peer s Profiles Name: Mario Rossi; Marito; Mario Gender: Male ABS Date of Birth: 1991-05-12 Address: Via Piave 5, Trento Age: 33 Position: 46.064199, 11.127730 Smoker: No Background: Artificial Intelligence Communication channels: ABS [<Skype, m.rossi>, <email, mr123@gmail.com>, <cell phone, +39 3480070998>] User: Marito Age range: between 25 and 35 Neighborhood: Villazzano, Trento Smoker: No Communication channels: [<cell phone>] Agreed Requirements: ABS User: Mario City: Trento Background: Computer Science Communication channels: [<cell phone>] Agreed Requirements:[<cell phone, {read}, {contact}>; <user, {read}, {search, contact}>; <background, {read}, {search, riderecommendation}>;.] User: Marito Age range: between 25 and 35 City: Trento Smoker: No Communication channels: [<cell phone>] Agreed Requirements: www.smart-society-project.eu, Source: Alethia Hume

Privacy by information abstraction and sticky policies Peer s Information Peer s Profiles Name: Mario Rossi; Marito; Mario Gender: Male Date of Birth: 1991-05-12 ABS Address: Via Piave 5, Trento Age: 33 Position: 46.064199, 11.127730 Smoker: No Background: Artificial Intelligence Communication channels: [<Skype, m.rossi>, ABS <email, mr123@gmail.com>, <cellphone, +39 3480070998>] User: Marito Age range: between 25 and 35 Neighborhood: Villazzano, Trento Smoker: No Communication channels: [<cell phone>] Agreed Requirements: ABS User: Mario City: Trento Background: Computer Science Communication channels: [<cell phone>] Agreed Requirements:[<cell phone, {read}, {contact}>; <user, {read}, {search, contact}>; <background, {read}, {search, riderecommendation}>;.] User: Marito Age range: between 25 and 35 City: Trento Smoker: No Communication channels: [<cell phone>] Agreed Requirements: Abstraction function: Drop attributes Obfuscate attribute names Obfuscate attribute values www.smart-society-project.eu, Source: Alethia Hume 15

Privacy by information abstraction and sticky policies Peer s Information Peer s Profiles Name: Mario Rossi; Marito; Mario Gender: Male Date of Birth: 1991-05-12 ABS Address: Via Piave 5, Trento Age: 33 Position: 46.064199, 11.127730 Smoker: No Background: Artificial Intelligence Communication channels: [<Skype, m.rossi>, ABS <email, mr123@gmail.com>, <cellphone, +39 3480070998>] User: Marito Age range: between 25 and 35 Neighborhood: Villazzano, Trento Smoker: No Communication channels: [<cell phone>] Agreed Requirements: ABS User: Mario City: Trento Background: Computer Science Communication channels: [<cell phone>] Agreed Requirements:[<cell phone, {read}, {contact}>; <user, {read}, {search, contact}>; <background, {read}, {search, riderecommendation}>;.] User: Marito Age range: between 25 and 35 City: Trento Smoker: No Communication channels: [<cell phone>] Agreed Requirements: Abstraction function: Drop attributes Obfuscate attribute names Obfuscate attribute values Sticky policies using A-PPL 16

Privacy-aware Search Data minimisation: Search is performed on peer s profiles (i.e. on partial or obfuscated data) Purpose binding: Decision on what profile information can be included in the search for what purposes it can be used is regulated by sticky policies www.smart-society-project.eu

III. Transparency Enhancing Tools (TETs) User Service Provider

Transparency & Intervenability Legal privacy principles EU Data Protection Directive: Informed consent Rights to information, notification Right to access to data & logics involved in automatic processing (algorithm, decision criteria, source of data) Rights to correction/blocking/deletion Right not to be subject to automated decisions Proposed EU General Data Protection Regulation (GDPR) Right to object to profiling, data breach notification, exercising data subject rights electronically Swedish Data Patient Act: Rights to access health records and log information Social Trust Factors Increased trust in applications if procedures are clear, transparent and reversible

Transparency vs. Confidentiality Examples Log files in ehealth privacy issues: Information about who (e.g., psychiatrist) accessed EHR is sensitive for patients Monitoring of performance/quality of work of medical personnel Business secrets in relation to profiling (cf. Recital 41 Data Protection Directive)

Ex post TETs: Data Track Data Track entry Data disclosure & transaction pseudonym & Privacy Policy Data subject access (transaction pseudonym)

A4Cloud Data Track (3rd Iteration) Source: Angulo, Fischer-Hübner et al., CHI 2015 (WiP).

Source: Angulo, Fischer-Hübner et al., CHI 2015 (WiP). A4Cloud Data Track Click here to access your data at Spotify

A4Cloud Data Track Source: Angulo, Fischer-Hübner et al., CHI 2015 (WiP).

User evaluations Do users find the trace view of the Data Track intuitive and comprehensible? Do users appreciate the functionality of the Data Track? Do users understand that there are two different views (data records stored under the users control (locally or in a privacyfriendly cloud infrastructure) and data records stored at the service provider) 25

Usability test results Where are the Data Track records stored? Frequency Percent On the DataTrack program (on a cloud/internet storage) 9 52.9 On the DataTrack program (locally in computer) 4 23.5 On the Internet somewhere 1 5.9 On the services that I have given information to 3 17.6 How often do you think you would have the program turned on so that it tracks the information you give to Internet services? Never tracking (-0% of the time) 2 Rarely tracking (25% of the time) 3 Often tracking (75% of the time) 5 Always tracking (100% of the time) 7 How often do you believe you would use the DataTrack program? Very rarely (almost never or never) 1 Rarely (a few times per year) 1 Sometimes (a few times per month) 7 Often (around two to four times per week) 4 Very often (almost always) 4

4th Iteration Data Track GenomSynlig Dashboard

Trace View

Timeline View

Distributed Transparency Logging 5. Match? Service Provider Bob fork Service Provider Dave User Alice with Data Track 1. discloses data & privacy policy 2. performs processing 4. retrieves log entries 3. generates logs Source: T. Pulls et al., Privacy-Preserving Transparency Logging, WPES 2013

Distributed Privacy-Preserving Transparency Logging Security Properties Integrity: no undetectable modifications to logged data (committed prior to compromise) Secrecy: only the data subject (or auditor) can read the data logged for him Unlinkability of log entries and user identifiers accross data processors

IV. Conclusions Privacy principles for Profiling can be enforced by PETs: Anonymisation & Obfuscation Sticky policies for purpose limitation TETs. TETs need to address privacy/confidentiality requirements HCI Requirements for TETs important, e.g.: Make difference between locally and remotely stored data obvious; Provide transparency also for implicitly obtained or derived data; Provide users with help (e.g., via tooltips or introductory tutorials) for understanding how control functions can be activated. (see also: Angulo, Fischer-Hübner, et.al., CHI 2015 Proceedings, Work in Progress Session ACM).

Questions? http://www.cs.kau.se/~simone/

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information