• Home

  • Documents

  • It’s not what IT does to Privacy it’s what Privacy does to IT
12
Robert Thibadeau, Copyright 2000 1 It’s not what IT does to Privacy it’s what Privacy does to IT Robert Thibadeau, Ph.D. www.internetlab.ri.cmu.edu www.w3.org/p3p www.istpa.org www.intelytics.com [email protected]

It’s not what IT does to Privacy it’s what Privacy does to IT

  • Upload
    simone

  • View
    24

  • Download
    0

Embed Size (px)

DESCRIPTION

It’s not what IT does to Privacy it’s what Privacy does to IT. Robert Thibadeau, Ph.D. www.internetlab.ri.cmu.edu www.w3.org/p3p www.istpa.org www.intelytics.com [email protected]. Information Privacy. Law. Technology. No matter how much you want to, you can’t get - PowerPoint PPT Presentation

Citation preview

Page 1: It’s not what IT does to Privacy it’s what Privacy does to IT

Robert Thibadeau, Copyright 2000 1

It’s not what IT does to Privacy it’s what Privacy does to IT

Robert Thibadeau, Ph.D.

www.internetlab.ri.cmu.edu

www.w3.org/p3p www.istpa.org

www.intelytics.com

[email protected]

Page 2: It’s not what IT does to Privacy it’s what Privacy does to IT

Robert Thibadeau, Copyright 2000 2

InformationPrivacy

•Technology •Law

No matter how much you want to, you can’t get

technology out of privacy or the law out of privacy

Page 3: It’s not what IT does to Privacy it’s what Privacy does to IT

Robert Thibadeau, Copyright 2000 3

Reasons• There is no technically perfect solution

possible : Thomas Jefferson’s notion of public and private.

– Therefore the Law becomes Indispensible, and the LAW is always at Fault if it is not there providing protection.

• Technology – actually the computer – will always surprise you : The Turing Principle

– Therefore Technology cannot be frozen to a form, and the LAW is responsible, not technology

• Technology – you need locks on the doors, systems to facilitate privacy, and systems for policing of the laws

– This requires Technology

Page 4: It’s not what IT does to Privacy it’s what Privacy does to IT

Robert Thibadeau, Copyright 2000 4

Negotiating Privacy in a Millisecond

A HARD PROBLEM FOR IT DICTATED BY PRIVACY

Page 5: It’s not what IT does to Privacy it’s what Privacy does to IT

Robert Thibadeau, Copyright 2000 5

Privacy Server Protocolhttp://yuan.ecom.cmu.edu/psp

now the basis for the European JAVA Demonstrator • Port-based, not (necessarily) HTTP

– Scope : Persistence in Time and Scoping across Modality

• P3P Vocabulary (as excellent starter)

• Negotiated Privacy– Persona Driven

• Bilateral Privacy– Museums - Universal Studios – Ford Have Privacy Needs

Too

• Non-Repudiate-able Contracts– Utilizing ASN.1/SMPTE 298M/DVBX Globally Unique

Contract Names without central servers.

Page 6: It’s not what IT does to Privacy it’s what Privacy does to IT

Robert Thibadeau, Copyright 2000 6

CMU PERSONA MODEL

Schwab StockPicker

Client Browser

User Agent

Web Site

Server Agent

Amazon Shopper

DoubleClick User

BN Shopper

BUY Shopper

Database System

Privacy Policy Agreements

Amazon Shopper

DoubleClick User

CMU Shadow

Page 7: It’s not what IT does to Privacy it’s what Privacy does to IT

Robert Thibadeau, Copyright 2000 7

CMU PERSONA MODEL

Schwab StockPicker

Client Browser

User Agent

Web Site

Server Agent

Amazon Shopper

DoubleClick User

BN Shopper

BUY Shopper

Database System

Amazon Shopper

DoubleClick User

CMU Shadow

I want the Shopping Cart

Need to be a Shopper

I ‘m an Amazon Shopper

OK, Sign Here

OK, Now you Sign

Done, Come on In!

Page 8: It’s not what IT does to Privacy it’s what Privacy does to IT

Robert Thibadeau, Copyright 2000 8

CMU PERSONA MODEL *ALT

Schwab StockPicker

Client Browser

User Agent

Web Site

Server Agent

Amazon Shopper

DoubleClick User

BN Shopper

BUY Shopper

Database System

Amazon Shopper

DoubleClick User

CMU Shadow

I want the Shopping Cart

Need to be a BN Shopper

Can I be an Amazon Shopper?

OK, Sign Here

OK, Now you Sign

Done, Come on In!

What’s That?

It’s This P3P Policy

Page 9: It’s not what IT does to Privacy it’s what Privacy does to IT

Robert Thibadeau, Copyright 2000 9

CMU PERSONA MODEL *ALT

Schwab StockPicker

Client Browser

User Agent

Web Site

Server Agent

Amazon Shopper

DoubleClick User

BN Shopper

BUY Shopper

Database System

Amazon Shopper

DoubleClick User

CMU Shadow

I want the Shopping Cart

Need to be a Shopper

Can I be an Amazon Shopper?

OK, Now You Sign

OK, Sign Here

Done, I’m Coming In!

OK, But you need to be DoubleClick User TOO!

Page 10: It’s not what IT does to Privacy it’s what Privacy does to IT

Robert Thibadeau, Copyright 2000 10

cmu personaA Persona is a Set of Credentials of which a Proper Subset is distinguished for Authorizing Access To the Remainder of the Set

Name : <string>Credit Card Number :

<string>Card Expiration : <string>Mailing Address : <string>Mothers Name : <string>

Child Persona : <p-name>…

Username : <string>Password : <string>

Credentials as Other Persona

Recogniz-er : <script>FillerIn-er : <script>

Communicat-er : <script>HowToUse-er : <script>

P3P APPEL : <script>

Page 11: It’s not what IT does to Privacy it’s what Privacy does to IT

Robert Thibadeau, Copyright 2000 11

cmu persona interfaceIE/Netscape Plugin is EMPTY PERSONA EDIT OR APPLY ENGINEFill it with actual person in different ways:

CMU PERSONA PLUGINActive Persona Storage

REMOTE BASESTATIONWEB SERVER : PORT 80

(Web Page Activates Persona)

AMAZON SHOPPERAMAZON SHOPPER

THIRD PARTYWEB SERVER : PORT 80

MY OTHER SHOPPER

My Secure Hard Disk OR My Floppy Disk

MY OTHER SHOPPER

Like to Use Amazon Shopper

Page 12: It’s not what IT does to Privacy it’s what Privacy does to IT

Robert Thibadeau, Copyright 2000 12


Lesson 9 - What Does Data Privacy Mean to You

Lesson 9 - What Does Data Privacy Mean to You

Documents
Settling for limited privacy: how much does it help?trdata/reports/TR2008-609.pdf · Settling for limited privacy: how much does it help? Anna Shubina Advisor: Amit Chakrabarti Department

Settling for limited privacy: how much does it help?trdata/reports/TR2008-609.pdf · Settling for limited privacy: how much does it help? Anna Shubina Advisor: Amit Chakrabarti Department

Documents
safernetblog.files.wordpress.com · Web viewFacebook privacy settings are important but it’s not the only website with ‘privacy settings’. Other sites like Skype, YouTube and

safernetblog.files.wordpress.com · Web viewFacebook privacy settings are important but it’s not the only website with ‘privacy settings’. Other sites like Skype, YouTube and

Documents
Cost control – How does it’s works?

Cost control – How does it’s works?

Documents
PRIVACY SCREENS - Ingram Micro · Advantages of privacy screens • A privacy screen does not allow anyone from the left or right side of your computer screen to view your information

PRIVACY SCREENS - Ingram Micro · Advantages of privacy screens • A privacy screen does not allow anyone from the left or right side of your computer screen to view your information

Documents
DHS Privacy Trainingdhs.sd.gov/guardianship/docs/HIPAA training handouts.pdf · 2013. 3. 11. · 1 DHS Privacy Training HIPAA: It’s the Right Thing to Do DHS Privacy Training Health

DHS Privacy Trainingdhs.sd.gov/guardianship/docs/HIPAA training handouts.pdf · 2013. 3. 11. · 1 DHS Privacy Training HIPAA: It’s the Right Thing to Do DHS Privacy Training Health

Documents
Sharing,Privacy and Trust in Our Networked World · 2020-07-18 · Internet privacy and security in general. What does information privacy mean to users, and are their views changing?

Sharing,Privacy and Trust in Our Networked World · 2020-07-18 · Internet privacy and security in general. What does information privacy mean to users, and are their views changing?

Documents
When Does Randomization Fail to Protect Privacy?

When Does Randomization Fail to Protect Privacy?

Documents
Privacy · Web view“Privacy Schmrivacy?” Drafting Privacy Policy in an Integrated Justice Environment (and why it’s important) by Wil Nagel Wil Nagel holds a Bachelor of Science

Privacy · Web view“Privacy Schmrivacy?” Drafting Privacy Policy in an Integrated Justice Environment (and why it’s important) by Wil Nagel Wil Nagel holds a Bachelor of Science

Documents
It’s Cool…but does it work?

It’s Cool…but does it work?

Documents
It’s June ALREADY….where does the time fly?

It’s June ALREADY….where does the time fly?

Documents
What Does Your Gaze Reveal About You? On the Privacy

What Does Your Gaze Reveal About You? On the Privacy

Documents
Joint Patent Infringement—It’s Argued, But Does It Really ...€¦ · Joint Patent Infringement—It’s Argued, But Does It Really Exist? Maya M. Eckstein, Esq. Shelley L. Spalding,

Joint Patent Infringement—It’s Argued, But Does It Really ...€¦ · Joint Patent Infringement—It’s Argued, But Does It Really Exist? Maya M. Eckstein, Esq. Shelley L. Spalding,

Documents
Foundations of Privacy 2010 Guy Katz. Introduction to RFID How does it work Threats to user privacy Possible solutions

Foundations of Privacy 2010 Guy Katz. Introduction to RFID How does it work Threats to user privacy Possible solutions

Documents
IT’S ELECTION TIME IN ISRAEL… BUT WHAT DOES THAT MEAN ???

IT’S ELECTION TIME IN ISRAEL… BUT WHAT DOES THAT MEAN ???

Documents
Does Privacy Require True Randomness?

Does Privacy Require True Randomness?

Documents
It’s What She Does

It’s What She Does

Documents
What Does Privacy Have to Do With IT? Privacy Risk Assessment

What Does Privacy Have to Do With IT? Privacy Risk Assessment

Documents
“How does Local Government protect it’s vulnerable road users?”

“How does Local Government protect it’s vulnerable road users?”

Documents
The Electronic Communications Privacy Act: Does the Act

The Electronic Communications Privacy Act: Does the Act

Documents
A World Without Privacy: Why Property Does Not Define the

A World Without Privacy: Why Property Does Not Define the

Documents
Health Privacy It’s My Business

Health Privacy It’s My Business

Documents
Does the Privacy of Your Personal Information Worry You?

Does the Privacy of Your Personal Information Worry You?

Business
How does kerrang magazine relate to it’s target

How does kerrang magazine relate to it’s target

Education
Taxation. Why does U.S. government tax it’s citizens and corporations?

Taxation. Why does U.S. government tax it’s citizens and corporations?

Documents
Privacy and Analytics – it’s a DELICATE Issue. A Checklist for Trusted Learning Analytics

Privacy and Analytics – it’s a DELICATE Issue. A Checklist for Trusted Learning Analytics

Education
Privacy, does it still exist?

Privacy, does it still exist?

Documents
Health Records Act 2001 (Vic) Health Privacy it’s my business

Health Records Act 2001 (Vic) Health Privacy it’s my business

Documents
Privacy Protecting Technologies. Technology: Value Neutral? Does technology, on average, help or hinder personal privacy?

Privacy Protecting Technologies. Technology: Value Neutral? Does technology, on average, help or hinder personal privacy?

Documents
Security and Privacy Technology Enablers for … and Privacy Technology Enablers for Electronic Healthcare ... – How does one enable privacy-preserving data mining? ... Detection

Security and Privacy Technology Enablers for … and Privacy Technology Enablers for Electronic Healthcare ... – How does one enable privacy-preserving data mining? ... Detection

Documents