Embed Size (px)
Citation preview
Slide title
In CAPITALS
50 pt
Slide subtitle
32 pt
Muhammad Rizwan Asghar
August 19, 2020
RIGHT TO BE FORGOTTEN
Lecture 10
COMPSCI 316
Cyber Security
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
2
FOCUS OF THIS LECTURE
Understand right to be forgotten
Learn technical enforcement of right to be
forgotten
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
3
INFORMATION COLLECTION
Search engines are the prevalently used tools to
collect information about individuals
Search engines comprise a variety of sources that
contain personal information
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
4
INFORMATION RELEASE
Release of personal information could be
– Intentionally by the person herself
– Unintentionally leaked or published by third parties
Issue: New threats to online privacy!
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
5
PRIVACY RISKS
Public embarrassment
Loss of prospective opportunities
– E.g., when applying for jobs or insurance
Personal safety and property risks
– E.g., stalkers or burglars who learn users’ whereabouts
And many more …
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
6
PROTECTING PRIVACY
Protecting privacy on the Internet remains a widely
unsolved challenge
– For users, service providers, and legislators alike
Legislators have responded by tightening privacy
regulations
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
7
ECJ RULING
The European Court of Justice (ECJ) recently ruled
on the Google Spain v. Mario Costeja González case
As per ruling, EU citizens have a fundamental right to
be forgotten for digital content on the Internet
Technically, Google (or search engines alike) must
offer users technical means to request removal of
links pointing to personal information
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
8
GOOGLE FORM: URLS AND EXPLANATION
Source: https://support.google.com/legal/contact/lr_eudpa?product=websearch
URLs to be removed
Explanation
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
9
GOOGLE FORM: ID DOCUMENT
Source: https://support.google.com/legal/contact/lr_eudpa?product=websearch
ID document
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
10
REQUESTS SINCE RULING
Since May 29, 2014
A large number of requests
Over 3.27 million URLs
44.8% URLs removed
55.2% URLs not removed
Source: https://transparencyreport.google.com/eu-privacy
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
11
MOST IMPACTED SITES
Source: https://transparencyreport.google.com/eu-privacy
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
12
ANALYSIS OF GOOGLE FORM
Pros
– “Simple” web form is deployed
Cons
– Time consuming due to manual evaluation
– Privacy invasive as users present ID document,
which is against the principle of least privilege
– An adversary, having a copy of ID document of
the user, can make a forgery
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
13
OUR DESIGN GOALS
Efficient: The processing of requests should take as
less time as possible
Scalable: The system should scale with growing
number of users and requests
Minimal disclosure: Do not reveal anything beyond
what is required for eligibility checking
Eligibility: Only requests from provably affected users
Unforgeability: No possibility of forging existing or
generating new requests on behalf of the user
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
14
INSPIRATION FROM ID CARDS IN EU
Some EU member states issue digital
credentials and encourage to use them
– E.g., for online services and e-shopping
Basic idea: Use digital credentials!
See: https://identitymalta.com/id-cards
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
15
PROPOSED IDEA:
OBLIVION
Requesting User
Certification Authority
Indexing System
OCP
Registration Phase
Ownership
Claim Phase
Data ownership certifier
Reporting Phase
Trust
OCP stands for Ownership Certification Party
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
16
REQUEST GENERATION BY USER
Identifying personal information
– Using Named Entity Recognition (NER)
Matching attributes
Face detection
Signing request
Submitting request
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
17
REQUEST VERIFICATION
Verify the request signed by the user
Verify enclosed attributes
Face recognition
Entity disambiguation
– Identifies relationship between user attributes
– E.g., “Alice is a manager. She was born in Germany.”
would mean that Alice was born in Germany
Eligibility assessment
Issuing ownership token
– To the user
– To the indexing server
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
18
IN THE CONTEXT OF NEW ZEALAND
Can a New Zealander make a request to Google or
search engines alike?
– Not yet, see the report by the Privacy Commissioner NZ
Deployment
– Who should issue digital credentials?
RealMe could be an option
– Note that the crypto scheme proposed in Oblivion needs to
be adapted
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
19
IS IT REALLY ‘FORGOTTEN’
It is in fact ‘right to be deindexed/delisted’
The real ‘right to be forgotten’ requires more
– E.g., removal of hosted pages from ISPs
– Check pubic domain or public interest
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
20
CONCLUSION
Oblivion aims to help both users and search engine
providers
Oblivion only shares user information necessary for
processing the removal request
Only eligible users can make requests
Oblivion prevents forgeability
Oblivion is an efficient and scalable system
– On average, it can process 278 requests per second
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
21
REFERENCE
Milivoj Simeonovski, Fabian Bendun, Muhammad
Rizwan Asghar, Michael Backes, Ninja Marnau, Peter
Druschel, Mitigating privacy leaks by controlling
discoverability of online information, In the
proceedings of the 13th International Conference on
Applied Cryptography and Network Security (ACNS)
2015 (Acceptance rate: 33/157≈21%), available at:
https://arxiv.org/pdf/1506.06033.pdf
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
22
MEDIA COVERAGE
Kiwi sends online footprint into 'Oblivion' (Video interview)
3 News (NZ), August 10, 2015
How to wipe yourself off the internet
NZ Herald, August 2, 2015
Could the 'Right to be Forgotten' become automated? Oblivion
software could help Google remove hundreds of people from the
web in seconds
Daily Mail (UK), June 26, 2015
'Oblivion' Is the Software That Could Automate the 'Right to Be
Forgotten'
Motherboard, June 22, 2015
For more information, please visit:
https://www.cs.auckland.ac.nz/~asghar/media
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
23
Questions?
Thanks for your attention!
