Privacy Engineering Technologies
-
Upload
ian-oliver -
Category
Internet
-
view
833 -
download
1
description
Transcript of Privacy Engineering Technologies
Privacy Engineering Technologies
Ian Oliver Privacy Officer & Architect, HERE Research Fellow, University of Brighton
Areas
! Foundations ! Privacy by x ◦ Where x \in { design, architecture, coding, brute force, surveillance,…} ◦ Metrics for Privacy
! Notice and Consent to Usage ! Privacy Engineering ◦ Modelling and Methodology ◦ Consent Tracking and Integration ◦ Programming Language Support
! Human Factors
Foundational Aspects of Privacy
Privacy Legal
Economic
Engineering
Human Factors
Foundations
Legal is well-defined and well represented Economics realities of Privacy are similarly understood if not with absolute certainty Engineering aspects are now, finally, starting to be tackled in detail Human factors are known in the security domain, but less so in privacy engineering, cf: safety-critical system design The mathematical foundations are known but there is a huge semantic gap between this and the rest.
Privacy by <X> 7 Principles Privacy’s “Agile Manifesto” No implementation specified
Tools, metrics and techniques for the practicing software engineer
Process, metrics and techniques for the software engineering process
wel
l-def
ined
un
defin
ed
Metrics
Audits Complete Complexity Risk Compliance
Management & Process
Metrics
Information Theory Metrics
Software Engineering
Metrics
K-anonymyty L-diversity
Differential Privacy Semantics
? Missing link
Data set analysis, Data set combination
BigData Analytics Metrics
Anonymisation and Reidentification
The implementation…
Notice and Consent ! Upfront admission of
all currently known: ◦ Data points ◦ Purposes ◦ Usages ◦ Flows
! Requires: ◦ Frequent updates ◦ Active consent ◦ Consumer understanding ◦ Supplemental Notices
Notice and Consent ! Upfront admission of all
currently known: ◦ Data points ◦ Purposes ◦ Usages ◦ Flows
! Requires: ◦ Frequent updates ◦ Active consent ◦ Consumer understanding ◦ Supplemental Notices
! Move away from N&C to active consumer participation
! Emphasis on usage of data ! Allows more freedom and
granularity than N&C ! Consumer oriented
Notice and Consent ! Upfront admission of all
currently known ◦ Data points ◦ Purposes ◦ Usages ◦ Flows
! Requires ◦ Frequent updates ◦ Active consent ◦ Consumer understanding ◦ Supplemental Notices
! Move away from N&C to active consumer participation
! Emphasis on usage of data
! Allows more freedom and granularity than N&C
! Consumer oriented
! Problem: ◦ How will this actually work? ◦ Legal Challenges
Privacy Engineering ! Modelling and Methodology ◦ Data Flow ◦ Ontologies for Privacy
◦ Analysis Techniques
◦ Definitions of Risk ◦ Definitions of Information Content
◦ Metrics!
Privacy Engineering ! Modelling and Methodology ◦ Data Flow ◦ Ontologies for Privacy
◦ Analysis Techniques
◦ Definitions of Risk ◦ Definitions of Information Content
◦ Metrics!
! Consent Tracking ◦ DNT 2.0?
◦ Formalisation and Semantics of consent (we have the languages: XACML etc)
◦ Usage based consent
Privacy Engineering ! Modelling and Methodology ◦ Data Flow ◦ Ontologies for Privacy ◦ Analysis Techniques ◦ Definitions of Risk ◦ Definitions of Information Content ◦ Metrics!
! Consent Tracking ◦ DNT 2.0? ◦ Formalisation and Semantics of consent (we
have the languages: XACML etc) ◦ Usage based consent
! Programming Language Support ◦ Machine types to Information Types and Aspects ◦ Consent as “Type Checking” ◦ Dynamic Languages, Data Flow Languages
(BigData)
Human Factors
! 90% of Privacy Breaches are due to humans
! Phones, USB sticks, unencrypted laptops, poor access control, system configuration, misclassification of data, naivety, key management, cloud, data mixing and reidentification, etc etc etc…
! Learnings from Aviation, Anaesthesia, Surgery, Chemical Plant Design
! Privacy is a SAFTEY CRITICAL concern
! Change of culture
Boeing Model 299 30 Oct 1935
WHO Surgical Safety Checklist (Provnost, Gawande et al)
Privacy & Customers ! Privacy inherent in the system
design and functionality ! Consumer choice is always present
through the data flows, by default and on demand: ◦ Identification ◦ Anonymisation ◦ Aggregation ◦ Forgetting
! Privacy is never a zero-sum game! ! Data quality improvement ! Enables the question “Why?!”
Image ©2014 Innorange Oy, Used with permission
Contact Privacy Engineering – A Data Flow and Ontological Approach.
Amazon, Early July 2014. ISBN 978-1497569713(print edition)
PrivacyEngineeringBook.net
Facebook.com/privacyengineering
i_j_oliver
http://ijosblog.blogspot.com
Image ©2014 Innorange Oy, Used with permission