privacy engineering
play

Privacy engineering, CyLab privacy by design, privacy impact - PowerPoint PPT Presentation

Nov 29, 2022 •338 likes •555 views

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance Engineering & Public Policy Lorrie Faith Cranor November 11, 2014 y & c S a e v c i u r P r i t e y l b L a a s

  1. Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance Engineering & Public Policy Lorrie Faith Cranor � November 11, 2014 y & c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 / 19-608 / 95-818: � b r a a t L o Privacy Policy, Law, and Technology y r C y U H D T T E P . U : / M / C C U . S P S C . 1

  2. Today’s agenda • Quiz • Questions/comments about the readings • Discussion about the midterm • Privacy engineering • Privacy by design • Privacy impact assessments • Privacy governance 2

  3. By the end of class you will be able to: • Understand how to apply various approaches to privacy engineering and privacy by design to design problems 3

  4. Privacy by policy vs. architecture • What techniques are used in each approach? • What are the advantages and disadvantages of each approach? 4

  5. How privacy rights are protected By policy • – Protection through laws and organizational privacy policies – Must be enforced – Transparency facilitates choice and accountability – Technology facilitates compliance and reduces the need to rely solely on trust and external enforcement – Violations still possible due to bad actors, mistakes, government mandates By architecture • – Protection through technology – Reduces the need to rely on trust and external enforcement – Violations only possible if technology fails or the availability of new data or technology defeats protections – Often viewed as too expensive or restrictive 5

  6. What system features tend to lead to more or less privacy? 6

  7. low Degree of Person Identifiability high Privacy by Policy Privacy by through FIPs Architecture high low Degree of Network Centricity 7

  8. Privacy by policy techniques • Notice • Choice • Security safeguards • Access • Accountability – Audits – Privacy policy management technology • Enforcement engine 8

  9. Privacy by architecture techniques • Best – No collection of contact information – No collection of long-term person characteristics – k-anonymity with large value of k • Good – No unique identifiers across databases – No common attributes across databases – Random identifiers – Contact information stored separately from profile or transaction information – Collection of long-term personal characteristics w/ low granularity – Technically enforced deletion of profile details at regular intervals 9

  10. Linkability Approach of data to Privacy to privacy identifiability System Characteristics personal stages protection identifiers • unique identifiers across databases • contact information stored with profile information 0 identified privacy linked by policy (notice and • no unique identifies across databases linkable with choice) • common attributes across databases reasonable & 1 automatable • contact information stored separately from profile effort or transaction information • no unique identifiers across databases • no common attributes across databases pseudonymous • random identifiers not linkable • contact information stored separately with 2 from profile or transaction information reasonable privacy • collection of long term person characteristics on a effort by low level of granularity architecture • technically enforced deletion of profile details at regular intervals • no collection of contact information • no collection of long term person characteristics 3 anonymous unlinkable • k -anonymity with large value of k 10

  11. De-identification and 
 re-identification • Simplistic de-identification: remove obvious identifiers • Better de-identification: also k-anonymize and/or use statistical confidentiality techniques • Re-identification can occur through linking entries within the same database or to entries in external databases 11

  12. Examples • When RFID tags are sewn into every garment, how might we use this to identify and track people? • What if the tags are partially killed so only the product information is broadcast, not a unique ID? • How can a cellular provider identify an anonymous pre-paid cell phone user? 12

  13. Privacy by Design Principles (PbD) 1. Proactive not Reactive; Preventative not Remedial 2. Privacy as the Default Setting 3. Privacy Embedded into Design 4. Full Functionality—Positive-Sum, not Zero-Sum 5. End-to-End Security—Full Lifecycle Protection 6. Visibility and Transparency—Keep it Open 7. Respect for User Privacy—Keep it User-Centric Ann Cavoukian 13

  14. Privacy by design Rubinstein, Ira and Good, Nathan, Privacy by Design: A Counterfactual Analysis of Google and Facebook Privacy Incidents. 28 Berkeley Technology Law Journal 1333 (2013). http://ssrn.com/abstract=2128146 or http://dx.doi.org/10.2139/ssrn.2128146 • PbD principles “more aspirational than practical or operational” • Microsoft principles outdated (ignore social media) and don’t provide insights into decision making behind “company approval” • PbD requires “translation of FIPs into engineering and design principles and practices” 14

  15. Privacy Impact Assessment A methodology for – assessing the impacts on privacy of a project, policy, program, service, product, or other initiative which involves the processing of personal information and, – in consultation with stakeholders, for taking remedial actions as necessary in order to avoid or minimize negative impacts D. Wright and P . De Hert, eds. Privacy Impact Assessment . Springer 2012. 15

  16. PIA is a process • Should begin at early stages of a project • Should continue to end of project and beyond 16

  17. Why carry out a PIA? • To manage risks • To derive benefits – Negative media – Increase trust attention – Avoid future liability – Reputation damage – Early warning system – Legal violations – Facilitate privacy by – Fines, penalties design early in design process – Privacy harms – Enforce or encourage – Opportunity costs accountability 17

  18. Who has to carry out PIAs? • US administrative agencies, when developing or procuring IT systems that include PII – Required by E-Government Act of 2002 • Government agencies in many other countries • Sometimes done by private sector – Case studies from Vodaphone, Nokia, and Siemens in PIA book 18

  19. Data governance • People, process, and technology for managing data within an organization • Data-centric threat modeling and risk assessment • Protect data throughout information lifecycle – Including data destruction at end of lifecycle • Assign responsibility 19

  20. Beam discussion • https://www.youtube.com/channel/ UC_Cqp2VdYp9YSQqK07bIMmQ • What privacy issues does this technology raise in the home environment? How might these issues be addressed? 20

  21. y & c S a e v c i u r P r i e t y l b L a a s b U o b r a a t L o y r C y U H D T T E P . U : / M / C C U . S P C S . Engineering & Public Policy CyLab

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance Engineering & Public Policy Lorrie Faith Cranor October 29, 2013 y & c S a e v c i u r P r i t e y l b L a a s

245 views • 20 slides
Privacy engineering, privacy by design, and privacy governance Engineering & Public Policy

Privacy engineering, privacy by design, and privacy governance Engineering & Public Policy

CyLab Privacy engineering, privacy by design, and privacy governance Engineering & Public Policy Lorrie Faith Cranor November 17, 2015 y & c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 /

539 views • 22 slides
Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy Commissioner of Ontario https://www.ipc.on.ca/images/resources/7foundationalprinciples.pdf Privacy by Design Let's have it! Article 25 European

1.32k views • 118 slides
PET Semetary: Privacys return from the dead and the Future of Privacy Engineering Seda

PET Semetary: Privacys return from the dead and the Future of Privacy Engineering Seda

PET Semetary: Privacys return from the dead and the Future of Privacy Engineering Seda Grses CITP , Princeton University COSIC, University of Leuven getting privacy engineering right? getting privacy engineering right? software

471 views • 20 slides
2016 International Workshop on Privacy Engineering IWPE 16 Tools in support of

2016 International Workshop on Privacy Engineering IWPE 16 Tools in support of

2016 International Workshop on Privacy Engineering IWPE 16 Tools in support of privacy engineering methodologies Tools for privacy communications Aleecia M. McDonald, PhD Non-resident Fellow, Stanford Center for Internet &

902 views • 15 slides
Paradigms of Privacy Research & Privacy Engineering Seda Grses f.s.gurses@tudelft.nl TU

Paradigms of Privacy Research & Privacy Engineering Seda Grses f.s.gurses@tudelft.nl TU

Paradigms of Privacy Research & Privacy Engineering Seda Grses f.s.gurses@tudelft.nl TU Delft/ KU Leuven 18. June 2019 GDPR requires data protection by design and by default (Article 25) A complex law with many requirements. More

950 views • 58 slides
www.privitar.com Engineering Privacy London, UK WHY ARE ORGANISATIONS SLOW TO ADOPT PETS?

www.privitar.com Engineering Privacy London, UK WHY ARE ORGANISATIONS SLOW TO ADOPT PETS?

www.privitar.com Engineering Privacy London, UK WHY ARE ORGANISATIONS SLOW TO ADOPT PETS? Differential Privacy as a case study Theresa Stadler, SuRI at EPFL 2018 What are you talking about? Everybody wants data privacy as fast as

604 views • 38 slides
Privacy Engineering Objectives and Risk Model Objective-Based Design for Improving Privacy in

Privacy Engineering Objectives and Risk Model Objective-Based Design for Improving Privacy in

Privacy Engineering Objectives and Risk Model Objective-Based Design for Improving Privacy in Information Systems 1 NIST research has a broad impact shutterstock.com shutterstocom G. Hooijer/ D. Stork/ Facilitates trade and fair Improves

405 views • 18 slides
The Norwegian Blue A lesson in Privacy Engineering Eivind Arvesen, Aug. 7th 2020 Crypto &

The Norwegian Blue A lesson in Privacy Engineering Eivind Arvesen, Aug. 7th 2020 Crypto &

The Norwegian Blue A lesson in Privacy Engineering Eivind Arvesen, Aug. 7th 2020 Crypto & Privacy Village: Glitched (at DEF CON 28: SAFE MODE) $ whoami Eivind Arvesen Consultant @ Bouvet (Oslo, Norway) Privacy and security Senior

1.18k views • 63 slides
Engineering Privacy By Design Seda Grses COSIC, ESAT K.U. Leuven Belgium 1 Outline -

Engineering Privacy By Design Seda Grses COSIC, ESAT K.U. Leuven Belgium 1 Outline -

Engineering Privacy By Design Seda Grses COSIC, ESAT K.U. Leuven Belgium 1 Outline - Introduction and Approach - Privacy Requirements Definition Problem - Privacy Requirements Analysis Problem - Policy and Compliance - Privacy By Design -

1.48k views • 63 slides
PROTECTION GOALS FOR PRIVACY ENGINEERING Marit Hansen, Meiko Jensen, and Martin Rost

PROTECTION GOALS FOR PRIVACY ENGINEERING Marit Hansen, Meiko Jensen, and Martin Rost

www.datenschutzzentrum.de PROTECTION GOALS FOR PRIVACY ENGINEERING Marit Hansen, Meiko Jensen, and Martin Rost International Workshop on Privacy Engineering May 21, 2015 Protection Goals for Privacy Engineering www.datenschutzzentrum.de

715 views • 35 slides
Privacy Does Matter! Haojin Zhu Professor Computer Science & Engineering Shanghai Jiao Tong

Privacy Does Matter! Haojin Zhu Professor Computer Science & Engineering Shanghai Jiao Tong

Privacy Does Matter! Haojin Zhu Professor Computer Science & Engineering Shanghai Jiao Tong University Scope of Privacy in This Talk Data about individuals Collection, using, and sharing of such data Privacy is primarily a

1.18k views • 98 slides
Privacy law overview Privacy law overview Engineering & Public Policy Lorrie Faith

Privacy law overview Privacy law overview Engineering & Public Policy Lorrie Faith

CyLab Privacy law overview Privacy law overview Engineering & Public Policy Lorrie Faith Cranor September 16, 2014 y & c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 / 19-608 / 95-818:

197 views • 16 slides
Data privacy and big Data privacy and big data data Engineering & Public Policy Lorrie

Data privacy and big Data privacy and big data data Engineering & Public Policy Lorrie

CyLab Data privacy and big Data privacy and big data data Engineering & Public Policy Lorrie Faith Cranor November 12, 2015 y & c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 / 19-608 /

658 views • 21 slides
Privacy law overview Privacy law overview Engineering & Public Policy Lorrie Faith

Privacy law overview Privacy law overview Engineering & Public Policy Lorrie Faith

CyLab Privacy law overview Privacy law overview Engineering & Public Policy Lorrie Faith Cranor September 17, 2013 y & c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 / 19-608 / 95-818: b

503 views • 14 slides
Conceptions of Conceptions of Privacy Privacy Engineering & Public Policy Lorrie Faith

Conceptions of Conceptions of Privacy Privacy Engineering & Public Policy Lorrie Faith

CyLab Conceptions of Conceptions of Privacy Privacy Engineering & Public Policy Lorrie Faith Cranor September 3, 2015 y & c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 / 19-608 / 95-818:

702 views • 23 slides
Briefing for analysts: Telecoms Partner, Competition Stuart McIntosh 21 st July 2010 Agenda

Briefing for analysts: Telecoms Partner, Competition Stuart McIntosh 21 st July 2010 Agenda

1 Briefing for analysts: Telecoms Partner, Competition Stuart McIntosh 21 st July 2010 Agenda Introduction Stuart McIntosh Wholesale local access / Wholesale broadband access Gareth Davies Net neutrality Alex Blowers

311 views • 30 slides
Nuclear PDFs at the LHC and beyond Carlos A. Salgado Universidade de Santiago de Compostela

Nuclear PDFs at the LHC and beyond Carlos A. Salgado Universidade de Santiago de Compostela

Nuclear PDFs at the LHC and beyond Carlos A. Salgado Universidade de Santiago de Compostela Nuclei at the FHC CERN - December - 2013 @CASSalgado @HotLHC Disclaimer Very little time to prepare this talk: Slides mostly taken from other

494 views • 45 slides
Short Course Short Course Katsuya Amako (KEK) Makoto Asai (SLAC) Gabriele Cosmo (CERN) Susanna

Short Course Short Course Katsuya Amako (KEK) Makoto Asai (SLAC) Gabriele Cosmo (CERN) Susanna

Short Course Short Course Katsuya Amako (KEK) Makoto Asai (SLAC) Gabriele Cosmo (CERN) Susanna Guatelli (INFN Genova) Maria Grazia Pia ( INFN Genova) Dennis Wright (SLAC) IEEE NSS/MIC 2003 Portland, 19 October 2003

409 views • 5 slides
PIA is a Process Designing for Privacy Leonardo H. Iwaya CC-BY-4.0 What is Data Protection

PIA is a Process Designing for Privacy Leonardo H. Iwaya CC-BY-4.0 What is Data Protection

PIA is a Process Designing for Privacy Leonardo H. Iwaya CC-BY-4.0 What is Data Protection Impact Assesment? Where a type of processing in particular using new technologies, and taking into account the nature, scope, context and

103 views • 8 slides
Varieties of positive interior algebras: operation . The two presentations produce

Varieties of positive interior algebras: operation . The two presentations produce

Modal algebras form the algebraic semantics of normal modal logics. They are Boolean algebras with a unary operation s.t. 1 1 and ( x y ) x y . Modal algebras can be presented also as BAs with a unary

186 views • 5 slides
Subdeterminants and Concave Integer Quadratic Programming Alberto Del Pia, University of

Subdeterminants and Concave Integer Quadratic Programming Alberto Del Pia, University of

Subdeterminants and Concave Integer Quadratic Programming Alberto Del Pia, University of Wisconsin-Madison January 10, 2019 23rd Combinatorial Optimization Workshop, Aussois 2019 The problem Separable Concave Integer Quadratic Programming k

836 views • 49 slides
CSCE 471/871 Lecture 6: Multiple Sequence Alignments Residues occupy similar positions in 3D

CSCE 471/871 Lecture 6: Multiple Sequence Alignments Residues occupy similar positions in 3D

Introduction: Multiple Alignments Start with a set of sequences In each column, residues are homolgous CSCE 471/871 Lecture 6: Multiple Sequence Alignments Residues occupy similar positions in 3D structure Residues diverge from a

65 views • 6 slides
Documenting conversational conventions in Swahili Daniel W. Hieber University of California,

Documenting conversational conventions in Swahili Daniel W. Hieber University of California,

Hieber, Daniel W. 2013. Documenting conversational conventions in Swahili. Term paper , Discourse Transcription, Prof. John W. DuBois, Fall 2013, UC Santa Barbara. Documenting conversational conventions in Swahili Daniel W. Hieber

403 views • 9 slides

More recommend