What Do You Want to Share Today? Building Privacy-Aware AmI-Systems - - PowerPoint PPT Presentation

what do you want to share today
SMART_READER_LITE
LIVE PREVIEW

What Do You Want to Share Today? Building Privacy-Aware AmI-Systems - - PowerPoint PPT Presentation

Dec 02, 2022 781 likes •977 views

What Do You Want to Share Today? Building Privacy-Aware AmI-Systems Marc Langheinrich Institute for Pervasive Computing ETH Zrich March 21. 2006 SWAMI Conference, Brussels 1 Fair Information Principles (FIP) Drawn up by the OECD,

slide-1
SLIDE 1

March 21. 2006 SWAMI Conference, Brussels 1

“What Do You Want to Share Today?”

Building Privacy-Aware AmI-Systems

Marc Langheinrich Institute for Pervasive Computing ETH Zürich

slide-2
SLIDE 2

March 21. 2006 SWAMI Conference, Brussels 2

Fair Information Principles (FIP)

Drawn up by the OECD, 1980

“Organisation for economic cooperation and development” Voluntary guidelines for member states Goal: ease transborder flow of goods (and information)

Five principles (simplified) Core principles of most modern privacy laws

Implication: Technical solutions must support FIP 1.

Openness

2.

Data access and control

3.

Data security

4.

Collection Limitation

5.

Data subject’s consent

slide-3
SLIDE 3

March 21. 2006 SWAMI Conference, Brussels 3

Fair Information Principles (FIP)

Drawn up by the OECD, 1980

“Organisation for economic cooperation and development” Voluntary guidelines for member states Goal: ease transborder flow of goods (and information)

Five principles (simplified) Core principles of most modern privacy laws

Implication: Technical solutions must support FIP 1.

Openness

2.

Data access and control

3.

Data security

4.

Collection Limitation

5.

Data subject’s consent

Core Question: Can (user interface) technology support those principles that need user involvement? Can we put the user „into the loop“ of privacy protection? Core Question: Can (user interface) technology support those principles that need user involvement? Can we put the user „into the loop“ of privacy protection?

slide-4
SLIDE 4

March 21. 2006 SWAMI Conference, Brussels 4

Openness in AmI

No hidden data collection!

Legal requirement in many countries

Established means: privacy policies

Who, what, why, how long, etc. ...

slide-5
SLIDE 5

March 21. 2006 SWAMI Conference, Brussels 5

Openness in AmI

No hidden data collection!

Legal requirement in many countries

Established means: privacy policies

Who, what, why, how long, etc. ...

How to publish policies in Ubicomp?

Periodic broadcasts?

Too many devices?

Countless announcements an annoyance Notices “get in the way” – Background vs Foreground

slide-6
SLIDE 6

March 21. 2006 SWAMI Conference, Brussels 6

Openness in AmI

No hidden data collection!

Legal requirement in many countries

Established means: privacy policies

Who, what, why, how long, etc. ...

How to publish policies in Ubicomp?

Periodic broadcasts?

Too many devices?

Countless announcements an annoyance Notices “get in the way” – Background vs Foreground

How many people read SSL certificate warnings? Cookie warnings? Do you want to proceed, yes or no? How many people read SSL certificate warnings? Cookie warnings? Do you want to proceed, yes or no?

slide-7
SLIDE 7

March 21. 2006 SWAMI Conference, Brussels 7

Access & Control in AmI

Identifiable data must be accessible

Users can review, change, sometimes delete

Collectors must be accountable

Privacy-aware storage technology?

slide-8
SLIDE 8

March 21. 2006 SWAMI Conference, Brussels 8

Access & Control in AmI

Identifiable data must be accessible

Users can review, change, sometimes delete

Collectors must be accountable

Privacy-aware storage technology?

Whom should I ask?

Countless, often unknown interactions. Centralized?!

How to check for correctness?

Is this really my walking pattern?

slide-9
SLIDE 9

March 21. 2006 SWAMI Conference, Brussels 9

Consent in AmI

Participation requires explicit consent

Usually a signature or pressing a button

True consent requires true choice

More than „take it or leave it“

slide-10
SLIDE 10

March 21. 2006 SWAMI Conference, Brussels 10

Consent in AmI

Participation requires explicit consent

Usually a signature or pressing a button

True consent requires true choice

More than „take it or leave it“

How to ask without a screen?

Designing UI‘s for embedded systems, or Finding means of delegation (is this legal?)

Consenting to what?

Do I understand the implications?

slide-11
SLIDE 11

March 21. 2006 SWAMI Conference, Brussels 11

Consent in AmI

Participation requires explicit consent

Usually a signature or pressing a button

True consent requires true choice

More than „take it or leave it“

How to ask without a screen?

Designing UI‘s for embedded systems, or Finding means of delegation (is this legal?)

Consenting to what?

Do I understand the implications?

slide-12
SLIDE 12

March 21. 2006 SWAMI Conference, Brussels 12

Emnid survey Germany (03/2002)

50% have at least one loyalty card 72% welcome such offers

70 million cards in circulation (12/2003)

Average rebate: 1.0-0.5% 15% of consumers estimate rebate being 5-10%

Minding the fine print?

Explicit signature allows detailed data mining Consequences?

Example: Convenience

slide-13
SLIDE 13

March 21. 2006 SWAMI Conference, Brussels 13

Consumer Loyalty Cards –

Legal Implications

Arson near youth house Niederwangen (Berne)

At scene of crime: Migros-tools Court ordered disclosure of all 133

consumers who bought items on their supermarket card (8/2004)

Arsonist not yet found (11/2005)

slide-14
SLIDE 14

March 21. 2006 SWAMI Conference, Brussels 14

Consumer Loyalty Cards –

Legal Implications

Arson near youth house Niederwangen (Berne)

At scene of crime: Migros-tools Court ordered disclosure of all 133

consumers who bought items on their supermarket card (8/2004)

Arsonist not yet found (11/2005)

Informed Consent?

Who Would Think of Such Things When Buying a Screwdriver?!

Informed Consent?

Who Would Think of Such Things When Buying a Screwdriver?!

slide-15
SLIDE 15

March 21. 2006 SWAMI Conference, Brussels 15

“Do-the-right-thing” Privacy

No one wants to manage their privacy!

Anonymizer (Zero-Knowledge.com)? Infomediaries? Privacy interface? Identity managers?

slide-16
SLIDE 16

March 21. 2006 SWAMI Conference, Brussels 16

“Do-the-right-thing” Privacy

No one wants to manage their privacy!

Anonymizer (Zero-Knowledge.com)? Infomediaries? Privacy interface? Identity managers?

Challenge: When to share what with whom?

Simple command (touch, shake, press) for paying, etc. System knows what to share (not too much!)

Challenge: Something wrong?

Simple to check Simple to fix or get help

slide-17
SLIDE 17

March 21. 2006 SWAMI Conference, Brussels 17

„Pervasive Privacy“ (Rossnagel)

Anytime, Anywhere, Automatic, Pro-Active

Let technology disappear into laws, social habits

Not through interfaces, but operate in the background

„The most profound technologies are those that disappear. They weave themselves into the fabric of everyday life until they are indistinguishable from it.“

Mark Weiser (1952 – 1999)

slide-18
SLIDE 18

March 21. 2006 SWAMI Conference, Brussels 18

„Pervasive Privacy“ (Rossnagel)

Anytime, Anywhere, Automatic, Pro-Active

Let technology disappear into laws, social habits

Not through interfaces, but operate in the background Can we make privacy laws „automatable“? Can we know/predict what the user wants (no AI, pls)? What do we need to „fix“ disclosure problems?

„The most profound technologies are those that disappear. They weave themselves into the fabric of everyday life until they are indistinguishable from it.“

Mark Weiser (1952 – 1999)