1 / 11

SENSOR NETWORKS & PRIVACY

SENSOR NETWORKS & PRIVACY. Pamela Samuelson, UC Berkeley, Securing Privacy Conference, March 13, 2004. SENSOR NETWORKS. Considerable amount of R&D underway to develop tiny computers equipped with radio capabilities to sense physical phenomena and transmit data to processing points

kina
Télécharger la présentation

SENSOR NETWORKS & PRIVACY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SENSOR NETWORKS & PRIVACY Pamela Samuelson, UC Berkeley, Securing Privacy Conference, March 13, 2004 Securing Privacy Conference

  2. SENSOR NETWORKS • Considerable amount of R&D underway to develop tiny computers equipped with radio capabilities to sense physical phenomena and transmit data to processing points • Wide array of application domains: smart buildings that can detect internal structural damage or adjust light & heat settings, measuring weather/water info on GG Bridge/redwood trees, monitoring activities of the elderly, sensing for bioterrorism weapons Securing Privacy Conference

  3. TECHNICAL CHALLENGES • Making tiny processors capable of deployment in wide array of applications (buildings, forests, animals, whatever) • Designing ways to generate and preserve power for sensors and transmitting data • Transmission protocols, radio transmitters • Tiny operating system programs, security • Database designs for processing sensed data Securing Privacy Conference

  4. CITRIS • Center for Information Technology Research in the Interests of Society at UC Berkeley • Technologists designing sensor and sensor network technologies are aware that deployment of such technologies raise privacy and other policy concerns • Deirdre Mulligan & I have begun work with EECS Professors David Culler, Joe Hellerstein, & David Wagner on privacy & sensor network issues Securing Privacy Conference

  5. COLLABORATION • Technologists want quick and certain answers • Want to submit query about how law applies, have it processed, & get right answer as output • Have a sense that there may be a short window for developing right technology policy • Lawyers have to educate technologists about different modality of law, and need to know fair amount about the technology & how it will be deployed before able to assess how law applies Securing Privacy Conference

  6. PRIVACY ISSUES • Many applications for deploying sensor networks involve collecting personally identifiable information (PII) • Sensing persons in building as part of embedded sensors for disaster preparedness • Monitoring activities of the elderly so they can safely live at home • FastTRAK devices being read at more than toll booths • No law as such on this new domain, but wouldn’t it be nice if fair information practices applied? Securing Privacy Conference

  7. FAIR INFO PRACTICES • Limitations on collection of data (only what need); destroy data after need is fulfilled • Right to collect data for specific purpose only; if want to reuse for other purpose, you have to get new permission • Notice and consent • Right of access to check data • Obligations to keep data accurate, secure • Accountability if screw up Securing Privacy Conference

  8. SENSOR NETS POOR FIT? • Data collection is norm, may be always on • Absence of cues indicating data is being collected • Porous barriers between public and private spaces • Everyone is a potential data collector • New kinds of data being sensed, created, stored • Increased ability to create patterns, knowledge out of seemingly unrevealing bits of data • Once data has been collected, reuse may be easy to do, but difficult to detect and hence to regulate • May not be feasible to enable access to PII to ensure integrity (lots of sensor network data will be lousy) Securing Privacy Conference

  9. ISSUES FROM CASELAW • US v. Miller: persons have no protectable privacy interest in data about them held by third parties (e.g., bank records of individual accounts) • Kyllo v. US: use of heat-sensing technology violated 4th A because reasonable expectation of privacy in home, & such technology not in general public use Securing Privacy Conference

  10. WHAT TO DO? • May be possible to design privacy-sensitive technology • Encrypt PII so can only be used for one purpose? • Use authentication/access control systems? • Store data only where security can be strong? • Aggregate data to anonymize? Hide mapping? • Don’t log or flush out data when no longer needed? • Give users ability to turn sensors off? detector devices? • Adapt FIPs for sensor networks? New laws? Securing Privacy Conference

  11. CONCLUSION • May be possible to build and deploy sensor networks in socially responsible way • Worth thinking about whether possible to develop new FIPs for sensor networks, and what role for technology, what role for law? • Law will certainly kick in when disputes arise or some flagrant, well-publicized abuse occurs • Good idea to think about legal framework before problems start arising Securing Privacy Conference

More Related