1 / 29

Course Review

18734: Foundations of Privacy. Course Review. Anupam Datta CMU Fall 2017. Personal Information is Everywhere. Privacy and Fairness Problems. Collection. Inference. Use. Dissemination. Organizing Questions. What is privacy? What is fairness?

ida
Télécharger la présentation

Course Review

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 18734: Foundations of Privacy Course Review Anupam Datta CMU Fall 2017

  2. Personal Information is Everywhere

  3. Privacy and Fairness Problems Collection Inference Use Dissemination

  4. Organizing Questions • What is privacy? What is fairness? • From philosophical and legal conceptions to computer science and engineering • Inspiration from conceptions, but greater precision often through greater specificity • How can we protect privacy and fairness? • Beyond creating laws and institutions • Computational mechanisms

  5. An Organizing Viewpoint Privacy as a right to restrictions on personal information flow Dissemination Collection Inference Use

  6. Privacy enhancing technology adoption Some drivers • User/citizen trust • Ethics/culture • Internal team • Regulation • Public opinion

  7. Privacy Problems

  8. Module I: Privacy through Accountability Dissemination Collection Use

  9. Web Privacy: Online Tracking Collection 64 Independent tracking mechanisms on average on top-50 sites

  10. Healthcare Privacy Privacy Expectations Hospital Analyst Patient information Patient information Patient information Drug Company Patient Nurse Physician

  11. HIPAA Privacy Rule Use Dissemination A covered entity may disclose an individual’s protected health information (phi) to law-enforcement officials for the purpose of identifying an individual if the individual made a statement admitting participating in a violent crime that the covered entity believes may have caused serious physical harm to the victim

  12. Web Advertising Use Example privacy policies: • Not use detailed location (full IP address) for advertising • Not use health information for advertising

  13. Privacy Compliance for Bing Use Setting: • Auditor has access to source code

  14. Web Privacy: Advertising Use Ads Sensitive Information (e.g., race, health information) Google Confounding Inputs

  15. Module I: Privacy through Accountability • Formalize Privacy Policies • Precise semantics of privacy concepts (restrictions on personal information flow) • Enforce Privacy Policies • Accountability • Detect • Explain • Correct http://www.andrew.cmu.edu/user/danupam/privacy.html

  16. Module I: Learning Outcomes • Understanding of real-world privacy policies and laws • Methods for detecting privacy violations • Experience with audit tools for healthcare privacy • Experience with web tracking investigation tool

  17. Module II: Protecting Privacy and Fairness in Big Data Analytics Dissemination Collection Inference Use CMU

  18. Database Privacy Goals Database Government, marketers, researchers, … • Conflicting goals: • Provide useful information • Protect individual privacy • Health records • Census data • Web search records

  19. Inference CMU

  20. Inference CMU

  21. Privacy Solutions Collection Inference Dissemination

  22. Module II: Learning Outcomes • Understanding of pitfalls in anonymizing databases • Understanding of methods for releasing privacy-preserving statistics and their limitations • Understanding bias in machine learning and corrective measures • Understanding transparency (explanations) for decisions of machine learning systems CMU

  23. Module III: Cryptographic Mechanisms for Privacy Protection Collection

  24. Anonymous Communication

  25. Digital Cash ... IN: scriptSig ... scriptSig ... OUT: scriptPub A, 5.9 IN: scriptSig A OUT: scriptPubB, 5.0 scriptPubA, 0.9 ... IN: scriptSig A scriptSig A OUT: scriptPubC, 10.0 IN: scriptSig ... OUT: scriptPubA, 9.2 ... Slide credit: Joe Bonneau CMU

  26. Module III: Learning Outcomes • Understanding of cryptography behind • Anonymous communication • Anonymous cash (zero-knowledge)

  27. An Organizing Viewpoint Privacy as a right to restrictions on personal information flow Dissemination Collection Inference Use

  28. Privacy enhancing technology adoption Some drivers • User/citizen trust • Ethics/culture • Internal team • Regulation • Public opinion

  29. Thanks! Questions?

More Related