Clouded data: Privacy and the promise of encryption

Personal data is highly vulnerable to security exploits, spurring moves to lock it down through encryption, to cryptographically ‘cloud’ it. But personal data is also highly valuable to corporations and states, triggering moves to unlock its insights by relocating it in the cloud. We characterise this twinned condition as ‘clouded data’. Clouded data constructs a political and technological notion of privacy that operates through the intersection of corporate power, computational resources and the ability to obfuscate, gain insights from and valorise a dependency between public and private. First, we survey prominent clouded data approaches (blockchain, multiparty computation, differential privacy, and homomorphic encryption), suggesting their particular affordances produce distinctive versions of privacy. Next, we perform two notional code-based experiments using synthetic datasets. In the field of health, we submit a patient’s blood pressure to a notional cloud-based diagnostics service; in education, we construct a student survey that enables aggregate reporting without individual identification. We argue that these technical affordances legitimate new political claims to capture and commodify personal data. The final section broadens the discussion to consider the political force of clouded data and its reconstitution of traditional notions such as the public and the private.

Download Full-text

Study on the Technical Evaluation of De-Identification Procedures for Personal Data in the Automotive Sector

10.21248/gups.63413 ◽

2021 ◽

Author(s):

Kai Rannenberg ◽

Sebastian Pape ◽

Frédéric Tronnier ◽

Sascha Löbner

Keyword(s):

Data Privacy ◽

Differential Privacy ◽

Homomorphic Encryption ◽

Personal Data ◽

Legal Aspects ◽

Use Cases ◽

Use Case ◽

User Privacy ◽

External Data ◽

Identification Techniques

The aim of this study was to identify and evaluate different de-identification techniques that may be used in several mobility-related use cases. To do so, four use cases have been defined in accordance with a project partner that focused on the legal aspects of this project, as well as with the VDA/FAT working group. Each use case aims to create different legal and technical issues with regards to the data and information that are to be gathered, used and transferred in the specific scenario. Use cases should therefore differ in the type and frequency of data that is gathered as well as the level of privacy and the speed of computation that is needed for the data. Upon identifying use cases, a systematic literature review has been performed to identify suitable de-identification techniques to provide data privacy. Additionally, external databases have been considered as data that is expected to be anonymous might be reidentified through the combination of existing data with such external data. For each case, requirements and possible attack scenarios were created to illustrate where exactly privacy-related issues could occur and how exactly such issues could impact data subjects, data processors or data controllers. Suitable de-identification techniques should be able to withstand these attack scenarios. Based on a series of additional criteria, de-identification techniques are then analyzed for each use case. Possible solutions are then discussed individually in chapters 6.1 - 6.2. It is evident that no one-size-fits-all approach to protect privacy in the mobility domain exists. While all techniques that are analyzed in detail in this report, e.g., homomorphic encryption, differential privacy, secure multiparty computation and federated learning, are able to successfully protect user privacy in certain instances, their overall effectiveness differs depending on the specifics of each use case.

Download Full-text

Achieving Incentive, Security, and Scalable Privacy Protection in Mobile Crowdsensing Services

Wireless Communications and Mobile Computing ◽

10.1155/2018/8959635 ◽

2018 ◽

Vol 2018 ◽

pp. 1-12 ◽

Cited By ~ 11

Author(s):

Jinbo Xiong ◽

Rong Ma ◽

Lei Chen ◽

Youliang Tian ◽

Li Lin ◽

...

Keyword(s):

Data Privacy ◽

Differential Privacy ◽

Homomorphic Encryption ◽

Security Analysis ◽

Mobile Crowdsensing ◽

Sensing Data ◽

Noise Data ◽

And Performance ◽

Further Development ◽

The Internet Of Things

Mobile crowdsensing as a novel service schema of the Internet of Things (IoT) provides an innovative way to implement ubiquitous social sensing. How to establish an effective mechanism to improve the participation of sensing users and the authenticity of sensing data, protect the users’ data privacy, and prevent malicious users from providing false data are among the urgent problems in mobile crowdsensing services in IoT. These issues raise a gargantuan challenge hindering the further development of mobile crowdsensing. In order to tackle the above issues, in this paper, we propose a reliable hybrid incentive mechanism for enhancing crowdsensing participations by encouraging and stimulating sensing users with both reputation and service returns in mobile crowdsensing tasks. Moreover, we propose a privacy preserving data aggregation scheme, where the mediator and/or sensing users may not be fully trusted. In this scheme, differential privacy mechanism is utilized through allowing different sensing users to add noise data, then employing homomorphic encryption for protecting the sensing data, and finally uploading ciphertext to the mediator, who is able to obtain the collection of ciphertext of the sensing data without actual decryption. Even in the case of partial sensing data leakage, differential privacy mechanism can still ensure the security of the sensing user’s privacy. Finally, we introduce a novel secure multiparty auction mechanism based on the auction game theory and secure multiparty computation, which effectively solves the problem of prisoners’ dilemma incurred in the sensing data transaction between the service provider and mediator. Security analysis and performance evaluation demonstrate that the proposed scheme is secure and efficient.

Download Full-text

CAP-A: A Suite of Tools for Data Privacy Evaluation of Mobile Applications

Frontiers in Artificial Intelligence and Applications - Legal Knowledge and Information Systems ◽

10.3233/faia200881 ◽

2020 ◽

Author(s):

Ioannis Chrysakis ◽

Giorgos Flouris ◽

George Ioannidis ◽

Maria Makridaki ◽

Theodore Patkos ◽

...

Keyword(s):

Mobile Applications ◽

Data Privacy ◽

Mobile Apps ◽

Personal Data ◽

Policy Makers ◽

Policy Documents ◽

The Public

The utilisation of personal data by mobile apps is often hidden behind vague Privacy Policy documents, which are typically lengthy, difficult to read (containing legal terms and definitions) and frequently changing. This paper discusses a suite of tools developed in the context of the CAP-A project, aiming to harness the collective power of users to improve their privacy awareness and to promote privacy-friendly behaviour by mobile apps. Through crowdsourcing techniques, users can evaluate the privacy friendliness of apps, annotate and understand Privacy Policy documents, and help other users become aware of privacy-related aspects of mobile apps and their implications, whereas developers and policy makers can identify trends and the general stance of the public in privacy-related matters. The tools are available for public use in: https://cap-a.eu/tools/.

Download Full-text

Demarcation of the public and private in the interaction of the state and citizens on digital network platforms

Digital sociology ◽

10.26425/2658-347x-2021-4-3-16-26 ◽

2021 ◽

Vol 4 (3) ◽

pp. 16-26

Author(s):

V. V. Zotov

Keyword(s):

Personal Information ◽

Personal Data ◽

The State ◽

Sociological Study ◽

Negative Experience ◽

Public And Private ◽

Digital Platforms ◽

The Public ◽

Digital Network ◽

Private And Public

Digital network platforms are built on sociotechnical interaction between actors and actors. The creation and development of new public services based on digital platforms inevitably leads to the transformation of the relationship between the state and citizens. The attractiveness of state digital platforms for citizens increases when resolving the contradiction between the possibilities of new forms of social interaction and the threat of misuse of personal data, the risk of harm or persecution.The article presents the results of the analysis of the boundaries of the public and private in the interaction of the state with citizens on digital network platforms. The research method is a comparative analysis, which is based on the dichotomy of public and private, reflected in the concept of private and public X. Arendt, concepts of the public sphere J. Habermas, regulatory and legal concepts of privacy by R. Gavison. The empirical base was made up of a sociological study conducted to obtain information about the boundaries of privacy and publicity of personal data in the digital network space (n = 1 000 among the population over 18 years old living in metropolitan megacities and median regions by the level of informatization, 2020) and the results of Kaspersky Lab surveys conducted in 2019–2020.The conducted research allows us to assert that almost 2/3 of citizens have faced the misuse of confidential information on the Internet. Most of the respondents are aware that websites, social networks and search engines can collect data for web analytics. At the same time, citizens consider it possible to transfer personal data to the authorities in a generalized form for making managerial decisions. Half of the surveyed population does not object to the implementation of digital control over the actions and movements of citizens. Thus, despite the existing negative experience, it is unlikely that there will be any obvious resistance to organizing the collection of personal information on digital network platforms.

Download Full-text

Notches on the dial: a call to action to develop plain language communication with the public about users and uses of health data

International Journal for Population Data Science ◽

10.23889/ijpds.v4i1.1106 ◽

2019 ◽

Vol 4 (1) ◽

Cited By ~ 1

Author(s):

P Alison Paprica ◽

Kimberlyn McGrail ◽

Michael J Schull

Keyword(s):

Data Science ◽

Personal Data ◽

Population Data ◽

Plain Language ◽

Public And Private ◽

The Public ◽

News Stories ◽

Related Data ◽

Language Communication ◽

Public And Private Sector

Population data science [1] researchers are not alone in recognizing the value of health and health-related data. In the era of big data, and with advent of machine learning and other artificial intelligence methods, organizations around the world are actively working to turn data into knowledge, and, in some cases, profit. The media and members of the public have taken notice, with high profile news stories about data breaches and privacy concerns [2-4] alongside some stories that call for increased use of data [5,6]. In response, public and private sector data-holding organizations and jurisdictions are turning their attention to policies, processes and regulations intended to ensure that personal data are used in ways that that the public supports. In some cases, these efforts include involving “publics” in decisions about data, such as using patient and lay person advice and other inputs to help shape policies [7-10].

Download Full-text

Liquid Communication in Mobile Devices

Analyzing Digital Discourse and Human Behavior in Modern Virtual Environments - Advances in Human and Social Aspects of Technology ◽

10.4018/978-1-4666-9899-4.ch011 ◽

2016 ◽

pp. 196-219

Author(s):

Ana Serrano Tellería

Keyword(s):

Social Media ◽

Nervous System ◽

Content Analysis ◽

Mobile Communication ◽

Mobile Communications ◽

Personal Data ◽

Special Focus ◽

Public And Private ◽

The Public ◽

Qualitative Methodologies

Mobile communication and devices have raised a series of challenges concerning the delimitation of public and private, intimate and personal spheres. Specifically, and because of its close connection to the nervous system and emotions, these devices allow a wide variety of affordances while, and in accordance to the broad scope of previous dimensions, a series of worrying risks – because of the same relationship and interdependence between users' rational and sensorial sides. Thus, an international state of the art review will be discussed and the results and conclusions of the ‘Public and Private in Mobile Communications' European FEDER will be offered. A range of quantitative and qualitative methodologies were applied: surveys about general use and habits, personal data and images; focus groups; interviews in person and by telephone; content analysis with a special focus on social media and an observation ethnography and digital ethnography.

Download Full-text

Data confidentiality and computations hiding in cloud services for public administration

Computer Science and Mathematical Modelling ◽

10.5604/01.3001.0012.2001 ◽

2018 ◽

Vol 0 (7/2018) ◽

pp. 11-18

Author(s):

Aleksandra Horubała ◽

Daniel Waszkiewicz ◽

Michał Andrzejczak ◽

Piotr Sapiecha

Keyword(s):

Public Administration ◽

Data Privacy ◽

Homomorphic Encryption ◽

Personal Data ◽

Cloud Services ◽

Security And Privacy ◽

Data Confidentiality ◽

Encryption Schemes

Cloud services are gaining interest and are very interesting option for public administration. Although, there is a lot of concern about security and privacy of storing personal data in cloud. In this work mathematical tools for securing data and hiding computations are presented. Data privacy is obtained by using homomorphic encryption schemes. Computation hiding is done by algorithm cryptographic obfuscation. Both primitives are presented and their application for public administration is discussed.

Download Full-text

Logistic Regression on Homomorphic Encrypted Data at Scale

Proceedings of the AAAI Conference on Artificial Intelligence ◽

10.1609/aaai.v33i01.33019466 ◽

2019 ◽

Vol 33 ◽

pp. 9466-9471 ◽

Cited By ~ 2

Author(s):

Kyoohyung Han ◽

Seungwan Hong ◽

Jung Hee Cheon ◽

Daejun Park

Keyword(s):

Logistic Regression ◽

Data Privacy ◽

Homomorphic Encryption ◽

Training Data ◽

Sensitive Data ◽

Encrypted Data ◽

The Public ◽

Private Data ◽

First Time ◽

Practical Feasibility

Machine learning on (homomorphic) encrypted data is a cryptographic method for analyzing private and/or sensitive data while keeping privacy. In the training phase, it takes as input an encrypted training data and outputs an encrypted model without ever decrypting. In the prediction phase, it uses the encrypted model to predict results on new encrypted data. In each phase, no decryption key is needed, and thus the data privacy is ultimately guaranteed. It has many applications in various areas such as finance, education, genomics, and medical field that have sensitive private data. While several studies have been reported on the prediction phase, few studies have been conducted on the training phase.In this paper, we present an efficient algorithm for logistic regression on homomorphic encrypted data, and evaluate our algorithm on real financial data consisting of 422,108 samples over 200 features. Our experiment shows that an encrypted model with a sufficient Kolmogorov Smirnow statistic value can be obtained in ∼17 hours in a single machine. We also evaluate our algorithm on the public MNIST dataset, and it takes ∼2 hours to learn an encrypted model with 96.4% accuracy. Considering the inefficiency of homomorphic encryption, our result is encouraging and demonstrates the practical feasibility of the logistic regression training on large encrypted data, for the first time to the best of our knowledge.

Download Full-text

Increasing resilience via the use of personal data: Lessons from COVID-19 dashboards on data governance for the public good

Data & Policy ◽

10.1017/dap.2021.27 ◽

2021 ◽

Vol 3 ◽

Author(s):

Veronica Qin Ting Li ◽

Masaru Yarime

Keyword(s):

Public Health ◽

Hong Kong ◽

Data Privacy ◽

Research Question ◽

Personal Data ◽

Structured Interviews ◽

Data Governance ◽

Health Crisis ◽

The Public ◽

Trade Offs

Abstract Contemporary data tools such as online dashboards have been instrumental in monitoring the spread of the COVID-19 pandemic. These real-time interactive platforms allow citizens to understand the local, regional, and global spread of COVID-19 in a consolidated and intuitive manner. Despite this, little research has been conducted on how citizens respond to the data on the dashboards in terms of the pandemic and data governance issues such as privacy. In this paper, we seek to answer the research question: how can governments use data tools, such as dashboards, to balance the trade-offs between safeguarding public health and protecting data privacy during a public health crisis? This study used surveys and semi-structured interviews to understand the perspectives of the developers and users of COVID-19 dashboards in Hong Kong. A typology was also developed to assess how Hong Kong’s dashboards navigated trade-offs between data disclosure and privacy at a time of crisis compared to dashboards in other jurisdictions. Results reveal that two key factors were present in the design and improvement of COVID-19 dashboards in Hong Kong: informed actions based on open COVID-19 case data, and significant public trust built on data transparency. Finally, this study argues that norms surrounding reporting on COVID-19 cases, as well as cases for future pandemics, should be co-constructed among citizens and governments so that policies founded on such norms can be acknowledged as salient, credible, and legitimate.

Download Full-text

Differential Privacy in Practice: Expose your Epsilons!

Journal of Privacy and Confidentiality ◽

10.29012/jpc.689 ◽

2019 ◽

Vol 9 (2) ◽

Cited By ~ 1

Author(s):

Cynthia Dwork ◽

Nitin Kohli ◽

Deirdre Mulligan

Keyword(s):

Turning Point ◽

Differential Privacy ◽

Personal Data ◽

Private Industry ◽

Worst Case ◽

The Public ◽

Data Intensive ◽

Body Of Knowledge ◽

Optimal Value ◽

First Time

Differential privacy is at a turning point. Implementations have been successfully leveraged in private industry, the public sector, and academia in a wide variety of applications, allowing scientists, engineers, and researchers the ability to learn about populations of interest without specifically learning about these individuals. Because differential privacy allows us to quantify cumulative privacy loss, these differentially private systems will, for the first time, allow us to measure and compare the total privacy loss due to these personal data-intensive activities. Appropriately leveraged, this could be a watershed moment for privacy. Like other technologies and techniques that allow for a range of instantiations, implementation details matter. When meaningfully implemented, differential privacy supports deep data-driven insights with minimal worst-case privacy loss. When not meaningfully implemented, differential privacy delivers privacy mostly in name. Using differential privacy to maximize learning while providing a meaningful degree of privacy requires judicious choices with respect to the privacy parameter epsilon, among other factors. However, there is little understanding of what is the optimal value of epsilon for a given system or classes of systems/purposes/data etc. or how to go about figuring it out. To understand current differential privacy implementations and how organizations make these key choices in practice, we conducted interviews with practitioners to learn from their experiences of implementing differential privacy. We found no clear consensus on how to choose epsilon, nor is there agreement on how to approach this and other key implementation decisions. Given the importance of these implementation details there is a need for shared learning amongst the differential privacy community. To serve these purposes, we propose the creation of the Epsilon Registry—a publicly available communal body of knowledge about differential privacy implementations that can be used by various stakeholders to drive the identification and adoption of judicious differentially private implementations.

Download Full-text