sen-material: handouts/ho07.tex@c913fe9bfd59 (annotated)

307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	1	\documentclass{article}
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	2	\usepackage{../style}
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	3
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	4	\begin{document}
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	5
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	6	\section*{Handout 7 (Privacy)}
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	7
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	8	The first motor car was invented around 1886. For ten years,
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	9	until 1896, the law in the UK and elsewhere required a person
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	10	to walk in front of any moving car waving a red flag. Cars
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	11	were such a novelty that most people did not know what to make
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	12	of them. The person with the red flag was intended to warn the
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	13	public, for example horse owners, about the impending
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	14	novelty---a car. In my humble opinion, we are at the same
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	15	stage of development with privacy. Nobody really knows what it
311 8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	16	is about or what it is good for. All seems very hazy. There
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	17	are a few laws (cookie law, right-to-be-forgotten) which
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	18	address problems with privacy, but even if they are well
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	19	intentioned, they either back-fire or are already obsolete
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	20	because of newer technologies. The result is that the world of
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	21	``privacy'' looks a little bit like the old Wild West.
309 b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	22
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	23	For example, UCAS, a charity set up to help students to apply
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	24	to universities, has a commercial unit that happily sells your
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	25	email addresses to anybody who forks out enough money in order
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	26	to be able to bombard you with spam. Yes, you can opt out very
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	27	often in such ``schemes'', but in case of UCAS any opt-out
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	28	will limit also legit emails you might actually be interested
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	29	in.\footnote{The main objectionable point, in my opinion, is
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	30	that the \emph{charity} everybody has to use for HE
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	31	applications has actually very honourable goals (e.g.~assist
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	32	applicants in gaining access to universities), but in their
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	33	small print (or better under the link ``About us'') reveals
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	34	they set up their organisation so that they can also
309 b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	35	shamelessly sell email addresses they ``harvest''. Everything
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	36	is of course very legal\ldots{}moral?\ldots{}well that is in
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	37	the eye of the beholder. See:
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	38
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	39	\url{http://www.ucas.com/about-us/inside-ucas/advertising-opportunities}
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	40	or
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	41	\url{http://www.theguardian.com/uk-news/2014/mar/12/ucas-sells-marketing-access-student-data-advertisers}}
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	42
311 8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	43	Another example: Verizon, an ISP who is supposed to provide
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	44	you just with connectivity, has found a ``nice'' side-business
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	45	too: When you have enabled all privacy guards in your browser
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	46	(the few you have at your disposal) Verizon happily adds a
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	47	kind of cookie to your
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	48	HTTP-requests.\footnote{\url{http://webpolicy.org/2014/10/24/how-verizons-advertising-header-works/}}
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	49	As shown in the picture below, this cookie will be sent to
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	50	every web-site you visit. The web-sites then can forward the
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	51	cookie to advertisers who in turn pay Verizon to tell them
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	52	everything they want to know about the person who just made
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	53	this request, that is you.
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	54
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	55	\begin{center}
311 8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	56	\includegraphics[scale=0.19]{../pics/verizon.png}
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	57	\end{center}
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	58
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	59	\noindent How disgusting? Even worse, Verizon is not known for
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	60	being the cheapest ISP on the planet (completely the
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	61	contrary), and also not known for providing the fastest
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	62	possible speeds, but rather for being among the few ISPs in
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	63	the US with a quasi-monopolistic ``market distribution''.
310 591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	64
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	65
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	66	Well, we could go on and on\ldots{}and that has not even
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	67	started us yet with all the naughty things NSA \& Friends are
311 8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	68	up to. Why does privacy actually matter? Nobody, I think, has
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	69	a conclusive answer to this question yet. Maybe the following
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	70	four notions help with clarifying the overall picture
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	71	somewhat:
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	72
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	73	\begin{itemize}
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	74	\item \textbf{Secrecy} is the mechanism used to limit the
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	75	number of principals with access to information (e.g.,
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	76	cryptography or access controls). For example I better
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	77	keep my password secret, otherwise people from the wrong
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	78	side of the law might impersonate me.
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	79
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	80	\item \textbf{Confidentiality} is the obligation to protect
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	81	the secrets of other people or organisations (secrecy
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	82	for the benefit of an organisation). For example as a
308 2a814c06ae03 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 307 diff changeset	83	staff member at King's I have access to data, even
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	84	private data, I am allowed to use in my work but not
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	85	allowed to disclose to anyone else.
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	86
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	87	\item \textbf{Anonymity} is the ability to leave no evidence of
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	88	an activity (e.g., sharing a secret). This is not equal
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	89	with privacy---anonymity is required in many
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	90	circumstances, for example for whistle-blowers,
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	91	voting, exam marking and so on.
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	92
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	93	\item \textbf{Privacy} is the ability or right to protect your
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	94	personal secrets (secrecy for the benefit of an
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	95	individual). For example, in a job interview, I might
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	96	not like to disclose that I am pregnant, if I were
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	97	a woman, or that I am a father. Similarly, I might not
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	98	like to disclose my location data, because thieves might
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	99	break into my house if they know I am away at work.
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	100	Privacy is essentially everything which `shouldn't be
309 b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	101	anybody's business'.
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	102
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	103	\end{itemize}
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	104
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	105	\noindent While this might provide us with some rough
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	106	definitions, the problem with privacy is that it is an
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	107	extremely fine line what should stay private and what should
310 591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	108	not. For example, since I am working in academia, I am every
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	109	so often very happy to be a digital exhibitionist: I am very
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	110	happy to disclose all `trivia' related to my work on my
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	111	personal web-page. This is a kind of bragging that is normal
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	112	in academia (at least in the field of CS), even expected if
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	113	you look for a job. I am even happy that Google maintains a
309 b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	114	profile about all my academic papers and their citations.
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	115
309 b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	116	On the other hand I would be very irritated if anybody I do
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	117	not know had a too close look on my private live---it
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	118	shouldn't be anybody's business. The reason is that knowledge
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	119	about my private life usually is used against me. As mentioned
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	120	above, public location data might mean I get robbed. If
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	121	supermarkets build a profile of my shopping habits, they will
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	122	use it to \emph{their} advantage---surely not to \emph{my}
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	123	advantage. Also whatever might be collected about my life will
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	124	always be an incomplete, or even misleading, picture---for
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	125	example I am sure my creditworthiness score was temporarily(?)
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	126	destroyed by not having a regular income in this country
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	127	(before coming to King's I worked in Munich for five years).
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	128	To correct such incomplete or flawed credit history data there
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	129	is, since recently, a law that allows you to check what
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	130	information is held about you for determining your
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	131	creditworthiness. But this concerns only a very small part of
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	132	the data that is held about me/you.
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	133
311 8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	134	To see how private matter can lead really to the wrong
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	135	conclusions, take the example of Stephen Hawking: When he was
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	136	diagnosed with his disease, he was given a life expectancy of
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	137	two years. If employers would know about such problems, would
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	138	they have employed Hawking? Now, he is enjoying his 70+
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	139	birthday. Clearly personal medical data needs to stay private.
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	140	A movie which has this topic as its main focus is Gattaca from
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	141	1997.\footnote{\url{http://www.imdb.com/title/tt0119177/}}
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	142
310 591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	143
309 b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	144	To cut a long story short, I let you ponder about the two
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	145	statements that often voiced in discussions about privacy:
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	146
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	147	\begin{itemize}
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	148	\item \textit{``You have zero privacy anyway. Get over it.''}\\
309 b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	149	\mbox{}\hfill{}{\small{}by Scott Mcnealy (CEO of Sun)}
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	150
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	151	\item \textit{``If you have nothing to hide, you have nothing
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	152	to fear.''}
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	153	\end{itemize}
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	154
311 8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	155	\noindent If you want to read up further on this topic, I can
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	156	recommend the following article that appeared in 2011 in the
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	157	Chronicle of Higher Education
309 b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	158
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	159	\begin{center}
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	160	\url{http://chronicle.com/article/Why-Privacy-Matters-Even-if/127461/}
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	161	\end{center}
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	162
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	163	\noindent Funnily, or maybe not so funnily, the author of this
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	164	article carefully tries to construct an argument that does not
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	165	only attack the nothing-to-hide statement in cases where
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	166	governments \& Co collect people's deepest secrets, or
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	167	pictures of people's naked bodies, but an argument that
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	168	applies also in cases where governments ``only'' collect data
310 591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	169	relevant to, say, preventing terrorism. The fun is of course
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	170	that in 2011 we could just not imagine that respected
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	171	governments would do such infantile things as intercepting
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	172	people's nude photos. Well, since Snowden we know some people
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	173	at the NSA did exactly that and then shared such photos among
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	174	colleagues as ``fringe benefit''.
309 b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	175
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	176
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	177	\subsubsection*{Re-Identification Attacks}
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	178
310 591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	179	Apart from philosophical musings, there are fortunately also
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	180	some real technical problems with privacy. The problem I want
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	181	to focus on in this handout is how to safely disclose datasets
311 8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	182	containing very potentially private data, say health data. What can
310 591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	183	go wrong with such disclosures can be illustrated with four
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	184	well-known examples:
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	185
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	186	\begin{itemize}
309 b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	187	\item In 2006, a then young company called Netflix offered a 1
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	188	Mio \$ prize to anybody who could improve their movie
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	189	rating algorithm. For this they disclosed a dataset
309 b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	190	containing 10\% of all Netflix users at the time
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	191	(appr.~500K). They removed names, but included numerical
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	192	ratings of movies as well as times of ratings. Though
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	193	some information was perturbed (i.e., slightly
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	194	modified).
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	195
309 b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	196	Two researchers had a closer look at this anonymised
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	197	data and compared it with public data available from the
311 8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	198	International Movie Database (IMDb). They found that
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	199	98\% of the entries could be re-identified in the
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	200	Netflix dataset: either by their ratings or by the dates
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	201	the ratings were uploaded. The result was a class-action
309 b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	202	suit against Netflix, which was only recently resolved
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	203	involving a lot of money.
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	204
310 591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	205	\item In the 1990ies, medical datasets were often made public
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	206	for research purposes. This was done in anonymised form
311 8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	207	with names removed, but birth dates, gender and ZIP-code
310 591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	208	were retained. In one case where such data about
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	209	hospital visits of state employees in Massachusetts was
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	210	made public, the then governor assured the public that
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	211	the released dataset protected patient privacy by
311 8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	212	deleting identifiers.
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	213
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	214	A graduate student could not resist cross-referencing
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	215	public voter data with the released data including birth
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	216	dates, gender and ZIP-code. The result was that she
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	217	could send the governor his own hospital record. It
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	218	turns out that birth dates, gender and ZIP-code uniquely
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	219	identify 87\% of people in the US. This work resulted
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	220	in a number of laws prescribing which private data
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	221	cannot be released in such datasets.
309 b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	222
b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	223	\item In 2006, AOL published 20 million Web search queries
310 591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	224	collected from 650,000 users (names had been deleted).
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	225	This was again done for research purposes. However,
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	226	within days an old lady, Thelma Arnold, from Lilburn,
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	227	Georgia, (11,596 inhabitants) was identified as user
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	228	No.~4417749 in this dataset. It turned out that search
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	229	engine queries are deep windows into people's private
591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	230	lives.
309 b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	231
311 8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	232	\item Genome-Wide Association Studies (GWAS) was a public
309 b1ba3d88696e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 308 diff changeset	233	database of gene-frequency studies linked to diseases.
311 8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	234	It would essentially record that people who have a
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	235	disease, say diabetes, have also these genes. In order
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	236	to maintain privacy, the dataset would only include
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	237	aggregate information. In case of DNA data this was
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	238	achieved by mixing the DNA of many individuals (having
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	239	a disease) into a single solution. Then this mixture
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	240	was sequenced and included in the dataset. The idea
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	241	was that the agregate information would still be helpful
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	242	to researchers, but would protect the DNA data of
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	243	individuals.
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	244
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	245	In 2007 a forensic computer scientist showed that
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	246	individuals can be still identified. For this he used
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	247	the DNA data from a comparison group (people from the
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	248	general public) and ``subtracted'' this data from the
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	249	published data. He was left with data that included
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	250	all ``special'' DNA-markers of the individuals
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	251	present in the original mixture. He essentially deleted
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	252	the ``background noise''. Now the problem with
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	253	DNA data is that it is of such a high resolution that
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	254	even if the mixture contained maybe 100 individuals,
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	255	you can now detect whether an individual was included
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	256	in the mixture or not.
310 591b62e1f86a updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 309 diff changeset	257
311 8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	258	This result changed completely how DNA data is nowadays
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	259	published for research purposes. After the success of
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	260	the human-genome project with a very open culture of
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	261	exchanging data, it became much more difficult to
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	262	anonymise datasuch that patient's privacy is preserved.
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	263	The public GWAS database was taken offline in 2008.
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	264
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	265	\end{itemize}
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	266
311 8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	267	\noindent There are many lessons that can be learned from
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	268	these examples. One is that when making data public in
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	269	anonymised form you want to achieve \emph{forward privacy}.
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	270	This means, no matter of what other data that is also available
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	271	or will be released later, the data does not compromise
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	272	an individual's privacy. This principle was violated by the
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	273	data in the Netflix and governor of Massachusetts cases. There
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	274	additional data allowed one to re-identify individuals in the
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	275	dataset. In case of GWAS a new technique of re-identification
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	276	compromised the privacy of people on the list.
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	277	The case of the AOL dataset shows clearly how incomplete such
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	278	data can be: Although the queries uniquely identified the
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	279	old lady, she also looked up diseases that her friends had,
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	280	which had nothing to do with her. Any rational analysis of her
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	281	query data must have concluded, the lady is on her deathbed,
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	282	while she was actually very much alive and kicking.
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	283
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	284	\subsubsection*{Differential Privacy}
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	285
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	286	Differential privacy is one of the few methods, that tries to
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	287	achieve forward privacy with large datasets. The basic idea
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	288	is to add appropriate noise, or errors, to any query of the
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	289	dataset. The intention is to make the result of a query
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	290	insensitive to individual entries in the database. The hope is
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	291	that the added error does not eliminate the ``signal'' one is
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	292	looking for by querying the dataset.
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	293
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	294
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	295
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	296	\begin{center}
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	297	User\;\;\;\;
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	298	\begin{tabular}{c}
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	299	tell me $f(x)$ $\Rightarrow$\\
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	300	$\Leftarrow$ $f(x) + \text{noise}$
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	301	\end{tabular}
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	302	\;\;\;\;\begin{tabular}{@{}c}
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	303	Database\\
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	304	$x_1, \ldots, x_n$
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	305	\end{tabular}
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	306	\end{center}
8befc029ca1e updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 310 diff changeset	307
312 c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	308	\subsubsection*{Further Reading}
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	309
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	310	A readable article about how supermarkets mine your shopping
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	311	habits (especially how they prey on young exhausted families
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	312	;o) appeared in 2012 in a New York Times article.
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	313
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	314	\begin{center}
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	315	\url{http://www.nytimes.com/2012/02/19/magazine/shopping-habits.html}
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	316	\end{center}
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	317
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	318	\noindent An article that analyses privacy and shopping habits
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	319	from a more economic point is available from:
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	320
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	321	\begin{center}
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	322	\url{http://www.dtc.umn.edu/~odlyzko/doc/privacy.economics.pdf}
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	323	\end{center}
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	324
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	325	\noindent An attempt to untangle the web of current technology
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	326	for spying on consumers is published in:
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	327
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	328	\begin{center}
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	329	\url{http://cyberlaw.stanford.edu/files/publication/files/trackingsurvey12.pdf}
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	330	\end{center}
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	331
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	332	\noindent An article that sheds light on the paradox that
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	333	people usually worry about privacy invasions of little
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	334	significance, and overlook that might cause significant
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	335	damage:
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	336
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	337	\begin{center}
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	338	\url{http://www.heinz.cmu.edu/~acquisti/papers/Acquisti-Grossklags-Chapter-Etrics.pdf}
c913fe9bfd59 updated Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 311 diff changeset	339	\end{center}
307 98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	340
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	341	\end{document}
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	342
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	343	http://randomwalker.info/teaching/fall-2012-privacy-technologies/?
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	344	http://chronicle.com/article/Why-Privacy-Matters-Even-if/127461/
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	345	http://repository.cmu.edu/cgi/viewcontent.cgi?article=1077&context=hcii
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	346	https://josephhall.org/papers/NYU-MCC-1303-S2012_privacy_syllabus.pdf
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	347	%%% Local Variables:
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	348	%%% mode: latex
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	349	%%% TeX-master: t
98ee5f760a8c added hw 7 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: diff changeset	350	%%% End:

author	Christian Urban <christian dot urban at kcl dot ac dot uk>
	Fri, 14 Nov 2014 14:03:15 +0000
changeset 312	c913fe9bfd59
parent 311	8befc029ca1e
child 313	1d243ac51078
permissions	-rw-r--r--