\documentclass{article}
\usepackage{../style}

\begin{document}

\section*{Handout 7 (Privacy)}

The first motor car was invented around 1886. For ten years,
until 1896, the law in the UK and elsewhere required a person
to walk in front of any moving car waving a red flag. Cars
were such a novelty that most people did not know what to make
of them. The person with the red flag was intended to warn the
public, for example horse owners, about the impending
novelty---a car. In my humble opinion, we are at the same
stage of development with privacy. Nobody really knows what it
is about or what it is good for. All seems very hazy. The
result is that the world of ``privacy'' looks a little bit
like the old Wild West. For example, UCAS, a charity set up to
help students apply to universities, has a commercial unit
that happily sells your email addresses to anybody who forks
out enough money in order to bombard you with spam. Yes, you
can opt out very often, but in case of UCAS any opt-out will
limit also legit emails you might actually be interested
in.\footnote{The main objectionable point, in my opinion, is
that the \emph{charity} everybody has to use for HE
applications has actually very honourable goals (e.g.~assist
applicants in gaining access to universities), but in their
small print (or better under the link ``About us'') reveals
they set up their organisation so that they can also
shamelessly sell email addresses the ``harvest''. Everything
is of course very legal\ldots{}moral?\ldots{}well that is in
the eye of the beholder. See:

\url{http://www.ucas.com/about-us/inside-ucas/advertising-opportunities} 
or
\url{http://www.theguardian.com/uk-news/2014/mar/12/ucas-sells-marketing-access-student-data-advertisers}}

Verizon, an ISP who provides you with connectivity, has found
a ``nice'' side-business too: When you have enabled all
privacy guards in your browser, the few you have at your
disosal, Verizon happily adds a kind of cookie to your
HTTP-requests.\footnote{\url{http://webpolicy.org/2014/10/24/how-verizons-advertising-header-works/}}
As shown in the picture below, this cookie will be sent to
every web-site you visit. The web-sites then can forward the
cookie to advertisers who in turn pay Verizon to tell them
everything they want to know about the person who just made
this request, that is you.
 
\begin{center}
\includegraphics[scale=0.21]{../pics/verizon.png}
\end{center}

\noindent How disgusting? Even worse, Verizon is not known for
being the cheapest ISP on the planet (completely the
contrary), and also not known for providing the fastest
possible speeds, but rather for being among the few ISPs in
the US with a quasi-monopolistic ``market distribution''.
Well, we could go on and on\ldots{}and that has not even
started us yet with all the naughty things NSA \& Friends are
up to. 

Why does privacy matter? Nobody, I think, has a conclusive
answer to this question. Maybe the following four notions
clarify the picture somewhat: 

\begin{itemize}
\item \textbf{Secrecy} is the mechanism used to limit the
      number of principals with access to information (e.g.,
      cryptography or access controls). For example I better
      keep my password secret, otherwise people from the wrong
      side of the law might impersonate me.

\item \textbf{Confidentiality} is the obligation to protect
      the secrets of other people or organisations (secrecy
      for the benefit of an organisation). For example as a
      staff membee at King's I have access to data, even
      private data, I am allowed to use in my work but not
      allowed to disclose to anyone else.

\item \textbf{Anonymity} is the ability to leave no evidence of
      an activity (e.g., sharing a secret). This is not equal
        with privacy---anonymity is required in many 
        circumstances, for example for whistle-blowers, 
        voting, exam marking and so on.

\item \textbf{Privacy} is the ability or right to protect your
      personal secrets (secrecy for the benefit of an
      individual). For example, in a job interview, I might
      not like to disclose that I am pregnant, if I were
      a woman, or that I am a father. Similarly, I might not
      like to disclose my location data, because thieves might
      break into my house if they know I am away at work. 
      Privacy is essentially everything which `shouldn't be
      anybodies business'.

\end{itemize}

\noindent While this might provide us with some rough
definitions, the problem with privacy is that it is an
extremely fine line what should stay private and what should
not. For example, since I am working in academia, I am very
happy to be essentially a digital exhibitionist: I am happy to
disclose all `trivia' related to my work on my personal
web-page. This is a kind of bragging that is normal in
academia (at least in the CS field). I am even happy that
Google maintains a profile about all of my academic papers and
their citations. 

On the other hand I would be very peeved if anybody had a too
close look on my private live---it shouldn'd be anybodies
business. The reason is that knowledge about my private life
usually is used against me. As mentioned above, public
location data might mean I get robbed. If supermarkets build a
profile of my shopping habits, they will use it to
\emph{their} advantage---surely not to \emph{my} advantage.
Also whatever might be collected about my life will always be
an incomplete, or even misleading, picture---I am sure my
creditworthiness score was temporarily(?) destroyed by not
having a regular income in this country (before coming to
King's I worked in Munich). To correct such incomplete or
flawed data there is, since recently, a law that allows you to
check what information is held about you for determining your
creditworthiness. But this concerns only a very small part of
the data that is held about me/you.

This is an endless field. I let you ponder about the two
statements that are often float about in discussions about
privacy:

\begin{itemize}
\item \textit{``You have zero privacy anyway. Get over it.''}\\
\mbox{}\hfill{}Scott Mcnealy (CEO of Sun)

\item \textit{``If you have nothing to hide, you have nothing 
to fear.''}
\end{itemize}
 
\noindent There are some technical problems that are easier to
discuss and that often have privacy implications. The problem
I want to focus on is how to safely disclose datasets. What
can go wrong with this can be illustrated with three examples:

\begin{itemize}
\item In 2006 a then young company called Netflix offered a 1
      Mio \$ prize to anybody who could improve their movie
      rating algorithm. For this they disclosed a dataset
      containing 10\% of all Netflix users (appr.~500K). They
      removed names, but included numerical ratings as well as
      times of ratings. Though some information was perturbed
      (i.e., slightly modified).
      
      Two researchers took that data and compared it with
      public data available from the International Movie
      Database (IMDb). They found that 98 \% of the entries
      could be re-identified: either by their ratings or by
      the dates the ratings were uploaded. 

\item In the 1990, medical databases were routinely made
      publicised for research purposes. This was done in
      anonymised form with names removed, but birth dates,
      gender, ZIP-code were retained.
      
\end{itemize}


\end{document}

http://randomwalker.info/teaching/fall-2012-privacy-technologies/?
http://chronicle.com/article/Why-Privacy-Matters-Even-if/127461/
http://repository.cmu.edu/cgi/viewcontent.cgi?article=1077&context=hcii
https://josephhall.org/papers/NYU-MCC-1303-S2012_privacy_syllabus.pdf
%%% Local Variables: 
%%% mode: latex
%%% TeX-master: t
%%% End: