Binary file handouts/ho07.pdf has changed

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/handouts/ho07.tex	Thu Nov 13 18:48:34 2014 +0000
@@ -0,0 +1,175 @@
+\documentclass{article}
+\usepackage{../style}
+
+\begin{document}
+
+\section*{Handout 7 (Privacy)}
+
+The first motor car was invented around 1886. For ten years,
+until 1896, the law in the UK and elsewhere required a person
+to walk in front of any moving car waving a red flag. Cars
+were such a novelty that most people did not know what to make
+of them. The person with the red flag was intended to warn the
+public, for example horse owners, about the impending
+novelty---a car. In my humble opinion, we are at the same
+stage of development with privacy. Nobody really knows what it
+is about or what it is good for. All seems very hazy. The
+result is that the world of ``privacy'' looks a little bit
+like the old Wild West. For example, UCAS, a charity set up to
+help students apply to universities, has a commercial unit
+that happily sells your email addresses to anybody who forks
+out enough money in order to bombard you with spam. Yes, you
+can opt out very often, but in case of UCAS any opt-out will
+limit also legit emails you might actually be interested
+in.\footnote{The main objectionable point, in my opinion, is
+that the \emph{charity} everybody has to use for HE
+applications has actually very honourable goals (e.g.~assist
+applicants in gaining access to universities), but in their
+small print (or better under the link ``About us'') reveals
+they set up their organisation so that they can also
+shamelessly sell email addresses the ``harvest''. Everything
+is of course very legal\ldots{}moral?\ldots{}well that is in
+the eye of the beholder. See:
+
+\url{http://www.ucas.com/about-us/inside-ucas/advertising-opportunities} 
+or
+\url{http://www.theguardian.com/uk-news/2014/mar/12/ucas-sells-marketing-access-student-data-advertisers}}
+
+Verizon, an ISP who provides you with connectivity, has found
+a ``nice'' side-business too: When you have enabled all
+privacy guards in your browser, the few you have at your
+disosal, Verizon happily adds a kind of cookie to your
+HTTP-requests.\footnote{\url{http://webpolicy.org/2014/10/24/how-verizons-advertising-header-works/}}
+As shown in the picture below, this cookie will be sent to
+every web-site you visit. The web-sites then can forward the
+cookie to advertisers who in turn pay Verizon to tell them
+everything they want to know about the person who just made
+this request, that is you.
+ 
+\begin{center}
+\includegraphics[scale=0.21]{../pics/verizon.png}
+\end{center}
+
+\noindent How disgusting? Even worse, Verizon is not known for
+being the cheapest ISP on the planet (completely the
+contrary), and also not known for providing the fastest
+possible speeds, but rather for being among the few ISPs in
+the US with a quasi-monopolistic ``market distribution''.
+Well, we could go on and on\ldots{}and that has not even
+started us yet with all the naughty things NSA \& Friends are
+up to. 
+
+Why does privacy matter? Nobody, I think, has a conclusive
+answer to this question. Maybe the following four notions
+clarify the picture somewhat: 
+
+\begin{itemize}
+\item \textbf{Secrecy} is the mechanism used to limit the
+      number of principals with access to information (e.g.,
+      cryptography or access controls). For example I better
+      keep my password secret, otherwise people from the wrong
+      side of the law might impersonate me.
+
+\item \textbf{Confidentiality} is the obligation to protect
+      the secrets of other people or organisations (secrecy
+      for the benefit of an organisation). For example as a
+      staff membee at King's I have access to data, even
+      private data, I am allowed to use in my work but not
+      allowed to disclose to anyone else.
+
+\item \textbf{Anonymity} is the ability to leave no evidence of
+      an activity (e.g., sharing a secret). This is not equal
+        with privacy---anonymity is required in many 
+        circumstances, for example for whistle-blowers, 
+        voting, exam marking and so on.
+
+\item \textbf{Privacy} is the ability or right to protect your
+      personal secrets (secrecy for the benefit of an
+      individual). For example, in a job interview, I might
+      not like to disclose that I am pregnant, if I were
+      a woman, or that I am a father. Similarly, I might not
+      like to disclose my location data, because thieves might
+      break into my house if they know I am away at work. 
+      Privacy is essentially everything which `shouldn't be
+      anybodies business'.
+
+\end{itemize}
+
+\noindent While this might provide us with some rough
+definitions, the problem with privacy is that it is an
+extremely fine line what should stay private and what should
+not. For example, since I am working in academia, I am very
+happy to be essentially a digital exhibitionist: I am happy to
+disclose all `trivia' related to my work on my personal
+web-page. This is a kind of bragging that is normal in
+academia (at least in the CS field). I am even happy that
+Google maintains a profile about all of my academic papers and
+their citations. 
+
+On the other hand I would be very peeved if anybody had a too
+close look on my private live---it shouldn'd be anybodies
+business. The reason is that knowledge about my private life
+usually is used against me. As mentioned above, public
+location data might mean I get robbed. If supermarkets build a
+profile of my shopping habits, they will use it to
+\emph{their} advantage---surely not to \emph{my} advantage.
+Also whatever might be collected about my life will always be
+an incomplete, or even misleading, picture---I am sure my
+creditworthiness score was temporarily(?) destroyed by not
+having a regular income in this country (before coming to
+King's I worked in Munich). To correct such incomplete or
+flawed data there is, since recently, a law that allows you to
+check what information is held about you for determining your
+creditworthiness. But this concerns only a very small part of
+the data that is held about me/you.
+
+This is an endless field. I let you ponder about the two
+statements that are often float about in discussions about
+privacy:
+
+\begin{itemize}
+\item \textit{``You have zero privacy anyway. Get over it.''}\\
+\mbox{}\hfill{}Scott Mcnealy (CEO of Sun)
+
+\item \textit{``If you have nothing to hide, you have nothing 
+to fear.''}
+\end{itemize}
+ 
+\noindent There are some technical problems that are easier to
+discuss and that often have privacy implications. The problem
+I want to focus on is how to safely disclose datasets. What
+can go wrong with this can be illustrated with three examples:
+
+\begin{itemize}
+\item In 2006 a then young company called Netflix offered a 1
+      Mio \$ prize to anybody who could improve their movie
+      rating algorithm. For this they disclosed a dataset
+      containing 10\% of all Netflix users (appr.~500K). They
+      removed names, but included numerical ratings as well as
+      times of ratings. Though some information was perturbed
+      (i.e., slightly modified).
+      
+      Two researchers took that data and compared it with
+      public data available from the International Movie
+      Database (IMDb). They found that 98 \% of the entries
+      could be re-identified: either by their ratings or by
+      the dates the ratings were uploaded. 
+
+\item In the 1990, medical databases were routinely made
+      publicised for research purposes. This was done in
+      anonymised form with names removed, but birth dates,
+      gender, ZIP-code were retained.
+      
+\end{itemize}
+
+
+\end{document}
+
+http://randomwalker.info/teaching/fall-2012-privacy-technologies/?
+http://chronicle.com/article/Why-Privacy-Matters-Even-if/127461/
+http://repository.cmu.edu/cgi/viewcontent.cgi?article=1077&context=hcii
+https://josephhall.org/papers/NYU-MCC-1303-S2012_privacy_syllabus.pdf
+%%% Local Variables: 
+%%% mode: latex
+%%% TeX-master: t
+%%% End: