1 / 25

Privacy and Security of Personal Information: Technological Solutions and Economic Incentives

Privacy and Security of Personal Information: Technological Solutions and Economic Incentives. Alessandro Acquisti Heinz School, CMU. An APE Act?.

rian
Download Presentation

Privacy and Security of Personal Information: Technological Solutions and Economic Incentives

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Privacy and Security of Personal Information:Technological Solutions and Economic Incentives Alessandro AcquistiHeinz School, CMU

  2. An APE Act? • “On May 6, 2002, the Washington Post reported that the National Zoo refused to release a deceased giraffe’s medical records on grounds that it would violate the animal’s right to privacy.” Politech, May 2002 • Soon, an Animal Privacy Entitlement Act?

  3. Three myths about personal information • Is too much privacy bad for you? • or, privacy can act against the interests of society or the individual • Do we have zero personal information security? • or, the loss of control on personal information is simply necessary to make the networked society work • Do people really care about privacy? • or, people would sell their DNA for a Big Mac

  4. Question n.1: Is too much privacy bad for you? • Free flow of information helps and economy and the individual. • True, but what else do the economic arguments say?

  5. Economic incentives • Recent economic studies show something interesting about the flow of personal information: • Acquisti and Varian (2001): allowing firms to use cookies can make customers and society better off • Calzolari and Pavan (2001): sharing information between sellers reduces distortions • Taylor (2002): with strategic customers, firms better off respecting customer’s privacy

  6. The economics of privacy • Acquisti and Varian (2001) • Monopolistic firm/competition case • Customers can be “myopic” or “strategic” • With and without “commitment” • Customer can use anonymizing technology, and suffer a certain cost • What is the optimal strategy for the seller?

  7. The economics of privacy cont’d • Monopoly • If firm just offers the same good, optimal not to use cookies! I.e., behavior-based price discrimination is not optimal. • If firm can use customer information to provide targeted services, price discrimination will be optimal for seller, and • Society can be better off

  8. The economics of privacy cont’d • Competition • No flat price equilibria • Lock-in equilibria • Cost of anonymous technology

  9. Off-line vs. on-line identities • Previous results refer to information about the customer type being shared • E.g., tastes, “risk aversion”, etc. • Not necessarily her real identity • Let’s separate: • Friedmand and Resnick (2001): legal versus persistent identities • Here: • On-line identity • Off-line identity

  10. On-line identity: some trade-offs

  11. Off-line and on-line: other trade-offs

  12. On-line identities, linkages, and costs • Confusion arises in the debate from mixing on-line and off-line identities • Econ says: • more on-line info is good: market laws can allow right amount of on-line info to be shared • not in contradiction with protection of privacy (off-line identity) • Problem: • Why are the two identities instead alwayslinked? • Getting there is costly

  13. Question n. 2: Do we have zero personal information security? • “You Already Have Zero Privacy” • Is loss of privacy necessary to make the networked society work? • IT can: • both link and unlink online and offline identities • or make linkages costly enough • PETs

  14. For example: Anonymous payments • For example, is it possible to have a ‘reliable’ (from charges to shipping) payment system for goods and services which is also anonymous? • Yes: Tygar et al. (1999). • Implementations: • ECash (blind signatures) • Probabilistic “acid mix” approach

  15. “Acid mix” approach to anonymous payments • The story: • Bob, Alice, and Kevin enter a room…. • The Protocol: • Let them ‘swap’ payment tokens with other customers, until satisfied • Put customers in control of the operation! • Let them decide how much privacy they want • Problem: before swapping, customers cannot see/copy their own tokens… • For details: Acquisti (2002)

  16. And yet…. • Economic arguments show that trade-offs between sharing and protecting personal information can be reconciled • Technology could do it • So, why econ & technology did not do it? • Solve the following equation: • Find a privacy combinationconvenient for customers (e.g. Bob), profitable for vendors (e.g. Amazon.com), advantageous for other existing players (e.g. credit card networks), non replicable by competitors

  17. Question n. 3: Do people really care about privacy? Who should? • Anedoctical evidence, Surveys, Experiments • Privacy “advocates” & cameras: Spiekermann, Grossklags, and Berendt (2001) • Independent Studies • $18 Billion in lost e-tail sales (Jupiter) • Top reason for not going online (Harris) • PGuardian marketing studies • Confirm privacy awareness, but • Expect privacy at no cost offered by the merchant

  18. How to conciliate the two views? • Some ideas from economics: • “Bounded rationalities” (how to calculate the negative financial shock of identity theft?) • Economics of immediate gratification (enjoy now, worry later) • Experiment. Hypothesis: individuals strategic wrt to on-line identity, myopic wrt to off-line identity • So: free decision, but not necessarily optimal for individual or society • A Parable: Geo Trust • A second parable: Motorbikes and Helmets

  19. Economics of off-line identity • Costs • Both sides, both cases • Customers: • Bounded rationalities, hyperbolic discounting: • customer decides not to protect herself • Other parties: • Asymmetric information, moral hazard: • seller decides not to protect customer

  20. Economics of off-line identity cont’d • Hence • too much off-line info re-distributed • not paid for • chilling effects • real effects: • Lost sales • Unsatisfied demand • Identity thefts • Frauds • Or, rich, disagreeable niche markets

  21. The approaches • Market • Econ does not work alone • Technology • Dot-com death bed • Does not work alone • And Law? Data Marketing Data Protection

  22. Law • Patriot Act (APE Act?) • Or, different approaches: • Liability • Adapting trade secrecy rules to “licensing” personal data - Samuelson (2000) • Driven by economics, drives technology • (third party market)

  23. Seven (very personal) answers • Privacy easier to protect than to sell • We are all myopic, but not necessarily careless • Privacy is about trade-offs. Good trade-offs could satisfy both ‘privacy advocates’ as well as ‘free data marketers’ • Distinguish between on-line and off-line identities. Share on-line identities, protect off-line identities. Make linkages expensive • Econ to see what to protect, what to share • Law to send to signal the market • Technology to implement chosen directions

  24. Backups

  25. An economics of privacy? • Difficulties in conceptualizing privacy: • A right? A need? A gift? • Too many things for different people: • Price discrimination… • Telemarketing… • Blackmailing…. • …and even for the same person • web-cam in the house… • and refuses cookies when browsing cnn.com… • Recognize: privacy is about trade-offs

More Related