1 / 12

Group D Privacy with accountability, auditability and transparency

Develop technologies to enable individuals, governments, and organizations to control the release and use of information based on flexible and understandable policies. This is crucial in the context of the upcoming ability to determine an individual's complete genome, which has both terrific benefits and risks of abuse.

hkearney
Download Presentation

Group D Privacy with accountability, auditability and transparency

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Group DPrivacy with accountability, auditability and transparency

  2. Accountability, auditability and transparency in service of Privacy

  3. Grand Challenge Statement Develop technologies that allow individuals, governments and organizations to control the release and use of information according to flexible and understandable policies.

  4. Motivating Scenario • It will soon be possible to determine an individual’s complete genome • Terrific benefits: • Customized medical treatments • Knowledge of predisposition for diseases • Aid medical research • Terrific risk of abuse: • Unauthorized use by insurance, employers, law enforcement

  5. Enabling Assumptions • There will be semi-trusted computing platforms (can provide a program to a machine and believe it will execute it only as intended). • Legal mechanisms will be in place to sufficiently deter misuse. • Perfect encryption primitives are available. We don’t believe any of these exist yet… but close enough approximations do.

  6. Policy Questions • Who should set the policies? • Individuals: change balance of power • It shouldn’t be up to individuals to understand and agree to a service’s privacy policy • Instead, individuals provide data in a way that enforces their policies, and the service decides what service to provide • Society: “owner” is not only one impacted • Releasing my genome also releases information about my sister, parents, etc. • Society may deserve to know about criminal records, infectious diseases, etc. Non-technical issues, but technology must be able to support range of desired policies.

  7. Policy Questions • How do you express and reason about policies? • Average users need to understand what policies allow and disallow, and select (maybe define) policies that reflect their intent • Privacy policies are complex: release of information, history, location (jurisdiction), remnants, independence • Transfers between programs and organizations Design languages for defining policies, tools for reasoning about what policies allow, models for presenting policies that are understandable

  8. Accountability • Need workarounds: Doctor in foreign country should be able to get medical history of unconscious patient • Auditability: policies can specify that information is only released if an audit record is produced • Privacy of requestor may conflict with policy • Policies can relate information release and use to accountability of user: credentials expand accountability, laws in user’s jurisdiction

  9. Enforcement • Control for release and use of data has to be part of data itself • Programs that release information according to a policy (DRM-like) • Constrain the use of that information after it is released to one program, but not yet to another (or a human) • Revocation: if there is a mistake, can we retrieve all information derived from bad data

  10. Timeline Now 3 years 5 years 7 years Control Release Control Use Revocation Enforcement Understandable Release Policies For Individuals Policies that vary with Accountability, Society-level policies Policies that depend on jurisdiction, revocation policies Policies

  11. Impact Success criterion: People are willing to provide their genome to medical databases in a way that enables customized treatments and medical research, without fear that it will be abused.

  12. Recap: Challenge Statement Develop technologies that allow individuals, governments and organizations to control the release and use of information according to flexible and understandable policies.

More Related