110 likes | 275 Views
SENSOR NETWORKS & PRIVACY. Pamela Samuelson, UC Berkeley, Securing Privacy Conference, March 13, 2004. SENSOR NETWORKS. Considerable amount of R&D underway to develop tiny computers equipped with radio capabilities to sense physical phenomena and transmit data to processing points
E N D
SENSOR NETWORKS & PRIVACY Pamela Samuelson, UC Berkeley, Securing Privacy Conference, March 13, 2004 Securing Privacy Conference
SENSOR NETWORKS • Considerable amount of R&D underway to develop tiny computers equipped with radio capabilities to sense physical phenomena and transmit data to processing points • Wide array of application domains: smart buildings that can detect internal structural damage or adjust light & heat settings, measuring weather/water info on GG Bridge/redwood trees, monitoring activities of the elderly, sensing for bioterrorism weapons Securing Privacy Conference
TECHNICAL CHALLENGES • Making tiny processors capable of deployment in wide array of applications (buildings, forests, animals, whatever) • Designing ways to generate and preserve power for sensors and transmitting data • Transmission protocols, radio transmitters • Tiny operating system programs, security • Database designs for processing sensed data Securing Privacy Conference
CITRIS • Center for Information Technology Research in the Interests of Society at UC Berkeley • Technologists designing sensor and sensor network technologies are aware that deployment of such technologies raise privacy and other policy concerns • Deirdre Mulligan & I have begun work with EECS Professors David Culler, Joe Hellerstein, & David Wagner on privacy & sensor network issues Securing Privacy Conference
COLLABORATION • Technologists want quick and certain answers • Want to submit query about how law applies, have it processed, & get right answer as output • Have a sense that there may be a short window for developing right technology policy • Lawyers have to educate technologists about different modality of law, and need to know fair amount about the technology & how it will be deployed before able to assess how law applies Securing Privacy Conference
PRIVACY ISSUES • Many applications for deploying sensor networks involve collecting personally identifiable information (PII) • Sensing persons in building as part of embedded sensors for disaster preparedness • Monitoring activities of the elderly so they can safely live at home • FastTRAK devices being read at more than toll booths • No law as such on this new domain, but wouldn’t it be nice if fair information practices applied? Securing Privacy Conference
FAIR INFO PRACTICES • Limitations on collection of data (only what need); destroy data after need is fulfilled • Right to collect data for specific purpose only; if want to reuse for other purpose, you have to get new permission • Notice and consent • Right of access to check data • Obligations to keep data accurate, secure • Accountability if screw up Securing Privacy Conference
SENSOR NETS POOR FIT? • Data collection is norm, may be always on • Absence of cues indicating data is being collected • Porous barriers between public and private spaces • Everyone is a potential data collector • New kinds of data being sensed, created, stored • Increased ability to create patterns, knowledge out of seemingly unrevealing bits of data • Once data has been collected, reuse may be easy to do, but difficult to detect and hence to regulate • May not be feasible to enable access to PII to ensure integrity (lots of sensor network data will be lousy) Securing Privacy Conference
ISSUES FROM CASELAW • US v. Miller: persons have no protectable privacy interest in data about them held by third parties (e.g., bank records of individual accounts) • Kyllo v. US: use of heat-sensing technology violated 4th A because reasonable expectation of privacy in home, & such technology not in general public use Securing Privacy Conference
WHAT TO DO? • May be possible to design privacy-sensitive technology • Encrypt PII so can only be used for one purpose? • Use authentication/access control systems? • Store data only where security can be strong? • Aggregate data to anonymize? Hide mapping? • Don’t log or flush out data when no longer needed? • Give users ability to turn sensors off? detector devices? • Adapt FIPs for sensor networks? New laws? Securing Privacy Conference
CONCLUSION • May be possible to build and deploy sensor networks in socially responsible way • Worth thinking about whether possible to develop new FIPs for sensor networks, and what role for technology, what role for law? • Law will certainly kick in when disputes arise or some flagrant, well-publicized abuse occurs • Good idea to think about legal framework before problems start arising Securing Privacy Conference