Wednesday, March 17, 2010

How privacy vanishes online and some thoughts

Very timely article:
"If a stranger came up to you, would you say your email address, your phone number?
If you have a not so close friend would you tell your DoB to him/her?
Probably not..yet people say it on the Internet."

“Personal privacy is no longer an individual thing: In today’s online world, what your mother told you is true, only more so: people really can judge you by your friends.”

As the article also briefly mentions, you may think that innocuous attributes such as where you work, your current location, where and what you studied, etc. will not lead to identify you as a unique individual. However, there is research indicating that the aggregation of these small small things can lead to something powerful even to the extent to identify your social security number. Actually, one of my research goals is to minimize the revelation of use innocuous credentials used as part of access controlling in service consumption scenarios. In other words, the question is "how do I get the service with no or minimal disclosure of credentials yet convincing the service provider?"

Another question I am in search of answers is "how much privacy do I loose by revealing different bits of information in different places in the Internet?". Intuitively, as you reveal more attributes about you, you become easier to identify. How does this relationship vary - is your identifiability proportional to something about your attributes? Some attributes reveal more than others. My next question is about identifying that "something"; "Can we capture this notion in an information theoretic way?"

1 comment:

Jack said...

I must say that it well written post on How privacy vanishes online now a days. So we have to be very careful regarding that. Thanks!
digital signature infopath