PRIVACY IN THE DIGITAL SOCIETY

Israel Barroso Pérez

Máster en Ciencia y Tecnologı́a Informática

December 13, 2010

Israel Barroso Pérez

Outline

Introduction
◮ The Origins, The Debate
◮ Privacy Threats

Economics of privacy
◮ The Value of Privacy
◮ Privacy and Business

Privacy-Enhancing Tecnologies
◮ Languages for Access Control and Privacy Preferences
◮ Data Privacy Protection
◮ Privacy for Mobile Environments

Israel Barroso Pérez

Outline

RFID privacy
◮ Privacy Threats
◮ EU Recommendation

Conclusion

Israel Barroso Pérez

Introduction

Origins
◮ Debate:
→ Extremes
◮ Concept:
→ Aristoteles.
→ John Stuart Mill.
→ Margaret Mead.
◮ More pragmatically
→ 1898 ”The right to be let alone”.
◮ 1948 → Universal Declaration of Human Rights

Israel Barroso Pérez

Introduction

Figure: Peter Steiner - Privacy

Israel Barroso Pérez

Introduction

About Digital Society

◮ Lessig in his book ”Free Culture”
→ Privacy in terms of friction
→ Reconcile privacy with security.
◮ Tecnology first → now other requirements
→ Technology has matured.
→ But not balance between old and new requirements.

Israel Barroso Pérez

Introduction

Privacy Threats
◮ Deloitte 2009
◮ Incidents
→ 40% Unauthorized disclosure
→ 30% Theft (disks, laptops)
→ 20% Penetration/hacking
→ 10 % Lost of data
◮ Type of Information Exposed
→ 40% PII
→ 30% Social Security Numbers
→ 10% Educational Information
→ 10 % Financial Information
→ 5% Medical Information
→ 5% Login Accounts

Israel Barroso Pérez

PRIVACY

1. Introduction
2. The Economics of Privacy
2.1 The Value of Privacy
2.2 Privacy and Business
3. Privacy-Enhancing Technologies
4. Privacy and RFID
5. Conclusion

Israel Barroso Pérez

The Economics of Privacy

◮ Strong economics factors influence

◮ K.L.Hui ”Economics of Privacy”
◮ Two issues gain most attention
→ The Value of Privacy
→ Coexistence of Business and Privacy

The Value of Privacy

◮ Syverson and Shostack
→ ”What price privacy?”
→ Irrational behaviour, small rewards
→ People not able to assess

Israel Barroso Pérez

The Value of Privacy

Culnan and Armstrong

◮ Firms with ethical behaviour
◮ Privacy concerns because unclear policies
◮ 2008, Tsai address same issue

Grosslack and Acquisti

◮ ”When 25 cents is too much”
◮ Willingness to sell

Conclusion
◮ People react negatively when privacy is incomplete, but...
◮ ... a modest monetary reward is sufficient.

Israel Barroso Pérez

Privacy and Business

Froomkin
◮ ”The death of privacy?”
◮ Privacy-destroying technologies
◮ Combination is worst, need of legal responses

Odlyzko
◮ Several works, leading author
◮ Pesimistic view, pressures on the market

Empirical Studies
◮ Forbes 50 and Fortune 500, poor state of privacy policies
◮ Better management of privacy in public bodies

Israel Barroso Pérez

PRIVACY

1. Introduction
2. The Economics of Privacy
3. Privacy-Enhancing Technologies
3.1 Languages for Access Control and Privacy Preferences
3.2 Data Privacy Protection
3.3 Privacy for Mobile Environments
4. Privacy and RFID
5. Conclusion

Israel Barroso Pérez

Privacy-Enhancing Technologies

PETs
◮ Privacy-Enhancing Technologies is a system of ICT measures
protecting informational privacy by eliminating or minimising
personal data thereby preventing unnecessary or unwanted
processing of personal data
◮ Fostered by Web and Location technologies
◮ Three different contexts
→ Languages for Access Control and Privacy
Preferences
→ Data Privacy Protection
→ Privacy for Mobile Environments

PRIME
◮ Privacy and Identity Management for Europe
Israel Barroso Pérez
Languages for Access Control and Privacy Preferences

XACML (eXtensible Access Control Markup Language)

◮ XML-based for access control (OASIS)
◮ Interchange access control policies

P3P (Platform for Privacy Preferences Project)

◮ W3C project, XML-based language
◮ Assess privacy practices of a server provider

EPAL
◮ Enterprise Privacy Authoritation Language
◮ For specifying enterprise-based privacy policies

Israel Barroso Pérez

Data Protection Privacy
Anonymity
◮ First in the context of relational databases
◮ Deidentification does not provide full anonymity
◮ Race + date of birth + Zip Code is enough, for instance

Overview European Data Protection Law

◮ European Data Protection Directive 95/47/CE
→ Automated processing of personal data
◮ Directive on Privacy and Electronic Communications
2002/58/CE
→ Data protection in publicly available electronic
communications networks
→ Additional obligations concerning data security,
communications secrecy, cookies, spam.
Israel Barroso Pérez
Data Protection Privacy

Ley 15/1999 de Protección de Datos

◮ Artı́culo 5: Derecho de información en la recogida de datos
◮ Artı́culo 6: Consentimiento del afectado
◮ Artı́culo 7: Datos especialmente protegidos
◮ Artı́culo 9: Seguridad en los datos
◮ Artı́culo 10: Deber de secreto
◮ Artı́culo 11: Comunicación de los datos
◮ Más...

Real Decreto 1720/2007 - Desarrollo de la LOPD

◮ Datos de nivel Bajo, Medio, Alto
◮ Medidas de seguridad de los datos

Israel Barroso Pérez

Data Protection Privacy

Ley 32/2003 General de Telecomunicaciones - Capı́tulo III

◮ Artı́culo 33: Secreto de las comunicaciones
◮ Artı́culo 34: Protección de datos
◮ Artı́culo 38: Derechos de los consumidores y usuarios finales

Constitución Española
◮ Artı́culo 18.1: Se garantiza el derecho a la intimidad
personal[...]
◮ Artı́culo 18.3: Se garantiza el secreto de las
comunicaciones[...]salvo resolución judicial.
◮ Artı́culo 18.4: La Ley limitará el uso de la informática para
garantizar el honor y la intimidad personal y familiar de los
ciudadanos[...]

Israel Barroso Pérez

Privacy for Mobile Environments

Location information
◮ Great amount of information
◮ Target of location-based attacks
◮ Pesimistics have even predicted ”Big Brother”

Location Privacy
◮ Right to decide how, when and for wich purposes
◮ Duckham y Kulick ”Location Privacy and Location-Aware
Computing”
→ Unsolicited advertising
→ Physical attacks or harassment
→ User profiling
→ Denial of service

Israel Barroso Pérez

Privacy for Mobile Environments

Location Privacy
◮ Categories of Location privacy
→ Identity privacy
→ Position privacy
→ Path privacy
◮ Protection techniques of Location Privacy
→ Anonymity-based techniques
→ Obfuscation-based techniques
→ Policy-based tecniques
◮ Method of Anonymity-based technique
→ Beresford and Stajano
→ Mix Zones

Israel Barroso Pérez

PRIVACY

1. Introduction
2. The Economics of Privacy
3. Privacy-Enhancing Technologies
4. RFID Privacy
4.1 Privacy Threats
4.2 Regulation and Standardization
4.3 EU Recommendation
5. Conclusion

Israel Barroso Pérez

RFID Privacy

Privacy Threats
◮ Spoofing identity. Spoofing occurs when an attacker
successfully poses as an authorized user of a system.
◮ Tampering with data. Data tampering occurs when an
attacker modifies, adds, deletes, or reorders data.
◮ Repudiation. Repudiation occurs when a user denies an action
and no proof exists to prove that the action was performed.
◮ Information disclosure. Information disclosure occurs when
information is exposed to an unauthorized user.
◮ Denial of service. Denial-of-service denies service to valid
users.

Israel Barroso Pérez

RFID Privacy

Regulation and Standardization

◮ ISO: 11784, 10536, 18000, 14443, etc
◮ Article 29 Data Protection Working Party (Spain with AEPD)
◮ EU Recommendation on the implementation of privacy and
data protection principles in applications supported by RFID

EU Recommendation
◮ Provides guidance to Member States on the design of
applications
◮ Provides guidance to ensure implementing Directives
95/46/EC, 99/5/EC and 2002/58/EC

Israel Barroso Pérez

RFID Privacy - EU Recommendation

Privacy and data protection

◮ Member States should ensure that industry, in collaboration
with relevant civil society stakeholders, develops a framework
for privacy and data protection impact assessments.
◮ EU Recommendation on the implementation of privacy and
data protection principles in applications supported by RFID
◮ This framework should be submitted for endorsement to the
Article 29 Data Protection Working Party within 12 months
◮ Conduct an assessment of the implications of the application
implementation for the protection of personal data and privacy
◮ take appropriate technical and organisational measures to
ensure the protection of personal data and privacy;

Israel Barroso Pérez

RFID Privacy - EU Recommendation

RFID Privacy Impact Assessment Framework (PIA)

◮ Carried out by the industry
◮ Levels
→ Level 0 - The RFID Application does not process
personal data
→ Level 1 - The RFID Application does not process
personal data
→ Level 2 - The RFID Application processes personal
data
→ Level 3 - The RFID Application processes personal
data and the RFID Tag Information contains personal
data

Israel Barroso Pérez

RFID Privacy - PIA Framework
Process
◮ Does the RFID Application process personal data?
◮ Does the RFID Tag Information contain personal data?
◮ Does the RFID Application link RFID Tag Information to
personal data?
◮ Are tagged items intended to be possessed by Individuals?

Reports
◮ If the answer to all the above questions is ”No”, the RFID
Application is a ”level 0” Application and does not require
further analysis or a PIA Report.
◮ If the answer to at least one of the above questions is ”Yes”,
RFID Applications Operators should proceed by drafting a
PIA Report according to the next steps of this Framework.
Israel Barroso Pérez
RFID Privacy - PIA Framework

Current Situation
◮ PIA in March of 2010
◮ In July of 2010 study by Working Party
◮ The Working Party strongly encourages the industry to seize
this opportunity.
◮ The Working Party does not endorse the proposed document
in its current form.
◮ The Working Party is confident that the industry can propose
an improved framework

Israel Barroso Pérez

PRIVACY

1. Introduction
2. The Economics of Privacy
3. Privacy-Enhancing Technologies
4. RFID Privacy
5. Conclusion

Israel Barroso Pérez

PRIVACY IN THE DIGITAL SOCIETY

Israel Barroso Pérez

Máster en Ciencia y Tecnologı́a Informática

December 13, 2010

Israel Barroso Pérez