Ryerson’s Privacy and Big Data Institute's inaugural seminar on Privacy by Design (PbD), the revolutionary privacy framework created by Dr. Ann Cavoukian which was unanimously passed as an international privacy standard in 2010 (translated into 37 languages). Dr. Cavoukian is now the Executive Director of the Privacy and Big Data Institute at Ryerson, and formerly served as the Information and Privacy Commissioner of Ontario for three terms. Dr. Cavoukian gave a presentation on Privacy by Design and its application to big data analytics, followed by a Q&A session.
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Privacy by Design Seminar - Jan 22, 2015
1. Ann Cavoukian, Ph.D.Ann Cavoukian, Ph.D.
Executive Director
Privacy and Big Data Institute
Ryerson University
Welcome to Privacy and
Big Data Analytics – by Design
Privacy by Design Seminar
January 22, 2015
2. Presentation Outline
1.Privacy = Personal Control
2.Privacy is Essential to Freedom
3. Lead with Privacy by Design
4.Big Data Analytics
5.Privacy is Good for Business
6.SmartData
7.Concluding Thoughts
5. Privacy = Personal Control
•User control is critical
•Freedom of choice
•Informational self-determination
Context is key!
6. Privacy is Essential to Freedom:
A Necessary Condition for Societal Prosperity
and Well-Being
• Innovation, creativity, and the resultant prosperity
of a society requires freedom;
• Privacy is the essence of freedom: Without privacy,
individual human rights, property rights and civil liberties – the
conceptual engines of innovation and creativity, could not exist
in a meaningful manner;
• Surveillance is the antithesis of privacy: A negative
consequence of surveillance is the usurpation of a person’s
limited cognitive bandwidth, away from innovation and
creativity.
8. Change the Paradigm to
Positive-Sum,
NOT
Zero-Sum
The Future of
Privacy:
Be Proactive
9. Landmark Resolution Passed to Preserve
the Future of Privacy
By Anna Ohlden – October 29th 2010 - http://www.science20.com/newswire/landmark_resolution_passed_preserve_future_privacy
JERUSALEM, October 29, 2010 – A landmark Resolution by Ontario's
Information and Privacy Commissioner, Dr. Ann Cavoukian, was approved by
international Data Protection and Privacy Commissioners in Jerusalem today at their
annual conference. The resolution recognizes Commissioner Cavoukian's concept of
Privacy by Design - which ensures that privacy is embedded into new technologies
and business practices, right from the outset - as an essential component of
fundamental privacy protection.
Full Article:
http://www.science20.com/newswire/landmark_resolution_passed_preserve_future_privacy
Adoption of “Privacy by Design”
as an International Standard
10. 1. English
2. French
3. German
4. Spanish
5. Italian
6. Czech
7. Dutch
8. Estonian
9. Hebrew
10.Hindi
11.Chinese
12.Japanese
13. Arabic
14. Armenian
15. Ukrainian
16. Korean
17. Russian
18. Romanian
19. Portuguese
20. Maltese
21. Greek
22. Macedonian
23. Bulgarian
24. Croatian
25. Polish
26. Turkish
27. Malaysian
28. Indonesian
29. Danish
30. Hungarian
31. Norwegian
32. Serbian
33. Lithuanian
34. Farsi
35. Finnish
36. Albanian
37. Catalan
Privacy by Design:
Proactive in 37 Languages!
11. Privacy by Design’s Greatest Strength –
Positive-Sum: The Power of “And”
Change the paradigm from
the dated zero-sum (win/win)
to a “positive-sum” model:
Create a win/win scenario,
not an either/or (vs.)
involving unnecessary trade-offs
and false dichotomies …
replace “vs.” with “and”
12. Privacy by Design:
The 7 Foundational Principles
1. Proactive not Reactive:
Preventative, not Remedial;
2. Privacy as the Default setting;
3. Privacy Embedded into Design;
4. Full Functionality:
Positive-Sum, not Zero-Sum;
5. End-to-End Security:
Full Lifecycle Protection;
6. Visibility and Transparency:
Keep it Open;
7. Respect for User Privacy:
Keep it User-Centric.
13. “Privacy by Design is considered one of the most
important concepts by members of the Japanese
Information Processing Development Center …
We have heard from Japan’s private sector
companies that we need to insist on the principle
of Positive-Sum, not Zero-Sum and become
enlightened with Privacy by Design.”
— Tamotsu Nomura,
Japan Information Processing Development Center,
May 28, 2014
Letter from JIPDEC – May 28, 2014
14. Operationalizing Privacy by Design
9 PbD Application Areas
•CCTV/Surveillance cameras in mass
transit systems;
•Biometrics used in casinos and gaming
facilities;
•Smart Meters and the Smart Grid;
•Mobile Communications;
•Near Field Communications;
•RFIDs and sensor technologies;
•Redesigning IP Geolocation;
•Remote Home Health Care;
•Big Data and Data Analytics.
15. Do NOT focus exclusively on the
“uses” of personal data
Zero-Sum Prevails:
Let’s Change the Paradigm
17. Privacy Paternalism
“ Leaving it up to companies and governments to
determine the acceptable secondary uses of personal
data is a flawed proposition, that will no doubt lead to
greater privacy infraction. If the history of privacy has
taught us anything, it is that an individual’s loss of
control over their personal data leads to greater privacy
abuses, not fewer.”
Cavoukian, Dix, and El-Emam
18. The Veil of Privacy
“A regime that only pays attention to use erects
a Potemkin Village of privacy. From a distance, it
looks sound. But living within it we will find no
shelter from the sun or rain.”
– Professor Chris Hoofnagle
The Potemkinism of Privacy Pragmatism
Slate.com
http://www.slate.com/articles/technology/future_tense/2014/09/data_use_
regulation_the_libertarian_push_behind_a_new_take_on_privacy.html
19. Privacy Paternalism
“The authors fully agree that accountability should be
strengthened, but disagree with the proposal to
weaken critical FIPPs and diminishing the role of the
individual … Diminishing limits on specified purposes,
collection and uses of personal data minimizes rather
than strengthens accountability.”
Cavoukian, Dix, and El-Emam
22. Big Data
• 90% of all data was created within the last 2 years;
• Big Data analysis and data analytics promise new
opportunities to gain valuable insights and benefits
– new predictive modes of analysis;
• But, it will also enable expanded surveillance,
increasing the risk of unauthorized use and
disclosure, on a scale previously unimaginable.
26. Big Data Technology is Not Foolproof
“Despite rampant interest from enterprise
leaders and often sizeable investments in
Big Data technologies, many programs still
sputter or fail completely.”
— Evanta Leadership Network,
May 29, 2014.
27. Some People are Now Asking:
Is Big Data a Big Mistake?
• The Big Data that interests many companies is
what we might call “found data” – the digital
exhaust of web searches, credit card payments
and mobiles pinging the nearest phone mast;
• Such data sets are cheap to collect relative to
their size – a messy collage of data-points,
collected for disparate purposes;
• But, how good is the data?
— www.ft.com
April 7, 2014
28. Big Data is moving from its
“inflated expectations” phase
to a “trough of
disillusionment.” — Gartner Hype Cycle,
April, 2014
29. MIT Big Data Expert
Calls for Privacy
“MIT Professor Alex Pentland has proposed a
‘New Deal on Data,’ which calls for individuals
to own their data and control how it is used
and distributed.”
— Measuring Idea Flows to Accelerate Innovation,
New York Times, April 15, 2014.
30. “But while big data promise much to scientists,
entrepreneurs and governments, they are doomed
to disappoint us if we ignore some very familiar
statistical lessons. There are a lot of small data
problems that occur in big data. They don’t
disappear because you’ve got lots of the stuff …
they get worse!” — David Spiegelhalter,
Winton Professor, Cambridge University
— Big data: are we making a big mistake?
FT Magazine, March 2014.
Quantity Does Not Equal Quality
31. “Forget Big Data …
what is needed is
Good Data”
— Barrie McKenna,
The serious economic cost of Canada's data deficit,
Globe and Mail, May 12, 2014
32. 2013 Data Scientists Conference
88% of the Data Scientists surveyed said
that consumers should worry about the
privacy issues associated with Big Data
- JSM 2013 Conference
33. Context is Key
• Performing data analytics on context-free data
will only yield correlations (which at times, will
be spurious);
• By adding context as a feature in the analytics,
we may be able to impute causality – which has
the potential to be invaluable in our analyses.
34. Privacy Breeds Innovation:
It Does NOT Stifle It!
• The argument that privacy stifles innovation reflects a dated,
zero-sum mindset;
• The notion that privacy must be sacrificed for innovation is a false
win/lose dichotomy, consisting of unnecessary trade-offs;
• The opposite is true – privacy drives innovation – it forces
innovators to think creatively to find solutions that will serve
multiple functionalities;
• We need to abandon zero-sum thinking and adopt a positive-sum
paradigm where both innovation and privacy may be achieved –
we need a new playbook!
35. Privacy by Design and the
Internet Engineering Task Force (IETF)
“The concept of Privacy by Design has gotten a lot
of attention over the past few years and within the
IETF we have tried to investigate how we can
consider privacy in the design of protocols and
architectural designs in a more systematic way.”
— Privacy Considerations for Internet Protocols,
Internet Engineering Task Force (IETF), www.ietf.org
36. Carnegie Mellon University –
Privacy By Design
•Master's degree program for privacy engineers to
be offered by Carnegie Mellon University, School of
Computer Science;
•The Master of Science in Information Technology-Privacy
(MSIT-Privacy) is a 12-month program that began in the
fall of 2013;
•The program will emphasize the concept of Privacy by
Design, in which safeguards are incorporated into the
design of systems and products from the very beginning
of the development process.
37. OASIS Technical Committee –
Privacy by Design for Software Engineers
• Commissioner Cavoukian and Professor Jutla are the
Co-Chairs of a new technical committee (TC) of OASIS
“PbD-SE (software engineers) TC;”
• The purpose of PbD-SE is to provide PbD governance and
documentation for software engineers; and
• The PbD standards developed will pave the way for
software engineers to code for Privacy, by Design.
38. OASIS and Privacy by Design
• 2014 – the OASIS PbD-SE Technical Committee (TC) approved the
Privacy by Design Documentation for Software Engineers Version
1.0 as a Committee Specification Draft (CSD), and the Annex
Guide to Privacy by Design Documentation for Software
Engineers Version 1.0 as a Committee Note Draft (CND);
• This vote represents a milestone for the PbD-SE TC,
acknowledging the substantial progress that has been made over
the last year;
• The PbD-SE TC will undertake another review cycle before
submitting the CSD and CND to public review.
39.
40. — Commissioner Cavoukian
“Privacy is just as Big as
Big Data. The tools exist to
systemically protect personal
information and bring about
the benefits of Big Data.
Together we can ensure that
Big Data and ‘Big Privacy’
can both be accomplished to
enable win-win scenario.”
41. “There are considerable
risks in abandoning
de-identification efforts,
including the fact that
individuals and
organizations may simply
cease disclosing de-
identified information for
secondary purposes, even
those seen to be in the
public interest.”
— Commissioner Cavoukian
43. Proposed Approach to Internet of Things
Data Security
1. Security by Design
– Build security into devices from the outset;
1. Data Minimization
– Data which isn’t collected can’t fall into the wrong hands;
1. Notice and choice for unexpected uses
– Consumers should be given clear, simple notices of how
their data will be used, along with a consent mechanism.
Edith Ramirez – US FTC chairwoman
CES 2015
45. Consumer Choice and Privacy
• There is a strong competitive advantage for businesses
to invest in good data privacy and security practices;
• “A significant portion of the population is becoming
concerned about identity theft, and it is influencing
their purchasing decisions.”
— Rena Mears, Deloitte & Touche,
Survey Reports An Increase in ID Theft and
Decrease in Consumer Confidence.
46. The Bottom Line
Privacy should be viewed as a
business issue, not a
compliance issue
Think strategically and transform privacy into a
competitive business advantage
47. Cost of Taking the Reactive Approach to
Privacy Breaches
Proactive
Reactive
Class-Action
Lawsuits
Damage to
One’s Brand
Loss of Consumer Confidence
and Trust
48. First “Privacy Marketplace” at the
International Consumer Electronics Show
in Vegas
“ Privacy is a hot issue right now. It’s on everyone’s radar …
Consumers asking about privacy – that was the big takeaway.
These companies in the privacy marketplace, in large part aren’t
advocates. They’re entrepreneurs looking to capitalize on
market opportunity. They expect a larger privacy marketplace
next year and for brands to incorporate “privacy” into their
marketing… Anyone, everyone, can understand the need for
privacy.”
Victor Cocchia
CEO, Vysk
Speaking at CES: Jan, 2015
49. Success in the Future will Require Positive-Sum
Paradigms
1. Big Data and privacy are not mutually exclusive:
• Data is one of the most valuable assets of any organization ;
• Privacy is about personally identifiable information;
• Consumer demands are creating additional pressures;
2. Proactive privacy drives innovation:
• It is entirely possible to achieve privacy in the Big Data era, while
also using data analytics to unlock new insights and innovations
to move an organization forward;
3. Innovation and privacy: You can have it all:
• Organizations will continue to apply data analytics to Big Data in order
to advance their strategic goals and better serve their customers.
— Commissioner Cavoukian,
Using Privacy by Design to achieve Big Data Innovation Without Compromising Privacy
52. The Next Evolution in Data Protection:
“SmartData”
Developed by Dr. George Tomko, at the Identity, Privacy
and Security Institute, University of Toronto, SmartData
represents privacy in the future with greater control
of personal information.
Intelligent “smart agents” to be introduced into IT systems virtually –
thereby creating “SmartData,” – a new approach to Artificial
Intelligence, bottom-up, that will contextualize the field of AI .
53. SmartData:
It’s All About User Control
It’s All About Context:
•Evolving virtual cognitive agents that can act as your
proxy to protect your personally identifiable data;
Intelligent agents will be evolved to:
•Protect and secure your personal information;
•Disclose your information only when your personal
criteria for release have been met;
•Put the user firmly in control –
Big Privacy, Radical Control!
54. Methods of Creating Intelligent Agents
• Top-down, rule-based design (traditional AI);
• Bottom-up “evolutionary robotics design;”
• The combination of a top-down and
bottom-up hybrid will yield the most
dynamic results.
55. Southern Ontario Smart Computing
Innovation Platform (SOSCIP)
“SOSCIP is a groundbreaking research collaboration involving seven
leading southern Ontario universities, IBM Canada, and small- and
medium-sized enterprises (SMEs) across the province.”
Ryerson’s Privacy & Big Data Institute proposal
involving SmartData received SOSCIP approval to
explore the feasibility of privacy-protective monitoring
of health-related outbreaks, using a foundation of
intelligent virtual agents as envisioned in SmartData.
57. “As long as the threat of terrorism
exists and the global conditions that
instantiate those threats continue,
effective measures will be needed
to counteract terrorism.
At the same time, in order for a
free and open society to function
properly, privacy and civil liberties
must be strongly protected.”
Privacy-Protective Surveillance
58. • A new system of surveillance, which enables
effective counter-terrorism measures to be pursued
– in a privacy-protective manner;
• The underlying technology builds on Artificial
Intelligence, advances in cryptography involving
Homomorphic Encryption, and Probabilistic Graphical
Models (involving Bayesian Networks).
Introducing PPS:
Privacy-Protective Surveillance
59. Summary of PPS
Privacy Protective Surveillance is a positive-sum, “win-win”
alternative to current counter-terrorism surveillance systems.
It incorporates two primary objectives in its design:
1.An AI system consisting of feature detection that scans the Web and
related databases using a “blind-sight” procedure to detect digital
evidence relating to potentially suspicious terrorist activity by some,
without infringing on the privacy of unrelated individuals;
2.A technological infrastructure to ensure that any personally
identifying information (“PII”) on unsuspected individuals is not
collected and, in those associated with targeted activity, encrypted PII
will only be divulged with judicial authorization (a warrant issued by the
court).
60. Concluding Thoughts
• Privacy risks are best managed by proactively embedding
the principles of Privacy by Design – prevent the harm
from arising – avoid the data breach;
• Focus on prevention: It is much easier and far more
cost-effective to build in privacy, up-front, rather than
after-the-fact;
• Abandon zero-sum thinking – embrace doubly-enabling
systems: Big Data and Big Privacy;
• Get smart – lead with Privacy – by Design, not privacy
by chance or, worse, Privacy by Disaster!
61. Contact Information
Ann Cavoukian, Ph.D.Ann Cavoukian, Ph.D.
Executive Director
Privacy and Big Data Institute
Ryerson University
285 Victoria Street
Toronto, Ontario
M5B 2K3
Phone: (416) 979-5000 ext. 3138
ann.cavoukian@ryerson.ca
ann.cavoukian@
ryerson.ca
twitter.com/Pri
acyBigData
Notas do Editor
Privacy = Personal Freedom
Privacy is Essential to Freedom
And we will be releasing our 3rd paper in our trilogy on Dig Data with Deloitte in the spring!
Privacy by Design
Jerusalem Resolution
I first developed the concept of “Privacy by Design” in the 90s, as a response to the growing threats to online privacy that were beginning to emerge;
“Privacy by Design” seeks to build in privacy – up front, right into the design specifications; into the architecture; embed privacy into the technology used – bake it in;
Data minimization is key: minimize the routine collection and use of personally identifiable information – use encrypted or coded information whenever possible;
Use privacy-enhancing technologies (PETs) plus where possible: give people maximum control over their own data.
Landmark Resolution Passed to Preserve - JERUSALEM, October 29, 2010 – A landmark Resolution by Ontario's Information and Privacy Commissioner, Dr. Ann Cavoukian, was approved by international Data Protection and Privacy Commissioners in Jerusalem today at their annual conference. The resolution recognizes Commissioner Cavoukian's concept of Privacy by Design - which ensures that privacy is embedded into new technologies and business practices, right from the outset - as an essential component of fundamental privacy protection.
PbD in 37 Languages
7 Foundational Principles
Letter from JIPDEC
A Positive-Sum (or “win-win” or “non zero-sum”) paradigm, by contrast, describes a concept or situation in which participants can all gain or suffer together. That is, the sum of gains and losses by the participants are always more or less than what they began with, depending on their choices and behaviour.
If privacy and security are not a ‘zero-sum game’, and if we need to ensure strong security and strong privacy what are we left with? We can’t leave privacy to policies and procedures alone, as that ignores the reality of the systems in which so much personal information resides. We can’t focus on security alone, as I talked about earlier. There isn’t a balance to be sought.
What is required is a WIN-WIN situation, in which strong privacy policies mutually reinforce a strong security focus.
“We need better options for securing the Internet. Instead of looking primarily for top-down government intervention, we can enlist the operators and users themselves.”
— Jonathan Zittrain,
Freedom and Anonymity: Keeping the Internet Open, Scientific American, February 24, 2011
Operationalizing PbD
Proactive not Reactive; Preventative not Remedial
Privacy as the Default
Privacy Embedded into Design
Full Functionality: Positive-Sum, not Zero-Sum
End-to-End Lifecycle Protection
Visibility and Transparency
Respect for User Privacy
7 Foundational Principles
Big Data
Big Data
Big Data – Honeymoon Phase
Big Data – Honeymoon Phase
Honeymoon Ends
Big Data Technology is Not Foolproof
Is Big Data A Mistake?
“In the afterglow of Big Data’s buzz, many organizations are finding that successful programs require much more than simply plugging data into a program.”
Evanta Leadership Network,
May 29, 2014
Gartner Hype Cycle
As with so many buzzwords, Big Data is a vague term, often thrown around as a selling point.
Distributed platforms like Hadoop enable data to be spread across multiple servers.
MIT – Alex Pentland
“… as we learn that it cant yet do what it advocates claim. Once we appreciate its limits, however, we’ll more clearly see its benefits.”
Quantity Does Not Equal Quality
Today, Mr. Pentland is a computational social scientist at the Massachusetts Institute of Technology and director of the Human Dynamics research group at the M.I.T. Media Lab, for decades. Also serves as an adviser to the World Economic Forum.
QUOTES — Professor Lawrence Lessig, Harvard Law School
“A technology should reveal no more information than is necessary … it should be built to be the least revealing system possible.”
“We are not debating whether to move into a world where data are collected, used, and sold. We already live in that world. Given that we are here, how can we ensure that at least some control is granted to those whom these data are about? I advocate a property regime not because of the sanctity of property as an ideal, but because of its utility in serving a different but quite important ideal.”
“A Property Regime protects both those who value their privacy more…and those who value it less.”
Good Data – Not Big Data
4 Popular Big Data Claims:
Data analysis produces uncannily accurate results;
Every single data point can be captured, making old statistical sampling techniques obsolete;
It is passé to fret about what causes what, because statistical correlation tells us what we need to know;
Scientific or statistical models aren’t needed because, to quote “The End of Theory”, a provocative essay published in Wired in 2008, “with enough data, the numbers speak for themselves.”
— Tim Harford,
Big data: are we making a big mistake?
FT Magazine, March 2014
Context is Key
Privacy Does NOT Stifle Innovation
PbD and IETF
I’d like to clear up a common misconception that privacy somehow stifles innovation.
In fact, protecting privacy demands the highest level of innovation.
For the last two years, I have called on all innovators and inventors to enlist technology to help protect our privacy well into the future.
In the midst of today’s unprecedented explosion of information technology and the privacy challenges that come with it, we will need innovators to come up with the solutions we need to protect privacy.
And, if one requires proof then I need only to point to PbD which has stimulated innovative solutions in privacy protection across a wide field of industries from biometrics to health care to energy – in addition to many more discussed at length in this Annual Report.
Further, more organizations than ever operationalized the Principles of PbD in 2012 which also helped to put to rest the myth that privacy stifles innovation.
Carnegie Mellon – Masters in Privacy Engineering
“We have started to shed more light on privacy in the IETF by organizing a privacy workshop to solicit input from the technically minded privacy community, to create an IETF privacy directorate, and to start the work on a number of documents to offer more guidance to engineers.”
OASIS
More from OASIS
Professor Jutla is the winner of the prestigious U.S. World Technology Award (IT Software – Individual 2009) and is recognized for her innovative work with long-term significance on the evolving technological landscape as well as the transcendent imperative of privacy protection.
Data-Centric architecture – functioning architecture must revolve around the permissible uses of data.
IPC Big Data Papers
June 10 - IPC/Deloitte Big Data Paper
This paper demonstrates how privacy and responsibility can be advanced in this new age of Big Data analytics: “Context Actualizing”
The big change is Big Data. More specifically, how organizations will leverage Big Data analytics to maximize these growing information assets — driven by their deep interest to maximize their resources and better compete in the market.
While organizations have practical incentives to make the most of their ever-growing observation space (the data they have access to), they also have a pressing need to embed in these systems enhanced privacy protections. We outline in this paper just such an example — how an advanced Big Data sensemaking technology was, from the ground up, engineered with privacy-enhancing features. Some of these features are so critical to accuracy that the team decided they should be mandatory — so deeply baked-in they cannot be turned off.
IPC – ITIF Paper
Big Data Innovation
Consumer Choice and Privacy
The Bottom Line – Privacy Not Compliance Issue
From June, 2005.
Costs of Privacy Breach
SmartData
Next Evolution – SmartData
SmartData – User Control
The concept of SmartData was developed at IPSI – it proposes that intelligent or “smart agents” be introduced into IT systems virtually – thereby creating “SmartData,” a new approach to AI (Artificial intelligence) that will revolutionize the field
Methods of Creating Intelligent Agents
It’s All About Context
Top-down, rule-based systems (used in traditional AI) cannot adapt to differing contexts;
SmartData is all about context and evolving virtual agents that can “learn” to adapt to a variety of situations;
Evolving agents that can act as your proxy for the protection of your personal information, in a variety of contexts, is the ultimate goal of SmartData.
Consistent purpose
Compatible with primary purpose?
New Approach - PPS
Top-Down Design
We presently possess insufficient knowledge;
In principle, sufficient knowledge may not be possible;
Traditional artificial Intelligence (AI) is rule-based – dependent on the intelligence of the programmer;
Difficult to program “meaning” into a system;
It is unlikely that narrow AI will scale up to AGI – combinatorial explosion.
IPC - PPS Paper
“The Communications Security Establishment Commissioner, the Honourable Robert Décary, recently tabled a report in Parliament stating that he had no concern with the majority of activities of Canada's Communications Security Establishment (CSEC – the Canadian equivalent to the NSA). However, a small number of records suggested the possibility that some of CSEC’s activities may have been directed at Canadians, contrary to law. A number of CSEC records relating to these activities were unclear or incomplete and Commissioner Décary was unable to reach a definitive conclusion about compliance or non-compliance with the law.”
Introducing PPS
Above all, privacy, as the ability of law-abiding individuals to control the collection, use, and disclosure of personal information about themselves – referred to at times as informational self-determination, must be protected.
A special thank you to Bill Binney!
Summary of PPS
Privacy-Protective Surveillance (PPS) begins with a system of feature detection: intelligent virtual agents, programmed to search databases to detect “significant” information related to potential terrorist activities; (the features/events to be searched for must be identified by intelligence experts in the field);
Any personal information associated with significant features or events detected after a search will be encrypted;
No personally identifiable information will remain in plain text;
A system of public key encryption will be used to encrypt the data, using the court’s public key. A warrant will be required to decrypt the data.
Homomorphic Encryption
A form of encryption that allows computations to be carried out on encrypted data, leading to encrypted results;
“Homomorphic” describes the transformation of one dataset into another, while preserving relationships between data elements in both sets;
Homomorphic encryption allows you to make computations or engage in data analytics on encrypted values – data you cannot “read” because it is not in plain text, therefore inaccessible;
May also be used to link two or more databases without the disclosure of any unique identifiers – positive-sum – win/win; Privacy by Design.
Concluding Thoughts
PPS only collects data considered to be “significant,” as mapped out by intelligence experts;
“Significant” data is defined as events or features believed to be related to suspicious activity;
All personally identifiable information related to significant data will be encrypted;
Data analytics and queries will only be performed on encrypted data in cypher space;
If an interesting result is obtained, a more targeted request for the raw data that pertains to those results may be made through the courts – a warrant will be required to decrypt the data.