“I am Spartacus”: privacy enhancing technologies, collaborative obfuscation and privacy as a public good

The paper introduces an approach to privacy enhancing technologies that sees privacy not merely as an individual right, but as a public good. This idea finds its correspondence in our approach to privacy protection through obfuscation, where everybody in a group takes a small privacy risk to protect the anonymity of fellow group members. We show how these ideas can be computationally realised in an Investigative Data Acquisition Platform (IDAP). IDAP is an efficient symmetric Private Information Retrieval protocol optimised for the specific purpose of facilitating public authorities’ enquiries for evidence.

[1]  Graeme Laurie,et al.  Towards Principles–Based Approaches to Governance of Health–Related Research Using Personal Data , 2013, European Journal of Risk Regulation.

[2]  Daniel J. Solove,et al.  Privacy Self-Management and the Consent Dilemma , 2012 .

[3]  Rafail Ostrovsky,et al.  A Survey of Single-Database Private Information Retrieval: Techniques and Applications , 2007, Public Key Cryptography.

[4]  Adi Shamir,et al.  On the Power of Commutativity in Cryptography , 1980, ICALP.

[5]  Spiros Simitis,et al.  Reviewing Privacy In an Information Society , 1987 .

[6]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[7]  Edward J. Bloustein,et al.  Privacy as an Aspect of Human Dignity : An Answer to Dean Prosser , 1984 .

[8]  Alexandre V. Evfimievski,et al.  Information sharing across private databases , 2003, SIGMOD '03.

[9]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[10]  Bruce Schneier,et al.  Applied cryptography : protocols, algorithms, and source codein C , 1996 .

[11]  Rafail Ostrovsky,et al.  A Survey of Single Database PIR: Techniques and Applications , 2007, IACR Cryptol. ePrint Arch..

[12]  Stephen A. Weis New foundations for efficient authentication, commutative cryptography, and private disjointness testing , 2006 .

[13]  Charles D. Raab,et al.  Privacy, Social Values and the Public Interest , 2012 .

[14]  Alfred Menezes,et al.  Handbook Of Applied Cryptography Crc Press , 2015 .

[15]  Omer Tene What Google Knows: Privacy and Internet Search Engines , 2007 .

[16]  Francesca Bignami Privacy and Law Enforcement in the European Union: The Data Retention Directive , 2011 .

[17]  Christian Cachin,et al.  Efficient private bidding and auctions with an oblivious third party , 1999, CCS '99.

[18]  Yehuda Lindell,et al.  Secure Computation without Agreement , 2002, DISC.

[19]  J. Frost,et al.  Sharing Health Data for Better Outcomes on PatientsLikeMe , 2010, Journal of medical Internet research.

[20]  Robert H. Deng,et al.  Privacy Protection for Transactions of Digital Goods , 2001, ICICS.

[21]  Arto Salomaa,et al.  Public-Key Cryptography , 1991, EATCS Monographs on Theoretical Computer Science.

[22]  Emiliano De Cristofaro,et al.  Privacy-Preserving Policy-Based Information Transfer , 2009, Privacy Enhancing Technologies.

[23]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[24]  Johann-Christoph Freytag,et al.  Almost Optimal Private Information Retrieval , 2002, Privacy Enhancing Technologies.

[25]  Ronald L. Rivest,et al.  RSA Problem , 2005, Encyclopedia of Cryptography and Security.

[26]  William J Buchanan,et al.  Validation of 1-N OT algorithms in privacy-preserving investigations. , 2008 .

[27]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[28]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[29]  Mikhail J. Atallah,et al.  Privacy preserving electronic surveillance , 2003, WPES '03.

[30]  Sean W. Smith,et al.  Protecting client privacy with trusted computing at the server , 2005, IEEE Security & Privacy Magazine.

[31]  Young B. Choi,et al.  Challenges Associated with Privacy in Health Care Industry: Implementation of HIPAA and the Security Rules , 2006, Journal of Medical Systems.

[32]  William J Buchanan,et al.  Privacy-preserving data acquisition protocol , 2010, 2010 IEEE Region 8 International Conference on Computational Technologies in Electrical and Electronics Engineering (SIBIRCON).

[33]  Ian R. Kerr,et al.  Lessons from the Identity Trail: Anonymity, Privacy and Identity in a Networked Society , 2009 .

[34]  Peter Swire,et al.  Security and privacy after September 11: the health care example , 2002, CFP '02.

[35]  Priscilla M. Regan Legislating Privacy: Technology, Social Values, and Public Policy , 1995, The Handbook of Privacy Studies.

[36]  Helen Nissenbaum,et al.  Trackmenot: Resisting Surveillance in Web Search , 2015 .

[37]  Wenliang Du,et al.  Privacy-preserving cooperative scientific computations , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[38]  Yuval Ishai,et al.  Priced Oblivious Transfer: How to Sell Digital Goods , 2001, EUROCRYPT.