Design for the Value of PrivacyPrivacy

In a time where more andmore information about people is collected, especially in the digital domain, the right to be left alone and to be free of surveillance, i.e., privacy, is no longer as self-evident as it once was. Therefore, it is important that new systems are designed with privacy in mind. This chapter explores the notion of privacy and how to design “privacy-preserving” systems: systems that are designed with privacy for the end users in mind. Several design approaches that address this issue, such as “Privacy by Design,” “Value Sensitive Design,” and “Privacy Enhancing Technologies,” are discussed. Examples of privacypreserving (and breaking) systems, ranging from smart meters to electronic health records, are used to illustrate the main difficulties of designing such systems. M. Warnier (*) • F. Dechesne • F. Brazier Delft University of Technology, Delft, The Netherlands e-mail: m.e.warnier@tudelft.nl; f.dechesne@tudelft.nl; f.m.brazier@tudelft.nl # Springer Science+Business Media Dordrecht 2015 J. van den Hoven et al. (eds.), Handbook of Ethics, Values, and Technological Design, DOI 10.1007/978-94-007-6970-0_17 431

[1]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[2]  D. E. Denning,et al.  A taxonomy for key escrow encryption systems : How to use key escrow , 1996 .

[3]  Frances M. T. Brazier,et al.  Security of Distributed Digital Criminal Dossiers , 2008, J. Softw..

[4]  Frances M. T. Brazier,et al.  Anonymity and software agents: An interdisciplinary challenge , 2004, Artificial Intelligence and Law.

[5]  Isaiah Berlin,et al.  Two Concepts of Liberty , 1958 .

[6]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[7]  B.F. Wollenberg,et al.  Toward a smart grid: power delivery for the 21st century , 2005, IEEE Power and Energy Magazine.

[8]  C. A. R. Hoare The Verifying Compiler: A Grand Challenge for Computing Research , 2003, Euro-Par.

[9]  F. Schoeman Philosophical Dimensions of Privacy: An Anthology , 1984 .

[10]  Ann Cavoukian,et al.  Privacy by design: the definitive workshop. A foreword by Ann Cavoukian, Ph.D , 2010 .

[11]  Patrick D. McDaniel,et al.  Security and Privacy Challenges in the Smart Grid , 2009, IEEE Security & Privacy.

[12]  George Danezis,et al.  Privacy-Friendly Aggregation for the Smart-Grid , 2011, PETS.

[13]  Jan H. P. Eloff,et al.  Information Security Policy - What do International Information Security Standards say? , 2002, ISSA.

[14]  Clark W. Gellings,et al.  Demand-side management: Concepts and methods , 1993 .

[15]  A. Michael Froomkin The Metaphor is the Key: Cryptography, the Clipper Chip and the Constitution , 1995 .

[16]  J. Phelps,et al.  Privacy Concerns and Consumer Willingness to Provide Personal Information , 2000 .

[17]  Lauren B. Movius,et al.  U.S. and EU Privacy Policy: Comparison of Regulatory Approaches , 2009 .

[18]  David S. Rosenblum,et al.  What Anyone Can Know: The Privacy Risks of Social Networking Sites , 2007, IEEE Security & Privacy.

[19]  Alessandro Acquisti,et al.  Information revelation and privacy in online social networks , 2005, WPES '05.

[20]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[21]  Jacques Loeckx,et al.  The Foundations of Program Verification , 1987 .

[22]  Bart Jacobs,et al.  Dismantling MIFARE Classic , 2008, ESORICS.

[23]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[24]  Modern age until Health Insurance Portability and Accountability Act , 2011 .

[25]  Martijn Warnier,et al.  Language based security for Java and JML , 2006 .

[26]  Michael D Birnhack,et al.  The EU Data Protection Directive: An engine of a global regime , 2008, Comput. Law Secur. Rev..

[27]  Georgios Kalogridis,et al.  Smart Grid Privacy via Anonymization of Smart Metering Data , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[28]  Randolph C. Barrows,et al.  Review: Privacy, Confidentiality, and Electronic Medical Records , 1996, J. Am. Medical Informatics Assoc..

[29]  Roger Dingledine,et al.  A Practical Congestion Attack on Tor Using Long Paths , 2009, USENIX Security Symposium.

[30]  Alan Borning,et al.  Value Sensitive Design and Information Systems , 2020, The Ethics of Information Technologies.

[31]  P. H. Kahn,et al.  Human values, ethics, and design , 2002 .

[32]  Carmela Troncoso,et al.  Two-Sided Statistical Disclosure Attack , 2007, Privacy Enhancing Technologies.

[33]  Peter M. Blau,et al.  Interdependence and hierarchy in organizations , 1972 .

[34]  Michael Nagenborg,et al.  Designing spheres of informational justice , 2009, Ethics and Information Technology.

[35]  Elth Ogston,et al.  Apportionment of control in virtual power stations , 2009, 2009 Second International Conference on Infrastructure Systems and Services: Developing 21st Century Infrastructure Networks (INFRA).

[36]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[37]  Mahesh Sooriyabandara,et al.  Smart Grid Communications: Overview of Research Challenges, Solutions, and Standardization Activities , 2011, IEEE Communications Surveys & Tutorials.

[38]  Bart Jacobs,et al.  Privacy-Friendly Energy-Metering via Homomorphic Encryption , 2010, STM.

[39]  Louis D. Brandeis,et al.  The Right to Privacy , 1890 .

[40]  Peter Schaar,et al.  Privacy by Design , 2010 .

[41]  Dorothy E. Denning,et al.  A taxonomy for key escrow encryption systems , 1996, CACM.

[42]  Guido van 't Noordende,et al.  Security in the dutch electronic patient record system , 2010, CCS 2010.

[43]  Peter Druschel,et al.  Peer-to-peer systems , 2010, Commun. ACM.

[44]  P. Schwartz,et al.  The Gramm-Leach-Bliley Act, Information Privacy, and the Limits of Default Rules , 2002 .

[45]  Norhayati Zakaria,et al.  Designing and implementing culturally-sensitive IT applications: The interaction of culture values and privacy issues in the Middle East , 2003, Inf. Technol. People.

[46]  Lynn A. Karoly,et al.  Health Insurance Portability and Accountability Act of 1996 (HIPAA) Administrative Simplification , 2010, Practice Management Consultant.

[47]  David Annecharico Online Transactions: Squaring the Gramm-Leach-Bliley Act Privacy Provisions with the FTC Fair Information Practice Principles , 2002 .

[48]  Helen Nissenbaum,et al.  Privacy in Context , 2009 .

[49]  Trevor Darrell,et al.  Privacy in Context , 2001, Hum. Comput. Interact..

[50]  N. Winters Personal Privacy and Popular Ubiquitous Technology , 2004 .

[51]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[52]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[53]  Andrew Sears and Julie A. Jacko The human-computer interaction handbook , 2013 .

[54]  Anton Stiglic,et al.  Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems , 2001, Information Hiding.

[55]  H. Feistel Cryptography and Computer Privacy , 1973 .

[56]  Malcolm Dando,et al.  The dual-use dilemma for the life sciences: perspectives, conundrums, and global solutions. , 2006, Biosecurity and bioterrorism : biodefense strategy, practice, and science.

[57]  Jeroen Van Den Hoven,et al.  Nano-technology and privacy: on continuous surveillance outside the panopticon. , 2007, The Journal of medicine and philosophy.

[58]  Chang Liu,et al.  American and Taiwanese Perceptions Concerning Privacy, Trust, and Behavioral Intentions in Electronic Commerce , 2004, J. Glob. Inf. Manag..

[59]  John L. Bennett,et al.  Building relationships for technology transfer , 1996, CACM.

[60]  C. A. R. Hoare The Verifying Compiler: A Grand Challenge for Computing Research , 2003, CC.