2,425 research outputs found
Knowing Your Population: Privacy-Sensitive Mining of Massive Data
Location and mobility patterns of individuals are important to environmental
planning, societal resilience, public health, and a host of commercial
applications. Mining telecommunication traffic and transactions data for such
purposes is controversial, in particular raising issues of privacy. However,
our hypothesis is that privacy-sensitive uses are possible and often beneficial
enough to warrant considerable research and development efforts. Our work
contends that peoples behavior can yield patterns of both significant
commercial, and research, value. For such purposes, methods and algorithms for
mining telecommunication data to extract commonly used routes and locations,
articulated through time-geographical constructs, are described in a case study
within the area of transportation planning and analysis. From the outset, these
were designed to balance the privacy of subscribers and the added value of
mobility patterns derived from their mobile communication traffic and
transactions data. Our work directly contrasts the current, commonly held
notion that value can only be added to services by directly monitoring the
behavior of individuals, such as in current attempts at location-based
services. We position our work within relevant legal frameworks for privacy and
data protection, and show that our methods comply with such requirements and
also follow best-practice
An Analysis of the Consequences of the General Data Protection Regulation on Social Network Research
This article examines the principles outlined in the General Data Protection Regulation in the context of social network data. We provide both a practical guide to General Data Protection Regulation--compliant social network data processing, covering aspects such as data collection, consent, anonymization, and data analysis, and a broader discussion of the problems emerging when the general principles on which the regulation is based are instantiated for this research area
Anonymising Clinical Data for Secondary Use
Secondary use of data already collected in clinical studies has become more
and more popular in recent years, with the commitment of the pharmaceutical
industry and many academic institutions in Europe and the US to provide access
to their clinical trial data. Whilst this clearly provides societal benefit in
helping to progress medical research, this has to be balanced against
protection of subjects' privacy. There are two main scenarios for sharing
subject data: within Clinical Study Reports and Individual Patient Level Data,
and these scenarios have different associated risks and generally require
different approaches. In any data sharing scenario, there is a trade-off
between data utility and the risk of subject re-identification, and achieving
this balance is key. Quantitative metrics can guide the amount of
de-identification required and new technologies may also start to provide
alternative ways to achieve the risk-utility balance.Comment: 25 page
Anonimização de Dados em Educação
Interest in data privacy is not only growing, but the quantity of data collected is also increasing. This data, which is collected and stored electronically, contains information related with
all aspects of our lives, frequently containing sensitive information, such as financial records,
activity in social networks, location traces collected by our mobile phones and even medical
records. Consequently, it becomes paramount to assure the best protection for this data, so
that no harm is done to individuals even if the data is to become publicly available. To achieve
it, it is necessary to avoid the linkage between records in a dataset and a real world individual. Despite some attributes, such as gender and age, though alone they can not identify a
corresponding individual, their combination with other datasets can lead to the existence of
unique records in the dataset and a consequent linkage to a real world individual. Therefore, with data anonymization, it is possible to assure, with various degrees of protection,
that said linkage is avoided the best we can. However, this process can have a decline in data
utility as consequence. In this work, we explore the terminology and some of the techniques
that can be used during the process of data anonymization. Moreover, we show the effects
of said techniques on information loss, data utility and re-identification risk, when applied
to a dataset with personal information collected from college graduated students. Finally,
and once the results are presented, we perform an analysis and comparative discussion of
the obtained results.Hoje em dia é possível observar que tanto a preocupação com a privacidade dos dados pessoais como a quantidade de dados recolhidos estão a aumentar. Estes dados, recolhidos e armazenados eletronicamente, contêm informação relacionada com todos os aspetos das nossas
vidas, informação essa muitas vezes sensível, tal como registos financeiros, atividade em redes sociais, rastreamento de dispositivos móveis e até registos médicos. Consequentemente,
torna-se vital assegurar a proteção destes dados para que, mesmo se tornados públicos, não
causem danos pessoais aos indivíduos envolvidos. Para isso, é necessário evitar que registos
nos dados sejam associados a indivíduos reais. Apesar de atributos, como o género e a idade,
singularmente não conseguirem identificar o individuo correspondente, a sua combinação
com outros conjuntos de dados, pode levar à existência de um registo único no conjunto de
dados e consequente associação a um individuo. Com a anonimização dos dados, é possível
assegurar, com variados graus de proteção, que essa associação a um individuo real seja evitada ao máximo. Contudo, este processo pode ter como consequência uma diminuição na
utilidade dos dados. Com este trabalho, exploramos a terminologia e algumas das técnicas
que podem ser utilizadas no processo de anonimização de dados. Mostramos também os
efeitos dessas várias técnicas tanto na perda de informação e utilidade dos dados, como no
risco de re-identificação associado, quando aplicadas a um conjunto de dados com informação pessoal recolhida a alunos que conluíram o ensino superior. No final, e uma vez feita
a apresentação dos resultados, é feita uma análise e discussão comparativa dos resultados
obtidos
Routes for breaching and protecting genetic privacy
We are entering the era of ubiquitous genetic information for research,
clinical care, and personal curiosity. Sharing these datasets is vital for
rapid progress in understanding the genetic basis of human diseases. However,
one growing concern is the ability to protect the genetic privacy of the data
originators. Here, we technically map threats to genetic privacy and discuss
potential mitigation strategies for privacy-preserving dissemination of genetic
data.Comment: Draft for comment
A Privacy by Design Methodology Application in Telecom Domain
Telecommunication has been considerably developed over the last decades, notably through optical fiber submarine cables and wireless connections offering voice and data wide range services. Telecommunication infrastructures are the necessary backbone that make possible any voice and data exchange. Unfortunately, these infrastructures are still suffering from various vulnerabilities and continue to be target of specific cyber-attacks. Some of these attacks could lead to service deniability, integrity and privacy loss. Against this fact, it’s also established that telecom service providers, as the owner of this infrastructure,can have access to huge data, even personal data related to customer and to their employees. Basically, this personal data is related directly to the customer’s and employee’s identity, geolocation, interest areas and contact circle, etc., when it comes to the use of this personal data, the privacy concerns become a big challenge for telecom service providers due to heavy impact that can induce. Given the personal data protection criticality in telecom domain, privacy by design PbD should be incorporate. Then, this article aims to apply in telecom service providers ISPM methodology "Information System Privacy Methodology" which focuses on PbD implementation in enterprises architecture, specifically in information systems taking into account all technical and organizational aspects
Mobile sensor data anonymization
Data from motion sensors such as accelerometers and gyroscopes embedded in our devices can reveal secondary undesired, private information about our activities. This information can be used for malicious purposes such as user identification by application developers. To address this problem, we propose a data transformation mechanism that enables a device to share data for specific applications (e.g.~monitoring their daily activities) without revealing private user information (e.g.~ user identity). We formulate this anonymization process based on an information theoretic approach and propose a new multi-objective loss function for training convolutional auto-encoders~(CAEs) to provide a practical approximation to our anonymization problem. This effective loss function forces the transformed data to minimize the information about the user's identity, as well as the data distortion to preserve application-specific utility. Our training process regulates the encoder to disregard user-identifiable patterns and tunes the decoder to shape the final output independently of users in the training set. Then, a trained CAE can be deployed on a user's mobile device to anonymize sensor data before sharing with an app, even for users who are not included in the training dataset. The results, on a dataset of 24 users for activity recognition, show a promising trade-off on transformed data between utility and privacy, with an accuracy for activity recognition over 92%, while reducing the chance of identifying a user to less than 7%
- …