Trading Indistinguishability-based Privacy and Utility of Complex Data

The collection and processing of complex data, like structured data or infinite streams, facilitates novel applications. At the same time, it raises privacy requirements by the data owners. Consequently, data administrators use privacy-enhancing technologies (PETs) to sanitize the data, that are frequently based on indistinguishability-based privacy definitions. Upon engineering PETs, a well-known challenge is the privacy-utility trade-off. Although literature is aware of a couple of trade-offs, there are still combinations of involved entities, privacy definition, type of data and application, in which we miss valuable trade-offs. In this thesis, for two important groups of applications processing complex data, we study (a) which indistinguishability-based privacy and utility requirements are relevant, (b) whether existing PETs solve the trade-off sufficiently, and (c) propose novel PETs extending the state-of-the-art substantially in terms of methodology, as well as achieved privacy or utility. Overall, we provide four contributions divided into two parts. In the first part, we study applications that analyze structured data with distance-based mining algorithms. We reveal that an essential utility requirement is the preservation of the pair-wise distances of the data items. Consequently, we propose distance-preserving encryption (DPE), together with a general procedure to engineer respective PETs by leveraging existing encryption schemes. As proof of concept, we apply it to SQL log mining, useful for database performance tuning. In the second part, we study applications that monitor query results over infinite streams. To this end, -event differential privacy is state-of-the-art. Here, PETs use mechanisms that typically add noise to query results. First, we study state-of-the-art mechanisms with respect to the utility they provide. Conducting the so far largest benchmark that fulfills requirements derived from limitations of prior experimental studies, we contribute new insights into the strengths and weaknesses of existing mechanisms. One of the most unexpected, yet explainable result, is a baseline supremacy. It states that one of the two baseline mechanisms delivers high or even the best utility. A natural follow-up question is whether baseline mechanisms already provide reasonable utility. So, second, we perform a case study from the area of electricity grid monitoring revealing two results. First, achieving reasonable utility is only possible under weak privacy requirements. Second, the utility measured with application-specific utility metrics decreases faster than the sanitization error, that is used as utility metric in most studies, suggests. As a third contribution, we propose a novel differential privacy-based privacy definition called Swellfish privacy. It allows tuning utility beyond incremental -event mechanism design by supporting time-dependent privacy requirements. Formally, as well as by experiments, we prove that it increases utility significantly. In total, our thesis contributes substantially to the research field, and reveals directions for future research

The Interplay between National Security and Freedom of Expression Online in the Post-Soviet Countries

For his study, the researcher selected a group of post-Soviet countries. After the collapse of the Soviet Union, the countries morphed into quite different sovereign states, with different centres of global attractions and alliances. In the present work the author tested his hypothesis that regardless of individual historical paths − and despite differences in evolving political and institutional regimes − there exists a commonality of Internet regulation practices that is shared by most of the countries in question. To set the stage, this work presents the research design and methodology before moving on to describe the context in the post-Soviet region. Next, the work takes a detour from the analysis of regional characteristics to introduce the definitions of national security, terrorism, extremism and the interplay of these issues with the principle of freedom of expression. The research further explores the way emerging Internet technologies changed the playing field when it comes to the expression of views that are legally acceptable, however, potentially could be causing a threat to national security. The author then outlines the existing good practices, drawing mostly upon the experiences of the ‘old’ democracies, before moving on to explore case studies conducted in the post-Soviet space. The scope of legislative interventions in the countries of the region is examined through the lens of the legitimisation of disputable practices of curtailing free online expression and the methods employed. It should be noted that the hypothesis involving the commonality of legislative interventions is only partially corroborated. Still, the author identified a number of initiatives that legislators of the countries under scrutiny could implement to align their respective legislature with the best practices of online regulation, based on the premises of legality, legitimacy, and proportionality as regards restrictions to freedom of expression