Computers and Privacy: A Survey
ACM Computing Surveys (CSUR)
Security and privacy in computer systems
AFIPS '67 (Spring) Proceedings of the April 18-20, 1967, spring joint computer conference
Security considerations in a multi-programmed computer system
AFIPS '67 (Spring) Proceedings of the April 18-20, 1967, spring joint computer conference
System implications of information privacy
AFIPS '67 (Spring) Proceedings of the April 18-20, 1967, spring joint computer conference
Management of confidential information
AFIPS '69 (Fall) Proceedings of the November 18-20, 1969, fall joint computer conference
AFIPS '71 (Fall) Proceedings of the November 16-18, 1971, fall joint computer conference
The protection of privacy and security in criminal offender record information systems
AFIPS '72 (Fall, part I) Proceedings of the December 5-7, 1972, fall joint computer conference, part I
Security of information processing: implications from social research
AFIPS '72 (Fall, part I) Proceedings of the December 5-7, 1972, fall joint computer conference, part I
AFIPS '72 (Fall, part I) Proceedings of the December 5-7, 1972, fall joint computer conference, part I
Information theory and privacy in data banks
AFIPS '73 Proceedings of the June 4-8, 1973, national computer conference and exposition
The challenge of data and application security and privacy (DASPY): are we up to it
Proceedings of the first ACM conference on Data and application security and privacy
| Hi-index | 0.00 |
"Privacy is the claim of individuals, groups or institutions to determine for themselves when, how and to what extent information about them can be communicated to others." The problem of privacy arises when people are asked to provide personal information either on a mandatory or voluntary basis. The persons about whom the data are collected may be apprehensive that unscrupulous individuals could gain both economic and political advantage over them through access to their personal information. Data collecting agencies often conduct surveys to collect data to use for statistical purposes. In a mandatory survey, the respondent cannot refuse to submit the data. Still, collecting agencies realize that the real foundation of reliable statistics is public cooperation and not the threat of prosecution. In a voluntary survey, the collecting agency has no power and nothing to offer but the general benefits that can accrue to the public from the information. It promises respondents that data will only be disclosed for statistical purposes. In both cases, the collecting agencies can better accomplish their aim if they can assure the respondent that their privacy will be respected. Many agencies use computers to store collected data. The computer provides a central source of information available to many different users. In addition, the information can be retrieved very quickly. However, there are many problems which are associated with the security of computerized information such as: validity of the user, clearance of system personnel and safety for masquerading, electromagnetic pick up, wiretapping, browsing, piggy back entry, etc. Even if these problems did not exist, and assuming that the collecting agencies have good intentions and intend to allow their users to ask only statistical queries about the stored data, their promises are not sufficient to guarantee that there will be no disclosure of any individual's personal information. Hoffman and Miller have shown that a user can combine the answers to some specific statistical queries and his previous knowledge about an individual's personal information to find out more about that individual. Therefore the problem considered is to determine the conditions which guarantee that a user who is allowed to ask only statistical queries cannot be successful in obtaining any more information about any individual than he already has. Before suggesting a solution to this problem, some illustrations to show how disclosure may occur and some definitions are reproduced from an earlier paper by the author.