A Theory of Communicating Sequential Processes
Journal of the ACM (JACM)
Privacy and Contextual Integrity: Framework and Applications
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Communications of the ACM - Organic user interfaces
Robust De-anonymization of Large Sparse Datasets
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
De-anonymizing Social Networks
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Myths and fallacies of "Personally Identifiable Information"
Communications of the ACM
Towards a theory of accountability and audit
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Accountability and deterrence in online life
Proceedings of the 3rd International Web Science Conference
Hi-index | 0.00 |
Adequately protecting informational privacy in an increasingly interconnected world poses two problems. What are the appropriate privacy polices? And, how should one ensure compliance with them? Accountability systems are an attractive solution to both problems. Current work on accountability systems assumes a generally accepted set of privacy rules for the subsequent use of information, and has focused on developing a formal representation of a process for the use of information. Our focus is on fundamental policy issues that arise in developing the models of the privacy rules themselves. This focus leads to the suggestion that accountability systems can be used, not only to enforce compliance with a given set of rules but also to resolve conflicts among conflicting sets of rules. So far, accountability systems have modeled unrealistically simple privacy rules. While this may be an appropriate first step toward more complex systems, we need to define the realistic target at which accountability systems should ultimately aim if adequate systems are eventually to be developed. We specify a number of hurdles to developing accountability systems that adequately constrain the use of information. Some of the problems are wholly non-technical; some are of a mixed nature, part social science or public policy and part technical. The unifying theme is the role of informational norms in ensuring adequate informational privacy.