Approximate Information Flows: Socially-Based Modeling of Privacy in Ubiquitous Computing
UbiComp '02 Proceedings of the 4th international conference on Ubiquitous Computing
PHEmail: designing a privacy honoring email system
CHI '03 Extended Abstracts on Human Factors in Computing Systems
| Hi-index | 0.00 |
When a decision is taken to forensically investigate information concerning an individual, it is currently not possible to preserve the privacy enjoyed by that individual and to 'undo' the effects of the investigation should he or she prove to be innocent. In other words, once private information deviates from an expected flow and is disclosed, it cannot always be rendered private again. Thus there is a need to balance the efficacy of the investigation against infringements of privacy. This paper shows how a balance can be reached between privacy and forensics through the release of private information in a sequential manner. Access to information is based on prior knowledge and proof of a hypothesis which, if proved correct, releases information sequentially. The solution focuses on the classification and ordering of information by creating a privacy-preserving object. Using cryptographic techniques and blind signatures, we demonstrate the technical feasibility of protecting information up until the point of release.