prevention and reaction defending privacy in the web 2 0
play

Prevention and Reaction Defending Privacy in the Web 2.0 Michael - PowerPoint PPT Presentation

Nov 19, 2023 •640 likes •863 views

Prevention and Reaction Defending Privacy in the Web 2.0 Michael Hart Rob Johnson mhart@cs.stonybrook.edu Stony Brook University For all the Webs successes what is the cost to privacy? Main sources of privacy invasions

  1. Prevention and Reaction Defending Privacy in the Web 2.0 Michael Hart Rob Johnson mhart@cs.stonybrook.edu Stony Brook University

  2. For all the Web’s successes…

  3. …what is the cost to privacy?

  4. Main sources of privacy invasions  Disclosed data  Incidental data

  5. What are service providers doing?  Disclosed data  Provide users simplistic access controls  Incidental data Service Can user make it private? Facebook Only if user is tagged Blogger, LiveJournal, WordPress and other No blogging sites MySpace, Hi5, qq, other social networking No sites Flickr, Picassa, other photo sharing sites No YouTube, MetaCafe and other video No sharing sites Other content sharing sites No

  6. Where these sites come up short  Privacy controls are too coarse  Group permissions by friends or content type  Lack feedback for actions  Users do not know impact of their actions  No safety net  Public by default  Force users to choose between anonymity and accessibility  Who really has 500 best friends?  Portability

  7. So what do users need?  Flexibility to encompass all privacy preferences  Easy to use  Users have little patience and time for access control  Requires little extra effort  Succinct policies for large content collections  Easy to understand  Users know who has access to what  Safety  Infer privacy policy on newly created content

  8. Tag-based privacy policies  Privacy preferences expressed as rules on tags  Only my “college buddies” can see posts marked “Stony Brook University”  When we have new content  Apply rules based on tags to create policy  Allow for exception

  9. Why tag-based policies?  Users already tag the data they post  Even on password protected content!  Tags are extremely flexible  Enable users to express in familiar terms  In terms of their content and attributes  Their relationships  Both specific (e.g. Emily) and abstract (e.g. co-worker)  Tag-based policies are portable across services  Tags are inferable from content  Thus, privacy policies are inferable

  10. Do tag-based policies work?  Flexible  Subjects wrote policies over disparate sensitive topics  Easy to use  Subjects applied tag-based policies significantly faster than an per-item policies  Even with over 100 tags to choose  Easy to understand  Subjects tag-based policies as accurate as per-item policies  Subjects wrote near optimal policies w.r.t. size  Result in succinct policies  Most privacy policies in less than 5 rules on existing blogs  Provides protection  Built a tagger for policy inference that achieved precision and recall over 60% in general case

  11. Incidental data privacy disclosure  Increasing threat to privacy  Sophistication of search engines  Integration of real life and the web  Challenges  Incentives  Freedom of speech

  12. Responsibility for containment?  The subject of the privacy invasion must contain it  Options for recourse  Litigation  Other questionable means  Try to influence search engine rankings  DoS attack

  13. Who will aide him?  The content author?  Unlikely  Only a few cases of online libel have been prosecuted

  14. Who will aide him?  The content provider?  Also unlikely  Goal to serve content, not filter it  Laws protect them

  15. Who will aide him?  The Searcher  A malicious searcher will not  A friendly searcher cannot

  16. Who will aide him?  Search engine  Its goals are not incompatible with user's desires  Improving privacy can improve search results  Search for applicant yields work related links

  17. Modifications for people search  Order results based on  Authority  Objectivity  Devalue dubious or opinionated looking sites  Identify unmoderated forums  Sorry Auto-Admit, 4Chan and Juicy Campus  Display ratings beside result:  Neutrality  Factuality

  18. More ambitious features  Require more specific search queries  Searcher demonstrates some knowledge of existence of relationship  Allow users to express privacy preferences  Search engine can factor user preference into search results  Users declare personal/private topics  What’s fair game  Search engines (may) apply to search results  More “questionable” the results, more influence

  19. The larger picture  How do we help the user?  Usability!  Inspire better access control  Knowledge is the key to the kingdom

  20. Parting thoughts  Privacy for disclosed data  Deploy tag-based privacy policies  Use ML and NLP to automate privacy  Privacy for incidental data  Don't censor  Steer users away from privacy invasive material  May improve search results  Preserve free speech rights

  21. Thanks! Questions? mhart@cs.stonybrook.edu

Recommend

Frederik Borgesius 21 Nov 2014, W3C Workshop Defending Privacy Empowerment Protection

Frederik Borgesius 21 Nov 2014, W3C Workshop Defending Privacy Empowerment Protection

Frederik Borgesius 21 Nov 2014, W3C Workshop Defending Privacy Empowerment Protection Defending Privacy Empowerment Protection Transparency Firms must always Informed consent secure personal data Consumer law Empowerment Protection

543 views • 10 slides
Abuses and misuses of AI: prevention vs reaction Red Teaming in the AI world Cristian Canton

Abuses and misuses of AI: prevention vs reaction Red Teaming in the AI world Cristian Canton

Abuses and misuses of AI: prevention vs reaction Red Teaming in the AI world Cristian Canton Ferrer Research Manager (AI Red Team @ Facebook) Abuses and misuses of AI: prevention vs reaction Red Teaming in the AI world ...with Manipulated

983 views • 79 slides
Privacy and Gift Card Compliance Lessons From Recent Cases for Pursuing, Defending or Avoiding

Privacy and Gift Card Compliance Lessons From Recent Cases for Pursuing, Defending or Avoiding

Presenting a live 90-minute webinar with interactive Q&A Class Action Claims Against Retailers: Deceptive Pricing, False Advertising, Privacy and Gift Card Compliance Lessons From Recent Cases for Pursuing, Defending or Avoiding Claims

837 views • 58 slides
Evolution of Pollution Prevention Reaction Mode Didnt look at the horizon, just

Evolution of Pollution Prevention Reaction Mode Didnt look at the horizon, just

O VERVIEW OF P OLLUTION P REVENTION IN THE W ASTEWATER I NDUSTRY Melody LaBella, PE and Colleen Henry BAYWORK Training Buffet November 14, 2018 Evolution of Pollution Prevention Reaction Mode Didnt look at the horizon, just responded

677 views • 67 slides
Lender Liability: Evaluating, Minimizing and Defending Claims Defending Against Attacks on Loans in

Lender Liability: Evaluating, Minimizing and Defending Claims Defending Against Attacks on Loans in

Presenting a live 90 minute webinar with interactive Q&A Lender Liability: Evaluating, Minimizing and Defending Claims Defending Against Attacks on Loans in Workouts, Defaults, and Bankruptcy TUES DAY, DECEMBER 21, 2010 1pm Eastern |

1.33k views • 131 slides
Workers Compensation and the Role of Social Media: An Effective Evidentiary Tool in Defending

Workers Compensation and the Role of Social Media: An Effective Evidentiary Tool in Defending

Presenting a live 90-minute webinar with interactive Q&A Workers Compensation and the Role of Social Media: An Effective Evidentiary Tool in Defending Claims Navigating Discovery, Privacy, Evidentiary and Ethical Issues to Leverage the

515 views • 37 slides
1 Enthaply vs. entropy in chemical reaction: S solid < S liquid << S gas Spontaneous

1 Enthaply vs. entropy in chemical reaction: S solid < S liquid << S gas Spontaneous

There are two fundamental tendencies in nature that help determine whether a reaction will occur: Topic 9.4 1. Enthalpy Enthalpy, entropy and spontaneity Energy change during reaction = heat of reaction ( H) Reactions tend toward lower

338 views • 3 slides
MANA MANAGING HOME BIA GING HOME BIAS: : DEFENDING THE V DEFENDING THE VALUE OF LUE OF GL

MANA MANAGING HOME BIA GING HOME BIAS: : DEFENDING THE V DEFENDING THE VALUE OF LUE OF GL

MANA MANAGING HOME BIA GING HOME BIAS: : DEFENDING THE V DEFENDING THE VALUE OF LUE OF GL GLOBAL EQUITIES OBAL EQUITIES TO US PRIV US PRIVATE CLIENT E CLIENTS Jonathan F Jonathan Foster ster President & CEO Angeles Wealth

643 views • 19 slides
Pursuing or Defending Claims Assessing Claims, Proving or Defending Liability, Navigating Complex

Pursuing or Defending Claims Assessing Claims, Proving or Defending Liability, Navigating Complex

Presenting a live 90-minute webinar with interactive Q&A Wrongful Death Claims and Survival Actions: Pursuing or Defending Claims Assessing Claims, Proving or Defending Liability, Navigating Complex Valuation and Settlement Issues WEDNESDAY,

481 views • 26 slides
Consumers privacy decision -making Sren Preibusch 12 th July 2010 W3C Workshop on Privacy

Consumers privacy decision -making Sren Preibusch 12 th July 2010 W3C Workshop on Privacy

Consumers privacy decision -making Sren Preibusch 12 th July 2010 W3C Workshop on Privacy for Advanced Web APIs Sren Preibusch 1 Intended reaction towards excessive data collection (first and second choices) Sren Preibusch 2

140 views • 12 slides
Throwing Light on Reaction Dynamics: H + HBr The thermal reaction of hydrogen gas ( H 2 ) and

Throwing Light on Reaction Dynamics: H + HBr The thermal reaction of hydrogen gas ( H 2 ) and

Throwing Light on Reaction Dynamics: H + HBr The thermal reaction of hydrogen gas ( H 2 ) and bromine gas ( Br 2 ) to form hydrogen bromide vapor ( HBr ) is a classic reaction: 22 +2rHBrHB Energetics ( thermodynamics ) tells us that

1.16k views • 83 slides
Mitigating D&O Liability Exposure for Data Privacy and Cybersecurity Breaches Reducing

Mitigating D&O Liability Exposure for Data Privacy and Cybersecurity Breaches Reducing

Presenting a live 90-minute webinar with interactive Q&A Mitigating D&O Liability Exposure for Data Privacy and Cybersecurity Breaches Reducing D&O Risk With Internal Controls, Insurance, and Indemnification; Defending Derivative

1.28k views • 79 slides
Resonances in the 12 C( , ) 16 O reaction I have asked myself the question what is the

Resonances in the 12 C( , ) 16 O reaction I have asked myself the question what is the

Resonances in the 12 C( , ) 16 O reaction I have asked myself the question what is the consequences of the nuclear resonances in the proposed experiment in inverse kinematics of the capture reaction? So far, the reaction was discussed as

222 views • 10 slides
$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

Presentation Slides $ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

318 views • 13 slides
The target of chemical organization theory are reaction networks. A reaction network consists of a

The target of chemical organization theory are reaction networks. A reaction network consists of a

The target of chemical organization theory are reaction networks. A reaction network consists of a set of molecules M and a set of reaction rules R. Therefore, we define a reaction network formally as a tuple M, R and call this tuple an

267 views • 22 slides
Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; Security and Cooperation in Wireless Networks Georg-August University Gttingen Chapter outline 1 Important privacy related

1.12k views • 33 slides
Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

CISPA Center for IT Security, Privacy and Accountabiltiy Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when,

573 views • 26 slides
$ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy

$ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy

Presentation Slides $ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

429 views • 13 slides
SybilGuard: Defending Against Sybil Attacks SybilGuard: Defending Against Sybil Attacks via

SybilGuard: Defending Against Sybil Attacks SybilGuard: Defending Against Sybil Attacks via

SybilGuard: Defending Against Sybil Attacks SybilGuard: Defending Against Sybil Attacks via Social Networks via Social Networks Intel Research Pittsburgh / CMU Haifeng Yu National University of Singapore Michael Kaminsky Intel Research

501 views • 22 slides
CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies US Privacy Laws Sources: Baase: A Gift of Fire and Quinn: Ethics for the Information Age Ethics Spring 2010 Privacy 1 Privacy The original

725 views • 45 slides
. . H Br Br H (radicals) . . H Br H Br reactions involving radicals and sequential

. . H Br Br H (radicals) . . H Br H Br reactions involving radicals and sequential

How is a chemical reaction happening? reaction mechanisms A reaction mechanism is the process by which chemical bonds are broken and formed in sequence so as to convert starting reagents into the observed products. There are three ways to break

439 views • 8 slides
(n,xn ) reaction cross section measurements for (n,xn) reaction studies M. Kerveno A.

(n,xn ) reaction cross section measurements for (n,xn) reaction studies M. Kerveno A.

WONDER 2012 3rd International Workshop on Nuclear Data Evaluation for Reactor Applications September 25-28, 2012 Aix en Provence, France (n,xn ) reaction cross section measurements for (n,xn) reaction studies M. Kerveno A. Bacquias, C.

526 views • 25 slides
Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is

1.01k views • 76 slides
Disease Prevention vs Data Privacy: using landcover maps to inform spatial epidemic models

Disease Prevention vs Data Privacy: using landcover maps to inform spatial epidemic models

Disease Prevention vs Data Privacy: using landcover maps to inform spatial epidemic models Mike Tildesley & Sadie Ryan Centre for Complexity Science University of Warwick/ SUNY ESF Foot-and-Mouth Disease Foot-and-Mouth Disease - How

603 views • 37 slides

More recommend