Presentation is loading. Please wait.

Presentation is loading. Please wait.

Personal Privacy Ross Anderson Professor of Security Engineering Cambridge University.

Published byBennett Cunningham Modified over 8 years ago

Similar presentations

Presentation on theme: "Personal Privacy Ross Anderson Professor of Security Engineering Cambridge University."— Presentation transcript:

1 Personal Privacy Ross Anderson Professor of Security Engineering Cambridge University

2 Privacy Engineering Engineering for privacy, as for security or dependability, involves –computer science – for matters like scalability –economics – systems often fail when the people who maintain them have the wrong incentives –psychology – the feeling and the reality are often different Privacy is particularly hard because all three of these factors are often pushing the wrong way

3 Privacy and Business It’s economically efficient to charge different prices to different customers The falling costs of collecting and processing data make this easier The move if businesses online makes them more like the software business (with low marginal costs, network effects and lock-in) which makes price discrimination more profitable However price discrimination annoys people – especially those who end up paying more

4 Example – Facebook A newsworthy conflict of interest –Facebook wants to sell user data –Users want feeling of intimacy, small group, social control Complex access controls – 60+ settings on 7 pages Privacy almost never salient (deliberately!) Over 90% of users never change defaults This lets Facebook blame the customer when things go wrong

5 How Privacy Scales Main privacy threat is usually insiders Traditional GP: 12 staff have access to 10,000 records. Can cope with that! What happens if we let 45,000 GPs plus 40,000 staff see 50,000,000 records? Lesson from Scotland Effect of pervasive malware What’s done in intelligence agencies

6 ‘Database State’ The Joseph Rowntree Reform Trust sponsored a systematic study of all government systems that hold information on at least a substantial minority of us Authors: me, Ian Brown, Terri Dowty, Philip Ingelsant, William Heath, Angela Sasse Are these databases legal, and effective? Which systems should the next Government, scrap, keep or fix?

7 Database State (2) Of 46 systems, we found that 11 were almost certainly illegal Health: SUS, DCR – fall foul of I v Finland judgement Kids: eCAF, ONSET, ContactPoint Home Office: NDNAD, NIR, IMP DWP data sharing, National Fraud Initiative The EU Prüm framework

8 Database State (3) We also found 29 ‘amber’ databases with significant problems including –National Childhood Obesity Database (why?) –NHS Summary Care record (almost useless) –National Pupil Database (mission creep) –Police National Database (federating much stuff that used to be local, like the NHS) Only 6 of 46 databases got a green light (and one of those was an error)!

9 Where Are We Now? Three ‘red’ systems were closed down (NIR, ContactPoint, NAO) Other red systems being spun/renamed (IMP) Two new ‘red’ systems – SCR and YJCMS A number of ‘amber’ systems that harm privacy while providing no benefit are spared (NCOD, NPD, Learner Records Service) In short: no real change, despite Coalition Agreement and the parties’ pre-election pitches

10 Statistical Security The Department of Health wants to keep its databases but protect privacy by stripping out patients’ names and addresses But this doesn’t in general work! Example: find the salary of the female professor in the computer lab as (average salary professors) - (average salary male professors) x (number of professors) With health it’s even harder – especially as researchers want longitudonal records that link up care episodes

11 Economics of Privacy Economics of security has been a rapidly growing field since 2001 The economics of privacy are perplexing! People say they value privacy, but usually act otherwise Is this due to ignorance, externalities, social effects, …? Will people suddenly become militant?

12 Conclusion Privacy online is hard! The economics, psychology and computer science often push in the wrong direction The private sector is motivated by price discrimination The public sector is somewhat similar with a drive to ‘personalised service’ or ‘transformation government’ What sets the boundary? European law? A public reaction against ‘creepy’ organisations? Rational rejection of surveillance by richer citizens?

13 Europe to the Rescue? The I v Finland case, 2008 Ms “I” was a nurse in Helsinki, HIV+ Her hospital systems let everyone see everything Her colleagues found out about her HIV and hounded her out of her job ECHR: she had a right to restrict her health records to clinicians involved directly in her care Now, so do we all!

14

Download ppt "Personal Privacy Ross Anderson Professor of Security Engineering Cambridge University."

Similar presentations

A NEW LOOK AT FACEBOOK!. What you can do with facebook: What you can do with facebook: o o You can see where old friends have gone o o Students can make.

A NEW LOOK AT FACEBOOK!. What you can do with facebook: What you can do with facebook: o o You can see where old friends have gone o o Students can make.
Communication Transferring information from one person to another. Communication is used to instruct, clarify interpret, notify, warn, receive feedback,

Communication Transferring information from one person to another. Communication is used to instruct, clarify interpret, notify, warn, receive feedback,
Ministry of Interior of Montenegro,,The Fight against corruption and organized crime in Montenegro Ministry of Interior of Montenegro,,The Fight against.

Ministry of Interior of Montenegro,,The Fight against corruption and organized crime in Montenegro Ministry of Interior of Montenegro,,The Fight against.
Joining up care for the patient and family Marlene Winfield

Joining up care for the patient and family Marlene Winfield
WRSU Customer Service The Beauty of Change. Privacy and Confidentiality.

WRSU Customer Service The Beauty of Change. Privacy and Confidentiality.
Current developments: A View from Social Care Terry Dafter Chair of ADASS Informatics Network November 2014.

Current developments: A View from Social Care Terry Dafter Chair of ADASS Informatics Network November 2014.
HIPAA HIPAA Health Insurance Portability and Accountability Act of 1996.

HIPAA HIPAA Health Insurance Portability and Accountability Act of 1996.
User Perception and Acceptance of Biometrics M. Angela Sasse Professor of Human-Centred Technology Department of Computer Science University College London,

User Perception and Acceptance of Biometrics M. Angela Sasse Professor of Human-Centred Technology Department of Computer Science University College London,
SPYWARE Presented by The State Security Office November 17, 2004.

SPYWARE Presented by The State Security Office November 17, 2004.
Primary Healthcare Reform The Australian Experience Professor Mark Booth First Assistant Secretary Primary and Mental Health Care Division Department.

Primary Healthcare Reform The Australian Experience Professor Mark Booth First Assistant Secretary Primary and Mental Health Care Division Department.
Unit 7: Store and Retrieve it Database Management Systems (DBMS)

Unit 7: Store and Retrieve it Database Management Systems (DBMS)
Where’s the Equilibrium? Ross Anderson Cambridge.

Where’s the Equilibrium? Ross Anderson Cambridge.
Public Information Online. Timothy WhitneyCaroline Aaron.

Public Information Online. Timothy WhitneyCaroline Aaron.
NHS Databases – The Big Opt Out Ross Anderson Cambridge University and Foundation for Information Policy Research.

NHS Databases – The Big Opt Out Ross Anderson Cambridge University and Foundation for Information Policy Research.
Chapter 1 What is Security Engineering?. Security Engineering Building systems that remain stable Malice Error Mischance Focuses on Tool Processes Methods.

Chapter 1 What is Security Engineering?. Security Engineering Building systems that remain stable Malice Error Mischance Focuses on Tool Processes Methods.
Privacy, Trust and the State Ross Anderson Cambridge University and Foundation for Information Policy Research.

Privacy, Trust and the State Ross Anderson Cambridge University and Foundation for Information Policy Research.
Confidentiality and Collaboration The ethics of information sharing in health and social care.

Confidentiality and Collaboration The ethics of information sharing in health and social care.
Security of Computerized Medical Information: Threats from Authorized Users James G. Anderson, Ph.D. Purdue University.

Security of Computerized Medical Information: Threats from Authorized Users James G. Anderson, Ph.D. Purdue University.
1 Business Economics I Markets and Organizations II.

1 Business Economics I Markets and Organizations II.
Safety and Privacy of Clinical Information (see FIPR evidence by Ross Anderson, Ian Brown. Fleur Fisher & Douwe Korff on www.fipr.org) www.fipr.org.

Safety and Privacy of Clinical Information (see FIPR evidence by Ross Anderson, Ian Brown. Fleur Fisher & Douwe Korff on

Similar presentations

Ads by Google