About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« You've got my identity, now what? | Main | Engineering eID »

No more PETs win prizes puns, please

By Dave Birch posted Jul 23 2008 at 7:44 PM

[Dave Birch] Microsoft has been sponsoring the annual privacy-enhancing technology awards at the PETS Symposium for a few years now. This year the winning paper was written by Arvind Narayanan and Vitaly Shmatikov, researchers at The University of Texas, who looked into large publicly available anonymised data sets – and very quickly discovered a major privacy risk, as their experiments showed that such data sets could be used to re-identify individuals using efficient algorithms. All of which means that companies should be careful about storing masses of data on customer choices because, even if customers aren't explicitly identified in the individual records, it doesn't take much effort to identify them from the pool. Interesting stuff.

Runners-up, Cambridge University researchers Steven J. Murdoch and Piotr Zieliński, also focused on online anonymity. Their paper discusses and analyses, for the first time, the possibility of surveillance at internet exchanges (IXes) where Internet traffic crosses from one network to another. Because so much traffic passes through these, the research seems to indicate that a relatively small snapshot of the data in transit contains a lot of information about what is moving between which nodes.

I found the other runner-up paper especially fascinating because of my focus on the intersection of the digital money and digital identity worlds. The paper "Making P2P Accountable without Losing Privacy" (by Belenkiy et al, Brown University) posits the use of e-cash (that is, the original Chaumian e-cash) to add accountability to file sharing networks without giving up privacy. The idea is to balance between selfish users in a transparent way (and money is the most transparent of all ways) without sacrificing anonymity. Given some of the discussions about anonymity over on Digital Money, this is a timely addition to the debate and shows the accountability and privacy are not mutually exclusive.

Incidentally, their premise that fairness is essential to providing scalable incentives for greater participation seems right to me, as does there characterisation of "selfish peers" as agents in a virtual economy, but I'm not sure if e-cash is a necessary grease to make that work. The authors suggest that the money used in their scheme has five essential characteristics:

  • It should be fungible (ie, no "different strokes" and everyone's money can be used for everything in any combination).
  • It should be integral to the fair exchange of money for goods/services. Because of my history in this space, I'm particularly interested in "shopping" protocols that include all of the steps in a transaction.
  • The money must be unforgeable, obviously.
  • The payment system must be efficiently implementable.
  • Finally, users should be able to spend anonymously.

This is an axiom I think: it's not clear to me from the paper whether they have some reason for thinking that anonymity will or will not make any difference to the performance of the scheme. Would anyone care?

As an aside, when discussing the economic issues raised by the paper, the authors say that under limiting conditions they can demonstrate the knowledge of bank balances (M1) can predict how much money can be added to the network without causing a crash. I hope the Chancellor reads up on their model!

By the way, a big thanks to the guys at Microsoft for sponsoring this valuable award.

Unfortunately, due to the outrageous demands of paying customers, I wasn't able to get over to Leuven for this year's awards. Having gone through my slough of despond about PETs, I think I'm beginning to be a little more optimistic.

As has been observed many times before, the mere existence of PETs doesn't automatically mean an increase in privacy, however measured. For one thing, they have to be built into the systems that we all use every day, so that they are part of the furniture rather than an exotic add-on, and for another they have to be implemented in a way that the general public can grasp. The evidence to date isn't too positive on that front, but that may be (in fact, I hope it is) simply that the whole topic is a bit new.

The economics of privacy is, like anything else, a matter of trade-offs: What is gained and lost by revealing, say, the films you like? How about the real identities of 50 of your Facebook friends? The problem isn't that one trade-off is a more significant compromise of privacy than another. (Facebook's ultracustomized privacy controls take care of that.) The problem is that people can't make informed decisions if they don't know exactly what the trade-offs are. And they've proven that they don't.

[From Protect the Willfully Ignorant | Newsweek International Edition | Newsweek.com]

I fall back on my argument that we have a professional responsibility to make privacy part of the infrastructure whether people say they want it or not.

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]


TrackBack URL for this entry:

Listed below are links to weblogs that reference No more PETs win prizes puns, please:


The comments to this entry are closed.