By Topic

Personal Privacy without Computational Obscurity: Rethinking Privacy Protection Strategies for Open Information Networks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Weitzner, D.J. ; Massachusetts Inst. of Technol., Cambridge

Summary form only given. Throughout the history of computer and network security research, privacy has been treated as synonymous with confidentiality, with the presumed high water mark of privacy being mathematically provable anonymity. Despite the fact that technical innovation in cryptography and network security has enabled all manner of confidentiality control over the exposure of identity in information systems, the vast majority of Internet user remain deeply worried about their privacy rights and correctly believe that they are far more exposed today than they might have been a generation earlier. Have we just failed to deploy the proper security technology to protect privacy, are our laws inadequate to meet present day privacy threats, or have business practices and social conventions simply rendered privacy dead? While there is some truth to each possibility, the central failure to achieve robust privacy in the information age can be traced to an a long-standing misassocation of privacy with confidentiality and access control. In order to revitalize privacy protection, we should shift our legal attention away from rules limiting disclosure of personal information toward policies governing how personal information can be used. And technical efforts currently focused on access control and anonymization should be redirected toward technical measures that make information usage more transparent and accountable to clearly stated policies that address proper and improper users of personal information.

Published in:

Computer Security Applications Conference, 2007. ACSAC 2007. Twenty-Third Annual

Date of Conference:

10-14 Dec. 2007