Zach Wener-Fligner
Researchers say you can surveil everyone and see only the criminals
Yale computer scientists Aaron Segal, Bryan Ford, and Joan Feigenbaum paint an idyllic picture of a potential surveillance environment that’s heavy on reach and light on breach.
The paper, “Catching Bandits and Only Bandits: Privacy-Preserving Intersection Warrants for Lawful Surveillance,” proposes combining a system of checks and balances with cryptographic techniques to let investigators identify records of interest without exposing anyone else’s data.
Here’s Why You May Never Be Truly Anonymous in A Big Data World
Big data -- the kind that statisticians and computer scientists scour for insights on human beings and our societies -- is cooked up using a recipe that’s been used a thousand times.
Here’s how it goes: Acquire a trove of people’s highly personal data -- say, medical records or shopping history. Run that huge set through a “de-identification” process to anonymize the data. And voila -- individuals become anonymous, chartable, and unencumbered by personal privacy concerns. So what’s the problem? It turns out that all that de-identified data may not be so anonymous after all.
So argues Arvind Narayanan, a Princeton computer scientist who first made waves in the privacy community by co-authoring a 2006 paper showing that Netflix users and their entire rental histories could be identified by cross-referencing supposedly anonymous Netflix ratings with the Internet Movie Database.
Narayanan and fellow Princeton professor Edward Felten delivered the latest blow to the case of de-identification proponents (those who maintain that de-identification is viable) with a July 9 paper that makes a serious case for data paranoia. They argue that de-identification doesn’t work -- in theory or in practice -- and that those who say it does are promoting a “false sense of security” by naively underestimating the attackers who might try to deduce personal information from big data.