kosa - theory for privacy measuring v2

Why Privacy?

Discipline Specificity

Problem

● Research across disciplines suffers because there is no unifed mechanism for measurement

● Computer science has focussed on policy enforcement, ontologies and taxonomies

● Nobody looks at individual privacy preferences in a given environment, which is the basis for legislation

– And also how requirements must be derived

2 Examples

● Facebook● Twitter

People on Facebook

People on Facebook

Versus

Hypothesis

● Disregarding the value-based approach to privacy, it's possible to dervie a finite representation based on discrete factors

● The representation can be used to understand privacy betteracross disciplines

– Standardization– Measurement– Management

Theoretical Framework

● Scientific / mathematical determinism● Plus.

The States

1)Private: existence is unknown

2)Unidentified: presence is known

3)Anonymous: information known but no identity

4)Masked: identity linkage is concealed

5)De-identified: identity is not directly linked

6)Pseudonymous: identity is falsefied

7)Confidential: identity is known for a specific purpose

8)Identified: capable of being distinguised

9)Public: everything is known and assigned

Factors

● Human: considerations when privacy decisions are made

● Technology: services that computers perform related to information management

● Data Types: types of identifiable information

● Recepient: machine v. human● Architecture: characteristics of the physical

environment

Human

● Human privacy rules are specific to the establishment; they are reflected in the physical structure and properties of society

● Each individual has a social contact threshold which determines how they exercise their privacy rights

● Examples:● Subject matter of the object● Control of disclosure, information, audience● Social structure and condition● Visibility● Expectations

Data Types

● Notion of privacy as information protection is well represented in legislaiton and regulation across the world

● Less widely used is the notion of identifiability: that data exists that may or may not include the traditional identifiers, e.g. Name, but may still uniquely identify a person● What is more private: a phone number or a

prescription?

Technology

● Computers are generally accepted to be an effective tool for information management; used to acquire, organize, retrieve, search and maintain information

● This happens increasingly without human intervention

● When it comes to managing information about an identifiable person, there are a discrete number of functions that computers can provide

● Examples:● Network, hosting, registration, mail, website/portal, software,

backup

Proposed Formalization

1) Sn = w H f (H )+ wD f (D)+ wT f (T )

2) f (Factor) = (w1F1 + w2 F2 +... + wn Fn )

3) The more positive the individual factors, the higher to total result of the factor set, the more likely the individual will move to a lower state of privacy, Sm>Sn

Transitions

● Forward● I disclose about me, my objects● You disclose about me, my objects

● Backward● information redaction● information protection

Questions For You

● How do people make decisions?● Specifically in social situations?

● How does space change behaviour?● Any suggestions for testing?● What are the other disciplines that talk about

space, privacy, representation of self?● Suggestions on theoretical frameworks?

An Offer