A Privacy Awareness System for Ubiquitous Computing Environments
Protecting personal privacy is going to be a prime concern for the deployment of ubiquitous computing systems in the real world. With daunting Orwellian visions looming, it is easy to conclude that tamper-proof technical protection mechanisms such as strong anonymization and encryption are the only solutions to such privacy threats. However, we argue that such perfect protection for personal information will hardly be achievable, and propose instead to build systems that help others respect our personal privacy, enable us to be aware of our own privacy, and to rely on social and legal norms to protect us from the few wrongdoers. We introduce a privacy awareness system targeted at ubiquitous computing environments that allows data collectors to both announce and implement data usage policies, as well as providing data subjects with technical means to keep track of their personal information as it is stored, used, and possibly removed from the system. Even though such a system cannot guarantee our privacy, we believe that it can create a sense of accountability in a world of invisible services that we will be comfortable living in and interacting with.
Unable to display preview. Download preview PDF.
- 1.Ronald Bourret. XML-DBMS. Homepage at http://www.rpbourret.com/xmldbms/.
- 2.David Brin. The Transparent Society. Perseus Books, Reading MA, 1998.Google Scholar
- 3.Allen Brown, Barbara Fox, Satoshi Hada, Brian LaMacchia, and Hiroshi Maruyama. SOAPsecurity extensions: Digital signature. See http://www.w3.org/TR/SOAP-dsig, February 2001.
- 4.ContentGuard, Inc. XrML-the extensible rights markup language. See http://www.xrml.org.
- 5.Lorrie Cranor, Marc Langheinrich, and Massimo Marchiori. A P3P preference exchangelanguage 1.0 (APPEL1.0). See http://www.w3.org/TR/P3P-preferences, April 2002.
- 6.Lorrie Cranor, Marc Langheinrich, Massimo Marchiori, and Joseph Reagle. The platformfor privacy preferences 1.0 (P3P1.0) specification. W3C Recommendation, HTML Versionat http://www.w3.org/TR/P3P/, April 2002.
- 7.J.J. Borking et al. Intelligent software agents: Turning a privacy threat into a privacy protector.Available at: http://www.ipc.on.ca/english/pubpres/papers/isat.pdf,April1999.
- 8.Marc Langheinrich. Privacy by design-principles of privacy-aware ubiquitous systems. InProceedings ofUbicomp, pages 273–291. Springer LNCS, September 2001.Google Scholar
- 9.NCR Teradata Division. NCR launches first privacy product for the data warehousing industry. Data Warehousing Report, 2(3), October 2000. Article available online at http://www.teradata.com/dwr/dwr6/article5.html.
- 10.Mark Stefik. Trusted systems. Scientific American, pages 78–81, March 1997. Also availableonline at http://www.sciam.com/0397issue/0397stefik.html.
- 11.TUDresden. JAP-Java Anomyzing Proxy. Homepage at http://anon.inf.tu-dresden.de.
- 12.Jim Waldo. The Jini Architecture for Network-centric Computing. Communications of the ACM, 42(7):76–82, July 1999.Google Scholar