Simplified Privacy Controls for Aggregated Services — Suspend and Resume of Personal Data

  • Matthias Schunter
  • Michael Waidner
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4776)


The Internet is moving towards dynamic and ad-hoc service composition. The resulting so-called Web 2.0 sites maintain a unified user-experience while interacting and exchanging personal data with multiple other sites. Since the interaction is dynamic and ad-hoc, existing privacy policy mechanisms are not designed for this scenario.

In this article we describe a new lightweight approach towards privacy management. The core idea is to provide a “privacy panel” – a unified and simple entry point at each site that enables consumers to review stored data and manage their privacy. Key aspects were ease-of-use and handling of recursive disclosures of personal data.


Privacy Policy Personal Data Service Composition Trust Management Privacy Enforcement 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Cranor, L., Langheinrich, M., Marchiori, M.: A P3P Preference Exchange Language 1.0 (APPEL1.0); W3C Working Draft (April 15, 2002),
  2. 2.
    Backes, M., Bagga, W., Karjoth, G., Schunter, M.: Efficient Comparison of Enterprise Privacy Policies. In: 19th Annual ACM Symposium on Applied Computing, Nicosia, Cyprus, March 14-17, 2004, pp. 375–382. ACM Press, New York (2004)Google Scholar
  3. 3.
    Badishi, G., Caronni, G., Keidar, I., Rom, R., Scott, G.: Deleting Files in the Celeste Peer-to-Peer Storage System. In: 25th IEEE Symposium on Reliable Distributed Systems (SRDS 2006), pp. 29–38. IEEE Press, Los Alamitos (2006)CrossRefGoogle Scholar
  4. 4.
    Barth, A., Mitchell, J.C.: Enterprise Privacy Promises and Enforcement. In: Proceedings of the 2005 Workshop on Issues in the Theory of Security, Long Beach, California, pp. 58–66. ACM Press, New York (2005)CrossRefGoogle Scholar
  5. 5.
    Backes, M., Pfitzmann, B., Schunter, M.: A Toolkit for Managing Enterprise Privacy Policies. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 162–180. Springer, Heidelberg (2003)Google Scholar
  6. 6.
    Chaum, D.: The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability. Journal of Cryptology 1/1, 65–75 (1988)MathSciNetGoogle Scholar
  7. 7.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: The Second-Generation Onion Router. In: Proceedings of the 13th USENIX Security Symposium (August 2004)Google Scholar
  8. 8.
    Karjoth, G., Schunter, M., Van Herreweghen, E.: Enterprise Privacy Practices vs. Privacy Promises - How to Promise What You Can Keep. In: 4th IEEE International Workshop on Policies for Distributed Systems and Networks (Policy 2003), Lake Como, Italy, June 4-6, pp. 135–146 (2003)Google Scholar
  9. 9.
    Karjoth, G., Schunter, M.: A Privacy Policy Model for Enterprises. In: 15th IEEE Computer Security Foundations Workshop (CSFW), pp. 271–281. IEEE Computer Society Press, Washington (2002)CrossRefGoogle Scholar
  10. 10.
    Kinateder, M., Pearson, S.: A Privacy-Enhanced Peer-to-Peer Reputation System. In: Bauknecht, K., Tjoa, A.M., Quirchmayr, G. (eds.) E-Commerce and Web Technologies. LNCS, vol. 2738, pp. 206–215. Springer, Heidelberg (2003)Google Scholar
  11. 11.
    Levy, S.E., Gutwin, C.: Improving Understanding of Website Privacy Policies with Fine-Grained Policy Anchors. In: WWW 2005, Chiba, Japan, May 10-14, pp. 10–14. ACM Press, New York (2005)Google Scholar
  12. 12.
    Cranor, L., Dobbs, B., Egelman, S., Hogben, G., Humphrey, J., Langheinrich, M., Marchiori, M., Presler-Marshall, M., Reagle, J., Schunter, M., Stampley, D.A., Wenning, R.: The Platform for Privacy Preferences 1.1 (P3P1.1) Specification; W3C Working Group Note (November 13, 2006),
  13. 13.
    Pfitzmann, A., Pfitzmann, B., Schunter, M., Waidner, M.: Trusting Mobile User Devices and Security Modules. Computer 30/2, 61–68 (1997)CrossRefGoogle Scholar
  14. 14.
    Pfitzmann, B., Waidner, M.: Federated Identity-Management Protocols. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols. LNCS, vol. 3364, pp. 153–174. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  15. 15.
    Stufflebeam, W., Antón, A.I., He, Q., Jain, N.: Specifying Privacy Policies with P3P and EPAL: Lessons Learned. In: Proceedings of the 2004 ACM Workshop on Privacy in the Electronic Society, WPES 2004, Washington DC, USA, October 28 - 28, 2004, pp. 35–35. ACM Press, New York (2004)CrossRefGoogle Scholar
  16. 16.
    Shamir, A.: How to Share a Secret. Communications of the ACM 22/11, 612–613 (1979)CrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Matthias Schunter
    • 1
  • Michael Waidner
    • 1
  1. 1.IBM Research, Zurich Research Laboratory, Säumerstrasse 4, CH-8803 RüschlikonSwitzerland

Personalised recommendations