Towards a Mechanism for Incentivating Privacy

  • Piero A. Bonatti
  • Marco Faella
  • Clemente Galdi
  • Luigi Sauro
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6879)

Abstract

The economic value of rich user profiles is an incentive for providers to collect more personal (and sensitive) information than the minimum amount needed for deploying services effectively and securely. With a game-theoretic approach, we show that provider competition can reduce such information requests. The key is a suitable mechanism, roughly reminiscent of a Vickrey auction subject to integrity constraints. We show that our mechanism induces rational providers to ask exactly for the user information strictly necessary to deliver their service effectively and securely. In this framework, maximal attribute disclosures become more difficult to achieve.

Keywords

Credit Card Information Disclosure Birth Date Blind Signature Provider Selection 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Bae, J., Beigman, E., Berry, R.A., Honig, M.L., Vohra, R.V.: Sequential bandwidth and power auctions for distributed spectrum sharing. IEEE Journal on Selected Areas in Communications 26(7), 1193–1203 (2008)CrossRefGoogle Scholar
  2. 2.
    Baselice, S., Bonatti, P., Faella, M.: On interoperable trust negotiation strategies. In: IEEE POLICY 2007, pp. 39–50. IEEE Computer Society, Los Alamitos (2007)Google Scholar
  3. 3.
    Bogetoft, P., Damgård, I., Jakobsen, T.P., Nielsen, K., Pagter, J., Toft, T.: A practical implementation of secure auctions based on multiparty integer computation. In: Di Crescenzo, G., Rubin, A. (eds.) FC 2006. LNCS, vol. 4107, pp. 142–147. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  4. 4.
    Bonatti, P.A., Festa, P.: On optimal service selection. In: Ellis, A., Hagino, T. (eds.) Proc. of the 14th Int. Conf. on World Wide Web, WWW 2005, pp. 530–538. ACM, New York (2005)CrossRefGoogle Scholar
  5. 5.
    Broache, A.: Competition is good for search privacy, report says. CNET News (August 8, 2007), http://news.cnet.com/Competition-is-good-for-search-privacy,-report-says/2100-1029_3-6201468.html
  6. 6.
    Chaum, D.: Blind signatures for untraceable payments. In: Advances in Cryptology - Crypto 1982, pp. 199–203. Springer, Heidelberg (1983)Google Scholar
  7. 7.
    Dalenius, T.: Finding a needle in a haystack - or identifying anonymous census records. Journal of Official Statistics 2(3), 329–336 (1986)Google Scholar
  8. 8.
    Feigenbaum, J., Jaggard, A.D., Schapira, M.: Approximate privacy: foundations and quantification (extended abstract). In: Parkes, D.C., Dellarocas, C., Tennenholtz, M. (eds.) ACM Conference on Electronic Commerce, pp. 167–178. ACM, New York (2010)Google Scholar
  9. 9.
    Gray, E.: FTC to boost competition in privacy protection. Global Competition Review (September 23, 2010)Google Scholar
  10. 10.
    He, Y., Zhu, M., Zheng, C.: An efficient and minimum sensitivity cost negotiation strategy in automated trust negotiation. In: Int. Conf. Comp. Sci. and Soft. Eng.,, vol. 3, pp. 182–185 (2008)Google Scholar
  11. 11.
    Kleinberg, J., Papadimitriou, C.H., Raghavan, P.: On the value of private information. In: TARK 2001: Proceedings of the 8th Conference on Theoretical Aspects of Rationality and Knowledge, pp. 249–257. Morgan Kaufmann, San Francisco (2001)Google Scholar
  12. 12.
    Luton, R., McAfee, P.R.: Sequential procurement auctions. Journal of Public Economics 31(2), 181–195 (1986)CrossRefGoogle Scholar
  13. 13.
    Osborne, M., Rubinstein, A.: A Course in Game Theory. MIT Press, Cambridge (1994)MATHGoogle Scholar
  14. 14.
    Paci, F., Bauer, D., Bertino, E., Blough, D.M., Squicciarini, A.C.: Minimal credential disclosure in trust negotiations. In: Bertino, E., Takahashi, K. (eds.) Digital Identity Management, pp. 89–96. ACM, New York (2008)Google Scholar
  15. 15.
    Sadeh, N.M., Hong, J.I., Cranor, L.F., Fette, I., Kelley, P.G., Prabaker, M.K., Rao, J.: Understanding and capturing people’s privacy policies in a mobile social networking application. Personal and Ubiquitous Computing 13(6), 401–412 (2009)CrossRefGoogle Scholar
  16. 16.
    Samarati, P.: Protecting respondents’ identities in microdata release. IEEE Transactions on Knowledge and Data Engineering 13(6), 1010–1027 (2001)CrossRefGoogle Scholar
  17. 17.
    Schwartz, A., Cooper, A.: Search privacy practices: A work in progress. Center for Democracy and Technology report (August 2007)Google Scholar
  18. 18.
    Squicciarini, A.C., Bertino, E., Ferrari, E., Paci, F., Thuraisingham, B.M.: PP-trust-X: A system for privacy preserving trust negotiations. ACM Trans. Inf. Syst. Secur. 10(3) (2007)Google Scholar
  19. 19.
    Sweeney, L.: Guaranteeing anonymity when sharing medical data, the Datafly system. Journal of the American Medical Informatics Association (1997)Google Scholar
  20. 20.
    Vickrey, W.: Counterspeculation, auctions, and competitive sealed tenders. Journal of Finance 16, 8–37 (1961)MathSciNetCrossRefGoogle Scholar
  21. 21.
    Winsborough, W.H., Li, N.: Protecting sensitive attributes in automated trust negotiation. In: WPES, pp. 41–51. ACM, New York (2002)Google Scholar
  22. 22.
    Yu, T., Winslett, M., Seamons, K.E.: Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Trans. Inf. Syst. Secur. 6(1), 1–42 (2003)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Piero A. Bonatti
    • 1
  • Marco Faella
    • 1
  • Clemente Galdi
    • 1
  • Luigi Sauro
    • 1
  1. 1.Università di Napoli “Federico II”Italy

Personalised recommendations