Bridging Privacy Definitions

This working group - composed of privacy experts across disciplines - explores the range of privacy-related definitions from law, computer science, and social science, covering topics such as measures of informational harm, de-identification techniques, formal privacy models such as differential privacy, and privacy standards from laws such as FERPA and HIPAA. The group explores the nature of these definitions, the relationships and gaps between them, and potential methods of bridging the disciplinary divide.

A recent product from this working group is a methodology for extracting a mathematical model from a legal standard such as FERPA. This product can be used to demonstrate that a privacy technology satisfies any given legal standard.

For the 2016-2017 year, we plan to focus on questions related to the broad conceptualization of informational harms, including group harms like discrimination and their relationship to the types of harms addressed by formal privacy definitions like differential privacy. We are also looking to develop methods for setting formal privacy parameters (like the differential privacy parameter epsilon) based on accepted legal, ethical, and social notions.

We are excited to hear from anyone seeking to explore multidisciplinary approaches to privacy. For more information and to join our mailing list, please contact Gabriella Fee at gfee@g.harvard.edu

 

People

Salil Vadhan

Salil Vadhan

Vicky Joseph Professor of Computer Science and Applied Mathematics, SEAS, Harvard
Area Chair for Computer Science

Salil Vadhan is the lead PI of Privacy Tools for Sharing Research Data project and the Vicky Joseph Professor of Computer Science and Applied Mathematics

Read more about Salil Vadhan
Alexandra Wood

Alexandra Wood

Research Fellow, Berkman Center for Internet & Society, Harvard
Current Member of Datatags Team

Alexandra Wood is a research fellow at the Berkman Center for Internet & Society and a member of the Privacy Tools law and policy team. Her research

Read more about Alexandra Wood
Kobbi Nissim

Kobbi Nissim

Senior Research Fellow at Harvard University
Professor of Computer Science at Georgetown University
Micah Altman

Micah Altman

Director of Research and Head/Scientist, Program on Information Science for the MIT Libraries, MIT
Non-Resident Senior Fellow, The Brookings Institution
Current Member of Datatags Team

Publications

David O'Brien, Jonathan Ullman, Micah Altman, Urs Gasser, Michael Bar-Sinai, Kobbi Nissim, Salil Vadhan, Michael Wojcik, and Alexandra Wood. 2015. “Integrating Approaches to Privacy Across the Research Lifecycle: When is Information Purely Public?.” Social Science Research Network. SSRN VersionAbstract

On September 24-25, 2013, the Privacy Tools for Sharing Research Data project at Harvard University held a workshop titled "Integrating Approaches to Privacy across the Research Data Lifecycle." Over forty leading experts in computer science, statistics, law, policy, and social science research convened to discuss the state of the art in data privacy research. The resulting conversations centered on the emerging tools and approaches from the participants’ various disciplines and how they should be integrated in the context of real-world use cases that involve the management of confidential research data.

Researchers are increasingly obtaining data from social networking websites, publicly-placed sensors, government records and other public sources. Much of this information appears public, at least to first impressions, and it is capable of being used in research for a wide variety of purposes with seemingly minimal legal restrictions. The insights about human behaviors we may gain from research that uses this data are promising. However, members of the research community are questioning the ethics of these practices, and at the heart of the matter are some difficult questions about the boundaries between public and private information. This workshop report, the second in a series, identifies selected questions and explores issues around the meaning of “public” in the context of using data about individuals for research purposes.

Micah Altman, David O’Brien, Salil Vadhan, and Alexandra Wood. 2014. “Comment to The White House Office of Science and Technology Policy (OSTP): Big Data Study, Request for Information”.Abstract
On January 23, 2014, President Barack Obama asked John Podesta to perform a comprehensive review of big data and privacy. During this review, the White House Office of Science and Technology Policy issued a request for public comment on questions related to the public policy implications of big data.
 
 
Micah Altman, David O’Brien, Salil Vadhan, and Alexandra Wood submitted a response on behalf of the Privacy Tools for Sharing Research Data project. Their comments outline a broad, comprehensive, and systematic framework for privacy analysis and provide a taxonomy of modern technological, statistical, and cryptographic approaches to preserving both data privacy and utility. They argue that an analysis of information privacy should address the scope of information covered, the sensitivity of that information, the risk that sensitive information will be disclosed, the availability of control and accountability mechanisms, and the suitability of existing data sharing models, as applied across the entire lifecyle of information use, from collection through dissemination and reuse.
 
 
With this submission, the authors discuss the inadequacy of traditional approaches to privacy protection and recommend a modern approach that considers three principles. First, the risks of informational harm are generally not a simple function of the presence or absence of specific fields, attributes, or keywords in the released set of data. Second, redaction, pseudonymization, coarsening, and hashing, are often neither an adequate nor appropriate practice, nor is releasing less information necessary more privacy protective. Third, a thoughtful analysis with expert consultation is necessary in order to evaluate the sensitivity of the data collected, to quantify the associated re-identification risks, and to design useful and safe release mechanisms.
  • «
  • 2 of 2
  •