NO.182 Biggest Failures in Privacy
September 27 - 30, 2021 (Check-in: September 26, 2021 )
- Frederik Armknecht
- University of Mannheim, Germany
- Isao Echizen
- NII, Japan
- Kazue Sako
- Waseda University, Japan
The rapid progress in the development and widespread use of IT systems is giving rise to a variety of problems in security and privacy. In fall 2019, a Dagstuhl Seminar on the 'Biggest Failures in Security' took place that two of the organizers attended. At the seminar, researchers with various background gathered together to share their experiences and challenges regarding achieving security indifferent fields. The discussion tried to identify the main recurring reasons within disciplines why security solutions fail, and how they impact solutions developed in other sub-disciplines. During these discussions, three sub-topics emerged that have been investigated by respective working groups: 1) Certification and standardization of security properties, 2) Human Factor, and 3) Education, respectively.
The seminar was very successful and participants wanted to continue further discussions on these aspects as follow-up seminars in Dagstuhl. Due to the lack of time and space, the seminar covered only security topics. We believe a similar discussion on privacy, which is another interdisciplinary challenge, deserves a similar broad top-down approach with experts in each sub-discipline in privacy research.
There are many approaches in privacy research. One is algorithmic evaluation to transform a set of raw personal data to another set of data so the processing on the transformed set would not cause privacy leakage, like research on k-anonymity and differential privacy. There are studies on Privacy Enhancing Technologies (PETS) that often uses cryptography to deliver the service while protecting sensitive data. There are also physical devices developed to protect a physical entity from privacy invasion by surveillance cameras or eavesdroppers. Ann Cavoukian proposed the notion of “Privacy By Design” where all the services should consider privacy implications and provide measures to avoid it when designing a system. International Standardization bodies are publishing standards on Privacy Framework and demonstrate some of the procedures to implement privacy by design. There are also legal studies to regulate privacy risks.
For these and other reasons, privacy-preserving solutions can never rely on technology alone but touch a variety of different disciplines. We will discuss challenges to maintain our privacy from various disciplines, including technology, regulation, social and ethical impacts. To this end, the following seminar structure is planned:
Days 1+2: Introductory talks
We will invite experts from different, selected subfields to introduce the main challenges in their field to the broad audience. These talks are meant as overview talks. The concrete agenda will be planned a couple of months before the seminar talk, as it depends on the list of participants. At the moment, we identified the following four topics:
- Topic 1: Best practices and failures
What is the current state of privacy-preserving techniques and how/why do they fail?
- Topic 2: Necessity for privacy
How does an ordinary user make decisions on privacy related issues and its impact to the society? What are the requirements and principles laid in privacy related regulations?
- Topic 3: Formal foundations
How is privacy formally/scientifically covered? Are these approaches sufficient/practical?
- Topic 4: Tracing app
In the context of the Corona pandemic, several countries are investigating the development and usage of a tracing app. However, many privacy-relevant problems arise that are not solved yet. Although we hope that the Corona pandemic will be under control at the date of the seminar, we do not expect that a satisfying tracing solution will be found until then. To be prepared in case of another pandemic, this is now the time to discuss possible solutions between different stakeholders.
We plan one slot per topic per day, i.e., four slots on day 1 and four on day 2, respectively. Each slot should have one talk of about 1 hour and give ample opportunities for discussions afterwards.
Days 3+4: Working groups
At the beginning of day 3, a wrap-up session is planned. The main goal is to identify a number of concrete questions that will be investigated in separate working groups afterwards. The number and total duration of the working groups cannot be anticipated at the moment. Assuming a number of around 35 participants, we think that not more than 5 working groups should take place in parallel but leave the final decision to the participants. Of course, participants can swap the working groups and we plan to have slots where all participants can exchange the current state of discussions.
At the beginning, the different working groups will report their findings. Afterwards, the participants should plan the next steps, i.e., how to continue after the seminar is over. We hope that a variety of inter-disciplinary research collaborations will be initiated with this seminar.