CS 465A / CS 765A Privacy in a Networked World

In addition to this web page, the course mailing list is a primary source for announcements and other course information. All students in the course should be subscribed to the list.

Course description

Increasing use of computers and networks in business, government, recreation, and almost all aspects of daily life has led to a proliferation of online sensitive data, i.e., data that, if used improperly, can harm the data subjects. As a result, concern about the ownership, control, privacy, and accuracy of these data has become a top priority. This course focuses on both the technical challenges of handling sensitive data and the policy and legal issues facing data subjects, data owners, and data users.

Specific topics to be discussed may include:

• what is privacy?
• sector-specific issues (healthcare, finance, national security, ...)
• technology-specific issues (RFID, ubiquitous computing, web browsing, transaction data, ...)
• privacy legislation
• FIP: fair information principles
• P3P: Platform for Privacy Preferences, and related tools
• EPAL: Enterprise Privacy Authorization Language
• when cryptography can and cannot help
• anonymity and systems for anonymous web browsing
• anonymity vs. pseudonymity
• privacy-preserving data mining

This course is suitable for advanced undergraduate computer science majors, graduate students in computer science, and students in technology management or other majors with some computer science background. Course readings will draw on a variety of sources, including both technical materials and the popular press. The course will include a privacy-related project. Projects are largely student-directed, and can include activities such as a programming project, a research paper describing new results (or documenting failed attempts to obtain such results), a survey article describing the state of the art in a particular research area, or an article suitable for the popular press.

We will start some of our class meetings with a discussion of one or more privacy-related case studies. For each, we will frame our discussion around a series of questions. Please bring the questions with you to every class.

Grading

10%	Project: initial proposals.	Due Feb. 3
10%	Project: revised proposals.	Due Feb. 17
15%	Project: status reports.	Due Mar. 31
15%	Project: final reports.	Due Apr. 28
35%	Class participation.	Throughout
15%	In-class final exam.	May 3

Each project component is due at the start of class on the specified day. Lateness on any project deliverable will be penalized at a rate of 5% of the available points per day.

Syllabus

The following is a schedule showing class dates, assignment due dates, and a partial list of topics.

Date	Topics	Assigned Reading Material
Tues, Jan 18	What is privacy?
Thur, Jan 20	Cryptography basics	Garfinkel, Chapters 1 and 2 Privacy Tradeoffs: Myth or Reality?
Tues, Jan 25	Discuss class projects	Garfinkel, Chapters 3, 4, and 5
Thur, Jan 27	Threats to privacy	Garfinkel, Chapters 6, 7, and 8
Tues, Feb 1	Approaches to protecting privacy	Garfinkel, Chapters 9 and 10
Thur, Feb 3	Approaches to protecting privacy, cont'd Initial project proposals due
Tues, Feb 8	Mix nets	Garfinkel, Chapter 11 Untraceable electronic mail, return addresses, and digital pseudonyms, by David Chaum (see required reading for links).
Thur, Feb 10	Mix nets, cont'd Initial project proposals returned	O'Harrow, Intro, Chapters 1 and 2
Tues, Feb 15	Case study: strip searches Anonymous web browsing: Crowds	O'Harrow, Chapters 3, 4, and 5 Crowds: Anonymity for Web Transactions
Thur, Feb 17	Case study: Use of SSN as student ID Anonymous web browsing, cont'd Revised project proposals due
Tues, Feb 22	Monday schedule: No class
Thur, Feb 24	No class
Tues, Mar 1	Cancelled due to snow. Revised project proposals returned	O'Harrow, Chapters 6, 7, and 8
Thur, Mar 3	P3P and related tools, I	Chapter 1 of Web Privacy with P3P
Tues, Mar 8	P3P and related tools, II	User Interfaces for Privacy Agents O'Harrow, Chapter 9
Thur, Mar 10	P3P and related tools, III	Specifying Privacy Policies with P3P and EPAL: Lessons Learned O'Harrow, Chapter 10
Tues, Mar 15	national security and privacy, I	The U.S. Department of Homeland Security's Privacy Office : the body of the 2004 annual report is required reading (linked under "The Body") from that page.
Thur, Mar 17	national security and privacy, II	EPIC's Privacy Act of 1974 page. EPIC's PATRIOT Act page.
Tues, Mar 22	Spring Break: No class
Thur, Mar 24	Spring Break: No class
Tues, Mar 29	Case study: RFID in the workplace RFID and privacy	Radio-Frequency Identification: Security Risks and Challenges (The case study document is not required reading, but is linked at left in case you want to read it.)
Thur, Mar 31	RFID, ctd. health information and privacy Project status reports due	Summary of the HIPAA Privacy Rule
Tues, Apr 5	Case study: medical records and health decisions health information and privacy, ctd Hippocratic Databases	Hippocratic Databases
Thur, Apr 7	census data and privacy, statistical databases Project status reports returned	Security-control methods for statistical databases: a comparative study (You should read pages 515-522 in detail, and can skim the rest.)
Tues, Apr 12	Guest lecturer: Michael Freedman, NYU Anonymity systems and censorship-resistant systems	Protecting Freedom of Information Online with Freenet
Thur, Apr 14	privacy-preserving data mining, I	From SIGKDD Explorations, Volume 4, Issue 2, you should read: Data Mining, National Security, Privacy and Civil Liberties Randomization in Privacy Preserving Data Mining Cryptographic Techniques for Privacy-Preserving Data Mining
Tues, Apr 19	privacy-preserving data mining, II	Experimental Analysis of Privacy-Preserving Statistics Computation, and From SIGKDD Explorations, Volume 4, Issue 2, you should read: Tools for Privacy Preserving Distributed Data Mining
Thur, Apr 21	Guest lecturer: Prof. Joan Feigenbaum, Yale University Privacy and the Law	Privacy and Human Rights 2003 Overview A term paper discussing conflicts between privacy legislation in different countries
Tues, Apr 26	Final project presentations Class will run 30-40 minutes overtime.
Thur, Apr 28	Final project presentations Final project reports due Class will run 10 minutes overtime.
Tues, May 3	FINAL EXAM

Required Reading and Other Resources

Required reading:

• Database Nation: the Death of Privacy in the 21st Century, by Simson Garfinkel, O'Reilly, 2000.
  
• No Place to Hide, by Robert O'Harrow, Jr., Free Press, 2005.
• Privacy Tradeoffs: Myth or Reality?, by Rebecca N. Wright, L. Jean Camp, Ian Goldberg, Ronald Rivest, and Graham Wood. In Proceedings of Financial Cryptography 2002 (FC 2002).
• Untraceable electronic mail, return addresses, and digital pseudonyms, by David L. Chaum, Communications of the ACM, Vol. 24, No. 2, Feb. 1981, ACM Press. (If the pdf is not downloadable at the ACM site, you can also try http://freehaven.net/anonbib/ , which has a large bibliography of anonymity-related papers.
• Crowds: Anonymity for Web Transactions , Michael K. Reiter and Aviel D. Rubin. Published in ACM Transactions on Information and System Security (TISSEC), Volume 1, No. 1, 1998.
• The U.S. Department of Homeland Security's Privacy Office : the body of the 2004 annual report is required reading (linked under "The Body") from that page. You may also want to, but are not required to, read the Appendix.
• Chapter 1 of Web Privacy with P3P, by Lorrie Cranor.
• User Interfaces for Privacy Agents, by Lorrie Cranor.
• Specifying Privacy Policies with P3P and EPAL: Lessons Learned, by W. Stufflebeam, A.I. Antón, Q. He and N. Jain. In Proceedings of the Workshop on Privacy in the Electronic Society (WPES'04).
• EPIC's Privacy Act of 1974 page and EPIC's PATRIOT Act page. You may also wish to read the text of the acts themselves, various analyses of them, or other related information, linked from those pages.
• Radio-Frequency Identification: Security Risks and Challenges, by Sanjay E. Sarma, Stephen A. Weis, and Daniel W. Engels, in RSA Laboratories CryptoBytes, Volume 6, No. 1, Spring 2003, pages 2-9. The RSA Laboratories page at http://www.rsasecurity.com/rsalabs/node.asp?id=2115 also has additional information on RFID and related privacy issues.
• Summary of the HIPAA Privacy Rule, U.S. Department of Health and Human Services. See also their web page containing additional information about medical privacy at http://www.hhs.gov/ocr/hipaa/.
• Hippocratic Databases, by Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, and Yirong Xu. In Proceedings of the 28th VLDB Conference, 2002.
• Security-control methods for statistical databases: a comparative study, by Nabil Adam and John Worthmann, ACM Computing Surveys, Vol. 21, No. 4, 1989.
• Protecting Freedom of Information Online with Freenet, by Ian Clarke, Scott G. Miller, Theodore W. Hong, Oskar Sandberg, and Brandon Wiley, IEEE Internet Computing, January/February 2002.
• From SIGKDD Explorations, Volume 4, Issue 2, the following are required reading:
  • Data Mining, National Security, Privacy and Civil Liberties, by Bhavani Thuraisingham
  • Randomization in Privacy Preserving Data Mining, by Alexandre Evfimievski
  • Cryptographic Techniques for Privacy-Preserving Data Mining, by Benny Pinkas
  • Tools for Privacy Preserving Distributed Data Mining, by Chris Clifton, Murat Kantarcioglu, Jaideep Vaidya, Xiaodong Lin, and Michael Y. Zhu
• Experimental Analysis of Privacy-Preserving Statistics Computation, by Hiranmayee Subramaniam, Rebecca N. Wright, and Zhiqiang Yang. In Proceedings of the Workshop on Secure Data Management, 2004.
• The "Overview" section of Privacy and Human Rights 2003: An International Survey of Privacy Laws and Developments, by Cedric Laurant and Privacy International.
• A term paper discussing conflicts between privacy legislation in different countries, by Ashley Green, written for Prof. Feigenbaum's class. (See why I stress the importance of giving your projects meaningful titles! Wouldn't it be better if I could cite this as "A Comparative Study of International Privacy Legislation", or something like that? -RW)
• We will use a list of questions in addressing our case studies. Also available in ps form. Please bring the questions to class each time.

You are responsible for reading the assigned material for each class before the class, so that you can participate fully in class discussions.

Additional required readings may be added later.

Other Resources:

Some readings and other resources you may find interesting and/or helpful for your project as below. More will be added throughout the semester.

Books:

• Privacy on the Line, by Whitfield Diffie and Susan Landau, MIT Press, 1998.
• Technology and Privacy: The New Landscape, by Philip E. Agre and Marc Rotenberg, MIT Press, 1997.
• The Transparent Society, by David Brin, Perseus Books, 1998.
• Code and Other Laws of Cyberspace, by Lawrence Lessig, Basic Books, 1999.
• Free Culture, by Lawrence Lessig, Penguin Press, 2004.

  Technical Papers:

• A large bibliography of anonymity-related papers is available at http://freehaven.net/anonbib/ .
• The Hordes system for anonymous Web browsing. Full citation: B.N. Levine and C. Shields, "Hordes - A Multicast Based Protocol for Anonymity", Journal of Computer Security, Vol. 10, Num. 3, 2002, pp. 213-240.
• Workshop on Privacy in the Electronic Society, sponsored by the ACM, run annually for the last few years in the Fall.
• Workshop on Privacy-Enhancing Technologies, run annually for the last few years in the Spring.
• Computers, Freedom, and Privacy, now in its 15th year. Diverse audience, including "attendees not only from government, business, education, and non-profits, but also from the community of computer professionals, hackers, crackers and engineers who work the code of cyberspace." (Quoted from the conference web pages.)
• The PORTIA project, a 5-year project I am involved in addressing handling of sensitive information. Funded by the National Science Foundation.
• Journal of Privacy Technology, a new on-line journal. Doesn't seem to have any papers yet, but presumably it will soon.

  Organizations:

  Several organizations carry out work related to privacy and other issues related to technology and policy, and have extensive web sites with information and other resources. Among them are:

• Electronic Privacy Information Center
• Center for Democracy and Technology
• Electronic Frontier Foundation
• Computer Professionals for Social Responsibility
• W3C's P3P information

  News:

  Various news groups and print or on-line publications, including:

• The Privacy Journal, available for subscription from www.privacyjournal.net. The site also has other useful information, including privacy tips, a newsletter, and information about other publications.
• The Markle Foundation publishes a weekly digest on emerging information technology issues, particularly those related to national security and to health, available for subscription at http://www.markle.org/weekly_digest/index.php.
• The RISKS Forum, a moderated digest available for reading as a news group.

  U.S. Government Information

• The U.S. Department of Homeland Security's Privacy Office .
• The U.S. Department of Health and Human Services' Office of Civil Rights.
• The U.S. Census Bureau's Data Protection and Privacy Policy.

Projects

Last updated 4/13/05 by rwright (at) cs.stevens.edu

Copyright © 2005 Rebecca N. Wright