May 30, 2003

Only give up as much privacy as is necessary

Jon Udell posts some interesting information about data privacy in his article on translucent databases. The idea is that the database even hides data from itself, so, for example, As a thought experiment, he's investigating to what degree an e-commerce system like Amazon could work translucently. Some aspects of this are seemingly straightforward. By keying your purchase history to the hash of your name and a password known only to you, for example, Amazon could in theory deliver all the personalization you expect, and do all the aggregate analysis it needs to do, without tying your name to purchase records. Why do we personalize data more than is necessary?

Still, Amazon obviously has to store your name somewhere, plus your credit card number and street address, in order to do the e-commerce dance, right? Well, actually, no, it does not need to store those data, it needs your permission to use them -- and a means to access them.

And following some of the links on that page, I found this quote about "minimal disclosure certificates" - A woman who wanted to gain access to a web site for a cancer survivors group might use minimal disclosure certificates to prove to the web site that she was a woman over 21 who had breast cancer without revealing her name or address. Minimal disclosure certificates were invented by the mathematician Stefan Brands and exclusively licensed in February 2000 to the Canadian corporation Zero Knowledge Systems.

Nice ideas.

Posted by Adrian at May 30, 2003 11:08 AM | TrackBack

This blog post is on the personal blog of Adrian McEwen. If you want to explore the site a bit further, it might be worth having a look at the most recent entries or look through the archives or categories over on the left.

You can receive updates whenever a new post is written by subscribing to the recent posts RSS feed or

Comments
Post a comment









Remember personal info?





Note: I'm running the MT-Keystrokes plugin to filter out spam comments, which unfortunately means you have to have Javascript turned on to be able to comment.