Privacy

Comments Off on Open Algorithms (OPAL): Key Concepts

Open Algorithms (OPAL): Key Concepts

The following are the key concepts and principles underlying the open algorithms paradigm: Moving the algorithm to the data: Instead of pulling raw data into a centralized location for processing, it is the algorithms that should be sent to the data repositories and be processed there. Raw data must never leave its repository: Raw data Read More

Comments Off on Query Smart Contracts: Bringing the Algorithm to the Data

Query Smart Contracts: Bringing the Algorithm to the Data

One paradigm shift being championed by the MIT OPAL/Enigma community is that of using (sharing) algorithms that have been analyzed by experts and have been vetted to be “safe” from the perspective of privacy-preservation. The term “Open Algorithm” (OPAL) here implies that the vetted queries (“algorithms”) are made open by publishing them, allowing other experts to review Read More

Comments Off on What and why: MIT Enigma

What and why: MIT Enigma

I often get asked to provide a brief explanation about MIT Enigma — notably what it is, and why it is important particularly in the current age of P2P networking and blockchain technology.  So here’s a brief summary. The MIT Enigma system is part of a broader initiative at MIT Connections Science called the Open Algorithms for Read More

Comments Off on New Principles for Privacy-Preserving Queries for Distributed Data

New Principles for Privacy-Preserving Queries for Distributed Data

Here are the three (3) principles for privacy-preserving computation based on the Enigma P2P distributed multi-party computation model: (a) Bring the Query to the Data: The current model is for the querier to fetch copies of all the data-sets from the distributed nodes, then import the data-sets into the big data processing infra and then Read More

Comments Off on Atmel to support EPID from Intel

Atmel to support EPID from Intel

One important news item this week from the IoT space is the support by Atmel of Intel’s EPID technology. Enhanced Privacy ID (EPID) grew from the work of Ernie Brickell and Jiangtao Li based on previous work on Direct Anonymous Attestations (DAA).  DAA is very relevant because it is built-in into the TPM1.2 chip (of which there are several hundred million Read More

Comments Off on Transparency of usage of personal data: the need for a HIPAA-like regime

Transparency of usage of personal data: the need for a HIPAA-like regime

Ray Campbell hits the ball out of the park again with his awesome suggestion in his blog: we need a HIPAA-like regime for the privacy of personal data.  As a mental exercise, Ray has gone through the HIPAA document and substituted “individually identifiable health information” to “individually identifiable personal information“. The red-lined doc can also be Read More

Comments Off on The 4 questions on transparency in personal data (disclosure management)

The 4 questions on transparency in personal data (disclosure management)

MIT Media Lab – 2013 Legal Hack-a-thon on Identity Ray Campbell argues quite elegantly and convincingly that the “data ownership” paradigm is not the correct paradigm for achieving privacy and control over personal data. The notion that “I own my data” can be impractical especially in the light of 2-party transactions, where the other party Read More

Comments Off on On the survival NSTIC Privacy Standing Committee

On the survival NSTIC Privacy Standing Committee

Aaron Titus writes an interesting piece based on his analysis of the recent proposal from Trent Adams (PayPal) to modify the NSTIC governance rules. The abolition of the NSTIC Privacy Standing Committee may have unforeseen impact on the acceptance of the whole NSTIC Identity Ecosystem idea, notably from the privacy front. During the last decade — Read More

Comments Off on A market for leakage in derived identities

A market for leakage in derived identities

At lunch today Sal summarized in one sentence what I have been trying to express for the last couple of years: There is a market out there for leakage in derived identities (in the Internet) What we had been talking about was the (inevitable) need for something similar to what the Jericho Forum folks call Read More