A framework to balance privacy and data usability using data degradation

H.J.W. van Heerde; M.M. Fokkinga; N.L.G. Anciaux

doi:10.1109/CSE.2009.174

A framework to balance privacy and data usability using data degradation

H.J.W. van Heerde, M.M. Fokkinga, N.L.G. Anciaux

Databases (Former)

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

3 Citations (Scopus)

41 Downloads (Pure)

Abstract

Personal data is a valuable asset for service providers. To collect such data, free services are offered to users, for whom the risk of loosing privacy by subscribing to a service is often not clear. Although the services are free in terms of money, the user does not know how much he or she actually pays for a given service when allowing his or her data to be collected, unaware of taking a significant privacy risk by doing so. In practice, this risk is even not taken into account when deciding how long the data will be retained; the service provider simply wants to optimize the total worth of the stored data by retaining the data as long as possible. In this paper, we express the privacy risk for the user in terms of such a retention period; the user wants to optimize its privacy by allowing the data to be retained as short as possible. Now, in stead of only considering the interests of the service provider, we argue that we should optimize the common interest of both parties, and present a framework to reason about worth and privacy to find such optimum. Going one step further, we refine and generalize limited retention to data degradation, which prescribes to store data in progressively less accurate forms. Data degradation gives users and service providers a fine grained control over the price to be paid, in terms of privacy risks, and to optimize their common interest: balancing privacy and data usability.

Original language	Undefined
Title of host publication	Proceedings of the International Conference on Computational Science and Engineering (CSE2009)
Place of Publication	Los Alamitos
Publisher	IEEE
Pages	146-153
Number of pages	8
ISBN (Print)	978-0-7695-3823-5
DOIs	https://doi.org/10.1109/CSE.2009.174
Publication status	Published - Aug 2009
Event	2009 IEEE International Conference on Information Privacy, Security, Risk and Trust, PASSAT 2009 - Vancouver, Canada Duration: 29 Aug 2009 → 31 Aug 2009

Publication series

Name
Publisher	IEEE Computer Society Press

Conference

Conference	2009 IEEE International Conference on Information Privacy, Security, Risk and Trust, PASSAT 2009
Period	29/08/09 → 31/08/09
Other	29-31 August 2009

Keywords

METIS-265218
Data degradation
EWI-15701
Privacy
DB-SDM: SECURE DATA MANAGEMENT
IR-67525

Access to Document

10.1109/CSE.2009.174

IEEEXplore-1

Cite this

@inproceedings{f0175dfe1525445d9b5bd71d08ca378f,

title = "A framework to balance privacy and data usability using data degradation",

abstract = "Personal data is a valuable asset for service providers. To collect such data, free services are offered to users, for whom the risk of loosing privacy by subscribing to a service is often not clear. Although the services are free in terms of money, the user does not know how much he or she actually pays for a given service when allowing his or her data to be collected, unaware of taking a significant privacy risk by doing so. In practice, this risk is even not taken into account when deciding how long the data will be retained; the service provider simply wants to optimize the total worth of the stored data by retaining the data as long as possible. In this paper, we express the privacy risk for the user in terms of such a retention period; the user wants to optimize its privacy by allowing the data to be retained as short as possible. Now, in stead of only considering the interests of the service provider, we argue that we should optimize the common interest of both parties, and present a framework to reason about worth and privacy to find such optimum. Going one step further, we refine and generalize limited retention to data degradation, which prescribes to store data in progressively less accurate forms. Data degradation gives users and service providers a fine grained control over the price to be paid, in terms of privacy risks, and to optimize their common interest: balancing privacy and data usability.",

keywords = "METIS-265218, Data degradation, EWI-15701, Privacy, DB-SDM: SECURE DATA MANAGEMENT, IR-67525",

author = "{van Heerde}, H.J.W. and M.M. Fokkinga and N.L.G. Anciaux",

note = "10.1109/CSE.2009.174 ; 2009 IEEE International Conference on Information Privacy, Security, Risk and Trust, PASSAT 2009 ; Conference date: 29-08-2009 Through 31-08-2009",

year = "2009",

month = aug,

doi = "10.1109/CSE.2009.174",

language = "Undefined",

isbn = "978-0-7695-3823-5",

publisher = "IEEE",

pages = "146--153",

booktitle = "Proceedings of the International Conference on Computational Science and Engineering (CSE2009)",

address = "United States",

}

van Heerde, HJW, Fokkinga, MM & Anciaux, NLG 2009, A framework to balance privacy and data usability using data degradation. in Proceedings of the International Conference on Computational Science and Engineering (CSE2009). IEEE, Los Alamitos, pp. 146-153, 2009 IEEE International Conference on Information Privacy, Security, Risk and Trust, PASSAT 2009, 29/08/09. https://doi.org/10.1109/CSE.2009.174

A framework to balance privacy and data usability using data degradation. / van Heerde, H.J.W.; Fokkinga, M.M.; Anciaux, N.L.G.
Proceedings of the International Conference on Computational Science and Engineering (CSE2009). Los Alamitos: IEEE, 2009. p. 146-153.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - A framework to balance privacy and data usability using data degradation

AU - van Heerde, H.J.W.

AU - Fokkinga, M.M.

AU - Anciaux, N.L.G.

N1 - 10.1109/CSE.2009.174

PY - 2009/8

Y1 - 2009/8

N2 - Personal data is a valuable asset for service providers. To collect such data, free services are offered to users, for whom the risk of loosing privacy by subscribing to a service is often not clear. Although the services are free in terms of money, the user does not know how much he or she actually pays for a given service when allowing his or her data to be collected, unaware of taking a significant privacy risk by doing so. In practice, this risk is even not taken into account when deciding how long the data will be retained; the service provider simply wants to optimize the total worth of the stored data by retaining the data as long as possible. In this paper, we express the privacy risk for the user in terms of such a retention period; the user wants to optimize its privacy by allowing the data to be retained as short as possible. Now, in stead of only considering the interests of the service provider, we argue that we should optimize the common interest of both parties, and present a framework to reason about worth and privacy to find such optimum. Going one step further, we refine and generalize limited retention to data degradation, which prescribes to store data in progressively less accurate forms. Data degradation gives users and service providers a fine grained control over the price to be paid, in terms of privacy risks, and to optimize their common interest: balancing privacy and data usability.

AB - Personal data is a valuable asset for service providers. To collect such data, free services are offered to users, for whom the risk of loosing privacy by subscribing to a service is often not clear. Although the services are free in terms of money, the user does not know how much he or she actually pays for a given service when allowing his or her data to be collected, unaware of taking a significant privacy risk by doing so. In practice, this risk is even not taken into account when deciding how long the data will be retained; the service provider simply wants to optimize the total worth of the stored data by retaining the data as long as possible. In this paper, we express the privacy risk for the user in terms of such a retention period; the user wants to optimize its privacy by allowing the data to be retained as short as possible. Now, in stead of only considering the interests of the service provider, we argue that we should optimize the common interest of both parties, and present a framework to reason about worth and privacy to find such optimum. Going one step further, we refine and generalize limited retention to data degradation, which prescribes to store data in progressively less accurate forms. Data degradation gives users and service providers a fine grained control over the price to be paid, in terms of privacy risks, and to optimize their common interest: balancing privacy and data usability.

KW - METIS-265218

KW - Data degradation

KW - EWI-15701

KW - Privacy

KW - DB-SDM: SECURE DATA MANAGEMENT

KW - IR-67525

U2 - 10.1109/CSE.2009.174

DO - 10.1109/CSE.2009.174

M3 - Conference contribution

SN - 978-0-7695-3823-5

SP - 146

EP - 153

BT - Proceedings of the International Conference on Computational Science and Engineering (CSE2009)

PB - IEEE

CY - Los Alamitos

T2 - 2009 IEEE International Conference on Information Privacy, Security, Risk and Trust, PASSAT 2009

Y2 - 29 August 2009 through 31 August 2009

ER -