A framework to balance privacy and data usability using data degradation

H.J.W. van Heerde, M.M. Fokkinga, N.L.G. Anciaux

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

3 Citations (Scopus)
56 Downloads (Pure)


Personal data is a valuable asset for service providers. To collect such data, free services are offered to users, for whom the risk of loosing privacy by subscribing to a service is often not clear. Although the services are free in terms of money, the user does not know how much he or she actually pays for a given service when allowing his or her data to be collected, unaware of taking a significant privacy risk by doing so. In practice, this risk is even not taken into account when deciding how long the data will be retained; the service provider simply wants to optimize the total worth of the stored data by retaining the data as long as possible. In this paper, we express the privacy risk for the user in terms of such a retention period; the user wants to optimize its privacy by allowing the data to be retained as short as possible. Now, in stead of only considering the interests of the service provider, we argue that we should optimize the common interest of both parties, and present a framework to reason about worth and privacy to find such optimum. Going one step further, we refine and generalize limited retention to data degradation, which prescribes to store data in progressively less accurate forms. Data degradation gives users and service providers a fine grained control over the price to be paid, in terms of privacy risks, and to optimize their common interest: balancing privacy and data usability.
Original languageUndefined
Title of host publicationProceedings of the International Conference on Computational Science and Engineering (CSE2009)
Place of PublicationLos Alamitos
Number of pages8
ISBN (Print)978-0-7695-3823-5
Publication statusPublished - Aug 2009
Event2009 IEEE International Conference on Information Privacy, Security, Risk and Trust, PASSAT 2009 - Vancouver, Canada
Duration: 29 Aug 200931 Aug 2009

Publication series

PublisherIEEE Computer Society Press


Conference2009 IEEE International Conference on Information Privacy, Security, Risk and Trust, PASSAT 2009
Other29-31 August 2009


  • METIS-265218
  • Data degradation
  • EWI-15701
  • Privacy
  • IR-67525

Cite this