Privacy and Security in an On Demand World Harriet Pearson, V.P. Workforce & Chief Privacy Officer IBM Corporation Almaden Institute Symposium on Privacy April 9, 2003 2002 IBM Corporation
Outline Where is technology taking us? What will we use it for? What can happen to privacy? Can technology help? What must we do? 2
Idea 1: The Information Explosion Continues (Actually, it s accelerating) Technology Trends COMPUTING: Chips/$ 10x in 5 years Computing power/$ 10x in 4 years STORAGE: Storage/$ 10x in 6 years COMMUNICATIONS: Backbone 100x in 5 years Local loop 100x in next 5 years 3
Total Amount of Data Connected to The Internet 2001 1 petabyte (10 15 bytes) 2006 1 exabyte (10 18 bytes) 2010 1 zettabyte (10 21 bytes) The result of: More people spending More time using More data-rich applications More replication and caching of data 4
Much More to Come The Internet Revolution is <5% complete Number of users Number of devices Speed/bandwidth Amount of content Number of applications 5
Data, Data Everywhere Video surveillance E-commerce Location-dependent services Customized video on-demand Video-conferencing Networked devices Embedded sensors Data mining 6
Sensors Will Predominate 100 B Internet-connected devices 10 B Sensors Appliances 1 B 100 M Computers 1990 2000 2010 2020 YEAR 7
The Data Can Be Combined And Analyzed Data mining and data matching can give governments and businesses powerful, useful, and sometimes disturbing new capabilities Identity theft detection Total Information Awareness CAPPS II New digital video surveillance systems 8
Idea 2: A New Computing Paradigm Is Evolving On Demand Network-Centric Client-Server Mainframe 9
What is e-business on demand? Not just being on the Net but being a part of it -- so your organization is able to respond with speed to any customer demand, market opportunity or competitive threat Responsive Focused Variable Resilient 10
Making e-business on demand possible e-business on demand Grid Autonomic Computing Pervasive Computing New (open) standards (for Web services, integration, authentication, etc.) 11
The BIG Question E-business on demand will make computing easier and cheaper. How to balance individuals interest in privacy with the benefits of having so much more data? 12
Idea 3: A New Paradigm for Privacy Is Needed Distributed computing technologies (Grid, peer-topeer) are evolving rapidly It s not too early to think about the profound impact they could have on how we, our companies, and our governments collect, process, store, and disseminate information Technological change cannot be stopped--only directed (if we are lucky) 13
Possible Futures What they know about me A little A lot 1984 Trusted Balance Transparent Society Today Chaum s World No Control Only Them Them and Me Everyone TRANSPARENCY -- Who knows what they know about me 14
Which Path and What Pace? What they know about me A little A lot 1984 Trusted Balance Transparent Society Today Chaum s World No Control Only Them Them and Me Everyone TRANSPARENCY -- Who knows what they know about me 15
Scenario: 1984 Government and/or business knows all about you You have no control about the data they collect HOW THIS COULD HAPPEN Anti-terrorism initiatives Fear of crime and instability Government rules force ISPs and e-businesses to divulge personal data Drive for efficiency 16
Scenario: Trusted Balance You feel comfortable having certain governments and trusted businesses know all about you because you know who has your data and how it will be used The data is well-protected against unauthorized use Individuals can decide what to share and when HOW THIS COULD HAPPEN Efficiency, customized service from e-business on demand Anti-terrorism initiatives Effective Privacy Rights Management tools Industry-wide commitment to REAL security Companies competing to give customers the privacy they want 17
Scenario: Transparent Society (from David Brin) Everyone knows everything about everyone A global small town We can watch the watchers We ve given up on privacy HOW THIS COULD HAPPEN Fear of crime and terrorism; Desire for closer community Desireable customized services from e-business on demand Drive for efficiency Fundamental change in attitudes about privacy (starting with exhibitionist teenagers) 18
Scenario: No control Systems are insecure Hackers can break into almost any system Hackers post and publicize the data they find No trust; little e-business and e-government HOW THIS COULD HAPPEN Buggy code Lack of IT and telecom industry cooperation Too much complexity Sloppy maintenance 19
Scenario: Chaum s World (from David Chaum) Consumers refuse to share personal data Digital cash and anonymous transactions the norm HOW THIS COULD HAPPEN New anonymizing technologies Bulletproof Privacy Rights Management tools Workable business models New, increased concerns about privacy 20
Scenario: Today Many disparate, unconnected databases Conflicting, uneven privacy protections industry or government-led No widespread authentication scheme Fears about identity theft, terrorism HOW THIS COULD HAPPEN Lack of investment in security and privacy No evolution of current privacy and security policy approaches Lack of industry cooperation on privacy infrastructure Inertia 21
Which Path? What they know about me A little A lot 1984 Privacy on Demand Transparent Society Today Chaum s World No Control Only Them Them and Me Everyone TRANSPARENCY -- Who knows what they know about me 22
Time For A Survey Assume you only have six extreme scenarios Question 1: Which scenario would you prefer to live in? Question 2: Which scenario do you think will most closely describe where we will be in 2013? 23
Which Path? What they know about me A little A lot 1984 Privacy OnDemand Transparent Society Today Chaum s World No Control Only Them Them and Me Everyone TRANSPARENCY -- Who knows what they know about me 24
Key Questions It seems inevitable they will know more about me. 1984 or Privacy On Demand or Transparent Society? Or 1984 first, then Privacy on Demand? How transparent will the future be? What will I know? What will everyone know? How to maximize transparency on the path we take? 25
Idea 4: e-business on demand will only grow if we address privacy concerns We already know this! 26
IBM s Approach A long history 27
IBM s Approach Still committed to industry leadership through IBM's own policies and practices Web advertising policy, SSN policy appointment of Chief Privacy Officer engagement with government, industry and cooperative groups 28
Privacy & technology: IBM s strategic initiatives Committed to provide technology and services support to marketplace Customer Council ( IBM Privacy Management Council, comprised of major customers) Privacy Research Institute Tivoli Privacy Management Software Security and Privacy Services 29
Idea 5: Technologies Can Help Will we develop and use them? 30
Privacy-Enhancing Technologies: Questions Privacy-enabling Infrastructure Client How to recognize data collections? How to decide which data to provide in a given situation? How to keep track of data and identities? Organization What can one do with the data received? How to enforce correct usage? How to enable businesses to work with multiple identities? How to authenticate and authorize (relative to a pseudonym)? 31
Privacy-Enhancing Technologies: No Single Answer Privacy-enabling Infrastructure Client Trusted user device? Identity management Pseudonyms, preferences, negotiation User interface Filtering and privacy violation detection Customization Communication Trust Certified attributes Authentication Identity Payment and delivery Convenience SSO Attributes Organization Exploration of status quo Process (re-)engineering Data minimization paradigm Policy Creation, translation, consistency, versioning Authorization and enforcement Identity/profile mgmt Customer privacy services Privacy violation detection Auditing 32
Types of Privacy-Enabling Technology Helps to agree on fair privacy policies, to enforce them, and to manage privacy Helps to minimize the personal information released/disclosed, or used by a process Helps to keep honest people honest, and protects personal information. Helps to build trust 33
3 examples: Privacy-Enhancing Applications Statistical data mining Novel randomization tricks let enterprises make statistics without putting individual records at risk 34
3 examples: Privacy-Enhancing Applications Statistical data mining Novel randomization tricks let enterprises make statistics w/o putting individual records at risk Surveillance technologies Novel image processing technologies can hide all personally identifiable information, until needed (if ever) 35
Surveillance Technologies: Privacy -Enhancing Cameras 2 alert me if x shows up Ordinary users access statistics Law enforcement accesses video how many people alert on event hide times hide locations video hide actions hide identity 36
3 Examples: Privacy-Enhancing Applications Statistical data mining Novel randomization tricks let enterprises make statistics w/o putting individual records at risk. Surveillance technologies Novel image processing technologies will hide all personally identifiable info, until needed (if ever) Pervasive computing Novel privacy management tools help individuals to understand and set their personal policies 37
Idea 6: Privacy By Design Is Essential Must consider privacy at the earliest stages a paradigm shift The Web was originally not designed for security and privacy it had to be added on (e.g. P3P, SSL) Standards for Grid and Web services must have security, authentication and privacy built in Some positive signs: privacy impact assessments 38
Conclusion: We Have Work to Do The Challenges are Huge Technology will enable enterprises and individuals to be more responsive, productive, innovative, resilient Certain technologies pose new privacy concerns, depending on how they are used (multiple scenarios) But we have tools and processes for: More secure systems More enforceable privacy policies Increased transparency More choice for consumers We have to drive the development and adoption of them! 39