Personal Privacy without Computational Obscurity: Rethinking Privacy Protection Strategies for Open Information Networks

Summary form only given. Throughout the history of computer and network security research, privacy has been treated as synonymous with confidentiality, with the presumed high water mark of privacy being mathematically provable anonymity. Despite the fact that technical innovation in cryptography and network security has enabled all manner of confidentiality control over the exposure of identity in information systems, the vast majority of Internet user remain deeply worried about their privacy rights and correctly believe that they are far more exposed today than they might have been a generation earlier. Have we just failed to deploy the proper security technology to protect privacy, are our laws inadequate to meet present day privacy threats, or have business practices and social conventions simply rendered privacy dead? While there is some truth to each possibility, the central failure to achieve robust privacy in the information age can be traced to an a long-standing misassocation of privacy with confidentiality and access control. In order to revitalize privacy protection, we should shift our legal attention away from rules limiting disclosure of personal information toward policies governing how personal information can be used. And technical efforts currently focused on access control and anonymization should be redirected toward technical measures that make information usage more transparent and accountable to clearly stated policies that address proper and improper users of personal information.