privacy engineering for today
TRANSCRIPT
![Page 1: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/1.jpg)
Privacy EngineeringforToday
Dr Ian OliverNokia Bell LabsCooperation in CyberTrust WP4
1
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 2: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/2.jpg)
2
Privacy is Dead
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 3: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/3.jpg)
3
Privacy is Deadconsidered
harmful
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 4: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/4.jpg)
4
Privacy is DeadLong Live Privacy!
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 5: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/5.jpg)
5
GDPR
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 6: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/6.jpg)
6
GDPRPrivacy Shield, HIPAA,COPPA,
ePrivacy Directive, EU Telco Law, SOX...
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 7: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/7.jpg)
7
GDPR
Compliance Risk Management
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 8: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/8.jpg)
8
GDPR
Compliance Risk Management
More good news: Not a regulated industry
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 9: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/9.jpg)
9
GDPR
Compliance Risk Management
More good news: Not a regulated industry ...... yet
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 10: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/10.jpg)
10
GDPR
Compliance Risk Management
Bad news: We are not ready as an industry ... still
too focussed on legality, not cross-disciplines
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 11: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/11.jpg)
11
Question:
how many of you DO NOT have a camera on your phone?
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 12: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/12.jpg)
12
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 13: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/13.jpg)
13
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
ID, LOC, PIC
![Page 14: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/14.jpg)
14
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
anon(ID, LOC, PIC)
Browser data
Layer 5,6,7
Layer 1,2,3,4
SS7/Diameter/LTE...
![Page 15: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/15.jpg)
15
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
Oversharing
(nad privacy options)
”Interesting”
3rd party analytics
Information wants to the
FREE!!
Humans!
Marketing...
Keeping information
forever...somewhere...
Do you trust these people?
NSA, CIA, FBI, GCHQ,
MI5, KGB, 007 etc...
Poor software/pri
Your privacy policy is
bad
Device security
Highly simplified points
of privacy pain.
![Page 16: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/16.jpg)
16
System complexity driving innovation
DataCollection
CellID->Location
DataStorage
OperatorPrivacy
Preprocessing
Extraction Hashing
FileStorage
RawData
Processing &Enrichment
External Data
ExternalCross-
referencing
Atomic Data
Aggregation/Report
Generation
CustomerReception
ReportStorage
<<data subject>>Customer
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 17: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/17.jpg)
17
Nokia – New Business Drivers:• From Privacy Law to Privacy Engineering• Systems (of Systems) based approaches• Communication & Ontologies• Telco, IoT, V2V, Core Network, Wellness, Critical Systems• Big Data to "Slow" Data• Culture: From Compliance to Risk Management to Trust• Machine Learning & Information Reconstruction• Trusted Geolocation and Data Sovereignty• Metrics & Mathematics – A General Theory of Privacy• Humans
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 18: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/18.jpg)
18
Results:• faster & safer ”legal” product development• increased cross-discipline interaction => shorter devel time• improved data utilisation => better results, simpler compliance
Tooling for:• system modelling• anonymisation, encryption – done correctly!• [meaningful] privacy metrics• privacy + machine learning• simpler compliance: ISO 291xx, FIPS, GDPR etc.• future tooling: blockchains, homomorphic encryption
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 19: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/19.jpg)
19
One more important result:
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 20: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/20.jpg)
20
One more important result:
Customer Trust
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 21: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/21.jpg)
21
References:
• Ian Oliver (2016) Using Safety-Critical Concepts in Privacy Engineering. CrIM’16, Oulu
• Yoan Miche, Ian Oliver, Aapo Kalliola, Silke Holtmanns, Anton Akusok, Amaury Lendasse (2016) Data Anonymization as a Vector Quantization Problem: Control over Privacy for Health Data. Privacy and Machine Learning, ARES 2016.
• Ian Oliver (2016) Experiences in the Development and Usage of a Privacy Requirements Framework, Requirements Engineering 16, Beijing, Sept 2016
• Ian Oliver, Yoan Miche (2016) On the Development of A Metric for Quality of Information Content over Anonymised Data-Sets, Quatic 16, Portugal, Sept 2016
• Ian Oliver (2015) Privacy as a Safety Critical Concept. Keynote: 1st IEEE Workshop on Privacy Engineering. San Jose, USA
• Ian Oliver (2014) Privacy Engineering: A Dataflow and Ontological Approach, ISBN: 978-1497569713
More material via SlideShare (ioliver76)
Ian Oliver
DIMECC 15.11.2016
Critical Enabling Technologies
![Page 22: Privacy Engineering for Today](https://reader031.vdocuments.net/reader031/viewer/2022022203/5870becd1a28ab0b4a8b6a0d/html5/thumbnails/22.jpg)
Contact
[email protected]@nokia-bell-labs.com@i_j_oliver
Silke Holtmanns
DIMECC 14.11.2016
CyberTrust WP4
22