Abstract
The paper introduces an approach to privacy enhancing technologies that sees privacy not merely as an individual right, but as a public good. This idea finds its correspondence in our approach to privacy protection through obfuscation, where everybody in a group takes a small privacy risk to protect the anonymity of fellow group members. We show how these ideas can be computationally realised in an Investigative Data Acquisition Platform (IDAP). IDAP is an efficient symmetric Private Information Retrieval protocol optimised for the specific purpose of facilitating public authorities' enquiries for evidence.
Highlights
This paper discusses the technology for an obfuscation based method for privacy enhancing tools, which serves the dual function of protecting the reputation and privacy of data subjects, while at the same time protecting legitimate police interests in the confidentiality of an investigation
Unlike most other approaches to PET, in our model for an “Investigative Data Acquisition Platform” the protection of privacy is seen as a communal task, something that we call for reasons that will become apparent below the “Spartacus model” of data protection
Our investigation started with a common privacy problem in online investigations: In order to obtain data about a suspect, the police must disclose to the data controller the identity of the “person of interest”
Summary
This paper discusses the technology for an obfuscation based method for privacy enhancing tools, which serves the dual function of protecting the reputation and privacy of data subjects, while at the same time protecting legitimate police interests in the confidentiality of an investigation. Unlike most other approaches to PET, in our model for an “Investigative Data Acquisition Platform” the protection of privacy is seen as a communal task, something that we call for reasons that will become apparent below the “Spartacus model” of data protection This approach requires us to reconsider 1 not just the doctrinal legal environment of privacy and data protection law, and its jurisprudential, ethical and sociological underpinnings. In the first part of the paper, we describe the motivation for this approach in the form of an extended use case, which allows us to give an informal outline of the solution suggested here This will prepare the ground for a legal-jurisprudential analysis that is needed for the normative underpinning of the technology. We provide a short evaluation of the results, both from a technological and from a legal and ethical perspective, indicating a number of necessary further research questions, in particular empirical and socio-legal questions regarding common perception of privacy and risks
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
