On October 23rd, 2014, we updated our
By continuing to use LinkedIn’s SlideShare service, you agree to the revised terms, so please take a few minutes to review them.
Buried in a list of 20 million Web searches collected by AOL and recently released on the Internet is user No. 4417749. The number was assigned by the company to protect the searcher's anonymity, but it was not much of a shield.
N o.4417749 conducted hundreds of searches over a three-month period on topics ranging from "numb fingers" to "60 single men" to "dog that urinates on everything”.
S earch by search, click by click, the identity of AOL user No.4417749 became easier to discern. There are queries for several people with the last name Arnold, for "landscapers in Lilburn," Georgia, and for "homes sold in shadow lake subdivision gwinnett county georgia”.
I t did not take much investigating to follow that data trail to Thelma Arnold, a 62-year-old widow who lives in Lilburn, frequently researches her friends' medical ailments and loves her three dogs. "Those are my searches," she said, after a reporter read part of the list to her over the phone
Store user data (e-mail, documents, contacts) on servers, where they are directly edited
Data can be mined, hacked, blagged and accessed by govt
Insider fraud Source: “What price privacy?”, Information Commissioner, May 2006
Networked data could be encrypted
And hence be inaccessible to those storing the data (and their friends)
Would require non-trivial changes to network apps and browsers
Trusted computing not trustworthy enough
Directive on privacy and electronic communications (2002/58/EC)
Recital 9: “The Member States, providers and users concerned, together with the competent Community bodies, should cooperate in introducing and developing the relevant technologies where this is necessary to apply the guarantees provided for by this Directive and taking particular account of the objectives of minimising the processing of personal data and of using anonymous or pseudonymous data where possible.”
Key opportunity for DP authorities
Require that network-centric applications live up to same minimisation standards as personalised websites
This will be much harder to do once network apps become mainstream