The document discusses the importance of privacy-preserving technologies (PPTs) in the context of big data, addressing both their positive effects, such as improved decision-making, and negative effects, including privacy intrusion. It highlights the need for a better understanding of PPTs' effectiveness and implementation challenges, along with the perception and regional differences in their use. Recommendations for integrating PPTs into big data solutions and addressing ethical concerns are also provided.

1. © Fraunhofer ISI
Daniel Bachlechner, Fraunhofer ISI
13th Pre-ICIS Workshop on Information Security and Privacy 13 December 2018
PRIVACY-PRESERVING TECHNOLOGIES
IN THE AGE OF BIG DATA

2. © Fraunhofer ISI
Page 2
e-SIDES helps making big data solutions and
applications more responsible
Identify
ethical and
societal issues
Identify PPTs
Assess
existing
technologies
Conduct a
gap
analysis
Make
recom-
menda-
tions
Identify
design
require-
ments
Identify
imple-
mentation
barriers

3. © Fraunhofer ISI
Page 3
Agenda
 Status quo
 Research question
 Methods
 Results
 Summary
 Contribution
 Outlook

4. © Fraunhofer ISI
Page 4
Big data applications have positive and
negative effects
Big data
applications
Negative effects
 Intrusion into peoples' privacy
 Unfair treatment of people and
organizations
 Dependence on organizations and
technology
 Lack of decision transparency
Positive effects
 Faster, fact-based decision-making
 Increasing possibilities of
automation
 Emergence of new and improved
products and services
 Cost savings

5. © Fraunhofer ISI
Page 5
PPTs can be assigned to different classes of
technologies
PPTs
Approaches
Anonymization and
sanitization
 k-anonymity
 Differential privacy
 Randomization
Encryption and multi-party
computation
Access control and policy
enforcement
Accountability, transparency
and data provenance
Access, portability and user
control
 Attribute-based encryption
 Homomorphic encryption
 Attribute-based access control
 Sticky policies
 Automated auditing processes
 Multi-channel and layered
approaches
 Standard exchange formats
 Privacy preferences
 Personal data stores

6. © Fraunhofer ISI
Page 6
Big data applications
The role of PPTs in the age of big data is not
fully understood
Big data solutions
?PPTs
 Effectiveness
 Challenges
 Perception
 Use

7. © Fraunhofer ISI
Page 7
PPTs
PPTs were assessed though interviews and a
review of related literature
Semi-structured
interviews
 Nine key informant
interviews
 Researchers, company
representatives,
members of relevant
organizations
 30-45 minutes
 16 short interviews
 Mainly researchers
 <10 minutes
Literature review
Technology-specific
assessment
General assessment
 Technology
deployment
 Demand for privacy
protection
 Regional differences
 Technological
boundaries
 Societal responsibility

8. © Fraunhofer ISI
Page 8
PPTs differ in term of their effectiveness and
the challenges they pose
Challenges
 Failure of anonymization
 Unique characteristics
 Mathematical background stable
Anonymization
and sanitization
Encryption and
MPC
Access control and
policy
enforcement
Accountability,
transparency and
data provenance
Access, portability
and user control
Effectiveness
 Privacy-utility trade-off
 Choice of parameters
 Adversary’s knowledge unknown
 Untrusted parties
 Computation cost
 Ease of use
 Single point of failure
 Opacity
 Increasing complexity
 Explanation of decisions
 Heterogeneity of data
 Large amounts of information
 Different protection levels
 Need for prior agreements
 Privacy by default
 Encryption is strong
 Relatively slow
 Limited availability of tools
 Low granularity and flexibility
 Automated enforcement
 Boundaries between jurisdictions
 Machine learning modules
 Most devices do not have screens
 Implementation of fixes
 Untrusted parties
 Informational asymmetry
 Shift of responsibility

9. © Fraunhofer ISI
Page 9
PPTs show similarities in terms of their
perception and use
PPTs
Perception and use
Technology
deployment
 Minimal integration of PPTs into solutions
 Fear of economic disadvantages
 Privacy by design has not arrived in practice
Demand for
privacy protection
Regional
differences
Technological
boundaries
Societal
responsibility
 Little demand for solutions that include PPTs
 Privacy protection as a selling point
 Lack of risk awareness
 Considerable regional differences
 Local legislation affects technology globally
 Broad access to technologies may be restricted
 Limitations of reactive approaches
 Need for awareness and education
 Make sure technology functions as expected
 Strengths of the parties is relevant
 Raise awareness and exercise rights
 PPT integration alone would not be sufficient

10. © Fraunhofer ISI
Page 10
PPTs are essential but their use is only slowly
becoming common practice
 Status quo
 Research question
 Methods
 Results
 Summary
 Contribution
 Outlook
 Big data applications have positive and
negative effects
 PPTs can be assigned to different classes
of technologies
The role of PPTs in the age of big data is
not fully understood
PPTs were assessed though interviews and a
review of related literature
 PPTs differ in term of their effectiveness
and the challenges they pose
 PPTs show similarities in terms of their
perception and use

11. © Fraunhofer ISI
Page 11
Big data applications benefit from PPTs but
individual circumstances must be considered
Big data applications
Big data solutions
?PPTs
 PPTs pursue different
aims and thus need to
be combined
 No single most
important class of
technologies
 A multidimensional
measure for privacy
protection is needed
 Objectives of big data
and privacy seem
almost antagonistic

12. © Fraunhofer ISI
Page 12
Recommendations for developers and users of
big data solutions will be made
Big data applications
Big data solutions
PPTs
 Conduct a gap analysis
 Identify design
requirements
 Identify implementation
barriers
 Make recommendations

13. © Fraunhofer ISI
Page 13
If you would like to contribute to the
research, please get in touch
https://e-sides.eu/
info@e-sides.eu

14. © Fraunhofer ISI
Page 14
If you would like to get in touch with me
Dr. Daniel Bachlechner
Competence Center Emerging Technologies
Fraunhofer Institute for Systems and Innovation Research
Breslauer Strasse 48 | 76139 Karlsruhe | Germany
Phone +49 721 6809-161 | Fax +49 721 6809-315
daniel.bachlechner@isi.fraunhofer.de