Information Accountability: A lightning Talk

21 June 2007
Semgrail Workshop
Microsoft Research Redmond, WA

Daniel J. Weitzner
Decentralized Information Group
MIT Computer Science and Artificial Intelligence Laboratory

These slides:


  1. The Web Policy Challenge: privacy and copyright as examples
  2. Clues from regulatory systems governing large-scale information flows
  3. An architecture for end-to-end information accountability

Web Policy Challenge - Privacy

AT&T TSD 3600 gmail

We learn that what people care about is how information is used, not who has access to it.

What Privacy Isn't

Saltzer and Schroeder, The Protection of Information in Computer Systems:

"The term 'privacy' denotes a socially defined ability of an individual (or organization) to determine whether, when, and to whom personal (or organizational) information is to be released."
Communications of the ACM 17, 7 (July 1974).

Technical approach -- Information Hiding: Privacy Sensitive Data Analysis

Goal: construct data base protocol that limits information access according to a formal definition of privacy

Privacy Definition: indistinguishability of the individual from the community

Method: measures epsilon-indistinguishability of a database query transcript

Differential Privacy, Cynthia Dwork, 33rd International Colloquium on Automata, Languages and Programming, ICALP 2006, Part II, pp. 1–12, 2006.

see also Sweeney's k-anonymity work

Questions upon the Success of Privacy Sensitive Data Analysis

A privacy-safe zone: Privacy sensitive data mining establishes a boundary, which, if respected, assures no privacy risk to the individual.

  1. how do you know that data usage remains within the privacy-safe zone:
    • over time?
    • across an institution?
  2. what legal rules outside the privacy-safe zone?

Web Policy Challenge - Copyright: The Mass Media DRM Approach


Web Policy Challenge - Copyright: Next Generation Response Challenges

Google Creative Commons Yahoo Creative Commons search

Move from up-front enforcement barriers (DRM) -> open description of licensing terms (CC) with after-the-fact enforcement as needed

Web Policy Challenge - Copyright: Some tunes can change

iTunes "Imagine a world where every online store sells DRM-free music encoded in open licensable formats. In such a world, any player can play music purchased from any store, and any store can sell music which is playable on all players. This is clearly the best alternative for consumers, and Apple would embrace it in a heartbeat. If the big four music companies would license Apple their music without the requirement that it be protected with a DRM, we would switch to selling only DRM-free music on our iTunes store. Every iPod ever made will play this DRM-free music,"
Steve Jobs, Thoughts on Music (February 6, 2007)

Regulatory Patterns for Large Scale Information Flows

The Web Today

today's web architecture

The Web with Information Accountability Mechanisms

today's web architecture
  • #Policy Aware Transaction Logs
  • #Policy Language Framework
  • #Policy Reasoning Tools

Discussion and More Information

For more information see:

Work described here is supported by the US National Science Foundation Cybertrust Program (05-518) and ITR Program (04-012).

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 2.5 License.