Citizens are increasingly offered opportunities for using technological innovations, which are meant to improve their productivity, convenience and overall quality of life. However, a great deal of these innovations requires end-users to share their data on-line with a service provider or in several cases (like social media) with other users as well. Furthermore, the citizens’ engagement in on-line services such as e-commerce sites facilitates service providers to collect, analyze and leverage behavioral data about them. All these are prominent cases where IT applications raise privacy concerns, which can be a serious set-back to the wider adoption and use of such modern technology.
Privacy concerns about on-line services is nothing new, as people have been quite privacy sensitive since the early days of the internet. However, the advent of a wave of privacy threating technologies (such as sensors and Internet-of-Things technologies), along with the rise of BigData capabilities that enable storage and processing of arbitrarily large volumes of personal data, have made pre-existing concerns much more intense. In this landscape, enterprises need to understand the business value of privacy and also the importance of privacy preserving and privacy enhancing technologies.
Privacy Preserving Technologies: The Rationale
In principle vendors and providers of IT products and services cannot afford to ignore privacy for the following main reasons:
- Legal and Regulatory Compliance: All IT applications that deal with personal data must adhere to applicable laws and regulations. Failure to comply with privacy regulations and mandates leads to fines, in addition to the much more important, damage on corporate image and brand reputation. Compliance to regulations can be quite challenging, especially in Europe where, as of May 2018, all applications should adhere to the provisions and privacy implications of the European Union’s General Data Privacy Directive (GDPR). In the US there is no such general privacy directive, but there is still a need for privacy compliance for certain applications. For example, healthcare apps need to comply with provisions for data processing made in the Health Insurance Portability and Accountability Act (HIPAA).
- End-users acceptance: Many surveys have revealed that privacy is among consumer’s top concerns when using on-line services. In several cases (e.g., in the retail sector and social media) consumers might decide not to use a service due to privacy concerns. Beyond retail, such concerns are also voiced by patients, manufacturers, health professionals and users of many other IT applications. Hence, privacy has a serious impact on a product’s or service’s market potential, given that it is a decisive factor for end-users’ confidence and acceptance of the product/ service.
Overall, privacy management is associated with significant social and business impact. On one hand, effective and compliant privacy management is a key to increasing end-users’ trust in IT product and services. And on the other, this enhanced trust is a key prerequisite for the market uptake of these products, through facilitating end-user’s participation and safeguarding the brand reputation.
Examples of Privacy Sensitive Applications
The need for effective privacy management is associated with a host of products and services in many different sectors. Here are some representative examples:
- Healthcare, well-being and lifestyle management: Applications that support people in their daily living activities tend to collect and analyze private data of their users, such as healthcare records, lifestyle information, as well as their behavioral data. Privacy management in such applications can be challenging as these apps are likely to involve special user groups such as elderly, patients and other more vulnerable user segments of the population.
- Retail and e-commerce: As already outlined, e-commerce interactions provide the means for collecting and analyzing behavioral data about users, such as the products that they browse and their past purchases. Furthermore, the use AutoID technologies (e.g., RFID, barcodes, QR codes) for shopping and loyalty management applications provides the means for even more accurate profiling of the shoppers.
- Smart transport and urban mobility: Smart transport systems (e.g., traffic control and smart parking systems) are classic examples of applications that derive and process information about the location and context of the citizens (e.g., drivers’ locations, license plates).
- Security and civil protection: The police and other law enforcement agencies are increasingly leveraging IT technologies in order to confront modern asymmetric security incidents (e.g., terroristic attacks) which threaten the citizens’ privacy. To this end, they collect and analyze large amounts of data including sensor data (e.g., cameras, energy consumption sensors), data from social media and the dark web, as well as citizens’ records, which help them identify and track suspicious behaviors. Such applications can be potentially threatening to citizens’ freedom and privacy.
- Crowd sourcing applications: Crowd sourcing is based on the collection and processing of large volumes of data from many users as a means of identifying collective behaviors or patterns of collective intelligence (e.g., optimal energy consumption and sustainability patterns). These applications can also raise privacy concerns, in cases where individual user’s data are analyzed and tracked.
Privacy Preserving Technologies
Though not exhaustive, the above list of applications is indicative of the scope and importance of privacy management. In order to deal with privacy management, enterprises are offered a pool of processes and controls which are usually detailed in the scope of privacy regulations and mandates. Towards implementing these controls in an efficient way, IT enterprises can leverage the so-called “privacy-preserving” or “privacy enhancing technologies”, which are required to be integrated into IT systems in order to facilitate and enhance end-users’ privacy. There is a wave of such technologies spanning the full range of IT enablers, including databases, distributed systems, BigData analytics and the internet-of-things. Without dwelling into the technical details, here are some examples:
- Data anonymization techniques: A very common privacy preserving measure is about the anonymization of portions of a dataset in a way that makes it impossible to identify the user to which the data belongs. Common techniques include suppression of values (i.e. replacing certain values of the attributes such as names, surnames, social security numbers, dates of birth etc. by an asterisk ‘*’) and generalization (i.e. replacing individual values of attributes (e.g., age = 33) with a broader category (e.g., age >=30)).
- Communication anonymization techniques: These techniques apply the anonymization concept on networked communications for hiding the real online identity of a user (e.g., his/her email address or IP address). In particular, they replace the real identity with a non-traceable identity (e.g., a one-time email address or a pseudonym, a random IP address etc.). This is the foundation for privacy preservation in communication intense services such as email, web browsing, chat, messaging and more.
- Utility driven privacy techniques: Utility-driven privacy techniques provide end-users with incentives for sharing their data such as their location or past purchases. Accordingly, they associate privacy control with the decision of the users about whether the wish to share their data or not. Utility driven methods consider that privacy is about participation and control, much as it is about regulatory compliance.
Privacy preserving technologies come, in most cases, embedded in products and services and hence are not widely visible as stand-alone products. Nevertheless, privacy management functionalities/ controls(e.g., Facebook’s privacy settings) are usually available in a prominent way in these applications.
It’s crystal clear that vendors, integrators and providers of on-line services cannot afford to deal with privacy as a second-class citizen. Companies that fail to blend privacy with their business priorities are likely to face regulatory risks and market failure. To their rescue, a wide range of privacy enhancing technologies are already available, along with a mature regulatory environment that they have to understand, respect and implement.