Privacy Management

People have a fundamental right to maintain their personal privacy while using all kinds of technologies in their daily lives. Violations of this right can have extremely negative consequences for an individual, including trauma, depression, loss of dignity, loss of jobs, and in extreme cases loss of life. While people generally have some awareness that their personal data are being collected through their online social networks, mobile devices, and IoT sensors, they are often unaware of the extent and nature of the data collected through these technologies and express surprise and discomfort when they find out. For example, multiple users reported surprise when they found out that their flashlight app was continuously tracking their location information. Our group has been studying how the newer technologies are creating newer privacy challenges as well as opportunities for mitigation.

The projects include:

Uniqueness of personal spending data– Identifying the limits of anonymity in the emerging big data. For example, in a Science paper [6], we reported that it takes only 4 pieces of spatio-temporal information to uniquely identify a customer’s credit card data amongst millions of other anonymized data records. This brings to the fore an urgent need to re-define how we measure privacy, understand it, and ultimately what drives our privacy needs in an information rich eco-system. 

Predicting privacy attitudes using phone metadata – We found that a combination of phone use metadata can provide vital insights into a person’s privacy attitudes. This can be used to automatically recommend privacy settings to individuals [4].

Nudging privacy behavior – We have designed multiple social theory based interfaces that nudge individuals towards more careful privacy decisions [2, 4]. 

Supporting privacy needs of individuals when using COVID symptom reporting apps – We undertook focus group interviews to understand how individual privacy attitudes change during health emergencies [1] and developed a mechanism that efficiently guarantees differential privacy for crowdsourced symptom data [1].  

Funding and Support

We gratefully acknowledge the support from the US National Science Foundation for this work.

Related Publications

1. Asif, H., Papakonstantinou, P., Shiau, S., Singh, V., & Vaidya, J. (2022), Intelligent Pandemic Surveillance via Privacy-Preserving Crowdsensing. IEEE Intelligent Systems. (Accepted. In Press)
2. Park, J., Ahmed, E., Asif, H., Vaidya, J., & Singh, V. K. (2022).  Privacy Attitudes and COVID Symptom Tracking Apps: Understanding Active Boundary Management by Users. To be published in the Proceedings of the iConference.
3. Ghosh, I., & Singh, V. (2021). “Not all my friends are friends”: Audience‐group‐based nudges for managing location privacy. Journal of the Association for Information Science and Technology. Early Access: https://asistdl.onlinelibrary.wiley.com/doi/full/10.1002/asi.24580.
4. Ghosh, I., & Singh, V. (2020). Phones, privacy, and predictions: A study of phone logged data to predict privacy attitudes of individuals. Online Information Review. 44(2), 483-502. DOI:10.1108/OIR-03-2018-0112
5. Nouh, M., Almaatouq, A., Alabdulkareem, A., Singh, V. K., Shmueli, E., Alsaleh, M., Faris, A., & Pentland, A. S. (2014). Social information leakage: Effects of awareness and peer pressure on user behavior. In International Conference on Human Aspects of Information Security, Privacy, and Trust (pp. 352-360). Springer, Cham.
6. de Montjoye, Y. A., Radaelli, L., V. K. Singh, & Pentland, A.  (2015). Unique in the shopping mall: On the reidentifiability of credit card metadata. Science, 347(6221), 536-539.

Coverage

– Media coverage for the uniqueness of credit card spending data: New York Times, Wall Street Journal, Nature News, Harvard Business Review , and The Telegraph.

– US Court of Appeals cited our Science paper in it’s judgement (page 9) on the NSA case.