Collection and monitoring of personal and business data will help government agencies detect crime, fraud, terrorism, natural disasters, and other emergencies. On the other hand, government collection and monitoring of massive mounts of data would create tremendous threats to people's privacy and an unnecessary potential for abuse. While low-tech collection of information by government agencies has been an accepted practice, the increased connectivity and transaction speed enabled by the Internet make centralized oversight of various transactional activities both more desirable and potentially more dangerous. For example, banks and individuals were for a long time required to report transactions involving more than $10,000 in cash. After 9/11, the Patriot Act asked each bank to report more patterns of suspicious activities, including for example series of smaller cash transactions or international transfers adding up to $10,000. However, since Internet banking makes it easier to conduct transactions via multiple financial institutions, what the crime fighters would really like is an ability to collect data from all financial institutions, and moreover, an ability to mine this data at will. Of course, this would be a nightmare to citizens' privacy. Indeed, the availability of all this data at the hands of a government agency is in fact bound to create new threats to the security of the banking system, possibly more serious than the threats the centralized monitoring attempted to solve. And yet, from the standpoint of cryptography, the conflict between the needs for data monitoring and the need for data privacy is not irreconcilable!
Our research objective is to create mechanisms that limit the privacy threats posed by the data collection and monitoring applications, while still enabling their efficient operation. We believe that new cryptographic techniques can help resolve the conflicts between the benefits and threats posed by various data collection and monitoring scenarios. Fundamentally, we have no hope of resolving this conflict if the task of monitoring some activity for suspicious patters requires an unconstrained access to all the generated data. However, if the monitoring agency can be restricted in its access to the data, for example it can access only the data that satisfies some pre-defined suspicious patterns, then we can hope to enforce, using cryptographic mechanisms, (1) the correctness of the accessed data, and (2) the secrecy and anonymity of the data that does not meet the searched-for patterns. In other words, if conditions under which the agency should learn the data can be spelled out, then we can design data escrow protocols that allow the agency to do its monitoring work with no more intrusion on citizens' privacy then is absolutely necessary.
In the financial monitoring example, the research question is to find an efficient encryption-like escrow scheme with the property that all escrowed transactions remain anonymous and undecipherable by default, except of, for example, transactions which form a pattern of international money transfers originating from the same person and adding up to $10,000.
Our approach addresses a general problem of minimizing the threats posed by centralized collection and monitoring of sensitive private data. This is a novel but natural scenario for cryptography. It is also open-ended: Since different monitoring applications have different types of searched-for data patterns, this task will require a variety of approaches which are likely to produce privacy and/or correctness-enforcing mechanisms useful in other cryptographic applications. Our preliminary investigations identified the link between quite simple privacy-protected data escrow applications and deterministic encryptions, unlinkable signatures on ciphertexts, and fair two-party computation of probabilistic functionalities.
This project establishes a new area of research on cryptographic tools and applications. While it's clear that centralized monitoring of various distributed activities might bring societal benefits, our research will help determine under what conditions and in what settings such monitoring can be done in a secure and maximally private manner. This research has a strong potential to impact the technical and political feasibility of data escrow and monitoring, strong PKI infrastructures (e.g. electronic IDs), and fault-tolerant cryptographic services.
