Increasing use of computers and networks in business, government, recreation, and almost all aspects of daily life has led to a proliferation of sensitive data (i.e., data that, if used improperly, can harm data subjects or other relevant parties), and concern about the ownership, control, privacy, and accuracy of these data has become a top priority. Despite significant technical accomplishments in relevant research fields (e.g., cryptology and security, database systems, and data mining), there is no comprehensive, end-to-end technological infrastructure for handling sensitive data over the entire course of their lifetime, nor is there even widespread social agreement about the rights and responsibilities of major stakeholders in our data-intensive, networked world.
This project is a multi-institutional, multi-disciplinary, multi-modal project that looks comprehensively at sensitive data in a networked world. There are two main academic centers of activity (Yale and Stanford), three smaller-scale academic participants (Stevens Institute of Technology, NYU, and the University of New Mexico), and substantial participation by non-academic partners, including technology companies, (IBM, HP, and Microsoft), representatives of user communities (Citigroup, NIH, Yale Center for Medical Informatics, the Census Bureau, and the Secret Service), and DC-based policy organizations (The Center for Democracy and Technology and The Electronic Privacy Information Center).
A major technical theme of the project is privacy-preserving data mining, and, more generally, techniques for meeting the potentially conflicting goals of respecting individual rights and allowing law enforcement and other legitimate organizations to collect and mine massive data sets. Other technical agenda items include (1) accessibility and reliability of distributed data (2) operating on encrypted databases, (3) remote control of data, (4) repelling hostile data, and (5) auditability of data-management systems. Because these technical goals are affected by lack of agreement about the meanings of basic terms, most notably "privacy," a major goal of the project is the development of a conceptual framework for the study of rights, responsibilities, and public policies focused on sensitive-data handling. This part of the project incorporates the notion of "contextual integrity," which considers both the context and the content of data sets in assessing sensitivity.
Projected outcomes of the project include a next generation of technology for handling sensitive information that is qualitatively better than the current generation's and an effective conceptual framework for policy making and philosophical inquiry into the rights and responsibilities of data subjects, data owners, and data users.
