The objective of this research program is the development of privacy-aware design practices for information networks. The program is based on the recognition that an information network that collects personal information about its users can have both technical and moral implications, creating serious downstream consequences to the individual and to society. This program establishes the moral obligations of systems designers to protect consumers, creates rules and algorithms for technical designs that protect consumers? privacy rights, and develops educational practices for designers, consumers, and policy makers that further the use of these rules and algorithms. By developing a critical understanding of the technical and moral issues implicated in the use of data collection, the program motivates design practices that further the use of technology while supporting individual privacy and autonomy. The privacy-aware design practices being developed constitute a design methodology that guides the practicing engineer/computer scientist in the creation of mobile computing and communication systems that minimize the collection of data from users and the public at large. Design tools are being produced to facilitate the application of the design practices. These tools include algorithms for anonymous registration, authentication, and roaming. Case studies are being created to demonstrate the efficacy of the proposed rules and the supporting tools. These studies include designs for privacy-aware cellular telephone networks and power consumption monitoring networks for demand-response systems.
The primary focus of this project was the development of privacy aware design techniques and the articulation of a moral framework for privacy-aware design practices. As such, this project combines technical as well as educational goals with substantial success. Our initial focus was on the development of privacy-aware cellular technology; a particularly important area given cellular convergence – the convergence of virtually all forms of data communication onto the cellular platform – and the recent concerns over cellular data collection practices. The cellular work combined an emphasis on minimizing data collection with an end-to-end architecture that enhanced innovation. As part of this effort we developed a "privacy overlay" that allows cellular users to enjoy their usual services while preventing the collection of location data. This work resulted in several papers and a United States Patent. We also characterized downstream technical, legal, and social implications, and then developed both technical and policy recommendations. These recommendations were presented in several papers, a book published by Oxford University Press, and a MOOC presented through EdX. These recommendations include a series of data minimization technologies for wired and wireless networking. They also include a novel approach to notification and consent that focuses on the typical consumer's ability and desire to evaluate data collection disclosures. They also emphasize the extent to which engineers are responsible for the social and legal impact of their design decisions. The Smart Grid emerged as a second application area of interest. This work began with an early demonstration by the PIs and their students that fine-grained power consumption data revealed a great deal about the behavior, preferences, and beliefs of the residents of a given home. This recognition drove an effort to develop privacy-aware demand-response systems – systems that would use the fluctuating price of electricity to guide demand while respecting the privacy of utility customers. The proposed architecture combines public-key cryptography with an understanding of the necessary data flows to achieve a powerful, yet privacy-aware demand response architecture.
