[Busec] [BUsec] Kobbi Nissim (Ben-Gurion and Harvard) tomorrow at 9:45am

Foteini Baldimtsi foteini at baldimtsi.com
Tue Feb 9 12:39:36 EST 2016


Hi everyone,

Join us for the BUsec seminar tomorrow at 9:45am. Kobbi Nissim
from Ben-Gurion University and Harvard University will talk about the
relation of  computer science definitions of privacy and legal definitions
of privacy (the case of FERPA and differential privacy). Lunch will follow
at the lounge.

Next week Aanchal Malhotra from BU will talk about attacking the network
time protocol.

Details bellow.


- Foteini

BUsec Calendar:  http://www.bu.edu/cs/busec/
BUsec Mailing list: http://cs-mailman.bu.edu/mailman/listinfo/busec

The busec seminar gratefully acknowledges the support of BU's Center for
Reliable Information Systems and Cyber Security (RISCS).


********
Do computer science definitions of privacy satisfy legal definitions of
privacy? The case of FERPA and differential privacy.
Kobbi Nissim, Alex Wood
Ben-Gurion University and Harvard University
Date: Wednesday,February 10, 2015. 9:45-11am
Room: Hariri Seminar Room, MCS180

Lawyers and computer scientists hold very different notions of privacy.
Privacy laws rely on narrower and less formal conceptions of risk than
those described by the computer science literature. As a result, the law
often creates uncertainty and fails to protect against the full range of
data privacy risks. In contrast, mathematical concepts such as differential
privacy provide a quantifiable, robust guarantee of privacy against a wide
range of potential attacks, including types of attacks currently unknown or
unforeseen.

The subject of much theoretical investigation, differential privacy has
recently been making significant strides towards practical implementation.
However, because the law generally relies on very different methods for
mitigating risk, a significant challenge to implementation will be
demonstrating that the new privacy technologies satisfy legal requirements
for privacy protection. In particular, most privacy laws focus on the
identifiability of data, or the ability to link an individual to a record
in a release of data. In doing so, they often equate privacy with heuristic
“de-identification” approaches and provide little guidance for implementing
more formal privacy-preserving techniques.

In this talk, we will articulate the gap between legal and technical
approaches to privacy and present a methodology for formally proving that a
technological method for privacy protection satisfies the requirements of a
particular law. This methodology involves two steps: first, translating a
legal standard into a formal mathematical requirement of privacy and,
second, constructing a rigorous proof for establishing that a technique
satisfies the mathematical requirement derived from the law. We will walk
through an example applying this new methodology to bridge the requirements
of the Family Educational Rights and Privacy Act (FERPA) and differential
privacy.

This talk summarizes early results from ongoing research by Kobbi Nissim,
Aaron Bembenek, Mark Bun, Marco Gaboardi, and Salil Vadhan from the Center
for Research on Computation and Society, together with Urs Gasser, David
O’Brien, and Alexandra Wood from the Berkman Center for Internet & Society.
Further work building from this approach is anticipated to form the basis
of a future publication. This research is also part of a broader
collaboration through Harvard's Privacy Tools for Sharing Research Data
project, which aims to build legal and technical tools, such as tools for
differentially private statistical analysis, to help enable the wider
sharing of social science research data while protecting the privacy of
individuals.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/busec/attachments/20160209/823f2f31/attachment.html>


More information about the Busec mailing list