Privacy in a Networked World

CS578A/SOC551 Spring 2008

Instructor: Antonio R. Nicolosi
Class: Mondays, 6:15–8:45pm, Morton 205
Office hours: Thursdays, 3:00–5:00pm, Babbio 624

Teaching Assistant: Onur Kardes
Office hours: Mondays, 3:00–5:00pm, CS Lab, Burchard 127

Course Description

Privacy

• What is privacy and why it matters
• Threats to privacy
• Protecting privacy

Technology

• How technology changed the "privacy game"
• How technology can hurt privacy
• How technology can help privacy

Reading

• Database Nation: The Death of Privacy in the 21st Century. S. Garfinkel, O'Reilly, 2000
• No Place to Hide. R. O'Harrow, Free Press, 2005

Work Load Breakdown & Grading

• Work load breakdown
  2.5 hrs/week: Class attendance
  2.5 hrs/week: Readings & Reverse homework
  5.0 hrs/week: Class project
• Grading
  25%: Class attendance & Reverse homework
  25%: Mid-term (Mar 10) & Final exam (May 5)
  50%: Class project

Topics Outline

• What is privacy and why it matters
  • Informational privacy and the "data shadow"
  • Privacy as contextual integrity
  • The skeptic's arguments
    - "I've got nothing to hide"
    - "Privacy has to die for security to flourish"
    - "You have zero privacy anyway"
    - "Privacy is the price of modern comforts"
  • Identity and Anonymity
  
  
• Threats to on-line privacy
  • On-line accounts, phishing and ID-theft
  • Web browsing, profiling and spyware
  • Web searches, web-ads and adware
  • E-commerce and e-service personalization
  • Privacy and Web 2.0
  • Censorship
  
  
• Technological threats to privacy
  • RFID tracking
  • GPS/Cellphone tracking
  • Privacy in the workplace
  • Privacy in healthcare
  • Surveillance and privacy in public
  
  
• Protecting privacy
  • Privacy regulations and supervising entities
  • Privacy-enhancing technologies
    - P3P and related tools
    - Anonymous remailers, web proxying (TOR)
    - Password hardening (PwdHash)
    - Crypto tools (mix-nets, e-cash, credentials)
  • Randomization and DB privacy

Syllabus

1. Intro [ l1.pdf (for on-screen viewing) | l1x4.ps (4-in-1 layout for printing) ]
2. Conceptualizing privacy [ l2.pdf | l2x4.ps | ref2-1.pdf | ref2-2.html ]
3. Identity & anonymity; Threats to privacy I [ l3.pdf | l3x4.ps | ref3-1.html ]
4. Crypto basics [ l4d.txt ]
5. More crypto basics; Threats to privacy II [ l5.pdf | l5x4.ps | ref5-1.html ]
6. Web Privacy I: User tracking [ ref6-1.html | ref6-2.pdf | ref6-3.pdf | ref6-4.pdf | ref6-5.pdf ]
7. Web Privacy II: Anonymous network connectivity [ l7d.txt | ref7-1.txt | ref7-2.txt | ref7-3.html | ref7-4.html ]
8. Midterm
9. Private Data Analysis [ ref9-1.pdf | ref9-2.pdf | ref9-3.pdf | ref9-4.pdf ]
10. (Self-)Regulatory Approaches to Protecting Privacy [ l10d.txt | ref10-1.pdf ]
11. On-line Privacy Policies; RFIDs and Privacy I [ ref11-1.pdf | ref11-2.pdf | ref11-3.pdf | ref11-4.pdf ]
12. RFIDs and Privacy II; ID-Theft, phishing, and spam [ l12.pdf | l12x4.ps | ref12-1.pdf | ref12-2.pdf | ref12-3.pdf | ]
13. Student presentations—Individual Projects
14. Student presentations—Team Projects

Printing tip. On a Unix system with PSUtils installed, the 4-in-1 layout for printing can be generated running the following commands after downloading the PDF slides (say l1.pdf):

      % pdf2ps l1.pdf - | \ 
      ? pstops -q "4:0L@1.4(300,16)+1L@1.4(300,398)+2L@1.4(600,16)+3L@1.4(600,398)" > l1x4.ps

You can then print the resulting PostScript file directly with lpr, or convert it back to PDF using ps2pdf and print it from within your favorite PDF viewer.

Class Projects