Soft privacy technologies

Soft privacy technologies fall under the category of PETs, Privacy-enhancing technologies, as methods of protecting data. Soft privacy is a counterpart to another subcategory of PETs, called hard privacy. Soft privacy technology has the goal of keeping information safe, allowing services to process data while having full control of how data is being used. To accomplish this, soft privacy emphasizes the use of third-party programs to protect privacy, emphasizing auditing, certification, consent, access control, encryption, and differential privacy. Since evolving technologies like the internet, machine learning, and big data are being applied to many long-standing fields, we now need to process billions of datapoints every day in areas such as health care, autonomous cars, smart cards, social media, and more. Many of these fields rely on soft privacy technologies when they handle data.

Health care
Some medical devices like Ambient Assisted Living monitor and report sensitive information remotely into a cloud. Cloud computing offers a solution that meets the healthcare need for processing and storage at an affordable price. Together, this system is used to monitor a patient's biometric conditions remotely, connecting with smart technology when necessary. In addition to monitoring, the devices can also send a mobile notification when certain conditions pass a set point such as a major change in blood pressure. Due to the nature of these devices, which report data constantly and use smart technology, this type of medical technology is subject to a lot of privacy concerns. Soft privacy is thus relevant for the third-party cloud service, as many privacy concerns center there, including risk in unauthorized access, data leakage, sensitive information disclosure, and privacy disclosure.

One solution proposed for privacy issues around cloud computing in health care is through the use of Access control, by giving partial access to data based on a user's role: such as a doctor, family, etc. Another solution, applicable for wireless technology that moves data to a cloud, is through the usage of Differential privacy. The differential privacy system typically encrypts the data, sends it to a trusted service, then opens up access to it for hospital institutions. A strategy that is often used to prevent data leakage and attacks works by adding ‘noise’ into the data which changes its values slightly. The real underlying information can be accessed through security questions. A study by Sensors concluded that differential privacy techniques involving additional noise helped achieve mathematically-precise guaranteed privacy.

Adding noise to data by default can prevent devastating privacy breaches. In the mid-90's the Commonwealth of Massachusetts Group Insurance Commission released anonymous health records while hiding some sensitive information such as addresses and phone numbers. Despite this attempt to hiding personal information while providing a useful database, privacy was still breached–by correlating the health databases with public voting databases, individuals' hidden data could be rediscovered. Without the differential privacy techniques of encrypting data and adding noise, it is possible to link data that may not seem related, together.

Autonomous cars
Autonomous cars raise concerns about location tracking, because they are sensor-based vehicles. To achieve full autonomy, these cars would need access to a massive database with information on the surroundings, paths to take, interaction with others, weather, and many more circumstances that need to be accounted for. This leads to privacy and security questions: how the data will all be stored, who is it shared with, and what type of data is being stored. A lot of this data is potentially sensitive and could be used maliciously if it was leaked or hacked. Additionally, there are concerns over this data being sold to companies, as the data can help predict products the consumer would like or need. This could be undesirable as data here may expose health conditions and alert some companies to advertise to said customers with location-based spam or products.

In terms of the legal aspect of this technology, there are rules and regulations governing some parts of these cars, but for other areas, laws are left unwritten or oftentimes outdated. Many of the current laws are vague, leaving the rules to be open to interpretation. For example, there are federal laws dating back many years ago governing computer privacy, which were extended to cover phones when they arose, and now are being extended again to apply to the “computer” inside most driverless cars. Another legal concern surrounds government surveillance: can governments gain access to driverless car data, giving them the opportunity for mass surveillance or tracking with no warrants? Finally, companies may try to use this data to improve their technology and target their marketing data to fit the needs of their consumers. In response to this controversy, automakers pre-empted government action on driverless cars with the Automotive Information Sharing and Analysis Center (Auto-ISAC) in August 2015 to establish protocols for cybersecurity and decide how to handle vehicular communication systems in a safe manner through with other autonomous cars.

Vehicle-to-grid, known as V2G, plays a big role in the energy consumption, cost, and effectiveness of smart grids. This system is what electric vehicles use to charge and discharge, as they communicate with the power grid to fill up the appropriate amount. Although this ability is extremely important for electric vehicles, it does open up privacy issues surrounding the visibility of the car's location. For example, the driver's home address, place of work, place of entertainment, and record of frequency may be reflected in the car's charging history. With this information, which could potentially be leaked, there are a wide variety of security breaches that can occur. For example, someone’s health could be deduced by the car's number of hospital visits, or based on a user's parking patterns, they may receive location-based spam, or a thief could benefit from knowing their target's home address and work schedule. Like with handling sensitive health data, a possible solution here is to use differential privacy to add noise to the mathematical data so leaked information may not be as accurate.

Cloud storage
Using the cloud is important for consumers and businesses, as it provides a cheap source of virtually unlimited storage space. One challenge cloud storage has faced was search functions. Typical cloud computing design would encrypt every word before it enters the cloud. If a user wants to search by keyword for a specific file stored in the cloud, the encryption hinders an easy and fast method of search. You can't scan the encrypted data for your search term anymore, because the keywords are all encrypted. So encryption ends up being a double-edged sword: it protects privacy but introduces new, inconvenient problems. One performance solution lies in modifying the search method, so that documents are indexed entirely, rather than just their keywords. The search method can also be changed by searching with a term that gets encrypted, so that it can be matched to encrypted keywords without de-encrypting any data. In this case, privacy is achieved and it is easy to search for words that match with the encrypted files. However, there is a new issue that arises from this, as it takes a longer time to read and match through an encrypted file and decrypt the whole thing for a user.

Mobile data
Police and other authorities also benefit from reading personal information from mobile data, which can be useful during investigations. Privacy infringements and potential surveillance in these cases has often been a concern in the United States, and several cases have reached the Supreme Court. In some instances, authorities used GPS data to track down suspects' locations, and monitored data over long periods of time. This practice is now limited because of the Supreme Court case Riley v. California. There it was unanimously decided to prevent warrantless searches of mobile data.

Mobile privacy has also been an issue in the realm of spam calls. In the effort to reduce these calls, many people are being taken advantage of by apps that promise to help block spam. The problem with these apps is that many are known to collect personal phone data, including callers, phone honeypot call detail records (CDRs), and call recordings. Although some of this information is necessary for creating blacklists of spam, not all of it is, but these apps don't always prioritize privacy in their collection of data. As these are typically small-scaled apps with varying budget degrees, differential privacy is not always top of mind, and differential privacy, rather than ignoring privacy concerns, is often more expensive. This is because the dataset needed to construct a good algorithm that achieves local differential privacy is much larger than a basic dataset.

Danger of using VPNs
VPNs are used to create a remote user and a home network and encrypt their package usage. This allows the user to have their own private network while on the internet. However, this encrypted tunnel must trust a third party to protect the privacy of the user, since it acts as a virtual leased line over the shared public infrastructure of the internet. Additionally, VPNs have a difficult time when it comes to mobile applications, because the cell network may be constantly changing and can even break, thus endangering the privacy that the VPN gives from its encryption.

VPNs are susceptible to attackers that fabricate, intercept, modify, and interrupt traffic. They become a target, because sensitive information is often being transmitted over these networks. Quick VPNs generally provide faster tunnel establishment and less overhead, but they downgrade the effectiveness of VPNs as a security protocol. One mitigation centers around the simple practice of changing long usernames (IP addresses) and passwords frequently, which is important to achieving security and protection from malicious attacks.

Smart cards
Newer smart cards are a developing technology used to authorize users for certain resources. Using biometrics such as fingerprints, iris images, voice patterns, or even DNA sequences as access control for sensitive information such as a passport can help ensure privacy. Biometrics are important because they are basically unchangeable and can be used as the access code to one’s information, in some cases granting access to virtually any data about the particular person. Currently they are being used for telecommunications, e-commerce, banking applications, government applications, healthcare, transportation, and more.

Danger of using biometrics
Biometrics contain unique characteristic details about a person. If they are leaked, it would be fairly easy to trace the endangered user. This poses a great danger, because biometrics are based on features that rarely change, like a user's fingerprint, and many sensitive applications use biometrics. There are some possible solutions to this:

Anonymous Biometric Access Control System (ABAC): This method authenticates valid users into the system without knowing who individuals are. For example, a hotel should be able to admit a VIP guest member into a VIP room without knowing any details about that person, even though the verification process is still utilizing biometrics. One way to do this was developed by the Center for Visualization and Virtual Environment. They designed an algorithm that uses techniques like hamming distance computation, bit extraction, comparison, and result aggregation, all implemented with a homomorphic cipher, to allow a biometric server to confirm a user without knowing their identity. This is done by taking the biometric saved and encrypting it. While saving the biometrics, there are specific processes to de-identify features such as facial recognition when encrypting the data so even if it was leaked, there would be no danger of tracing someone's identity.

Online videos
Online learning through videos has gotten very popular. One of the biggest challenges for privacy in this field is the practice of video prefetching. When a user selects an online video, rather than making them wait for it to slowly load, prefetching helps the user save time by loading part of the video before the user has even started watching. It seems to be a perfect and necessary solution as we stream more content, but prefetching faces privacy concerns because it heavily relies on prediction. For an accurate prediction to happen, it is necessary to access a user's view history and preferences. Otherwise, prefetching will be more of a waste to bandwidth than a benefit. After learning the user’s viewing history and opinions on popular content, it is easier to predict the next video to prefetch, but this data is valuable and possibly sensitive. There has been research on applying differential privacy to video prefetching, to improve user privacy.

Third party certification
E-commerce has been growing rapidly, so there have been initiatives to reduce consumer perceptions of risk while shopping online. Firms have found ways to gain trust from new consumers through the use of seals and certifications off of third-party platforms. A study done by Electronic Commerce Research found that payment providers can reduce perceptions of risk from consumers by having third-party logos and seals on the checkout page to enhance visitor conversion. These logos and certificates serve as an indicator for the consumer, so they feel safe about inputting their payment information and shipping address to an otherwise unknown or untrusted website.

Mobile concern and possible solutions
mIPS - mobile Intrusion Prevention System looks to be location-aware and help protect users when utilizing future technology such as virtualized environments where the phone acts as a small virtual machine. Some cases to be wary about in the future includes stalking attacks, bandwidth stealing, attack on cloud hosts, and PA2: traffic analysis attack on the 5G device based on a confined area. Current privacy protection programs are prone to leakage and do not account for the changing of Bluetooth, locations, and LAN connections which affect how often leakage can occur.

Public key-based access control
In the context of sensor net, public-key based access control (PKC) may be a good solution in the future to cover some issues in wireless access control. For sensor net, the danger from attackers includes; impersonation which grants access to malicious users, replay attack where the adversary captures sensitive information by replaying it, interleaving which selectively combines messages from previous sessions, reflection where an adversary sends an identical message to the originator similar to impersonation, forced delay which blocks communication message to be sent at a later time, and chosen-text attack where the attacker tries to extract the keys to access the sensor. The solution to this may be public key-based cryptography as a study done by Haodong Wang shows that PKC-based protocol presented is better than the traditional symmetric key in regards to memory usage, message complexity, and security resilience.

Social media
Privacy management is a big part of social networks and this paper presents several solutions to this issue. For example, users of various social networks has the ability to control and specify what information they want to share to certain people based on their trust levels. Privacy concerns arise from this, for example in 2007 Facebook received complaints about their advertisements. In this instance Facebook’s partner collects information about a user and spreads it to the user’s friends without any consent. There are some proposed solutions in prototype stage by using a protocol that focuses on cryptographic and digital signature techniques to ensure the right privacy protections are in place.

Massive dataset
With increasing data collection one source may have they become prone to privacy violations and a target for malicious attacks due to the abundance of personal information they hold. Some solutions proposed would be to anonymize the data by building a virtual database while that anonymizes both the data provider and the subjects of the data. The proposed solution here is a new and developing technology called l-site diversity.