We would like to introduce you to Fernando Pérez-González, featured amongst the keynote speakers of the 1st Conference on Security and Privacy in New Computing Environments (SPNCE), taking place on December 15-16, 2016 in Guangzhou, China. His research interests lie in the crossroads of signal processing, security and privacy. Read on to find out what exactly he plans to offer to the research and innovation community.
Could you summarize the scope of your current work and what you are coming to share with everyone at SPNCE 2016?
My general field of research is information forensics, security and privacy. Regarding privacy, I work in three main directions: one is privacy-preserving data and signal processing, another is anonymous mixes, and a third one lies in traffic analysis attacks. Although I have done a bit of research on location privacy, I have been following the developments in the area for several years and I want to give the audience a fresh, unbiased view of its current state of development and the challenges that lie ahead. It is a fortunate fact that in the past few years there have been some groundbreaking proposals that open many new paths for research and unveil the tradeoffs that location privacy must meet.
What are some of those proposals?
Quite unbelievably, one of the problems that researchers have faced for more than a decade is how to properly define location privacy. While, perhaps evidently, the definition of privacy depends on the specific application, what is not so much known is that a higher layer of formalization is possible that encompasses many of those definitions, so that you don’t have to figure out what to do every time you come up with a new idea that involves location privacy. Another recent finding is that privacy must be defined by having in mind an adversary that is trying to infer the user’s actual location. This has the consequence that the design of location privacy preserving mechanisms must factor in the existence of smart and powerful adversaries. I invite people to come to my talk and learn the details!
What do you see as the greatest challenges in the future for digital security and privacy?
One of them is evidently public awareness of the security and privacy threats that the digital revolution has brought about, especially more so with the cloud spreading its wings and the unfathomable power of big data. On the adversarial side, big data will show how vulnerable individuals and society are. Limits will be set to the commerce of data in order to avoid data concentration. Another challenge concerns the Internet of Things since, as several recent major attacks have shown, it has been generally designed with security and privacy out of the drawing board. A very important challenge lies in how the newly minted European Data Protection Regulation will affect both citizens and businesses, and how the lessons learned after its application at such large scale can be transposed to other markets.
You mention that consumers today are more than willing to grant mobile apps access to a lot of their personal information. This information will never stop being interesting to businesses or governments, yet users themselves don’t seem to resist very strongly at all. Do you foresee any development in this area at a systemic level that will improve data security and privacy of an individual, or is it a lost cause because it’s in nobody else’s interest?
As I said before, consumers are not aware of either the economic value or the relevance of personal information. App developers have convinced them that privacy and utility constitute a zero-sum game: you renounce your privacy in exchange of free apps. Well, as I will argue in my talk, first you’re probably selling too cheap and second, you can barely imagine how much can be inferred from your data. Right, but you still want that handy LED flashlight app in your smartphone, even though you can only install it if you accept to let it know exactly where you are anytime. Why would the flashlight app want to know where you are? Unbeknownst to most customers, to profit by selling such data. So I think we have reached an unfair market equilibrium, unfair because one of the players (the customer) has been given incomplete information about the game. It is the role of the legislators to both increase consumer awareness and drive the use of already existing technical tools that will shift the equilibrium point to one in which app developers can still use location data to improve user experience, but privacy is preserved as much as customers want.
* * *
Over time, users have become accustomed to sharing personal data when they install new apps in their smartphones. Declining to do so, normally aborts the installation process. Sadly, users have convinced themselves that the value of their data is much lower than that of the apps they install, “after all, they have nothing to hide”. And thus, in redefining their business models, many companies have touted better services and applications which even come for free in exchange for some loss of privacy. However, as we will argue, privacy and utility do not necessarily make up a zero-sum game.
In the case of space-time location, a kind of information that should be considered private, there are a number of alternatives for adversaries to learn it, ranging from the triangulation of cellular phone signals to the metadata of pictures shared in social networks. Using the powerful inference capabilities of data mining, some companies are even promising to combine all the available inputs to predict what will be the location of a person in the near future. A recent MIT study showed that with only four approximate space-time points, it was possible to univocally de-anonymize a user in a database with 1.5 million of them. And this might be just the beginning, as ever more intrusive applications step in. Even putting such an Orwellian perspective aside, it is easy to understand the immense value of location data. But there is more that users can do than giving up…
In this talk we will revisit the techniques, some of them little known, that can be applied to find out where we are, and the potential threats they entail when combined with data mining. Guaranteeing location privacy turns out to be an elusive problem, starting with the lack of one-fits-all definitions. We will describe the technologies that have been proposed during the last decade to protect location privacy, including anonymization, obfuscation, mixes, and processing with encrypted signals. Those technologies stand at the crossroads of several disciplines such as signal processing, information theory, software engineering, database management, game theory and cryptography. But we will also adopt a critical point of view: in complicating the setups and definitions, researchers have failed to answer some fundamental questions that we will single out. To conclude, we will discuss the challenges that lie ahead and their practical and societal impact.