|
Organizations, such as hospitals, financial institutions, and universities, that collect and use personal information are required to comply with privacy regulations, such as the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), and the Family Educational Rights and Privacy Act (FERPA). Similarly, to ensure customer trust, web services companies, such as Google, Facebook, Yahoo!, and Amazon, publish privacy policies stating what they will do with the information they keep about customers' individual behaviors. These policies impose constraints on disclosure (or transmission) of personal information, articulate obligations (e.g., notifying customers about privacy breaches), and identify purposes for which personal information may or may not be used. Prior work has focused on formalisms for disclosure and obligations, but no such foundation has been developed for information use for specified purposes.
Intellectual Merit. This project addresses the central problem of developing a formal semantics that explains what it means to use information for a set of purposes, a logic for specifying such policies, and algorithmic methods for their enforcement. It advances the state of knowledge in the field of privacy by providing a foundation for a concept that is commonly used in practice, but has not been the subject of careful scientific study. The project also investigates the interaction of this concept with the previously studied concepts of disclosure and obligation, thereby enabling a more comprehensive understanding of privacy. The formal semantics the project develops is novel and draws on insights from prior work on philosophical theories of causation and intentions, and from the computer science literature on formal methods, information flow, and planning. The model is validated through user studies and its application through case studies in the healthcare domain.
Broader Impacts. The project addresses a problem of significant and growing importance to society. It initiates a new direction in providing foundations for privacy by studying the concept of information use for a purpose. This concept appears in privacy policies published by organizations in sectors as diverse as finance, web services, healthcare, insurance, education, and government - the cornerstones of modern society. The semantic foundation serves as the basis for developing practical tools to support the enforcement of such policies in such organizations. The project provides opportunities for engaging graduate and undergraduate students. The PIs plan to integrate the research results into their existing security and privacy courses, and, for wider dissemination, leverage outreach programs in Carnegie Mellon's Computer Science Department and CyLab aimed at K-12, women, persons with disabilities, and underrepresented minorities.
|
TC: Medium: Semantics and Enforcement of Privacy Policies: Information Use and Purpose