Post reply

Statistical Protection

  • January 7, 2013 at 9:54 pm

    #145881

    Comments posted to this topic are about the item Statistical Protection

  • January 8, 2013 at 2:14 am

    #1574676

    But we all give our consent when we give out our data, right? Whether I point out on Twitter that I like white chocolate or that I bought a pink sweter, this is solely up to me.

    Now, if I posted on Twitter that I liked white chocolate and on Facebook that I hated white chocolate, this would be a whole new problem. Eventually someone somewhere will get confused if they wanted to use the data to target me with cocolate advertisements. This example is silly and simple, but you get the idea.

    The bottom line is that we ourselves control how much data we give out and potentially what comes out of it.

    Make everything as simple as possible, but not simpler.
    Albert Einstein

  • January 8, 2013 at 7:02 am

    #1574802

    sibir1us (1/8/2013)

    But we all give our consent when we give out our data, right? Whether I point out on Twitter that I like white chocolate or that I bought a pink sweter, this is solely up to me.

    Now, if I posted on Twitter that I liked white chocolate and on Facebook that I hated white chocolate, this would be a whole new problem. Eventually someone somewhere will get confused if they wanted to use the data to target me with cocolate advertisements. This example is silly and simple, but you get the idea.

    The bottom line is that we ourselves control how much data we give out and potentially what comes out of it.

    I agree that we should pay attention and control what personal data we give out.

    In our jobs, we're giving out business data as required by our customers or organizations. It's just too bad that they are always in such a hurry to get the information right now - we don't have time to stop and design some security in before we have to make the data available. All too often we are making the data available and then trying to go back and lock it down, but by then it's too late.

  • January 8, 2013 at 7:23 am

    #1574811

    There is a LOT to be said about this.

    One of my first concerns is the movement of public posting forums from indvidual login to using single sign on (Facebook, Google, Twitter, Disqus, WordPress etc). The problem here (and especially with Facebook and Google+ which endeavor to force you to use your true name) is that your comments can be matched across a range of different sites. Each individual comment may not give away much, but if a potential employer, stalker, litigant in a legal case etc, can look at a lot of these postings a great deal of information can be leaked, and you have virtulally no knowledge of where and no effective way to stop it once it's out there.

    That's one reason why I never post to any website under a multi-site account.

    It gets messier. In the Feb issue of Technology Review, there is an extensive article on how big data drove the last presidential election. The article (uncomfortably positive in tone, as far as I'm concerned) focused mostly on the Democrats because they seem to have gotten the initial jump, and the data driven nature of the campaign. For example through a lot of deep computational analysis, they believe they have the identities of virtually all 69 million (theoretically anonymous) voters who voted for Obama in the 2008 election and also had identifying information on the hot issues for each of those voters, so they could target the campaign on an individual level. The article claimed this was a key part of their success in the recent election.

    It gets wilder. In some areas they apparently identified a lot about independent and Republican voters as well through various techniques including purchasing anonymized cable tv records and using independent criteria to de-anonymize them. Factors as seemingly private as what was stored on DVRs were used to target messages.

    This is positively creepy. We can be certain that the Republican party will not let themselves be caught unprepared again so there will be more of this next time around.

    ...

    -- FORTRAN manual for Xerox Computers --

  • January 8, 2013 at 7:47 am

    #1574828

    In today's computerized world, we have about as much privacy as a goldfish in a bowl. You can find out alot more than you would ever think or need, on anyone today. I have personally done it, and it wasn't all that hard either. A couple of hours, a credit card, and an Internet connection....that's all it took..:-D

    "Technology is a weird thing. It brings you great gifts with one hand, and it stabs you in the back with the other. ...:-D"

  • January 8, 2013 at 7:49 am

    #1574830

    jay-h (1/8/2013)

    There is a LOT to be said about this.

    ... This is positively creepy. We can be certain that the Republican party will not let themselves be caught unprepared again so there will be more of this next time around.

    Well, think about it this way: maybe there won't be any 'next time around'. Maybe instead of spending so many resources for campaigns - I think the 2012 elections costed about 2 billion - the next elections might just be a simple social media query. I.e. whoever is most positively popular in the social media, that is the person who gets to be a president. And same for senate. And so on.

    Social media can save a lot of money we don't have. :w00t:

    Make everything as simple as possible, but not simpler.
    Albert Einstein

  • January 8, 2013 at 10:21 am

    #1574924

    This is definitely an area of our industry that needs more work and research. Lots of organizations, especially government organizations are being called on to open their databases up to the public, and many of them are doing so right now, allowing queries of their statistical databases. This might improve the use of this information by the public, but there are plenty of ways in which this data could be potentially misused. If your companies wants to open some of your data to clients or customers, you might raise the concerns with possible abuses of the database and ask that time and effort be included to try and secure the data, possibly by implementing query restrictions.

    Perhaps I'm misunderstanding what is meant here, but corporate and government transactional databases shouldn't be "opened up" for perusal by the general public or even clients. Attempting to implementing security using roles or query restriction is futile, because inevitably a hole will be stumbled upon or intentionally discovered. Public facing datasets that support aggregate querying should be designed from the ground up to be free of personal identifying data. It should be something like an OLAP cube or a seperate reporting datamart containing a very select subset of data. The design philosophy should be that the public can download a complete copy of the database and still not compromise confidentiality.

    "Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho

  • January 8, 2013 at 10:59 am

    #1574939

    Government databases are getting opened, and while I agree they ought to design some OLAP type system from the ground up, because of time and resources, I know some are opening OLTP ones up for read only (they think) access.

    Corporate ones might not be open to the public, as in everyone, but some of them are opening data to customers or certain clients, which is public in a way. The same design principles should apply, and they certainly ought to consider the security and privacy implications.

  • January 8, 2013 at 11:37 am

    #1574958

    Steve Jones - SSC Editor (1/8/2013)

    Government databases are getting opened, and while I agree they ought to design some OLAP type system from the ground up, because of time and resources, I know some are opening OLTP ones up for read only (they think) access.

    Corporate ones might not be open to the public, as in everyone, but some of them are opening data to customers or certain clients, which is public in a way. The same design principles should apply, and they certainly ought to consider the security and privacy implications.

    Well...it all depends on what is in the particular government database on a case by case basis. Governments typically have hundreds of databases and sometimes thousands, so you can't throw a blanket statement over all of them. County governments, for example in my county, have a database that tracks the services, treatment, and recovery of addicted people who use county services. That database is definitely not open to the public and the data is encrypted as well. Many government databases (Federal, State, and County) are still not open to the public. That is just one example of many. It just depends on what the particular database is tracking and what that branch of government's liability is if that info gets on the street. 😀

    "Technology is a weird thing. It brings you great gifts with one hand, and it stabs you in the back with the other. ...:-D"

Viewing 9 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic. Login to reply