CPSC457/557: Sensitive Information in a Wired World

T,Th: 2:30-3:45pm; Room 500 AKW

General Information
Instructor: Joan Feigenbaum
Office: AKW 512; Telephone: 203-432-6432
Office hours: On Wednesdays, by appointment

Professor Feigenbaum suffers from Repetitive Strain Injury and cannot handle large amount of emails. Do NOT send her email about CPSC457/557; instead, please contact her by phone, through the TA, or through her assistant Judi Paige (Tel: 203-436-1267, email: Judi.Paige@yale.edu).

TA: Felipe Saint-Jean
Office: AKW 406; Telephone:432-6496; felipe.saint-jean@yale.edu
Office hours: T,Th: 3:45pm - 5:15pm or by appointment

Course Description
Increasing use of computers and networks in business, government, recreation, and almost all aspects of daily life has led to a proliferation of online sensitive data. Sensitive data are those that, if used improperly, can harm the data subjects, data owners, data users, or other interested parties. As a result, concern about the ownership, control, privacy, and accuracy of these data has become a top priority. This course focuses on both the technical challenges of handling sensitive data and the policy and legal issues facing data subjects, data owners, and data users.

CPSC 457/557 was inspired by the NSF-sponsored PORTIA project, on which Professor Feigenbaum is one of the investigators. It was taught once before, and the webpage for that earlier instance can be found here.

Final Papers
Alex Vaynberg, Unlinking Private Data (slides original (odp), pdf).
Jamie Yoo, Controlling Sensitive Information (paper), Privacy: Accountability and Enforceability (slides).
Will Tsui, Digital Identity Management on the Internet (paper, slides).
Alvaro Gutierrez, Towards Better Digital Identity Management (paper) ,Digital Identity Management on the Internet slides).
Dan Holevoet and Sarah Price, Copyright Reforms for the Digital Age: A Closer Look at Google (paper,slides).

March 30, 2006: As a follow-up to today's lecture, please read A Game-Theoretic Framework for Analyzing Trust-Inference Protocols, by Morselli, Katz, and Bhattacharjee. See also this accompanying set of slides.
March 23, 2006: As a follow-up to today's lecture and preparation for next week, read The Social Cost of Cheap Pseudonyms, by E. Friedman and P. Resnick.
March 21, 2006: As a follow-up to today's discussion, please read "A Taxonomy of Privacy", by D. Salove. In particular, read Salove's discussion of "disclosure." Salove has published widely on PORTIA-related topics; pointers to his writings, including his book "The Digital Person," can be found on his webpage.
March 2, 2006: Remember that the outlines and bibliographies for final papers/presentations are due in class on March 2, 2006.
February 21 and 23, 2006: Professor Avi Silberschatz will lecture about existing access-control mechanisms in DB systems and OSs, their successes, and their shortcomings. The reading assignment is Section 10.6 of "Operating System Concepts" (by Silberschatz, Galvin, and Gagne) and Sections 3.9 and 4.3 of "Database System Concepts" (by Silberschatz, Korth, and Sudarshan). Copies were distributed in class and are available from the TA.
Schedule for student presentations
April 11: Vaynberg and Yoo (Control of Personal Information)
April 18: Tsui and Gutierrez (Identity Management, Including Anonymity)
April 20: Holevoet and Price (Digital Copyright)
February 16, 2006: Eddan Katz of the Yale Law School's Information Society Project (ISP) will lecture about "Access to Knowledge." In preparation for this lecture, please read the Treaty on Access to Knowledge and the Development Agenda for Intellectual Property Negotiations in 2004 and Beyond.
February 9, 2006: As a follow-up to today's discussion, read this paper by Gary T. Marx.
February 7, 2006: As a follow up to today's discussion of Solove and Huffnagle's recommendation, please read A Model Regime of Privacy Protection.
February 2, 2006: As a follow-up to today's discussion of HIPAA, please read A. Cushner's slides and paper from Fall 2003, as well as the US Department of Health and Human Services' HIPAA Fact Sheet.
January 24, 2006: PORTIA researcher Mike Godwin will lecture on cyber rights. Information about his book on the subject can be found here. A copy of this book is on 24-hour-borrowing reserve at the Becton library. The reading assignment consists of Chapters 6 and 7, copies of which can be obtained from the TA.
January 10, 2006: the first homework assignment is to is to peruse the PORTIA website and the CPSC 457/557-Fall 2003 website.
January 17, 2006: Read "Privacy as Contextual Integrity", by Helen Nissenbaum and "Rethinking the design of the Internet: The end-to-end arguments vs. the brave new world", by David Clark and Marjorie Blumenthal.
Suggested Reading
US Copyright Office Report on Orphan Works
Indie Labels Reject DRM as Music Policeman
Honeywell Probes Posting of Employee Information on Internet