CPSC457/557: Sensitive Information in a Wired World

Course Description

Increasing use of computers and networks in business, government, recreation, and almost all aspects of daily life has led to a proliferation of online sensitive data. Sensitive data are those that, if used improperly, can harm the data subjects, data owners, data users, or other interested parties. As a result, concern about the ownership, control, privacy, and accuracy of these data has become a top priority. This course focuses on both the technical challenges of handling sensitive data and the policy and legal issues facing data subjects, data owners, and data users.

CPSC 457/557 was inspired by the NSF-sponsored PORTIA project, which finished in September 2010 and on which Professor Feigenbaum was the Yale PI. It was taught twice before, in 2003 and 2006.

Grading

Note: There is no final exam during exam period at the end of the semester.

Announcements

1. September 6, 2011: Please get in touch by email as soon as possible with BOTH Joan.Feigenbaum@yale.edu and Judi.Paige@yale.edu about the following matters:
   • If you are interested in earning "class participation" credit by taking notes (either during a class or in preparation for a class), please let us know.
   • Please think about which general area you would like to focus on for your presentation to the class so that we can start refining the topic and formulating a reading list. Areas include but are not limited to:
     • Digital copyright, digital IP management, and digital publishing
     • Online privacy and control of personal information
     • Targeting (eg, of ads); online identity (including anonymity and pseudonymity)
   • Please think about what kind of project you would like to present. Possibilities include but are not limited to:
     • Summary or analysis of relevant research papers
     • An implementation-oriented project (which could be a design, review, or analysis of a relevant application, device, or system, rather than a full-fledged implementation)
     • End-to-end analysis of what actually happens to sensitive data in a specific, real-world service or application
     • Logical or algorithmic analysis of a relevant law or policy
2. Instructions for student presentations:
   • PowerPoint presentations should be exactly 20 minutes long, in order to ensure that there is time for questions and discussion. Be sure to rehearse your talk, time it, and edit it down to 20 minutes if it's too long.
   • Begin your presentation with a one- or two-slide overview of the issue that you are addressing. Even if everyone in the class has read the papers that you are presenting, the talk will flow better if you start with a short overview.
   • At least one week before your presentation, send email to Professor Feigenbaum and Ms. Paige containing:
     • Pointers to a modest amount of relevant material that you would like the class to read before your presentation
     • One or two ideas about what the class discussion should focus on (if it does not take shape on its own)
3. "Study sheet" for Exam 1 on October 13, 2011: To prepare for Exam 1, start by reviewing reading assignments 1 and 6, as well as this webpage about Fair Information Practice Principles. Then review the slides and primary reading assignments for the five student presentations that were given on or before October 6, 2011. Exam questions will focus on how the Internet (and digital technology more generally) challenges copyright and privacy principles in the five scenarios covered by these presentations: Digital Rights Management, Digital Publishing Rights, International Copyright, Social Networking, and Privacy of Educational Records.
4. "Study sheet" for Exam 2 on December 1, 2011: To prepare for Exam 2, start by reviewing the student presentations given on Oct 11, Nov 1, Nov 15, and Nov 17 and the following reading assignments on technological foundations:
   
   • Section 12.5 of "Lecture Notes on Cryptography," by S. Goldwasser and M. Bellare
   • "Hashcash: A Denial of Service Counter-Measure," by A. Back
   • "A firm foundation for private data analysis,"by C. Dwork
   Detailed instructions on how to prepare for Exam 2 can be found here.

Lectures

1. September 1, 2011: Course Overview, Introduction. [slides]
2. September 6, 2011: Introduction to US copyright law and the tension between it and the digital world
3. September 8, 2011: Copyright issues in digital music distribution
4. September 13, 2011: The Digital Millenium Copyright Act
5. September 15, 2011: Music vs. movies vs. books from a digital-copyright perspective
6. September 20, 2011: Introduction to privacy-preserving protocols: secure multiparty function evaluation, private information retrieval, and differential privacy
7. September 22, 2011: Student presentations by Debayan Gupta [slides] and Elizabeth Roberts [slides]
8. September 27, 2011: Student presentation by Christina Wallin [slides] and a privacy-preserving protocol for the "Yao Millionaires' Problem"
9. September 29, 2011: Guest lecture by Brad Rosen
10. October 4, 2011: More about the Yao Millionaires' Problem, Shamir secret sharing, and the BGW protocol for private, multiparty function evaluation
11. October 6, 2011: Student presentations by Franklin Song [slides] and Ewa Syta [slides]
12. October 11, 2011: Review for Exam 1 and student presention by Anton Petrov [slides]. See this FAQ for more information about the work that Anton presented.
13. October 13, 2011: [Exam1] [AnswerKey1]
14. October 18, 2011: Discussion of technical foundations of electronic cash, online identity systems, and ad targeting.
15. October 20, 2011: Electronic cash based on digital signatures, part I.
16. October 25, 2011: Electronic cash based on digital signatures, part II.
17. October 27, 2011: Digital certificates and certifying authorities. Electronic cash that is not based on digital signatures; see this paper by Adam Back.
18. November 1, 2011: Student presentations by Aaron Segal [slides] and Max Uhlenhuth [slides]
19. November 3, 2011: Further discussion of the BitCoin digital-cash system.
20. November 8, 2011: Guest lecture by Margot Kaminski and Wendy Seltzer
21. November 10, 2011: Differential privacy; see this paper, by Cynthia Dwork. Video of a related talk by Dwork can be found here; these are the slides used in that talk.
22. November 15, 2011: Student presentation by John Langhauser [slides] and guest presentation by Georgios Zervas [slides] on his experience discovering and resolving a threat to personal-data security on Yelp.
23. November 17, 2011: Student presentations by Matt Gaba [slides] and Ben Silver [slides]
24. November 29, 2011: Review for Exam 2
25. December 1, 2011: [Exam2] [AnswerKey2]

Reading Assignments

1. September 6, 2011: The following material is taken from a 2000 report by the National Research Council entitled "The Digital Dilemma." Because it is 11 years old, some of it is out of date, but (for better and for worse) much of it is still timely and relevant.
   • Overview of digital-copyright issues
   • Basics of copyright law, fair use, and private-use copying
   • Discussion of the Digital Millenium Copyright Act of 1998
2. September 13, 2011: Please read the following articles before class on Thursday, September 15. The main topic of discussion will be differences and similarities among books, music, and movies from the digital-copyright perspective.
   • "Thoughts on Music," by Steve Jobs
   • "The Google Print Library Project: A Copyright Analysis," by Jonathan Band
   • "Legally Speaking: The Dead Souls of the Google Booksearch Settlement," by Pamela Samuelson
3. September 17, 2011: Please read the following article before class on Thursday, September 22, in preparation for Debayan Gupta's presentation. The main topic of discussion will be the authors' conclusions, which are given in Section 11.
   • "Lessons from the Sony CD DRM Episode," by J. A. Halderman and E. W. Felten
4. September 19, 2011: Please read the following articles before class on Thursday, September 22, in preparation for Elizabeth Roberts's presentation. Note that the second article is quite long; if you do not have time to read all it, just read the executive summary and skim the rest. The main topic of discussion will be the challenge to authors' "publication rights" posed by the Internet and other digital technologies.
   • "Google's Global Library Takes a Further Blow," by Mathew Ingram
   • "Electronic Publishing in Science. Seizing the Moment: Scientists' Authorship Rights in the Digital Age"
5. September 20, 2011: Please read the following articles before class on Tuesday, September 27, in preparation for Christina Wallin's presentation. The discussion of the Anti-Counterfeit Trade Agreement document will be focused on Section 5: Enforcement of Intellectual Property Rights in the Digital Environment. So, if you may not have time to read the entire document, start with Section 5.
   • "Anti-Counterfeiting Trade Agreement"
   • "ACTA arrives (still bad, but a tiny bit better)," by Nate Anderson
   • "The ACTA Copyright Treat and Why You Should Care," by Michael Geist
6. September 24, 2011: Please read the following material in preparation for Brad Rosen's guest lecture on September 29, 2011.
   • Chapter 9 (pp. 200-234) of "The Future of the Internet -- and How to Stop it," by Jonathan Zittrain
   • "A Face Is Exposed for AOL Searcher No. 4417749," by Michael Barbaro and Tom Zeller, Jr.
   • "The Web Means the End of Forgetting," by Jeffrey Rosen
7. October 1, 2011: Please read the following material for class on Thursday, October 6, 2011. The FERPA discussion will focus on whether universities should be more proactive in informing students of their FERPA rights and whether FERPA should treat physical and electronic records differently. The social-network discussion will focus on social-network users' perception of online privacy and whether the existence of one dominant social network is a plus or minus for privacy.
   • For Ewa Syta's presentation on FERPA:
     • "The Family Educational Rights and Privacy Act: Guidance for Eligible Students," US Department of Education. If you do not have time to read this entire FERPA document, please read this FERPA FAQ.
     • "Protecting the Security of Education Records," DigiCert
     • "Princeton Dean Accesses Private Yale University Admissions Website," The Tech
   • For Franklin Song's presentation on privacy in Facebook:
     • Sections 1, 2, and 4 of "On the Leakage of Personally Identifiable Information Via Online Social Networks," by B. Krishnamurthy and C. E. Wills
     • "Why Facebook is Wrong: Privacy Is Still Important," by M. Kirkpatrick
     • "Facebook Grapples With Privacy Issues," by J. E. Vascellaro
8. October 7, 2011: Please read the following articles in preparation for Anton Petrov's presentation on October 11, 2011. The presentation and discussion will focus on real-world, collaborative-filtering attacks that have occurred over the past 15 years and technical approaches to preventing them.
   • "Why anonymous data sometimes isn't," by Bruce Schneier
   • "Pulling back the curtain on "anonymous" Twitterers," by Nate Anderson
   For a purely technical treatment of the de-anonymization techniques used in this work, see the original paper by Narayanan and Shmatikov. A FAQ about this paper can be found here.
9. October 23, 2011: Please read the following papers in preparation for Max Uhlenhuth's and Aaron Segal's presentations on November 1, 2011. Additional information about BitCoin can be found in this video and this FAQ sheet. Recently, a flaw in the incentive structure of BitCoin was found, and a fix was suggested; see this paper by Babaioff et al.
   • "BitCoins: What are they, and how do they work," by James Ball
   • "BitCoin: A Peer-to-Peer Electronic Cash System," by Satoshi Nakamoto
   • "National Strategy for Trusted Identities in Cyberspace" (You need not read the last section of this [long] document.)
   • "Comment on the Draft National Strategy for Trusted Identities in Cyberspace (NSTIC)," by Jonathan Mayer and Arvind Narayanan
10. October 25, 2011: The electronic-cash schemes covered in lectures 16 and 17 can be found in Section 12.5 of these lecture notes by Goldwasser and Bellare.
11. November 1, 2011: For the November 8 lecture by Margot Kaminski and Wendy Seltzer, please read the following articles about online identity and anonymity:
    • "Nameless in Cyberspace: Anonymity on the Internet," by Jonathan D. Wallace
    • "Slimed Online," by David Margolick
    • The Tor Project Overview
    • "Naming Names on the Internet," by Eric Pfanner
    • "When Secrets Aren't Safe with Journalists," by Chris Soghoian
    Additional (not required) background for this lecture can be found on the Fair Information Practice Principles and Privacy by Design websites.
12. November 10, 2011: For the November 15 presentation by John Langhauser, please read the following items about targeted online advertising. The first one, about EU privacy regulation, is 36 pages, the second is draft US legislation, and the other articles are short.
    • Privacy Regulation and Online Advertising, by Avi Goldfarb and Catherine Tucker
    • Commercial Privacy Bill of Rights
    • Legislation Would Let You Opt Out of Online Web Tracking, by David Kravets
    • About the Self-Regulatory Principles for Online Behavioral Advertising
    • Google Privacy Center
13. November 13, 2011: Please read the following material for November 17, 2011.
    • For Matt Gaba's presentation on location-based ads:
      • Location-Based Advertising Takes Off, by Peter Ferenczi
      • Patent awarded to Google for Location Based Advertising. (To prepare for class, concentrate on "Related Art" and "Summary of Invention.")
      • Mobile advertisers paying 4X more for location-based impressions, by Ryan Kim
      • Apple to Developers: No Location-Based Ads for you," by Barb Dybwad
      • LBS Marketing – Why the Federal Government Cares and What You Can Do About It," by Monica Desai, Greg Louer, Ryan King, and Maria Wolvin
    • For Ben Silver's presentation on privacy issues in GMAIL:
      • Ads in Gmail and your personal data,
      • Privacy Policy for Google Ads and the Google Display Network
      • EPIC -- Gmail Privacy FAQ
      • Trusting the Machines: New York State Bar Ethics Opinion Allows Attorneys to Use Gmail, by Kevin Raudebaugh