Abstract
To offer personalized services on the web and on mobile devices, service providers want to have as much information about their users as possible. In the ideal case, the user controls how much of this information is revealed during a transaction. This is a tradeoff between privacy and personalization: if the disclosed profile is too complex, it may become a pseudonym for the user, making it possible to recognize the user at a later time and link different revealed profile parts into one comprehensive profile of the individual. This paper introduces a model for profiles and analyzes it with the methods of probability theory: how much information is revealed and what is the the user’s probability of staying anonymous. The paper examines how likely it is that a provider can link different disclosed profiles and recommends algorithms to avoid a possible privacy compromise.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Pfitzmann, A., Köhntopp, M.: Anonymity, Unobservability, and Pseudonymity: A Proposal for Terminology. Designing Privacy Enhancing Technologies, 2000.
Clarke, R.: Identified, Anonymous and Pseudonymous Transactions: The Spectrum of Choice. User Identification & Privacy Protection Conference, Stockholm, 1999.
Rao, J.R. and Rohatgi, P.: Can Pseudonymity Really Guarantee Privacy? Proc. of Ninth Usenix Security Symposium, Denver, Colorado, 2000.
Alamäki, T., Björksten, M., Dornbach, P., Gripenberg, C., Győrbíró, N., Márton, G., Németh, Z., Skyttä, T., Tarkiainen, M.: Privacy Enhancing Service Architectures. Submission to Privacy Enhancing Technologies 2002.
Customer Profile Exchange (CPExchange) Specification v1.0, 2000. http://www.cpexchange.org/
Goldberg, I.A.: A Pseudonymous Communications Infrastructure for the Internet. Ph.D. dissertation, University of California at Berkeley, Fall 2000, page 7.
Chaum, D.: Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. Communications of the ACM, February 1981.
Jakobsson, M.: A Practical Mix. Eurocrypt’ 98.
Sutherland, E.: Bluetooth Security: An Oxymoron? M-Commerce Times web magazine, November 2000. http://www.mcommercetimes.com/Solutions/41
Breese, J., Heckermann, D., Kadie, C.: Empirical Analysis of Predictive Algorithms for Collaborative Filtering. Proc. of 14th Conference on Uncertainty in Artificial Intelligence, July 1998.
Resnick, P., Iacovou, N., Sushak, M., Bergstrom, P., and Riedl, J.: GroupLens: An open architecture for collaborative filtering of netnews. Proceedings of the 1994 Computer Supported Collaborative Work Conference.
Salton, G. and McGill, M.: Introduction to Modern Information Retrieval. McGraw-Hill, New York, 1983.
Chickering, D., Heckermann, D. and Meek, C.: A Bayesian Approach to Learning Bayesian Networks with Local Structure. Proc. of 13th Conference on Uncertainty in Artificial Intelligence, 1997.
Dempster, A., Laird, N. and Rubin, D. Maximum Likelihood from Incomplete Data via the EM Algorithm. Journal of the Royal Statistical Society, B 39:1–38, 1977.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Dornbach, P., Németh, Z. (2003). Privacy Enhancing Profile Disclosure. In: Dingledine, R., Syverson, P. (eds) Privacy Enhancing Technologies. PET 2002. Lecture Notes in Computer Science, vol 2482. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36467-6_7
Download citation
DOI: https://doi.org/10.1007/3-540-36467-6_7
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00565-0
Online ISBN: 978-3-540-36467-2
eBook Packages: Springer Book Archive