PryMe – a Universal Framework to Measure the Strength of Privacy-enhancing Technologies
Privacy is a fundamental human right codified in the European Convention on Human Rights. However, privacy in today’s digital society is constantly under threat, and privacy protections are needed to guard against privacy violations. Privacy-enhancing technologies can protect privacy on a technical level and thus offer much stronger protection than privacy policies or privacy laws. Our expert, Dr Isabel Wagner, has been awarded an EPSRC grant to advance the state of the art in privacy measurement – a fundamental building block for the creation of new privacy-enhancing technologies.
Privacy is a universal value and an important matter of human rights, security, and freedom of expression. However, in the digital era privacy is increasingly becoming eroded, and existing protections in terms of laws and privacy policies turn out to be insufficient because they do not prevent privacy violations from happening. In contrast, privacy protections on a technical level, so-called privacy-enhancing technologies, can prevent privacy violations and are thus a topic of much current research.
One way to show how effective new privacy-enhancing technologies are, i.e. to what extent they are able to protect privacy, is to use privacy metrics to measure the amount of privacy the technologies provide. Even though many privacy metrics have been proposed, there are many studies showing their shortcomings in terms of consistency, reproducibility, and applicability in different application domains. This is an important issue because use of a weak privacy metric can lead to real-world privacy violations if the privacy metric overestimates the amount of privacy provided by a technology.
The proposed research addresses this issue by evaluating the quality of existing privacy metrics, identifying their strengths and weaknesses, and building on this evidence to propose new, much stronger privacy metrics. Our aim is to create novel privacy metrics that measure the effectiveness of privacy-enhancing technologies consistently, reproducibly, and across application domains. To achieve this aim, we will (i) create the modular framework PryMe for the systematic evaluation of privacy metrics, (ii) apply the PryMe framework to evaluate privacy metrics across application domains, and (iii) propose strong new privacy metrics that work in each application domain.
By proposing a single framework to evaluate privacy metrics in many application domains, we allow research ideas on privacy metrics from different domains to complement each other, which will transform how privacy is measured. To further this transformation, we will release open source code for the PryMe framework to enable other researchers to study different application domains and new privacy metrics. In the long term, this will be relevant to improve privacy-enhancing technologies, and thereby improve privacy for end users.
Privacy measurement is important not only to improve privacy-enhancing technologies, but also to analyse trade-offs between privacy and data utility, or between privacy and security. Better privacy metrics therefore not only improve privacy for end users, but also improve the decision-making in situations when privacy needs to be weighed against utility or security. Better privacy metrics can also help improve the user acceptance of new technologies such as vehicular networks and smart homes by showing that privacy issues have been addressed on a technical level.
Dr Isabel Wagner is a Senior Lecturer in the Cyber Technology Institute at De Montfort University.
We are currently recruiting a Research Fellow to support this project: http://www.jobs.ac.uk/job/AXF213/research-fellow-in-privacy-enhancing-technologies/
For more information about this project, please contact: firstname.lastname@example.org