SaTC: CORE: Medium: Collaborative: Contextual Integrity: From Theory to Practice

SaTC：核心：媒介：协作：上下文完整性：从理论到实践

• 批准号: 1801307
• 负责人: Helen Nissenbaum
• 金额: $ 40万
• 依托单位: Cornell University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-09-01 至 2024-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1801307&HistoricalAwards=false
• 关键词: SaTC; CORE; Medium; Collaborative; Contextual

Current user-facing computer systems apply a "notice and consent" approach to managing user privacy: the user is presented with a privacy notice and then must consent to its terms. Decades of prior research show that this approach is unmanageable: policies are vague, ambiguous, and often include legal terms that make them very difficult to understand, if they are even read at all. These problems are magnified across Internet of Things (IoT) devices, which may not include displays to present privacy information, and may become so ubiquitous in the environment that users cannot possibly determine when their data is actually being captured. This project aims to solve these problems by designing new privacy management systems that automatically infer users' context-specific privacy expectations and then use them to manage the data-capture and data-sharing behaviors of mobile and IoT devices in users' environments. The goals of this research are to better understand privacy expectations, design privacy controls that require minimal user intervention, and demonstrate how emergent technologies can be designed to empower users to best manage their privacy.The theory of "Privacy as Contextual Integrity" (CI) postulates that privacy expectations are based on contextual norms, and that privacy violations occur when data flows in ways that defy these norms. The framework can be applied by modeling data flows in terms of the data type, sender, recipient, as well as the specific context (i.e., the purpose for which data is being shared). While this model makes intuitive sense, there are several open research questions that have prevented it from being applied in computer systems. Specifically, the project investigates how privacy expectations change across varying contexts through the use of surveys, interviews, and behavioral studies, and designs systems to automatically infer contextual information so that the process of determining whether or not a data flow is likely to defy user expectations can be automated. The investigators develop a prototype of the novel privacy controls and validate their usability and privacy-preserving properties through iterative laboratory and field experiments.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

当前面向用户的计算机系统应用“通知和同意”方法来管理用户隐私：向用户呈现隐私通知，然后必须同意其条款。几十年的研究表明，这种方法是无法管理的：政策是模糊的，模棱两可的，往往包括法律的条款，使他们非常难以理解，如果他们甚至阅读。这些问题在物联网（IoT）设备中被放大，这些设备可能不包括显示隐私信息的显示器，并且可能在环境中变得如此普遍，以至于用户不可能确定他们的数据何时被捕获。该项目旨在通过设计新的隐私管理系统来解决这些问题，该系统可以自动推断用户特定于上下文的隐私期望，然后使用它们来管理用户环境中移动的和物联网设备的数据捕获和数据共享行为。本研究的目标是更好地理解隐私期望，设计隐私控制，需要最少的用户干预，并展示如何新兴技术可以设计，使用户能够最好地管理他们的隐私。“隐私作为上下文完整性”（CI）的理论假设，隐私期望是基于上下文规范，隐私侵犯发生在数据流的方式，违反这些规范。可以通过根据数据类型、发送者、接收者以及特定上下文（即，数据共享的目的）。虽然这个模型具有直观的意义，但有几个开放的研究问题阻碍了它在计算机系统中的应用。具体来说，该项目通过使用调查，访谈和行为研究来调查隐私期望如何在不同的环境中变化，并设计系统来自动推断上下文信息，以便确定数据流是否可能违背用户期望的过程可以自动化。研究人员开发了一个新的隐私控制原型，并通过反复的实验室和现场实验验证其可用性和隐私保护属性。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Disaster privacy/privacy disaster

• DOI: 10.1002/asi.24353
• 发表时间: 2020-03
• 期刊: J. Assoc. Inf. Sci. Technol.
• 作者: M. Sanfilippo;Yan Shvartzshnaider;Irwin Reyes;H. Nissenbaum;Serge Egelman

Contextual Integrity Up and Down the Data Food Chain

数据食物链上下游的上下文完整性

• 发表时间: 2019
• 期刊: Theoretical inquiries in law
• 作者: Nissenbaum, Helen

Stop the Spread: A Contextual Integrity Perspective on the Appropriateness of COVID-19 Vaccination Certificates

阻止传播：从上下文完整性角度看待 COVID-19 疫苗接种证书的适当性

• DOI: 10.1145/3531146.3533222
• 发表时间: 2022
• 作者: Zhang, Shikun;Shvartzshnaider, Yan;Feng, Yuanyuan;Nissenbaum, Helen;Sadeh, Norman
• 通讯作者: Sadeh, Norman