Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
97 tokens/sec
GPT-4o
53 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

When PETs misbehave: A Contextual Integrity analysis (2312.02509v1)

Published 5 Dec 2023 in cs.CR, cs.CY, cs.IT, and math.IT

Abstract: Privacy enhancing technologies, or PETs, have been hailed as a promising means to protect privacy without compromising on the functionality of digital services. At the same time, and partly because they may encode a narrow conceptualization of privacy as confidentiality that is popular among policymakers, engineers and the public, PETs risk being co-opted to promote privacy-invasive practices. In this paper, we resort to the theory of Contextual Integrity to explain how privacy technologies may be misused to erode privacy. To illustrate, we consider three PETs and scenarios: anonymous credentials for age verification, client-side scanning for illegal content detection, and homomorphic encryption for machine learning model training. Using the theory of Contextual Integrity, we reason about the notion of privacy that these PETs encode, and show that CI enables us to identify and reason about the limitations of PETs and their misuse, and which may ultimately lead to privacy violations.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (52)
  1. Bugs in our pockets: The risks of client-side scanning. arXiv preprint arXiv:2110.07450, 2021.
  2. Bringing data minimization to digital wallets at scale with general-purpose zero-knowledge proofs. arXiv preprint arXiv:2301.00823, 2023.
  3. Big data’s end run around anonymity and consent. Privacy, big data, and the public good: Frameworks for engagement, 1:44–75, 2014.
  4. Matt Bartlett. Beyond privacy: Protecting data interests in the age of artificial intelligence. Law, Technology and Humans, 3(1):96–108, 2021.
  5. Simple threshold (fully homomorphic) encryption from lwe with polynomial modulus. Cryptology ePrint Archive, 2023.
  6. Must the communication graph of MPC protocols be an expander? Journal of Cryptology, 36(3):20, 2023.
  7. Matt Burgess. EU plan to scan private messages for child abuse images puts encryption at risk. Wired. Online at https://www.wired.com/story/europe-csam-scanning-law-chat-encryption/, May 2022.
  8. Fast keyed-verification anonymous credentials on standard smart cards. In ICT Systems Security and Privacy Protection: 34th IFIP TC 11 International Conference, SEC 2019, Lisbon, Portugal, June 25-27, 2019, Proceedings 34, pages 286–298. Springer, 2019.
  9. Chiara Castro. This company believes to have the solution to ChatGPT privacy problems.
  10. Ann Cavoukian. Privacy by design. 2009.
  11. Privacy harms. BUL Rev., 102:793, 2022.
  12. CNIL. Online age verification: balancing privacy and the protection of minors. Online at https://www.cnil.fr/en/online-age-verification-balancing-privacy-and-protection-minors, September 2022.
  13. Privacy harms. Hastings LJ, 69:1039, 2017.
  14. Bennett Cyphers. Don’t play in Google’s Privacy Sandbox. EFF. Online at https://www.eff.org/deeplinks/2019/08/dont-play-googles-privacy-sandbox-1, August 2019.
  15. Emiliano De Cristofaro. A critical overview of privacy in machine learning. IEEE Security & Privacy, 19(4):19–27, 2021.
  16. Understanding the landscape of privacy technologies. Proceedings of the information security summit, 12:58–63, 2012.
  17. End-to-end encrypted messaging protocols: An overview. In Internet Science: Third International Conference, INSCI 2016, Florence, Italy, September 12-14, 2016, Proceedings 3, pages 244–254. Springer, 2016.
  18. Federal Bureau of Investigation. The lawful access challenge. Online at https://www.fbi.gov/about/mission/lawful-access.
  19. Privacy-free garbled circuits with applications to efficient zero-knowledge. In Advances in Cryptology-EUROCRYPT 2015: 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26-30, 2015, Proceedings, Part II, pages 191–219. Springer, 2015.
  20. Dan Goodin. Signal CEO: We “1,000% won’t participate” in UK law to weaken encryption. Ars Technica. Online at https://arstechnica.com/information-technology/2023/02/signal-vows-to-defy-uk-legislation-that-puts-e2e-encryption-in-the-crosshairs/, February 2023.
  21. Matthew Green. Can end-to-end encrypted systems detect child sexual abuse imagery? Online at https://blog.cryptographyengineering.com/2019/12/08/on-client-side-media-scanning/, December 2019.
  22. Seda Gürses. Multilateral privacy requirements analysis in online social network services. PhD thesis, KU Leuven, 2010.
  23. Seda Gürses. PETs and their users: a critical review of the potentials and limitations of the privacy as confidentiality paradigm. Identity in the Information Society, 3:539–563, 2010.
  24. Adversarial detection avoidance attacks: Evaluating the robustness of perceptual hashing-based client-side scanning. In 31st USENIX Security Symposium (USENIX Security 22), pages 2317–2334, 2022.
  25. Craig Jarvis. Crypto Wars: The Fight for Privacy in the Digital Age: a Political History of Digital Encryption. CRC Press, 2020.
  26. Sok: Anonymous credentials. In International Conference on Research in Security Standardisation, pages 129–151. Springer, 2023.
  27. Laura Kayali. No porn, no instagram for kids: France doubles down on age verification. Politico. Online at https://www.politico.eu/article/no-porn-no-instagram-for-kids-france-doubles-down-age-verification-emmanuel-macrons-nick-clegg/, February 2023.
  28. Age verification mandates would undermine anonymity online. EFF. Online at https://www.eff.org/deeplinks/2023/03/age-verification-mandates-would-undermine-anonymity-online, March 2023.
  29. Cameron F. Kerry. Protecting privacy in an AI-driven world. The Brookings Institution. Online at https://www.brookings.edu/research/protecting-privacy-in-an-ai-driven-world/, February 2020.
  30. Richie Koch. Why client-side scanning isn’t the answer. Online at https://proton.me/blog/why-client-side-scanning-isnt-the-answer, January 2023.
  31. Susan Landau. Bugs in our pockets: The risks of client-side scanning. Lawfare. Online at https://www.lawfareblog.com/bugs-our-pockets-risks-client-side-scanning, October 2021.
  32. David Lyon. Surveillance as social sorting: Privacy, risk, and digital discrimination. Psychology Press, 2003.
  33. PIMA: A Privacy-preserving Identity management system based on an unlinkable MAlleable signature. Journal of Network and Computer Applications, 208:103517, 2022.
  34. Dark patterns at scale: Findings from a crawl of 11k shopping websites. Proceedings of the ACM on Human-Computer Interaction, 3(CSCW):1–32, 2019.
  35. SecureML: A system for scalable privacy-preserving machine learning. In 2017 IEEE symposium on security and privacy (SP), pages 19–38. IEEE, 2017.
  36. Privacy is an essentially contested concept: a multi-dimensional analytic for mapping privacy. Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences, 374(2083):20160118, 2016.
  37. Joe Mullin. The EARN IT bill is back, seeking to scan our messages and photos. EFF. Online at https://www.eff.org/deeplinks/2023/04/earn-it-bill-back-again-seeking-scan-our-messages-and-photos, April 2023.
  38. Helen Nissenbaum. Privacy as contextual integrity. Wash. L. Rev., 79:119, 2004.
  39. Helen Nissenbaum. Respect for context as a benchmark for privacy online: What it is and isn’t. Cahier de prospective, 19, 2014.
  40. Helen Nissenbaum. Contextual integrity up and down the data food chain. Theoretical Inquiries in Law, 20(1):221–256, 2019.
  41. Greg Noone. Is client-side scanning the future of content moderation? TechMonitor. Online at https://techmonitor.ai/policy/privacy-and-data-protection/client-side-scanning-content-moderation, August 2022.
  42. Sok: Security and privacy in machine learning. In 2018 IEEE European Symposium on Security and Privacy (EuroS&P), pages 399–414. IEEE, 2018.
  43. Riana Pfefferkorn. The EARN IT act: How to ban end-to-end encryption without actually banning it. Online at https://cyberlaw.stanford.edu/blog/2020/01/earn-it-act-how-ban-end-end-encryption-without-actually-banning-it, January 2020.
  44. Emma Roth. Online age verification is coming, and privacy is on the chopping block. The Verge. Online at https://www.theverge.com/23721306/online-age-verification-privacy-laws-child-safety, May 2023.
  45. Protecting data from all parties: Combining FHE and DP in federated learning. arXiv preprint arXiv:2205.04330, 2022.
  46. Privacy-preserving deep learning. In Proceedings of the 22nd ACM SIGSAC conference on computer and communications security, pages 1310–1321, 2015.
  47. Decentralized privacy-preserving proximity tracing. arXiv preprint arXiv:2005.12273, 2020.
  48. U.S. Department of Justice. Office of Public Affairs. International statement: End-to-end encryption and public safety. Online at https://www.justice.gov/opa/pr/international-statement-end-end-encryption-and-public-safety, October 2020.
  49. Privacy and security in the cloud: Some realism about technical solutions to transnational surveillance in the post-Snowden era. Me. L. Rev., 66:487, 2013.
  50. Salome Viljoen. A relational theory of data governance. Yale LJ, 131:573, 2021.
  51. Evoking comprehensive mental models of anonymous credentials. In Open Problems in Network Security: IFIP WG 11.4 International Workshop, iNetSec 2011, Lucerne, Switzerland, June 9, 2011, Revised Selected Papers, pages 1–14. Springer, 2012.
  52. Privacy-preserving machine learning: Methods, challenges and directions. arXiv preprint arXiv:2108.04417, 2021.
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (2)
  1. Ero Balsa (4 papers)
  2. Yan Shvartzshnaider (17 papers)

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets