Symposium Program:
Thursday, October 14th
8:30AM – 9:15AM |
Registration and Continental Breakfast |
9:15AM – 9:30AM |
Opening Remarks: Dr. Katherine Strandburg, J.D., Assistant Professor, CIPLIT |
9:30AM – 11:45AM |
TOPIC #1: Biometrics and Facial Recognition (DePaul Center, Room 8005)
Moderator: Dr. Daniela Raicu, Assistant Professor, CTI |
11:45AM - NOON |
Break |
NOON – 1:15PM |
Niro Lecture and Luncheon: Professor Pamela Samuelson, Professor of Law and Information Management; Chancellor's Professor; Director, Berkeley Center for Law & Technology; University of California, Berkeley Boalt Hall School of Law, "Is Privacy Possible in Pervasive Computing Environments?" |
1:15PM – 3:45PM |
TOPIC #2: RFID and Location Tracking (DePaul Center, Room 8005) Moderator: Dr. Katherine Strandburg, J.D., Assistant Professor, CIPLIT
Dr. Ari Juels, Principal Research Scientist, Manager
of Applied Research, RSA Laboratories, "RFID Privacy: a
Technical Perspective" |
3:45PM – 4:00PM |
Coffee Break |
4:00PM– 6:00PM |
|
7:00PM |
Cocktails: Union League Club, 65 W. Jackson Blvd. |
7:30PM |
Conference Banquet:
Union League Club, 65 W. Jackson Blvd. |
Friday, October 15th
8:00AM – 8:30AM |
Continental Breakfast |
8:30AM – 10:30AM |
TOPIC #3: Data Mining and Data Aggregation (DePaul Center, Room 8005)
Moderator: Dr. Bamshad Mobasher, Associate Professor, CTI |
10:30AM – 11:00 AM |
TOPIC #4: Anonymity and Authentication (DePaul Center, Room 8005) Moderator: Professor Roberta Kwall Professor Ian Kerr, Faculty of Law at the University of Ottawa, Canada, "DOGNYMITY", Presentation (PPT ~ 5.9 MB) |
11:00AM – 11:15AM |
Coffee Break |
11:15AM-1:00PM |
Abstracts
This talk will provide an overview of biometrics from a technical perspective and addresses challenges facing the biometric system’s designers from technical and societal perspectives.
This talk will give a snapshot of the landscape in
biometrics. Different biometric techniques will be firstly discussed
and compared. How do them work and when do them fail? What are the
merits and demerits of different biometric techniques and how to
improve over existing technology? Our discussion will then focus on
a couple of specific biometric research topics, in particular, face
detection and recognition technology and its applications in
security and surveillance. I will discuss the face detection and
recognition system we developed in Motorola Labs. If time permits, I
will give a live demonstration of this system at the end of the
presentation.
The creation of privacy legislation specific to biometric identifiers must answer the threshold question of whether it is a replication or duplication of existing legislation. The specific privacy protections afforded under the auspices of the Constitution and statutory legislation are certainly applicable to biometric identifiers. The question, however, is how effective is the existing legislation in combating consumer fears and protecting privacy? Existing legislation must be evaluated not according to its own terms but to the standards of protection that it seeks to uphold. New legislative efforts then must strive to achieve the principles of protective legislation already in place while overcoming overcome its shortcomings in practice. The question considered in this paper is whether biometric identifier privacy legislation is necessary given protections afforded by existing Constitutional and legislative protections. This paper also considers how proposed privacy protections – including consent and procedural due process guarantees – might apply to the deployment of biometric technology.
Professor Mark Monmonier, Distinguished Professor of
Geography, Syracuse University, "Geographic
Aspects of Location Tracking with RFID and GPS"
Radio frequency identification (RFID) and geographical
positioning system (GPS) technologies offer potentially
complementary strategies to the problem of determining instantaneous
location and tracking people, vehicles, or merchandise. An RFID
system can record location when a subject with an RFID tag passes
within range of a compatible reader, and an RFID unit with
read-write memory and the ability to record location identifiers
from low-power transmitters along its path could be debriefed
periodically by a system design to reconstruct the subject’s route.
Whereas RFID tracking requires readers positioned at appropriate
choke points in a circulation network, GPS allows continuous
tracking, especially if linked in real-time to the wireless
telephone system—the preferred method of satisfying the federally
mandated E-911 positioning requirement. But because of signal
attenuation and multipath-corrupted signals in buildings and urban
canyons, GPS does not guarantee reliable, uninterrupted tracking.
These technical difficulties suggest that an amalgamation of RFID
and GPS solutions could pose a significantly greater threat to
locational privacy than either technology deployed independently.
Privacy issues raised by GPS tracking and its amalgamation with RFID
include retention period, the ownership of an individual’s
locational history, and a “track-me” button that would extend
“opt-in” protection to cell-telephone users. Potential for abuse
heightens concern about locational privacy as a basic right.
For the presentation slides in PDF format, please click
here.
Professor Ian Kerr, Faculty of Law at the University of Ottawa, Canada, "DOGNYMITY"
A number of proponents of individual freedom have, in
the post 9/11 era, recanted the view that anonymity is part of the
bedrock of a free and democratic society. The advent of various new
technologies further undermines the possibility of disconnecting our
identities from our actions. Is anonymity going to the dogs?
In this presentation, Professor Ian Kerr discusses the recent
assault on anonymity, followed by a description of a large
multi-disciplinary, Canadian-based research initiative that studies
the importance and impact of anonymity and authentication in a
networked society.
Professor Pamela Samuelson,
Professor of Law and Information Management; Chancellor's
Professor; Director, Berkeley Center for Law & Technology;
University of California, Berkeley Boalt Hall School of Law,
"Is Privacy Possible in Pervasive Computing Environments?"
As computing devices designed to sense physical phenomena become
tinier, more capable of internal power generation, and better able
to broadcast data and self-organize in networks, pervasive computing
environments employing sensor networks may become the “next new
thing.” Motes embedded in the tires of your car may be programmed,
for example, to let you know if the tire pressure is low; those
embedded in the walls of your home may adjust heat and/or lighting
systems to minimize electrical consumption; and those deployed in
public squares may detect pollution levels or other hazardous
contaminants and transmit signals to warning systems as needed.
The United States presently has no legal infrastructure to safeguard
privacy interests of individuals in data sensor networks may gather
and process about them. While fair information practices have
provided a general framework for information privacy in the online
world (e.g., informing firms about constructing privacy policies for
their websites), these practices may be difficult to map onto sensor
network technology. Fair information practices, for example,
typically require notice to persons affected that information about
them is being collected and for what purpose, as well as consent to
collection of the data for such a purpose. As sensors become
pervasively embedded in every day life, notice and consent may no
longer be feasible.
This presentation will explore the role legislation and policy ought
to play in protecting information privacy of persons in sensor
network environments and in regulating the technologies that enable
surveillance of persons via sensor networks. Developers should be
encouraged, and perhaps even required, to build some
privacy-protection capabilities into sensor network technologies in
order to preserve the important social values information privacy
protects.
There is significant value to society in developing
the science underpinning data mining, but also significant risk for
misuse of the technology. The same techniques that could accurately
identify malignant tumors could be used to classify individuals as
potential terrorists, and the medical information that can be used
to help doctors in emergency situations can also be used for
invasive marketing. What should our response be? To disallow data
mining altogether? To only apply it to “non-controversial” areas? To
accept some risk if the need is acute or the benefits are
compelling? If our response is to develop data mining techniques and
to apply them with care when appropriate or necessary, what checks
and balances are required in order to safeguard individual rights?
How can we constrain when and to what ends the technology is
applied, and how the results are interpreted? What are the parallels
to existing legal protections? What are the differences that make
the problem of electronic privacy more challenging?
Appreciating the distinction between developing data mining
techniques and of collecting specific kinds of data and applying
these techniques with specific objectives will allow us to focus our
attention on the appropriate checks and balances for responsible use
of the technology.
The confluence of data mining, large databases, and
networked information sources opens a wealth of possibilities for
knowledge discovery. Privacy and security concerns have lead to a
backlash against these technologies, witness the introduction in the
U.S. Senate of the "Data-Mining Moratorium Act of 2003". The irony
is that most data mining generates summary results that do not
violate privacy. Are we simply facing a need to educate the public
on what data mining really is? The answer is no: the problem is
real. It isn't data mining that is at fault, but gathering the data
into a common warehouse to enable data mining. In general, problem
arises when data must be shared.
This talk discusses how privacy-preserving data mining and other
privacy-preserving collaboration techniques can enable applications
that might otherwise be prevented due to privacy concerns, and what
research issues to be addressed before these technologies can become
reality.
Professor Solove will discuss some of the central
ideas of his forthcoming book, THE DIGITAL PERSON: TECHNOLOGY AND
PRIVACY IN THE INFORMATION AGE (NYU Press, Dec. 1, 2004). The book
examines the threat to privacy caused by the gathering of personal
information in gigantic computer databases. Massive quantities of
data about individuals are being used to make important decisions in
their lives, and the government is increasingly tapping into
companies' databases to monitor and profile people. Solove examines
why these developments are problematic and why the law has thus far
failed to respond adequately. He proposes a way to reconceptualize
information privacy in order to guide the creation of effective
regulation of data collection and use.