Internet privacy

Internet privacy involves the right or mandate of personal privacy concerning the storage, re-purposing, provision to third parties, and display of information pertaining to oneself via the Internet. Internet privacy is a subset of data privacy. Privacy concerns have been articulated from the beginnings of large-scale computer sharing and especially relate to mass surveillance enabled by the emergence of computer technologies. Privacy can entail either personally identifiable information (PII) or non-PII information such as a site visitor's behaviour on a website. PII refers to any information that can be used to identify an individual. For example, age and physical address alone could identify who an individual is without explicitly disclosing their name, as these two factors are unique enough to identify a specific person typically. Other forms of PII may soon include GPS tracking data used by apps, as the daily commute and routine information can be enough to identify an individual

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Related publications (26)

Related publications

Related people (3)

Related people

Related units (2)

Related units

Related concepts (46)

Related concepts

Related courses (13)

Related courses

Related lectures (37)

Related lectures

Protecting privacy through metadata analysis

Sandra Deepthy Siby

Although encryption hides the content of communications from third parties, metadata, i.e., the information attached to the content (such as the size or timing of communication) can be a rich source of details and context. In this dissertation, we demonstrate the power of metadata analysis. We illustrate ways in which we can use metadata analysis to protect privacy, by addressing two problems in the areas of network and web privacy.In the first problem, we study recently standardized protocols such as encrypted DNS and QUIC. We show how metadata analysis can be used by adversaries to perform website-fingerprinting attacks against these protocols and to infer websites visited by a user, thereby compromising their privacy. We use the insights from our analysis to identify the requirements for developing effective countermeasures and to improve the resistance of these protocols to website fingerprinting. We find that hiding metadata is challenging.In the second problem, we address the issue of online advertising and tracking services (ATS) that are constantly evolving to evade privacy protections established by browser vendors. We demonstrate how the very fact of metadata being hard to hide can be useful to defenders. Defenders can use metadata analysis to build ATS-detection systems that are more robust against adversarial evasion by capturing behavioral metadata of ATS. We use our findings to detect and counter the emergence of tracking via first-party cookies.

EPFL2022

Protecting Privacy in Multi-agent Optimization

Eric Zbinden

Many real-life optimization problems involve multiple entities, or agents (individuals, companies...), with their own private constraints and preferences, communicating with each other in order to find a solution that maximizes the overall public satisfaction. In Artificial Intelligence, the field of Distributed Constraint Optimization (DCOP) has been addressing such multi-agent optimization problems, through distributed message-passing algorithms such as the DPOP algorithm. However, the research in DCOP has been neglecting the privacy of the information exchanged by the agents during the computing of the solution, which is critical to many real-life problems. While agents are willing to cooperate with each other to produce an optimal solution, they are most often reluctant to reveal their private constraints and preferences to other, which hinders this cooperation. The goal of this project was to implement, test, and evaluate a secured version of DPOP, P-DPOP. P-DPOP provides strong agent privacy and topology privacy by randomization, constraints privacy and limited decision privacy by obfuscation. The algorithm was implemented in Java, as part of the open-source FRODO platform for DCOP.

2010

Rethinking Location Privacy for Unknown Mobility Behaviors

Carmela González Troncoso, Simón Oya Diez

Location Privacy-Preserving Mechanisms (LPPMs) in the literature largely consider that users' data available for training wholly characterizes their mobility patterns. Thus, they hardwire this information in their designs and evaluate their privacy properties with these same data. In this paper, we aim to understand the impact of this decision on the level of privacy these LPPMs may offer in real life when the users' mobility data may be different from the data used in the design phase. Our results show that, in many cases, training data does not capture users' behavior accurately and, thus, the level of privacy provided by the LPPM is often overestimated. To address this gap between theory and practice, we propose to use blank-slate models for LPPM design. Contrary to the hardwired approach, that assumes known users' behavior, blank-slate models learn the users' behavior from the queries to the service provider. We leverage this blank-slate approach to develop a new family of LPPMs, that we call Profile Estimation-Based LPPMs. Using real data, we empirically show that our proposal outperforms optimal state-of-the-art mechanisms designed on sporadic hardwired models. On non-sporadic location privacy scenarios, our method is only better if the usage of the location privacy service is not continuous. It is our hope that eliminating the need to bootstrap the mechanisms with training data and ensuring that the mechanisms are lightweight and easy to compute help fostering the integration of location privacy protections in deployed systems.

IEEE COMPUTER SOC2019

Tor (network)

Tor, short for The Onion Router, is free and open-source software for enabling anonymous communication. It directs Internet traffic via a free, worldwide, volunteer overlay network that consists of mo

Anonymous proxy

An anonymizer or an anonymous proxy is a tool that attempts to make activity on the Internet untraceable. It is a proxy server computer that acts as an intermediary and privacy shield between a clien

Google

Google LLC (ˈɡuːɡəl) is an American multinational technology company focusing on artificial intelligence, online advertising, search engine technology, cloud computing, computer software, quantum co

COM-402: Information security and privacy

This course provides an overview of information security and privacy topics. It introduces students to the knowledge and tools they will need to deal with the security/privacy challenges they are likely to encounter in today's Big Data world. The tools are illustrated with relevant applications.

MGT-411: Innovation management

This is a collection of lectures on "structured innovation systems," codified approaches to stimulating and managing the process of innovation. Some of the systems to be covered may be Design Thinking, Open Innovation, Crowdsourcing, Lean Innovation, and other structured innovation systems.

CS-438: Decentralized systems engineering

A decentralized system is one that works when no single party is in charge or fully trusted. This course teaches decentralized systems principles while guiding students through the development and testing of their own decentralized system incorporating messaging, encryption, and blockchain concepts.