Making privacy violations transparent and accountable.
While privacy is a human right, it is not an absolute right. A world in which privacy rights are taken as fundamental and absolute is as horrible and terrifying as a world in which there is no privacy at all. Privacy has to be balanced against other requirements that may imply that an individual’s privacy is sometimes breached. This can be made more acceptable if those breaches are made transparent, so that the subject whose privacy is breached can see that this has happened, and the agents that caused the breach can be held accountable. In the talk, I explore how this could be achieved, and discuss examples around payment systems, and location-based services.
Mark D. Ryan is HP Inc. Professor of Cyber Security at the University of Birmingham, UK. He is director of the Birmingham Centre for Cyber Security and Privacy. He leads the security research group at Birmingham, which is recognised by NCSC and EPSRC as an Academic Centre of Excellence in Cyber Security. His research achievements include developing security concepts and systems for internet-based voting; systems for cloud computing that guarantee confidentiality from the cloud provider; design and development of methods and tools for analysis of security protocols; analysis of protocols of hardware roots of trust (especially the TPM), and of 3G telephony. These results have been published in top conferences and journals, including IEEE S&P, ACM CCS, J. Computer Security, CSF, NDSS. Mark holds a BA and MA from University of Cambridge, and a PhD in Computer Science from Imperial College, London.