The Privacy-Preserving Surveillance Project

Following the events of September 11, 2001, many in the American public falsely believe they must choose between safety and privacy. Work in the Data Privacy Lab on homeland security, law-enforcement, and intelligence tools has sought to develop technologies that improve these efforts while provably protecting the privacy of citzens.

See testimony: "Privacy Technologies for Homeland Security", Testimony before the Privacy and Integrity Advisory Committee of the Department of Homeland Security (“DHS”), Boston, MA, June 15, 2005. (Testimony and Appendices)

Below are some of the problems we are tackling.

1. The Credential Validation Problem
   How can we match the person presenting the credential to the subject of the credential?

   Answers depend in part on the particulars of the credentials and the purpose for which they are used. See Social Security numbers, Identity Theft, Identity Angel, Sweeney Identity Phone.

2. Observing Suspicious Behavior
   How can we observe daily life and automatically identify suspicious behavior when it occurs?

   Answers depend in part on the recording of daily life and which behaviors are considered suspicious. See Video Surveillance, Counting people in publicly available web cams, Selective Revelation, Bio-terrorism Surveillance.

3. Provably Anonymous Data
   How can we share (within existing legal frameworks) field-structured data with provable guarantees of privacy protection while the data remain practially useful?

   See Bio-terrorism Surveillance, Selective Revelation, Risk Assessment Server, Datafly, Identifiability Server, Privacy Appliance, Distributed Surveillance.

4. Distributed Surveillance
   How can a network of data holders answer a question without the data being shared or individual values revealed and the answer be the same as could be computed if the data had been shared?

   See Distributed Surveillance.

5. The Watchlist Problem
   Given a set of data holders (having transactional information on hotel reservations, car rentals, airline travelers, etc.) and a government list of people to watch, how can the data holders notify thegovernment of appearances of people on the list appearing within the transactions without: (1) people who are not the subjects on the list being falsely matched; (2) the list being provided to the data holders; and, (3) information about people not on the list being provided to the government?

   See Towards a Privacy-Preserving Watchlist Solution.

6. National Economic Vulnerabilties
   What technology tools can reduce economic vulnerabilities available over the Internet that could be used by criminals or terrorists to harm the nation's economic prosperity?

   See Identity Angel, Social Security numbers, Defeating Fraudulent Email Schemes.

7. Connect the dots (with privacy)
   How can we learn sensitive and strategic information from disparate fragments of information with privact protections?

   See Privacy-Enhanced Linking, Selective Revelation, Risk Assessment Server.

Keywords: homeland security, law-enforcement, intelligence analysis, link analysis, information extraction, anonymization, surveillance, information fusion, tracking, "connect the dots", surveillance cameras, identity theft, fraudulent scams, email scams, link analysis

Related Publications

• L. Sweeney. "Privacy Technologies for Homeland Security", Testimony before the Privacy and Integrity Advisory Committee of the Department of Homeland Security (“DHS”), Boston, MA, June 15, 2005. (Testimony and Appendices)

• L. Sweeney. Privacy-Enhanced Linking. ACM SIGKDD Explorations, 7(2) December 2005. (PDF).

• L. Sweeney. Privacy-Preserving Surveillance using Databases from Daily Life. IEEE Intelligent Systems, 20 (5), September-October 2005. Earlier version: Privacy-Preserving Surveillance Using Selective Revelation. Carnegie Mellon University, LIDAP Working Paper 15, February 2005. (PDF).

• L. Sweeney. AI Technologies to Defeat Identity Theft Vulnerabilities. AAAI Spring Symposium, AI Technologies for Homeland Security, 2005. (PDF).

• L. Sweeney and R. Gross. Mining Images in Publicly-Available Cameras for Homeland Security. AAAI Spring Symposium, AI Technologies for Homeland Security, 2005. (PDF).

• L. Sweeney. Privacy-Preserving Bio-terrorism Surveillance. AAAI Spring Symposium, AI Technologies for Homeland Security, 2005. (Poster).

• L. Sweeney. Towards a Privacy-Preserving Watchlist Solution. AAAI Spring Symposium, AI Technologies for Homeland Security, 2005. (Poster).

• E. Newton, L. Sweeney, and B. Malin. Preserving Privacy by De-identifying Facial Images. IEEE Transactions on Knowledge and Data Engineering, IEEE TKDE, February 2005. Earlier version available as: E. Newton, L. Sweeney, and B. Malin Preserving Privacy by De-identifying Facial Images. Carnegie Mellon University, School of Computer Science, Technical Report, CMU-CS-03-119. Pittsburgh: 2003. (26 pages in PDF).

In the News

• CBS News, Associated Press, March 15, 2004, "Privacy Safeguards Quietly Killed". (text)
• CBS News, Associated Press, November 4, 2002, "Germ Patrol: Like Never Before". (text)

Related Links

• Selective Revelation
• Privacy-Enhanced Linking
• Privacy-preserving Bio-terrorism Surveillance
• Face De-identification
• Identity Angel
• Webcam Surveillance
• The Watchlist Problem
• Information Explosion
• Social Security numbers
• Datafly
• Scam Spam
• Webcams

• Projects at the Data Privacy Lab
• Data Privacy Laboratory