Archives for posts with tag: anonymity

The 15th Privacy Enhancing Technologies Symposium (PETS) was held June 30 – July 20 2015 at Drexel University, Philadelphia. Please find below a summary of some of the presentations given on day #1. (I have not included a summary of all talks, and do not pay an equal amount of attention to all talks).

I have also made reports for day #1.
Read the rest of this entry »

Europe is currently discussing an update of its data protection regime. The Albrecht Report suggests several amendments to the Commission’s proposal for a new regulation. One of the proposals is to limit the protection for pseudonymous data. I think this a dangerous idea.

Read the rest of this entry »

In the IRMA (I Reveal My Attributes) project we are working to make attribute based credentials practical. One of the things we have been looking at is possible use cases for such credentials, especially when they are implemented on a (contactless) smart card. One particularly interesting use case is the sale of tickets for events.

Read the rest of this entry »

In this rather long post, I’d like to discuss the practical difficulty of securely collecting and combining attributes from different contexts when one starts using a system based on attribute based credentials. How do you determine that two separate contexts really belong to the same person? How do you ensure that a few people colluding cannot create a supercredential combining their individual attributes.

Read the rest of this entry »

When discussing privacy properties of a system, people often say their system offers both unlinkability and untraceability. To me that does not make much sense, because they essentially boil down to the same thing.

Read the rest of this entry »

Daniel Solove recently wrote a short piece on The Virtues of Anonymity. He observes that anonymity can be used both for good and bad purposes, and he therefore argues for striking a balance between the two through the concept of “traceable anonymity”. In this legal concept, people’s anonymity is protected by law, unless anonymity is abused to cause harm. In that case, according to Solove, the law should preserve a way to trace the identity of the culprit.

Interestingly, I have been arguing for the technical realisation of a related concept called Revocable Privacy for a few years now. Read the rest of this entry »