Privacy and Trust in Online Interactions

Privacy and Trust in Online Interactions

Leszek Lilien (Western Michigan University, USA) and Bharat Bhargava (Purdue University, USA)
Copyright: © 2009 |Pages: 38
DOI: 10.4018/978-1-60566-012-7.ch005

Abstract

Any interaction—from a simple transaction to a complex collaboration—requires an adequate level of trust between interacting parties. Trust includes a conviction that one’s privacy is protected by the other partner. This is as true in online transactions as in social systems. The recognition of the importance of privacy is growing since privacy guarantees are absolutely essential for realizing the goal of pervasive computing. This chapter presents the role of trust and privacy in interactions; emphasizing their interplay. In particular; it shows how one’s degree of privacy can be traded for a gain in the level of trust perceived by the interaction partner. After a brief overview of related research; the idea and mechanisms of trading privacy for trust are explored. Conclusions and future trends in dealing with privacy and trust problems complement the chapter.
Chapter Preview
Top

Introduction

Any interaction—from a simple transaction to a complex collaboration—can be successful only if an adequate level of trust exists between interacting entities. One of the more important components of trust of an entity in its interaction partner is its reliance that the partner is both willing and able to protect entity’s privacy. This is as true in the cyberspace as in social systems.

The need for privacy is broadly recognized by individuals, businesses, the government, the computer industry, and academic researchers. Examples are shown in Table 1. The growing recognition of the importance of privacy is motivated not only by users’ sensitivity about their personal data. Other factors include business losses due to privacy violations, and enactments of federal and state privacy laws. Even more important, the quest for the promised land of pervasive computing will fail if adequate privacy guarantees are not provided.

Table 1.
Recognition of the need for privacy by different entities
Recognition of the need for privacy by individuals (Cranor, Reagle, & Ackerman, 1999)
• 99% unwilling to reveal their SSN
• 18% unwilling to reveal their favorite TV show
Recognition of the need for privacy by businesses
• Online consumers worrying about revealing personal data held back $15 billion in online revenue in 2001 (Kelley, 2001)
Recognition of the need for privacy by the federal government
• Privacy Act of 1974 for federal agencies (Privacy Act, 2004)
• Health Insurance Portability and Accountability Act of 1996 (HIPAA) (Summary HIPAA, 2003; Mercuri, 2004)
Recognition of the need for privacy by computer industry research (examples)
• IBM—incl. Privacy Research Institute (IBM Privacy, 2007)
• Topics include: pseudonymity for e-commerce, EPA, and EPAL—enterprise privacy architecture and language, RFID privacy, privacy-preserving video surveillance, federated identity management (for enterprise federations), privacy-preserving data mining and privacy-preserving mining of association rules, hippocratic (privacy-preserving) databases, online privacy monitoring
• Microsoft Research—including Trustworthy Computing Initiative (Trustworthy Computing, 2003)
• The biggest research challenges: reliability/security/privacy/business Integrity
• Topics include: DRM—digital rights management (incl. watermarking surviving photo editing attacks), software rights protection, intellectual property and content protection, database privacy and privacy-preserving data mining, anonymous e-cash, anti-spyware
Recognition of the need for privacy by academic researchers (examples)
• Trust negotiation with controlled release of private credentials, privacy-trust tradeoff
• Trust negotiation languages
• Privacy metrics
• Anonymity and k-anonymity
• Privacy-preserving data mining and privacy-preserving database testing
• Privacy-preserving data dissemination
• Preserving location privacy in pervasive computing, and privacy-preserving location-based routing and services in networks
• Trust negotiation with controlled release of private credentials
• Genomic privacy

Complete Chapter List

Search this Book:
Reset