Privacy Preserving Machine Learning as a Service

Hesamifard, Ehsan

05 1900

Machine learning algorithms based on neural networks have achieved remarkable results and are being extensively used in different domains. However, the machine learning algorithms requires access to raw data which is often privacy sensitive. To address this issue, we develop new techniques to provide solutions for running deep neural networks over encrypted data. In this paper, we develop new techniques to adopt deep neural networks within the practical limitation of current homomorphic encryption schemes. We focus on training and classification of the well-known neural networks and convolutional neural networks. First, we design methods for approximation of the activation functions commonly used in CNNs (i.e. ReLU, Sigmoid, and Tanh) with low degree polynomials which is essential for efficient homomorphic encryption schemes. Then, we train neural networks with the approximation polynomials instead of original activation functions and analyze the performance of the models. Finally, we implement neural networks and convolutional neural networks over encrypted data and measure performance of the models.

Homomorphic encryption

machine learning

data privacy

deep learning

convolutional neural network

neural network

Data Security and Privacy under the Binary Cloak

Ji, Tianxi

26 August 2022

No description available.

Computer Science

Computer Engineering

Data Security

Data Privacy

Differential Privacy

Fingerprinting

Utility

Towards a Better Understanding of User`s Information in Electronic-Mentalhealth Services

Atuhaire, Eutaxy Neri

January 2022

Information Technology has enabled the increase of virtual business particularly towards mental health. Most health institutions have adopted using the internet to aid users get much needed help from different geographical areas. With the increase in availability of the internet, applications and websites in plenty have sprouted up due to this factor; data usage and that generated has in turn also increased carrying along with its challenges towards the data privacy of consumers’ information in electronic mental health inclusive of third party access to user data. Based on the literature review, evidence of data sharing to third parties and weak privacy policies from the e-mental health applications is illustrated, alongside its challenges and some solutions towards ensuring the privacy of user information. This area has also illustrated the different governing data privacy policies in United Kingdom both before and post-Brexit. The purpose of this thesis is to assess how the present data handling techniques are affecting user data, while citing the positive and negative outcomes of using these platforms inclusive of the relevant future recommendations towards the best practices towards ensuring data privacy of user information in electronic-mental health services.

Data Privacy

Electronic Mental Health

Övrig annan teknik

Studies on Privacy-Aware Data Trading / プライバシーを考慮したデータ取引に関する研究

Zheng, Shuyuan

25 September 2023

京都大学 / 新制・課程博士 / 博士(情報学) / 甲第24933号 / 情博第844号 / 新制||情||141(附属図書館) / 京都大学大学院情報学研究科社会情報学専攻 / (主査)教授 伊藤 孝行, 教授 鹿島 久嗣, 教授 岡部 寿男, 阿部 正幸(NTT社会情報研究所) / 学位規則第4条第1項該当 / Doctor of Informatics / Kyoto University / DGAM

data trading

data economy

data pricing

data privacy

market design

007

A Jagged Little Pill: Ethics, Behavior, and the AI-Data Nexus

Kormylo, Cameron Fredric

21 December 2023

The proliferation of big data and the algorithms that utilize it have revolutionized the way in which individuals make decisions, interact, and live. This dissertation presents a structured analysis of behavioral ramifications of artificial intelligence (AI) and big data in contemporary society. It offers three distinct but interrelated explorations. The first chapter investigates consumer reactions to digital privacy risks under the General Data Protection Regulation (GDPR), an encompassing regulatory act in the European Union aimed at enhancing consumer privacy controls. This work highlights how consumer behavior varies substantially between high- and low-risk privacy settings. These findings challenge existing notions surrounding privacy control efficacy and suggest a more complex consumer risk assessment process. The second study shifts to an investigation of historical obstacles to consumer adherence to expert advice, specifically betrayal aversion, in financial contexts. Betrayal aversion, a well-studied phenomenon in economics literature, is defined as the strong dislike for the violation of trust norms implicit in a relationship between two parties. Through a complex simulation, it contrasts human and algorithmic financial advisors, revealing a significant decrease in betrayal aversion when human experts are replaced by algorithms. This shift indicates a transformative change in the dynamics of AI-mediated environments. The third chapter addresses nomophobia – the fear of being without one's mobile device – in the workplace, quantifying its stress-related effects and impacts on productivity. This investigation not only provides empirical evidence of nomophobia's real-world implications but also underscores the growing interdependence between technology and mental health. Overall, the dissertation integrates interdisciplinary theoretical frameworks and robust empirical methods to delineate the profound and often nuanced implications of the AI-data nexus on human behavior, underscoring the need for a deeper understanding of our relationship with evolving technological landscapes. / Doctor of Philosophy / The massive amounts of data collected online and the smart technologies that use this data often affect the way we make decisions, interact with others, and go about our daily lives. This dissertation explores that relationship, investigating how artificial intelligence (AI) and big data are changing behavior in today's society. In my first study, I examine how individuals respond to high and low risks of sharing their personal information online, specifically under the General Data Protection Regulation (GDPR), a new regulation meant to protect online privacy in the European Union. Surprisingly, the results show that changes enacted by GDPR, such as default choices that automatically select the more privacy-preserving choice, are more effective in settings in which the risk to one's privacy is low. This implies the process in which people decide when and with whom to share information online is more complex than previously thought. In my second study, I shift focus to examine how people follow advice from experts, especially in financial decision contexts. I look specifically at betrayal aversion, a common trend studied in economics, that highlights individuals' unwillingness to trust someone when they fear they might be betrayed. I examine if betrayal aversion changes when human experts are replaced by algorithms. Interestingly, individuals displayed no betrayal aversion when given a financial investment algorithm, showing that non-human experts may have certain benefits for consumers over their human counterparts. Finally, I study a modern phenomenon called 'nomophobia' – the fear of being without your mobile phone – and how it affects people at work. I find that this fear can significantly increase stress, especially as phone-battery level levels decrease. This leads to a reduction in productivity, highlighting how deeply technology is intertwined with our mental health. Overall, this work utilizes a mix of theories and detailed analyses to show the complex and often subtle ways AI and big data are influencing our actions and thoughts. It emphasizes the importance of understanding our relationship with technology as it continues to evolve rapidly.

AI-Human Collaboration

AI Ethics

Experimental Economics

Econometrics

Data Privacy

Privacy Decision Making

Nomophobia

E-Health data risks & protection for public cloud : An elderly healthcare usecase for Swedish municipality

Dhyani, Deepak

January 2023

Organizations are increasingly adopting the cloud to meet their business goals more cost-effectively. Cloud benefits like scalability, broad access, high availability, and cost-effectiveness provide a great incentive for organizations to move their applications to the cloud. However, concerns regarding privacy data protection remain one of the top concerns for applications migrating to the cloud. With various legislations and regulations mandating organizations to protect personal data, it is required that cloud applications and associated infrastructure are designed in a manner that provides adequate data protection. To achieve this there is a need to understand various data protection legislations, regulations, and risks faced by the cloud applications and various security controls that can be put in place to address those. Smart homes equipped with health monitoring systems have the potential to monitor the health of elderly people in their homes. In such homes, sensors are employed to monitor the activity of individuals and leverage that information to detect anomalies and raise alarms to the caretakers. However, hosting such a system in the cloud has potential privacy impacts, since health data is treated as sensitive privacy data in many regulations.  This thesis is conducted based on a use case of the deployment of an elderly health care monitoring system for municipalities in Sweden. I analyzed various regulations and privacy risks in migrating such a health monitoring system to the public cloud, the regulations captured are specific to the use case where the e-health data of Swedish citizens is captured in the cloud. The study also highlights various data protection approaches that can be employed to address the identified concerns.  In the thesis, I highlighted that data residency, data control, and the possibility of data leakage from the public cloud are among the top concerns for the municipality. I also listed various applicable data protection regulations and legislation, with “Swedish law for public access to information and secrecy” having a crucial influence on privacy data storage. I evaluated various data protection approaches to alleviate the above concerns, which include access control, anonymization, data splitting, cryptographic measures, and leveraging public cloud capabilities.

Data Protection

Data Privacy Risks

Public Cloud Data Protection

Computer Systems

Datorsystem

Essays on Information and Knowledge in Microeconomic Theory

Heiny, Friederike Julia

18 October 2022

Diese Dissertation besteht aus drei unabhängigen Kapiteln, die sich mit Wissen und Informationen in der mikroökonomischen Theorie beschäftigen. In Kapitel 1 untersuchen wir ein Duopolmodell mit Preisdiskriminierung, bei dem die Verbraucher über ihren Datenschutz entscheiden. Wir stellen zwei Datenumgebungen gegenüber und finden für jede ein Gleichgewicht. In einer offenen Datenumgebung geben alle Verbraucher ihre Daten preis. Unternehmen diskriminieren bei der Preisgestaltung, was zu Wohlfahrtsverlusten aufgrund von Abwerbung führt. In einer Umgebung mit exklusiven Daten anonymisieren sich die Verbraucher, die Preise sind einheitlich, und der Markt ist effizient. Wir testen die Gleichgewichte in einem Experiment. In Kapitel 2 untersuchen wir ein Modell einer Organisation, die wissensintensive Produktion betreibt. Der Organisationsdesigner stellt Arbeiter ein, die mit Wissen ausgestattet sind, um Probleme zu lösen, deren Art ex ante unbekannt ist. Der Designer bestimmt, ob die Arbeitnehmer einzeln oder im Team produzieren. Als Team können die Arbeitnehmer kommunizieren und ihr Wissen teilen, während sie bei Einzelarbeit nur ihr eigenes Wissen nutzen können. Wir stellen fest, dass Teamarbeit optimal ist, wenn Spillovers ausreichend hoch sind. Insbesondere dann, wenn Spillovers perfekt oder alle Problemtypen gleich wahrscheinlich sind, sind selbstverwaltete Teams optimal. In Kapitel 3 untersuche ich ein dynamisches Modell mit einem Moral-Hazard-Problem und einem kostspieligen Wissenstransfer. Ein Auftraggeber stellt zwei risikoneutrale, vermögensbeschränkte Agenten ein, die jeweils eine individuelle Aufgabe in einem Projekt übernehmen. Bevor sie sich ihren Aufgaben zuwenden, können die Agenten beschließen, Wissen zu transferieren, das die Produktivität des Empfängers erhöht. Der Auftraggeber kann durch ein gemeinsames Leistungssignal einen Transfer mit oder ohne Verpflichtungsmacht veranlassen. / This dissertation consists of three independent chapters that contribute to understanding how knowledge and information is used in microeconomic theory. In Chapter 1, we study a duopoly model of behavior-based pricing where consumers decide on their data privacy. Contrasting two data environments, we find unique equilibria for each. In an open data environment, all consumers reveal their data. Firms price discriminate causing welfare losses due to poaching. In an exclusive data environment, consumers anonymize, prices are uniform, and the market is efficient. We test the predictions in an experiment. In the open data treatment, subjects act as predicted. In the exclusive data treatment, buyers initially share data but anonymize when sellers poach. In Chapter 2, we study a model of an organization engaging in knowledge-intensive production. The organizational designer hires workers endowed with knowledge to solve problems whose types are ex ante unknown. The designer determines whether workers produce individually or as team. As team, workers can communicate and share their knowledge, while when working individually they can only use their own knowledge. We find that teamwork is optimal when spillovers are sufficiently high. Particularly, when spillovers are perfect, or all problem types are equally likely, self-managed teams arise as a special form of teamwork. In Chapter 3, I explore a dynamic model with a moral hazard problem and knowledge transfer. A principal hires two risk-neutral, wealth-constrained agents to each perform an individual task in a project. Before they address their tasks, the agents can decide to transfer knowledge that increases the task-related productivity of the receiver. The transfer is costly for both. I find that the principal can induce a transfer with or without commitment power through a joint performance signal. It is not clear that commitment is always better, even though with commitment the first-best allocation can be achieved.

Mikroökonomik

Wissen

Datenschutz

Teamarbeit

Microeconomics

Knowledge

Data Privacy

Teamwork

330 Wirtschaft

QC 100

ddc:330

An analysis of the Privacy Policy of Browser Extensions

Zachariah, Susan Sarah

January 2024

Technological advancement has transformed our lives by bringing unparalleled convenience and efficiency. Data, particularly consumer data, essential for influencing businesses and developing personalized experiences, is at the heart of this transition. Companies may improve consumer satisfaction and loyalty by using data analysis to customize their products and services. However, the collection and utilization of consumer data raise privacy concerns. Protecting customers’ personal information is essential to maintaining trust, respecting individual autonomy, and preventing unauthorized access or misuse. Along with the protection of data, transparency is also another essential factor. When companies or organizations deal with users’ data, they are liable to inform these users of anything and everything that happens with their data. Our study focuses on the online privacy policies of Google Chrome browser extensions. We have tried to find the extensions that comply with the data protection guidelines and if all Google Chrome browser extensions are transparent enough to mention the details as per guidelines. Utilizing the power of Natural Language Processing (NLP) techniques, we have employed advanced methodologies to extract insights from these policies.

Privacy policy

Browser extension

Data privacy and management

Computer Sciences

Datavetenskap (datalogi)

Public knowledge of digital cookies : Exploring the design of cookie consent forms

Gröndahl, Louise

January 2020

Forms for consent regarding the use of digital cookies are currently used by websites to convey the information about the use of digital cookies on the visited website. However, the design of these consent forms is not entirely right according to the directives of the General Data Protection Regulation and also not optimal seen from a user's perspective. They often lack options and the informational text is often too brief within the form. As a user, that might make it difficult to understand what it is you accept and what the consequences could be for your personal data. Based on the directives given for the digital cookie consent form, it becomes clear that many do not meet the requirements. The question therefore arise, which factors make a cookie consent form successful, concerning how well a user understands the content and is aware of his/her choice of action? To answer that question, a quantitative- and a qualitative study was conducted. The quantitative study examined people's current understanding and perception about digital cookie forms. The results of that study were then used in the qualitative study to develop prototypes producing new cookie consent forms which were then examined with a usability test. The study presents five factors that contribute to a cookie consent form to be considered successful from the user's perspective in understanding the content and making an active choice. These factors are text, options, full-page consent form, active choice and trustworthiness. These five factors can independently increase the user experience of a form, although, all should be accounted for for better results. The various factors together contribute to a form that complies with different directives and laws, but above all, helps users get a better experience of understanding what they approve of and the feeling of making an active choice. / Formulär för samtycke till användandet av digitala kakor (cookies) används idag av hemsidor för att förmedla informationen om användningen av digitala kakor på den besökta hemsidan. Utformningen av dessa samtyckesformulär är däremot inte alltid helt korrekta enligt direktiven från the General Data Protection Regulation och inte heller optimala sett utifrån en användares perspektiv. De saknas ofta valmöjligheter och information är ofta kortfattad inom formuläret. Som användare, kan det därför vara svårt att förstå vad det är man godkänner och vilka konsekvenser det innebär för ens personliga data. Utifrån de direktiv som ges för utformningen av formulären för samtycke till användandet av digitala kakor blir det tydligt att många inte uppnår kraven. Frågan blir därför vilka faktorer som gör att ett formulär blir framgångsrikt i den aspekt att användaren förstår innehållet och är medveten om sitt val? För att svara på denna fråga gjordes en kvantitativ studie och en kvalitativ studie. Den kvantitativa studien undersökte människors nuvarande förståelse och känsla om formulär för digitala kakor. Resultatet användes denna studie använde sedan i den kvalitativa studien i form av prototyper föreställande nya formulär som sedan undersöktes i ett användartest. Studien resulterade i att fem faktorer visade sig vara avgörande för att ett samtyckesformulär för digitala kakor ska anses framgångsrikt utifrån användarens perspektiv med att förstå innehållet och göra ett aktivt val. Dessa faktorer är, text, alternativ, heltäckande sida av formulär, aktivt val och pålitlighet. Dessa fem faktorer kan enskilt förhöja användarupplevelsen av ett formulär, dock bör man ta hänsyn till alla för ett bästa resultat. De olika faktorerna bidrar tillsammans till ett formulär som följer olika direktiv och lagar men framförallt bidrar till att användarna får en bättre upplevelse med att förstå vad de godkänner och känslan av att göra ett medvetet val.

Cookie Consent Forms

Usability

Data Privacy

GDPR

Computer and Information Sciences

Data- och informationsvetenskap

Private and Secure Data Communication: Information Theoretic Approach

Basciftci, Yuksel O., Basciftci

January 2016

No description available.

Electrical Engineering