When your bank outsources customer service to India, how can the financial institution ensure that your data won’t fall into the wrong hands so far away from headquarters?
And what if your HMO shares files with an outside pharmaceutical research firm and inadvertently reveals your chronic illness?
Spread the Word
• Email this article to friends or colleagues
• Share this article on Facebook or Twitter
• Write about and link to this article on your blog
• Local relevancy? Send this article to your local press
These are the types of questions that were keeping Tamar Domany awake at night. So, as the manager of information privacy and security at IBM Research in Haifa, Domany began putting together a mechanism that could secure sensitive data for IBM’s customers – and ultimately the entire tech world.
The resulting set of software libraries and tools, being rolled out now within IBM, address privacy requirements through two main techniques: “anonymization” and “screen masking.”
Domany talked to ISRAEL21c about how these techniques can be used, along with some of the complexities that arise when deploying them.
Keeping your ID under the radar
Anonymization is all about changing certain data automatically and consistently so that an individual can’t be identified, Domany says. That might mean altering an email address, a birthday, gender or Social Security number.
Where it gets tricky is when to make the changes. It may seem trivial, for example, to change a birth date, but if the data being shared involves a clinical trial for a new drug, the age of the patient may be relevant. Same with Zip codes, when it comes to tracking the spread of a potential healthcare epidemic.
How much data needs to be anonymized to keep users safe? Quite a bit, it turns out.
Domany points to the 2006 release of 20 million search queries on AOL. No names were released; rather, users were assigned unique ID numbers to go with their queries. Even still, it wasn’t hard to discern the identity of certain users – The New York Times did so with just three to four searches – and some of the matched searches yielded very uncomfortable correlations.
“Even if they give just their gender, Zip code and data of birth, 80 percent of people can be identified,” Domany points out.
The second strategy, screen masking, shields correct, identifiable data from complete visibility. For example, an outsourced call center working for a bank needs to see all of an individual’s transactions, but not the customer’s total balance. Screen masking provides rules that allow the bank to determine which data will be masked (a blank rectangle appearing over the information is one method) depending on the situation.
IBM has dubbed the screen-masking technique Magen – “shield” in Hebrew — although for the rest of the world, it’s officially known as “Masking Gateway for Enterprises.”
Privacy by Design
Domany and her team are also adapting some of the Magen technology to enhance privacy for cloud storage. And they are increasingly looking at ways to improve privacy on mobile devices, well-known for their easy vulnerability.
Domany is a 15-year veteran at IBM who manages a team of seven, including three researchers with doctorates. Domany earned her degree in computer science and electrical engineering at the Technion-Israel Institute of Technology. She initially joined the IBM healthcare team but quickly discovered her passion was privacy protection.
IBM Research in Haifa is the global company’s largest research center outside the United States, employing 500 people. Another 500 IBM researchers work in other locations in Israel. The Haifa lab has been particularly active over the past 40 years in healthcare and life sciences, information retrieval, verification technologies and computer optimization.
Out of IBM’s massive portfolio of over 6,000 patents, 110 came out of its Haifa branch.
Not everything Domany does results in a commercial product. But given the size of IBM’s worldwide operations, even small initiatives can sometimes jump into the big time. In the privacy space, that might come from IBM’s commitment to “Privacy by Design,” a Canadian proposal that calls for privacy requirements to be considered up front when building software, not as a clumsy patch to be added after the fact.
The principles behind Privacy by Design are fairly vague, however, Domany says. “So we want to make those abstract principles more practical by providing tools for developers to write complete Privacy by Design applications.”
That could lead, Domany hopes, to a situation where “our research would become a key part of IBM’s product portfolio.”