Comments for My Place in the Crowd

Comment on “Data” as a mainstream consumer good? 2 approaches. by How representative are PatientsLikeMe patients to the general population? | PatientsLikeMe for Partners Blog

Wed, 21 Sep 2011 16:49:24 +0000

[...] Data Project blog posed some interesting questions about data in our communities: Back in April, I wrote about the site PatientsLikeMe.com, which provides a wonderful new service that allows individual [...]

Comment on Stand up and be counted! by How representative are PatientsLikeMe patients to the general population? | PatientsLikeMe for Partners Blog

Wed, 21 Sep 2011 16:48:59 +0000

[...] Yin over at The Common Data Project blog posed some interesting questions about data in our communities: Back in April, I wrote about [...]

Comment on Should Pharma have access to doctors’ prescription records? by Diane

Diane — Tue, 26 Apr 2011 16:48:11 +0000

Timely blog, article on NPR:
http://www.npr.org/2011/04/26/135703500/supreme-court-weighs-whether-to-limit-data-mining

Comment on PINQ Privacy Demo by Tony Gibbon

Tony Gibbon — Thu, 21 Apr 2011 22:44:27 +0000

Hi Aaron, thanks for the question – I’m not sure I follow the scenario you’re referring to for the Facebook app.

PINQ and differential privacy function by returning noisy answers on aggregate questions. If, for example, I’m creating the super-duper-movie-recommender app, my app (as you point out) needs specific users’ lists of movies in order to function, so I don’t see an application of differential privacy there. I also don’t really see any need for anonymization at the point of the “get movies” question. It reminds me of signing up for an account at Amazon—I give them my address and while I certainly don’t want them to release it, they obviously need my exact address in order to provide the service.

Perhaps after you have a database of users and their favorite movies, you could use an anonymization method. Let’s say my app has a very simple, naïve recommender algorithm, which takes my two favorite movies and provides a list of recommendations by taking the set of people who share my favorites, and then for each movie, counting the number of people in that set who also like that movie.

Let’s say your two favorite movies are Star Wars and The Muppet Movie. Those are in my list too! So your recommendations would include all of my favorite movies with frequency at least 1 (depending on how many other people in the set liked that movie).

Here’s where something like differential privacy could possibly come into play. Let’s say one of my favorites is Follow That Bird and that creates a unique combination so it would only have frequency 1. If we use differential privacy to add noise to these counts, the noisy frequencies mean that a frequency near 1 is indistinguishable from a frequency near 0, thus making it impossible to deduce whether or not Follow That Bird is actually a recommendation. On the other hand, if 100 people in your set also like Return of the Jedi, its noisy frequency will be near 100. You won’t be able to tell if it’s actually 100 people vs. 99 or 101, but you’ll know that a lot more people also like it as compared to the movies with much lower noisy answers.

That’s a toy example to demonstrate differential privacy vs. ‘make this set private.’ You should also check out Graham Cormode’s work on “Anonymization and Uncertainty in Social Network Data”, which deals with introducing uncertainty into a graph, and then allows for more ‘hand’s on’ analysis than just returning noisy aggregates.

http://blog.myplaceinthecrowd.org/2010/06/10/exploding-manholes-and-anonymizing-relationships-at-ccicada/

Comment on Measuring the privacy cost of “free” services. by Aaron Beach

Aaron Beach — Wed, 30 Mar 2011 17:25:42 +0000

A comment/counter-example on point #4

“The services collecting and using data don’t really care about you the individual, they only care about trends and aggregates.”

Facebook applications *probably* constitute the most prevalent/common form of personal data release [period] and magnitude of data (30 million objects and approximately 1 trillion relationships created per month). And in almost all cases in which personal data is used for a legitimate reason (including advertising) the application IS interested primarily in the individual and only in the trends/aggregates to the extent that they distinguish the individual.

Comment on PINQ Privacy Demo by Aaron Beach

Aaron Beach — Wed, 30 Mar 2011 17:16:05 +0000

I’ve been working on integrating anonymization into social network applications (Facebook Apps). The common questions asked in these applications are “get friends”, “get movies”, or get profile (basic name/education/employment info). I was wondering how pinq/differential privacy would be applied to such questions. Most applications do not care about the data distribution or noise, they simply want a list of strings (movie names / friends) to integrate into their application.

So for example, If I like movies A, B, C, and D which together identify me, could I use pinq to anonymize this set and return something to the application that doesn’t identify me?

Comment on In The Mix…predicting the future; releasing healthcare claims; and $1.5 millions awarded to data privacy by Adam Smith

Adam Smith — Fri, 03 Dec 2010 06:39:03 +0000

The Purdue award is not the only large award of this type funded recently by the NSF. For example, this large award in three parts (Penn State, Cornell, Carnegie-Mellon):

http://www.nsf.gov/awardsearch/showAward.do?AwardNumber=0941553
http://www.nsf.gov/awardsearch/showAward.do?AwardNumber=0941226
http://www.nsf.gov/awardsearch/showAward.do?AwardNumber=0941518

There were also quite a few smaller awards (on the order of $300k-$500k) handed out by the Trustworthy Computing program over the last few years on topics closely related to data privacy (and even specifically on differential privacy).

And Brad Malin from Vanderbilt, who works on the confidentiality of medical information, was nominated this year for a PECASE (Presidential Early Career Award for Scientists and Engineers) by the NIH.

All in all, the federal funding agencies seem to have recognized the importance of the topic…

Comment on In the mix..government surveillance, HIPAA updates, and user control over online data by Diane C.

Diane C. — Sat, 24 Jul 2010 05:20:56 +0000

This reminds me of all the physical junk mail I receive – it’s a bit disconcerting when I get catalogs addressed to me from companies that I’d never even heard of: how did they even get my information and also, how do I get off their lists? Bynamite sounds like a great service where the consumer at least feels a certain degree of control over their personal information online.

Comment on Yahoo! Private Domain Debacle Part II: Can’t Keep a Secret by mitch

mitch — Tue, 13 Jul 2010 04:07:46 +0000

My Y! domain has been hijacked by Y!. I had a web site through Y! web hosting myself…One day I was making a comment on a Y! News article, someone within Y!’s comment police effectively deleted my account, locking me out of transferring my registrar. I am still being billed monthly for the domain and I cannot do a damn thing about it… what the heck can I do?!!
It amounts to fraud, extortion, kidnapping my domain and ripping me off.
I call for a big law firm to step up and set presidents by forming a national and international class action law suit hell bent on destroying Y! and Melbourne IT, or to correct their blatant disregard to the law…

Comment on The Datatrust Product: What it is. What it’s not. by Diane C.

Diane C. — Wed, 23 Jun 2010 23:01:31 +0000

So exciting!