About the Event
Properly protecting information is in all our best interests, but it is a complex undertaking. The fact that regulation is often written by non-technologists, introduces additional challenges and obstacles. Moreover, those who design systems that collect, store, and maintain sensitive information have an obligation to design systems holistically within this broader context of regulatory and legal compliance.
There are questions that should be asked when developing new requirements for information systems. For example ..... How do we build systems to handle data that must be kept secure and private when relevant regulations tie your hands? When building a system that maintains health or financial records for a large number of people, what do we need to do to protect the information against theft and abuse, keep the information private, AND at the same time, satisfy all governing privacy laws and restrictions? Moreover, how do we know that we've satisfied those laws? How do we monitor for compliance while ensuring that we're monitoring the right things? And, how do you accomplish all this in a way that can be expressed clearly to end-users and legislators (or auditors) so they can be confident you are doing the right things?
We've been working on technologies to make these tasks simpler, and in some senses, automatic. In this talk, I will describe some of the research that we have been conducting to address these problems. I will also discuss the results of a survey involving 975 Internet users in which we compared various ways to represent privacy management information to online healthcare consumers. The results of this work and our other studies pose interesting ethical questions for industry and society at large, and help illustrate the complexity of the problems.
Dr. Anton is currently a non-resident Fellow of the Center for Democracy and Technology and was awarded an NSF CAREER Award in 2000, named a CRA Digital Government Fellow in 2002, nominated and selected for the 2004-2005 IDA/DARPA Defense Science Study Group, and received the CSO (Chief Security Officer) Magazine "Woman of Influence in the Public Sector" award at the 2005 Executive Women's Forum. She was named one of the most influential women in technology and government by The Political Voices of Women blog. Dr. Anton is a member of the International Association of Privacy Professionals, a senior member of the IEEE as well as a co-vice chair of the ACM U.S. Public Policy Council.