SaTC: Frontiers: Collaborative: Protecting Personal Data Flow on the Internet

SaTC：前沿：协作：保护互联网上的个人数据流

• 批准号: 1956435
• 负责人: Konstantinos Psounis
• 金额: $ 255万
• 依托单位: University of Southern California
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2020
• 资助国家: 美国
• 起止时间: 2020-10-01 至 2025-09-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1956435&HistoricalAwards=false
• 关键词: SaTC; Frontiers; Collaborative; Protecting; Personal; SaTC; Frontiers; Collaborative; Protecting; Personal

Personal data collection typically starts on user devices, with the data then shared with service providers and trackers, obtained by malicious actors, and/or used for surveillance. The services enabled by this data come at the expense of privacy, security, transparency, and fairness, for individuals and society as a whole. Increased public awareness has led to landmark legislation on data protection, such as the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Policymakers need to be further informed by technology, however, to formulate relevant and enforceable policies, and end-users still need tools to protect themselves. This project seeks to protect personal information, by improving the transparency and control of data flow on the Internet, using a multidisciplinary approach that combines methodologies from computer science (theory, network measurement, security) with policy and economics, and crosses multiple application domains (web, mobile, and Internet-of-Things). Conceptual frameworks are developed for personal information flow on the Internet, as well as systems for monitoring and mediation. Existing systems are improved for measuring the tracking and discrimination of personal information, and for explicitly controlling privacy-utility tradeoffs. To provide long-term privacy-by-design alternatives, the project pursues verifiable IoT architectures seeking to decentralize the advertising ecosystem and eliminate intermediaries. The project likewise leverages technology to inform policy specification and to provide tools to audit and enforce policies. The broader impacts of the project include: (1) informing policymakers, nonprofit advocates, and industry players through interactions with relevant stakeholders; (2) training next-generation graduate and undergraduate students jointly in technology and policy; and (3) broadening participation of women, underrepresented minorities, and community college students.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

个人数据收集通常从用户设备开始，然后与恶意参与者获得的数据共享数据，然后与服务提供商和跟踪器共享和/或用于监视。这些数据支持的服务是为了整个个人和社会，以牺牲隐私，安全性，透明度和公平性为代价。公众意识的提高导致了关于数据保护的具有里程碑意义的立法，例如欧盟的一般数据保护法规（GDPR）和《加利福尼亚州消费者隐私法》（CCPA）。然而，技术需要进一步告知决策者，以制定相关和可执行的政策，而最终用户仍然需要工具来保护自己。该项目旨在使用多学科的方法通过将计算机科学（理论，网络测量，安全性）与政策和经济学结合的多学科方法来保护互联网上数据流的透明度和控制，并跨越了多个应用领域（Web，移动和互联网）。为互联网上的个人信息流以及监视和调解的系统开发了概念框架。改善了现有系统，以衡量个人信息的跟踪和歧视，并明确控制隐私 - 私人权衡权衡。为了提供长期逐个设计的替代方案，该项目追求可验证的物联网架构，以寻求分散广告生态系统并消除中介机构。该项目同样利用技术为政策规范提供信息，并提供审计和执行政策的工具。该项目的更广泛影响包括：（1）通过与相关利益相关者的互动来告知政策制定者，非营利性倡导者和行业参与者； （2）培训下一代研究生和本科生在技术和政策方面共同培训； （3）扩大妇女的参与，代表性不足的少数群体和社区大学生。该奖项反映了NSF的法定任务，并使用基金会的知识分子优点和更广泛的影响评估标准，通过评估来诚实地获得支持。