Michael Carl Tschantz
Anupam Datta, Michael Carl Tschantz, and Amit Datta
Privacy through accountability refers to the principle that entities that hold personal information about individuals are accountable for adopting measures that protect the privacy of the data subjects. Computational approaches to privacy through accountability involve developing algorithms and tools that can be used to provide internal and external oversight about the practices of such entities. After providing an overview of this emerging research area, I will focus on one of our recent results in Web privacy.
I will describe the problem of detecting personal data usage by websites when the analyst does not have access to the code of the system nor full control over the inputs or observability of all outputs of the system. A concrete example of this setting is one in which a privacy advocacy group, a government regulator, or a Web user may be interested in checking whether a particular web site uses certain types of personal information for advertising. I will present a methodology for information flow experiments based on experimental science and statistical analysis that addresses this problem, our tool AdFisher that incorporates this methodology, and findings of opacity, choice and discrimination from our experiments with Google. These results also raise interesting challenges for the design of new classes of machine learning algorithms that provide transparency, respect choice, and are non-discriminatory.