With the emerging development of new devices and services, an unprecedented amount of data is being collected from users of wearable devices daily, resulting in the increased pressure for the data collectors and data owners to hold the responsibility of information security and privacy as a byproduct. Wearable devices are the ones that could be carried around by the users continuously. Therefore, due to their size and limitations in computational complexity, these tiny gadgets require more advanced ways to preserve one’s privacy.
The information collected from these devices is mostly stored on the server; however, it can be stored locally on the edge device, too. In this post, we will outline privacy-preserving techniques applicable for both cases.
According to the International Electrotechnical Committee (IEC) framework, the following categories of wearable electronics exist:
- on-body;
- In-body;
- near-body;
- textiles.
GDPR – Data protection by design and by default
Information privacy is an individual’s right to decide when, how, and to what extent they would prefer to share their information with others [1].
The General Data Protection Regulation (GDPR) is the primary law that aims to protect individual’s privacy across the EU. This document defines a handful of measures that should be taken to ensure data protection by all means. The GDPR claims to protect personal data, known as any information that directly or indirectly identifies an individual.
Examples of personal data are:
- names;
- email addresses;
- location information;
- ethnicity;
- gender;
- biometric data;
- religious beliefs;
- web cookies;
- political opinions.
Data anonymization is not always the critical solution, as one might assume. Instead, an indirect combination of factors could lead to a successful person identification — these types of data, when only direct identifiers are missing, are described as pseudonymous.
The law requires the companies to apply technical measures to follow data protection principles [2], which could mean using two-factor authentication, staff training, and other organizational efforts. Moreover, when a data breach occurs, data subjects should be notified within 72 hours, or penalties arise.
Privacy concerns and their consequences
The study in [3] analyzes how privacy concerns affect the actual willingness of the users to adopt a wearable device, for instance, keeping track of their fitness activity. As observed, decreasing level of privacy concerns is highly linked to the increased probability of device adoption. To conclude, privacy concerns are a crucial challenge to overcome when designing a software or hardware product for wide-scale adoption, constant carrying, and user engagement.
Privacy-aware solutions in wearables
To protect one’s data privacy, other privacy-preserving measures should be implemented in the communication architecture, as well as the server-side, where all information is stored. Here we will try to get acquainted with some of them and understand basic principles of where these privacy-aware techniques could be applied.
k-anonymity [4] is a concept used to describe a dataset with its features and stands for the ‘hiding in the crowd’ guarantee. However, this approach of hiding personal information does not imply any randomization, thus, it has room for improvement.
There are two primary methods used to achieve k-anonymity: Suppression of personal data with additional symbols and Generalization, referring to the database entry more broadly, rounding numbers or specifying only intervals where they belong.
| Name | Age | |
| * | – | above 18 |
l-diversity [5] is a privacy-preserving technique that implies implementing levels of information granularity. This approach is prone to the same types of attacks as k-anonymity given any background knowledge of the attacker.
t-closeness [6] is an extended version of l-diversity, as it also converges to a trade-off in privacy vs. effectiveness, although as a concept, it defines the values of a unique input first by evaluating the distribution of data values for that attribute.
Randomization or Random permutations [7], as a privacy preserving technique, refers to a process of introducing random values and results in data anonymizing.
Data distributions [8] hold different properties to map the probability of a random variable. For instance, Gaussian distribution is widely used for creating noise values due to its statistical properties. Besides, this approach implies a randomization process and perturbation of the initially generated values.
Cryptographic techniques [9] stand for the approach used for preserving data integrity and security, respectfully. There are multiple ways to implement cryptographic techniques, such as public, symmetric or asymmetric key cryptography.
Obfuscation [11] means deliberate degrading of the information quality. This could be achieved by replacing sensitive information with artificial entries which appear to be realistic to an attacker.
Differential Privacy [12] is a technique of converting every single row in the database with some level of uncertainty, as a result, the query result could not be used by an attacker as a source for personal data extraction.
Conclusion
To summarize, privacy-aware techniques serve as a helping hand for large databases with personal data, which must be protected according to the EU GDPR.
This brief overview aims to augment the reader’s perception of privacy and possibly expand one’s understanding of privacy-aware techniques used in wearables.
References:
[1] Westin, A. F. (1967). Privacy and freedom New York Atheneum, 1967. Privacy and Personnel Records,” The Civil Liberties Review (Jan./Feb., 1976), 28-34.
[2] Diamantopoulou, V., Androutsopoulou, A., Gritzalis, S., & Charalabidis, Y. (2018, May). An assessment of privacy preservation in crowdsourcing approaches: Towards GDPR compliance. In 2018 12th International Conference on Research Challenges in Information Science (RCIS) (pp. 1-9). IEEE.
[3] Paul, C., Scheibe, K., & Nilakanta, S. (2020, January). Privacy concerns regarding wearable IoT devices: how it is influenced by GDPR?. In Proceedings of the 53rd Hawaii International Conference on System Sciences.
[4] Sweeney, L. (2002). k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 10(05), 557-570.
[5] Machanavajjhala, A., Kifer, D., Gehrke, J., & Venkitasubramaniam, M. (2007). l-diversity: Privacy beyond k-anonymity. ACM Transactions on Knowledge Discovery from Data (TKDD), 1(1), 3-es.
[6] Li, N., Li, T., & Venkatasubramanian, S. (2007, April). t-closeness: Privacy beyond k-anonymity and l-diversity. In 2007 IEEE 23rd International Conference on Data Engineering(pp. 106-115). IEEE.
[7] Wang, X., Ishii, H., Du, L., Cheng, P., & Chen, J. (2020). Privacy-preserving distributed machine learning via local randomization and ADMM perturbation. IEEE Transactions on Signal Processing, 68, 4226-4241.
[8] Binjubeir, M., Ahmed, A. A., Ismail, M. A. B., Sadiq, A. S., & Khan, M. K. (2019). Comprehensive survey on big data privacy protection. IEEE Access, 8, 20067-20079.
[9] Lipmaa, H. (2007). Cryptographic Techniques in Privacy-Preserving Data Mining. University College London, Estonian Tutorial, 20-40.
[10] Al-Zobbi, M., Shahrestani, S., & Ruan, C. (2017). 20 A Multidimensional Sensitivity-Based Anonymization Method of Big Data. Networks of the future: architectures, technologies, and implementations, 415.
[11] Brunton, F., & Nissenbaum, H. (2015). Obfuscation: A user’s guide for privacy and protest. Mit Press.
[12] Dwork, C. (2008, April). Differential privacy: A survey of results. In International conference on theory and applications of models of computation (pp. 1-19). Springer, Berlin, Heidelberg.