Bring on the Databox

Last week we release a open access preprint of our first paper on the Databox on arXiv, titled “Personal Data: Thinking Inside the Box“. Despite not publishing in a peer reviewed venue, the response has been greater than we expect. Most notability we were featured in the Guardian, a British newspaper known for its pro-privacy and anti-government surveillance views and well as the MIT Technology Review and Treasury Insider.

Time to start thinking inside the box? Image By Husky [Public domain], via Wikimedia Commons

In the paper, we propose there is a need for a technical platform enabling people to engage with the collection, management and consumption of personal data; and that this platform should itself be personal, under the direct control of the individual whose data it holds. Our solution is the the Databox, a personal, networked service that collates personal data and can be used to make those data available.

The paper is an accessible read and does not cover any technical details, instead its a brief overview of the problem space and its challenges. We are currently preparing the paper for submission so your thoughts and ideas are more welcome than ever.

A huge thanks to my amazing co-authors Hamed Haddadi (@realhamed), Amir Chaudhry (@amirmc), Jon Crowcroft (@tforcworc), Anil Madhavapeddy (@avsm) and Richard Mortier (@mort___).

 

Personal Data: Thinking Inside the Box

Our first paper on the Databox, a personal, networked service that collates personal data and can be used to make those data available is now available (open access) on arXiv. Enjoying reading it and let me know what you think.

Title: Personal Data: Thinking Inside the Box
Authors: Hamed Haddadi, Heidi Howard, Amir Chaudhry, Jon Crowcroft, Anil Madhavapeddy, Richard Mortier
Abstract:
We propose there is a need for a technical platform enabling people to engage with the collection, management and consumption of personal data; and that this platform should itself be personal, under the direct control of the individual whose data it holds. In what follows, we refer to this platform as the Databox, a personal, networked service that collates personal data and can be used to make those data available. While your Databox is likely to be a virtual platform, in that it will involve multiple devices and services, at least one instance of it will exist in physical form such as on a physical form-factor computing device with associated storage and networking, such as a home hub.

Can You Engineer Privacy?

Can You Engineer Privacy?” featured in Aug 2014 CACM has one of the best start paragraphs I have seen. Following this strong start, the article articulately introduces some of the challenge and areas of active research in privacy engineering. The article does an excellent job of presenting an cross discipline overview though the lack of reference (the typical style of CACM articles) can leave you guessing which specific works the article was referring too.

The article introduces data minimization, a concept that ignored that companies business models rely on collecting, using (e.g. targeted ads) & selling data to provide online services that are free at the point of use such as facebook and google, which clearly people want.

Personal data is an assert that each individual owns. Many people want to exchange they’re personal data for services, our job as a community to enable them and provide viable alternatives instead of blocking them.

Can You Engineer Privacy?” is worth reading if your new to the privacy research and refreshingly articulate, its available over at the CACM.