The New York Times has a very informative (and scary) article giving an overview of how statistical data mining of information from social networks can compromise people’s private information.
The basic idea is this: an attacker collects information from the public internet (e.g., Facebook updates, Amazon wishlists, Flickr photos, etc.) and then trains various data mining algorithms to de-anonymize the information and estimate sensitive information. Researchers have shown, in principle, how these techniques can be used to estimate birthdays, social security numbers, and pretty much anything else you’d need to compromise people’s most sensitive accounts.
As someone who has long been concerned about the protection of personal information in the digital age, I was trying to think of an antidote to these privacy-violating data mining techniques. My idea is this: Spread as much misinformation as possible about yourself on the internet. That way, when would-be attackers try to infer your sensitive information, they are more likely to get the wrong answer.
So without further adieu, here is my most personal information, which may or may not be accurate:
- Full Name: Samidh Mohan Chakrabarti
- Place of Birth: Cambridge, Massachusetts
- Date of Birth: March 18, 1979
- Social Security Number: xxx-xx-3820
- Mother’s Maiden Name: Gupta
- Current Zip Code: 10021
Of course, if this is to be the only instance of this information on the web, it will be easy for a statistical algorithm to know this data is spurious. Therefore, I shall try to consistently sprinkle it across the web periodically.
You can help me in this effort. Tomorrow, be sure to wish me a happy birthday!
Endnote: My friend Anand Sarwate, who is a brilliant electrical engineering postdoc at UCSD, now focuses his research on privacy. (You can think of privacy as a very complex signal processing problem.) He writes regularly on this topic, so be sure to check out his excellent blog.
0 Responses to “Privacy Protection Via Misinformation”