Our mission is to enable and encourage HP to be a leader in
informational privacy technologies, solutions and practices.
What's the problem?
-
People want to use their identity, preferences, profiles
and privacy policies across multiple trust domains
seamlessly
-
It's usually someone else that controls and manages
people’s personal information - there is increasing
concern about this.
-
This concern is manifested by a lack of confidence in
the safety of online activities by citizens and
consumers and results in increasing amounts of privacy
regulation by governments worldwide.
-
We want to make it easier for organisations to comply
with regulations and delight ordinary people with robust
management of their private information.
The provision of informational privacy raises many hard
technology research questions. Amongst these are the roles
of technology:
-
How to put more rigor into the control and management of
personal information by organisations, online
communities and individuals?
-
How to define, manage, enforce and revoke the specific
consents and privacy preferences that people choose
about the management of their personal information and
increase the level of assurance given them that these
are respected by entities that store or use this
information?
-
How to compel third parties that process personal
information to handle it in accordance with agreed
policies and make them accountable for so doing?
-
How can compliance auditing technology help? What other
issues does the act of auditing raise and how can these
be solved?
-
How to leverage trusted computing technologies to
underpin privacy management?
-
How can technology aid the adoption of the personal data
minimization principle by IT system designers and make
them accountable for their design decisions which affect
the collection, storage and use of personal information?
-
How can technology and the privacy regulatory regime
become better mutually supportive? What will/should a
future privacy regulatory regime look like? What are the
implications for people and organisations?
-
How will the issues and potential solutions evolve in a
Web2.0 environment and beyond?
What are we doing?
-
Researching privacy-enhancing system architectures and
middleware for:
-
Enforcement of privacy policies and preferences that
cover the processing of personal information
-
Policy-driven management of stored personal
information
-
Developing accountability management technology to
encourage better system design choices around personal
information
-
Researching architectures and technologies to improve
the trust, security and privacy available to online
communities that use mobile communications systems
Much of the above work is being done with research partners
in two collaborative projects. EnCoRe, part funded by the UK
government, aims to make giving consent to the
storage, use and sharing of personal information as reliable
and easy as turning on a tap, and revoking that consent as
reliable and easy as turning it off again. See
www.encore-project.info. PICOS, part funded by the
European Commission, investigates and addresses the trust,
security and privacy aspects of mobile online communities.
See www.picos-project.eu.
This work is being done by researchers based in Bristol, UK
and Princeton, New Jersey.
For more information contact: Pete Bramhall, Senior Project
Manager,
pete.bramhall@hp.com
|
printable version
