Sébastien Gambs IRISA, Rennes, France
The right to privacy is a fundamental right of every individual. Nonetheless, it becomes more and more difficult to protect this right in the Information Society in which each individual constantly leaves (often without noticing it) "digital traces" that can be linked to his identity. For example, the history of queries of a user reveals his interests, the knowledge of his social network (such as Facebook) can be used to infer his political opinions and his hobbies and the knowledge of his IP address allows to derive his location. If all these traces are collected by an unauthorized entity (called an adversary), he can used it to perpetrate fraudulous ends ranging from targeted spam to profiling, or even identity theft.
In this presentation, I will review the different situations of the digital world that can lead to a privacy breach, as well as their possible consequences. Afterwards, I will present the main principles behind the Privacy-Enhancing Technologies (PETs), which have been developed to preserve the privacy of digital users and to limit and control the digital traces that they released. More precisely, I will describe some PETs such as anonymous communication networks, anonymizers, anonymous credentials, sanitization mechanisms for releasing sensible data as well as biometric authentication mechanisms that do not require to store explicitly the biometric template of an individual. Moreover, I will also study the specific privacy issues raised by social networks, geolocated applications as well as personalised services. In order to draw a relatively complete panorama, I will try to take both the point of view of the adversary, which wishes to cause a privacy breach by performing an inference attack, and the point of view of the defender, which on the contrary tries to set up mechanisms to preserve privacy.
Sébastien Gambs is currently holding a joint Research chair in Security of Information Systems between INRIA and Universit_é de Rennes 1 since September 2009. Prior to that, he was a CNRS postdoctoral researcher at LAAS-CNRS and did his graduate studies at the Universit_é de Montréeal under the supervision of Gilles Brassard and Esma A_ïmeur. His main research program deals with the Protection of Privacy in di_fferent settings, where the exact meaning of the expression "protection of privacy" is dependent of the specific context where it is applied. For instance, his research interests encompass subjects such as privacy issues in socials networks, geo-privacy, privacy-preserving data mining as well as privacy-enhancing technologies in general. In the past, he has also worked on a quantum analogue of the task of anonymous communication as well as on the interactions between quantum information processing and machine learning.