research-article

Tool-chain for supporting Privacy Risk Assessments

Authors:

Jens Hjort Schwee,

Fisayo Caleb Sangogboye,

Flora D. Salim,

Mikkel Baun KjærgaardAuthors Info & Claims

BuildSys '20: Proceedings of the 7th ACM International Conference on Systems for Energy-Efficient Buildings, Cities, and Transportation

Pages 140 - 149

https://doi.org/10.1145/3408308.3427605

Published: 18 November 2020 Publication History

Abstract

In a modern smart building, many aspects of the use can be monitored using sensing technologies. This enables a high number of data-driven applications used for many tasks, such as indoor comfort, energy efficiency, and space utilization. Open data sharing enables more robust data-driven applications for optimizing building operations. To enable such data sharing effort, there is a need for performing a privacy risk assessment for analyzing the inherent potential ethical and privacy risks that can be posed for occupants and the organization operating in the building. It is increasingly difficult to identify the inference capabilities of modern machine learning methods e.g. for estimating occupancy from CO2 datasets. In this paper, we design and implement an open source ontology-based tool-chain that can be used as part of the privacy assessment to identify potential privacy risks. This tool-chain takes in a model of the dataset that is being considered for sharing and creates a privacy risk report. We evaluate the tool-chain using five real-world datasets and compares the analysis with the data custodian. The results obtained show that the tool-chain can identify more risks, than a human data curator, and thus, there is a need for such a tool to support privacy risk analysis.

References

[1]

Apple. 2019. Home - Indoor Mapping Data Format (1.0.0.rc.1). https://register.apple.com/resources/imdf/.

[2]

Omid Ardakanian, Arka Bhattacharya, and David Culler. 2016. Non-Intrusive Techniques for Establishing Occupancy Related Energy Savings in Commercial Buildings. In BuildSys '16. ACM, New York, NY, USA, 21--30.

[3]

Irvan B. Arief-Ang, Margaret Hamilton, and Flora D. Salim. 2018. A Scalable Room Occupancy Prediction with Transferable Time Series Decomposition of CO2 Sensor Data. ACM Trans. Sen. Netw. 14, 3--4, Article 21 (Nov. 2018), 28 pages.

Digital Library

[4]

Irvan Bastian Arief-Ang, Flora D. Salim, and Margaret Hamilton. 2017. CD-HOC: Indoor Human Occupancy Counting using Carbon Dioxide Sensor Data. CoRR abs/1706.05286 (2017), 24.

[5]

Bharathan Balaji, Arka Bhattacharya, Gabe Fierro, Jingkun Gao, Joshua Gluck, Dezhi Hong, Aslak Johansen, Jason Koh, Joern Ploennigs, Yuvraj Agarwal, Mario Berges, DavidCuller, RajeshGupta, MikkelBaunKjærgaard, ManiSrivastava, and Kamin Whitehouse. 2018. Brick: Metadata Schema for Portable Smart Building Applications. Appl. Energi 226 (2018), 1273--1292.

[6]

Christian Beckel, Leyna Sadamori, Thorsten Staake, and Silvia Santini. 2014. Revealing household characteristics from smart meter data. Energy 78 (2014), 397--410.

[7]

California State Legislature. 2018. California Consumer Privacy Act of 2018. Retrieved Mar 31, 2020 from https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180AB375

[8]

Eun Kyoung Choe, Sunny Consolvo, Jaeyeon Jung, Beverly Harrison, Shwetak N. Patel, and Julie A. Kientz. 2012. Investigating Receptiveness to Sensing and Inference in the Home Using Sensor Proxies. In UbiComp '12. Association for Computing Machinery, New York, NY, USA, 61--70.

[9]

Bing Dong, Burton Andrews, Khee Poh Lam, Michael Höynck, Rui Zhang, YunShang Chiou, and Diego Benitez. 2010. e for occupancy detection through an environmental sensing network. Energy Build 42, 7 (2010), 1038--1046.

[10]

Cynthia Dwork. 2006. Differential Privacy. In ICALP'06. Springer-Verlag, Berlin, Heidelberg, 1--12.

[11]

Jakub Wladyslaw Dziedzic, Da Yan, and Vojislav Novakovic. 2019. Real Time Measurement of Dynamic Metabolic Factor (D-MET). In Cold Climate HVAC 2018. Springer International Publishing, Cham, 677--688.

[12]

European Parliament and Council of the European Union. 2016. Regulations (EU) 2016/679 of the European Parliament and of the Council - General Data Protection Regulation (GDPR). Official Journal of the European Union L119 (May 2016), 1--88. https://eur-lex.europa.eu/eli/reg/2016/679/oj

[13]

Farhad Farokhi. 2020. Temporally Discounted Differential Privacy for Evolving Datasets on an Infinite Horizon. In ICCPS'20. IEEE Computer Society, Los Alamitos, CA, USA, 1--8.

[14]

Benjamin C. M. Fung, Ke Wang, Rui Chen, and Philip S. Yu. 2010. Privacy-preserving Data Publishing: A Survey of Recent Developments. ACM Comput. Surv. 42, 4, Article 14 (June 2010), 53 pages.

[15]

Nan Gao, Wei Shao, Mohammad Saiedur Rahaman, and Flora D. Salim. 2020. N-Gage: Predicting in-Class Emotional, Behavioural and Cognitive Engagement in the Wild. Proc. ACM Interact. Mob. Wearable Ubiquitous Technol. 4, 3 (Sept. 2020), 26.

Digital Library

[16]

Pascal Hitzler, Markus Krötzsch, Bijan Parsia, Peter F. Patel-Schneide, and Sebastian Rudolph. 2012. OWL 2 Web Ontology Language Primer (Second Edition). Retrieved Mar 31, 2020 from https://www.w3.org/TR/owl2-primer/

[17]

Ruoxi Jia, Fisayo Caleb Sangogboye, Tianzhen Hong, Costas J. Spanos, and Mikkel Baun Kjærgaard. 2017. PAD: protecting anonymity in publishing building related datasets. In BuildSys '17. ACM, New York, NY, USA, Article 4, 10 pages.

Digital Library

[18]

Nacer Khalil, Driss Benhaddou, Omprakash Gnawali, and Jaspal Subhlok. 2017. Sonicdoor: Scaling Person Identification with Ultrasonic Sensors by Novel Modeling of Shape, Behavior and Walking Patterns. In BuildSys '17. ACM, New York, NY, USA, Article 3, 10 pages.

Digital Library

[19]

Mikkel B. Kjærgaard, Omid Ardakanianb, Salvatore Carluccic, Bing Donge, Steven K. Firthf, Nan Gaog, Gesche Margarethe Huebnerh, Ardeshir Mahdavii, Mohammad Saiedur Rahamang, Flora D. Salimg, Fisayo Caleb Sangogboyea, Jens Hjort Schweea, Dawid Wolosiukiand, and Yimin Zhuj. 2020. Current Practices and Infrastructure for Open Data based Research on Occupant-centric Design and Operation of Buildings. Build Environ 177 (2020), 106848.

[20]

M. B. Kjærgaard, A. Johansen, F. Sangogboye, and E. Holmegaard. 2016. OccuRE: An Occupancy REasoning Platform for Occupancy-Driven Applications. In CBSE '16. IEEE Computer Society, 39--48.

[21]

Graham Klyne, Jeremy Carroll, and Brian McBride. 2014. RDF 1.1 Concepts and Abstract Syntax. Retrieved Mar 31, 2020 from https://www.w3.org/TR/rdf11-concepts/

[22]

A. Machanavajjhala, J. Gehrke, D. Kifer, and M. Venkitasubramaniam. 2006. L-diversity: privacy beyond k-anonymity. In ICDE'06. ACM, New York, NY, USA, 24--35.

[23]

Mehmet Ercan Nergiz, Maurizio Atzori, and Chris Clifton. 2007. Hiding the Presence of Individuals from Shared Databases. In SIGMOD '07 (SIGMOD '07). ACM, New York, NY, USA, 12.

Digital Library

[24]

U.S. G. A. Office. 2008. Privacy: Alternatives Exist for Enhancing Protection of Personally Identifiable Information. Vol. 25. Government Accountability Office Reports. 58--78 pages.

[25]

Office of the Australian Information Commissioner. 2019. Privacy Act 1988, Compilation No. 81. Retrieved Mar 31, 2020 from https://www.legislation.gov.au/Details/C2019C00241

[26]

Eric Prudhommeaux and Andy Seaborne. 2008. SPARQL query language for RDF. Retrieved Mar 31, 2020 from http://www.w3.org/TR/rdf-sparql-query/

[27]

Luc Rocher, Julien M. Hendrickx, and Yves-Alexandre de Montjoye. 2019. Estimating the success of re-identifications in incomplete datasets using generative models. Nat. Commun 10, 1 (2019), 3069.

[28]

Fisayo Caleb Sangogboye, Krzysztof Arendt, Ashok Singh, Christian T. Veje, Mikkel Baun Kjærgaard, and Bo Nørregaard Jørgensen. 2017. Performance comparison of occupancy count estimation and prediction with common versus dedicated sensors for building model predictive control. Building Simulation 10, 6 (01 Dec 2017), 829--843.

[29]

Fisayo Caleb Sangogboye, Ruoxi Jia, Tianzhen Hong, Costas Spanos, and Mikkel Baun Kjærgaard. 2018. A Framework for Privacy-Preserving Data Publishing with Enhanced Utility for Cyber-Physical Systems. ACM Trans. Sen. Netw. 14, 3--4, Article 30 (Nov. 2018), 22 pages.

Digital Library

[30]

Jens Hjort Schwee, Fisayo Caleb Sangogboye, and Mikkel Baun Kjærgaard. 2019. Evaluating Practical Privacy Attacks for Building Data Anonymized by Standard Methods. IoTSec '19.

[31]

Jens Hjort Schwee, Aslak Johansen, Bo Nørregaard Jørgensen, Mikkel Baun Kjærgaard, Claudio Giovanni Mattera, Fisayo Caleb Sangogboye, and Christian Veje. 2019. Room-level occupant counts and environmental quality from heterogeneous sensing modalities in a smart building. Sci. Data 6, 1 (2019), 287.

[32]

Jens Hjort Schwee, Fisayo Caleb Sangogboye, Aslak Johansen, and Mikkel Baun Kjærgaard. 2020. Ontology-Based Modeling of Privacy Vulnerabilities for Data Sharing. Springer International Publishing, Cham, 109--125.

[33]

Andrew J. Sonta and Rishee K. Jain. 2018. Inferring Occupant Ties: Automated Inference of Occupant Network Structure in Commercial Buildings. In BuildSys '18. ACM, New York, NY, USA, 126--129.

[34]

Sopicha Stirapongsasuti, Wataru Sasaki, and Keiichi Yasumoto. 2019. Decision Making Support for Privacy Data Upload in Smart Home. In UbiComp/ISWC '19 Adjunct. Association for Computing Machinery, New York, NY, USA, 214--217.

[35]

Latany Sweeney. 2002. k-anonymity: a model for protecting privacy. Int. J. Uncertain. Fuzziness Knowl.-Based Syst. 10, 05 (2002), 557--570.

Digital Library

[36]

Da Yan and Tianzhen Hong. 2018. EBC Annex 66 Final Report - Definition and simulation of occupant behavior in buildings.

[37]

Eric Zeng, Shrirang Mare, and Franziska Roesner. 2017. End User Security & Privacy Concerns with Smart Homes. In SOUPS '17. USENIX Association, USA, 65--80.

Cited By

Geng RWang YWei Q(2024)Privacy Risks in the Storytelling of Open Government Data: A Study from the Perspective of User Cognitive ReasoningProceedings of the Association for Information Science and Technology10.1002/pra2.104861:1(506-510)Online publication date: 15-Oct-2024
https://doi.org/10.1002/pra2.1048
Ghorashi SZia TBewong MJiang Y(2023)An Analytical Review of Industrial Privacy Frameworks and Regulations for Organisational Data SharingApplied Sciences10.3390/app13231272713:23(12727)Online publication date: 27-Nov-2023
https://doi.org/10.3390/app132312727
Xia BLu QPerera HZhu LXing ZLiu YWhittle J(2023) Towards Concrete and Connected AI Risk Assessment (C 2 AIRA): A Systematic Mapping Study 2023 IEEE/ACM 2nd International Conference on AI Engineering – Software Engineering for AI (CAIN)10.1109/CAIN58948.2023.00027(104-116)Online publication date: May-2023
https://doi.org/10.1109/CAIN58948.2023.00027

Index Terms

Tool-chain for supporting Privacy Risk Assessments

Recommendations

An effective value swapping method for privacy preserving data publishing

Privacy is an important concern in the society, and it has been a fundamental issue when to analyze and publish data involving human individual's sensitive information. Recently, the slicing method has been popularly used for privacy preservation in ...
A Novel Differential Privacy Approach that Enhances Classification Accuracy
C3S2E '16: Proceedings of the Ninth International C* Conference on Computer Science & Software Engineering

In the recent past, there has been a tremendous increase of large repositories of data, examples being in healthcare data, consumer data from retailers, and airline passenger data. These data are continually being shared with interested parties, either ...
Slicing: A New Approach for Privacy Preserving Data Publishing

Several anonymization techniques, such as generalization and bucketization, have been designed for privacy preserving microdata publishing. Recent work has shown that generalization loses considerable amount of information, especially for high-...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

BuildSys '20: Proceedings of the 7th ACM International Conference on Systems for Energy-Efficient Buildings, Cities, and Transportation

November 2020

361 pages

ISBN:9781450380614

DOI:10.1145/3408308

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGEnergy: ACM Special Interest Group on Energy Systems and Informatics

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 November 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

IoTControl project (RFD-15-0020)
IEA EBC Annex 79 and were support by EUDP (64018-0558)

Conference

BuildSys '20

Sponsor:

SIGEnergy

BuildSys '20: The 7th ACM International Conference on Systems for Energy-Efficient Buildings, Cities, and Transportation

November 18 - 20, 2020

Virtual Event, Japan

Acceptance Rates

BuildSys '20 Paper Acceptance Rate 38 of 139 submissions, 27%;

Overall Acceptance Rate 148 of 500 submissions, 30%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
200
Total Downloads

Downloads (Last 12 months)18
Downloads (Last 6 weeks)3

Reflects downloads up to 10 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Geng RWang YWei Q(2024)Privacy Risks in the Storytelling of Open Government Data: A Study from the Perspective of User Cognitive ReasoningProceedings of the Association for Information Science and Technology10.1002/pra2.104861:1(506-510)Online publication date: 15-Oct-2024
https://doi.org/10.1002/pra2.1048
Ghorashi SZia TBewong MJiang Y(2023)An Analytical Review of Industrial Privacy Frameworks and Regulations for Organisational Data SharingApplied Sciences10.3390/app13231272713:23(12727)Online publication date: 27-Nov-2023
https://doi.org/10.3390/app132312727
Xia BLu QPerera HZhu LXing ZLiu YWhittle J(2023) Towards Concrete and Connected AI Risk Assessment (C 2 AIRA): A Systematic Mapping Study 2023 IEEE/ACM 2nd International Conference on AI Engineering – Software Engineering for AI (CAIN)10.1109/CAIN58948.2023.00027(104-116)Online publication date: May-2023
https://doi.org/10.1109/CAIN58948.2023.00027

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents