Slashdot Mirror

← Back to Stories (view on slashdot.org)

Taking Back Control of Your Data, With Fine Grained, Explicit Permissions

Posted by timothy on from the consent-as-a-dialogue dept.

BrokenHalo writes with a story at New Scientist outlining one approach to reclaiming your online privacy: a software gatekeeper (described in detail in a paper from last year) from two MIT developers. "Developers Sandy Pentland and Yves-Alexandre de Montjoye claim OpenPDS (PDF) disrupts what NSA whistleblower Edward Snowden called the 'architecture of oppression,' by letting users see and control any third-party requests for their information – whether that's from the NSA or Google. Among other things, the Personal Data Store includes a mechanism for fine-grained management of permissions for sharing of data. Personally, I'm not convinced that what the NSA demands outright to be shared is as relevant as what they surreptitiously take without asking."

5 of 55 comments (clear)

  1. I see a problem... by hercludes · · Score: 4, Interesting

    Regardless if this is a good idea with good implementation, people will find a way to get data openPDS is trying to hide. And it sounds like people who use this will only store more 'sensitive' information; digging themselves in a deeper hole.

  2. More useful by Rosco+P.+Coltrane · · Score: 5, Insightful

    Instead of a gatekeeper, I'd rather have a layer of software that automatically lies about myself (such as always giving my name as "John Doe" or my GPS location as being somewhere in the open desert near Timbuktu or something), so that not only the data hoarders don't get my personal information, but their data pool gets polluted. Bad data is much more of a problem to them than no data at all.

    --
    "A door is what a dog is perpetually on the wrong side of" - Ogden Nash
  3. Re:Oh the naivete!! by coldmist · · Score: 5, Funny

    You bet I can! I have my robots.txt file up to date, you know.

    --
    Don't steal. The government hates competition.
  4. Potential problem by Okian+Warrior · · Score: 5, Interesting

    Instead of a gatekeeper, I'd rather have a layer of software that automatically lies about myself (such as always giving my name as "John Doe" or my GPS location as being somewhere in the open desert near Timbuktu or something), so that not only the data hoarders don't get my personal information, but their data pool gets polluted. Bad data is much more of a problem to them than no data at all.

    I've been doing that for some years.

    In early September, my bank implemented a new type of authentication process. Before I could log in, it asked me a series of questions culled from the public records of my name - it said as much when it started.

    The questions were multiple choice, five answers, and went like this:

    In what town is 35 Granite Ave located?
    . Greenville
    . Lexington
    . Berwick
    . Nashua
    . Holliston

    Needless to say, I've never been to 35 Granite Ave (that I can remember), never lived there, and don't have the first clue what they were on about. My "polluted public records" came back to bite me.

    The bank representative couldn't help because they don't make the web page, the web page techs can't help because they outsource to a service, &c &c. It took extreme measures from one very helpful bank rep to allow me to log in, on a system which had been giving me no problems for many yeas. I'd be screwed if it were the cable, ISP, or phone company.

    I'm still in favour of polluting records. If the person asking doesn't have any business knowing whatever it is they're asking, I will lie.

    It looks like I'll have to start keeping track of the lies.

  5. Re:Needs to be an appliance.. by xtal · · Score: 4, Insightful

    It's quite easy to monitor all traffic.

    Monitoring is not the same thing as analyzing.. but I am quite certain I know where my packets are headed - at least when they're sent from my gateway. That's how the internet works.

    --
    ..don't panic