Protecting privacy: Make the data 'fade away' like footsteps in the sand

However well we protect our data, sooner or later we run the risk of information we want to keep private ending up in the public domain. So how can we see information fade away over time? If we could let details gradually disappear from view this would drastically reduce privacy-related...

"Keeping things private doesn't bother me. I have nothing to hide." That appears to be the attitude of many Dutch citizens with regard to information that can be accessed on the internet. Internet users post personal details and photos in profiles on social networking websites such as Facebook, Hyves and LinkedIn, and are often blissfully unaware of how such information can be used or abused. Yet at the same time, there is widespread fear among the general public of their patient details being included in an Electronic Health Record and privacy protection issues have even cropped up in the political debate on road pricing.

The main focus in such public discussions is always security. Harold van Heerde argues that the focus on security alone is too narrow. He even goes so far as to claim that sound security is more or less impossible to achieve. In his view, the discussion should focus on the type of information we store, the purpose behind storing it and how long we store it for.

Footprints in the sand

He is therefore advocating a method whereby information is allowed to fade away over time "like footprints in the sand." This will allow the service provider who needs to use the information to make use of it for some time, while ensuring that useful details will no longer be accessible to those who might want to abuse them. This would entail making prior agreements about how long information should be kept and how quickly it should be allowed to fade away. The key is to strike a balance between the usefulness of the data and the length of time for which it is stored.

Harold van Heerde insists that this calls for a whole new approach to databases: current systems are optimized for long-term data storage and access, not for allowing data to simply fade away.. That is why new techniques are needed to allow data to be efficiently and irretrievably erased. In his dissertation, van Heerde reviews storage structures, indexing methods and log mechanisms and shows that data degradation is a realistic model that can be implemented with an acceptable loss of performance.