|
White Paper & Bio
As information technology continues to spread, we note an increasing
awareness within a variety of organizations of the fundamental need
to address security and privacy concerns for stored information (Karat,
Karat, Brodie and Feng, 2005). We believe that meeting this need requires
an understanding of policies that govern information collection and
use accompanied by development of technologies that can assist in
authoring, implementing, and monitoring such policies. Our research
has focused on understanding the tools and architectures necessary
to author and implement policies that govern the storage and use of
a variety of sensitive information by organizations, and on understanding
the requirements for evaluating the compliance of such policies with
high level goals and legislation. This focus emerged through a user-centered
design process in which we first examined how privacy was managed
in organizations and then developed scenarios along with prototypes
to help explore the privacy management needs within organizations.
We see this process as a merging of user-centered design ideas from
contextual design (Beyer and Holtzblatt, 1998) and scenario-based
design (Carroll, 1995).
While personal information has long been considered sensitive, and
organizations have developed manual processes and guidelines to keep
information confidential, developments in pervasive technology put
new demands on such organizations. In considering pervasive technology,
we have found it useful to think of “pervasive technology environments”.
By this we mean that people exist in environments which are increasingly
surrounded by information gathering agents – some human, some
technology sensors. In the last few years there has been a growing
interest among government, healthcare, and financial organizations,
as well as researchers and the general public in collecting, storing
and using records in widely available electronic forms (Baumer, Earp,
and Payton, 2000; Ball, 2003). For cost effectiveness, standard processes
to more easily store and access records are seen as necessary for
a variety of organizations. for example, proponents of electronic
medical records have argued that if personal information is collected
about individuals it can be used to improve the quality of care (Hagen,
2000). While there are considerable technical challenges in creating
comprehensive patient records, there is at least one social challenge
that also needs to be addressed as such systems are designed –
the mechanisms for managing privacy within electronic patient record
systems. We see the success of systems in the healthcare arena as
dependent on building trust between organizations and people whose
data they maintain, on privacy enabled by technology to manage policies
within organizations, and on personalization of system functionality
enabled by appropriate use of personal information. We believe that
these elements are all closely related in considering pervasive technology
in general.
We have found that organizations increasingly store sensitive electronic
information in environments which include heterogeneous server system
environments. Currently they do not have a unified way of defining
or implementing privacy or security access control policies that encompass
data collected and used by both Web and legacy applications across
different server platforms. This makes it difficult for the organizations
to put in place proper management and control of sensitive information
or to verify that required or intended regulations for the use of
information are met by the organization. This finding is not new.
Examinations of privacy policy implementations within organizations
have not changed the picture much in the past 15 years, with the findings
of Smith (1993) largely consistent with our own more recent studies
(Karat et al., 2005). While there has been considerable attention
to the development and posting of privacy policies on websites (e.g.,
Jensen and Potts, 2004), almost all of these policies are vague and
lack connections to technology that might actually implement them.
Based on our findings from working with organizations, we believe
that helping to close the gap between the high level policies organizations
strive to adhere to and the low level actions carried out within their
IT systems is an important topic for research and development.
|
|
John Karat
IBM T.J.
Watson Research Center
Privacy Enabling Technology
Research
|
|
|
Biographical Data
John Karat (http://www.research.ibm.com/people/j/jkarat)
is a cognitive psychologist who has worked his entire career to
make computing technology more useful in people's lives. Over his
career with IBM Development (1982-1987) and Research (1987-2007)
he has worked on the development of guidelines and principles for
user interface design (including the chairing committees for the
development of ANSI and ISO standards), researched and advised on
design collaboration, researched and developed speech-based systems
(including the design of IBM’s large vocabulary desktop speech
recognition system), researched and designed electronic medical
record systems for Kaiser Colorado Region and Barnes Hospital in
St Louis), and information search and unstructured knowledge management,
entertainment applications, and personalization. John is currently
involved in research on privacy and information system policy management
in a project which is focused on natural language policy authoring
and implementation (http://www.research.ibm.com/sparcle).
At IBM Research, he has been a researcher, project leader, and manager.
John is currently co-leader of the IBM Privacy Research Institute,
PI and project manager on a project to enable end-to-end management
of privacy policies in natural language, and project leader for
an innovative industry/academia open collaborative research (OCR)
initiative in privacy and security policy management with Carnegie
Mellon and Purdue Universities.
|
|