banner.jpg

PORTIA Project Overview

Increasing use of computers and networks in business, government, recreation, and almost all aspects of daily life has led to a proliferation of sensitive data (i.e., data that, if used improperly, can harm data subjects or other relevant parties), and concern about the ownership, control, privacy, and accuracy of these data has become a top priority. Despite significant technical accomplishments in relevant research fields (e.g., cryptology and security, database systems, and data mining), there is no comprehensive technological infrastructure for handling sensitive data, nor is there even widespread social agreement about the rights and responsibilities of major stakeholders in our data-intensive, networked world.

The PORTIA Project is a five-year, multi-institutional, multi-disciplinary, multi-modal investigation that looks comprehensively at sensitive data in a networked world. There are two main academic centers of activity (Yale and Stanford), three smaller-scale academic participants (Stevens Institute of Technology, NYU, and the University of New Mexico), and substantial participation by non-academic partners, including technology companies, representatives of user communities, and DC-based policy organizations. Please refer to the PORTIA People page for a complete list of participants.

One major technical theme of the PORTIA Project is privacy-preserving data mining; papers written for this part of the project can be found in the Privacy-preserving, Secure Protocols and Databases and Data Mining sections of the PORTIA Publications page, and the FairPoll software package can be downloaded from the PORTIA software page. More generally, project participants are studying techniques for meeting the potentially conflicting goals of respecting individual rights and allowing legitimate organizations to collect and mine massive data sets. Other technical agenda items include but are not limited to (1) managing sensitive data in distributed systems and networks (papers about which can be found here), (2) policy expression and enforcement (papers about which can be found here), (3) identity protection (for which project participants have developed the PwdHash and SpoofGuard software packages and written papers that can be found here), (4) using trusted platforms to manage sensitive information, particularly copyright works (papers about which can be found here), and (5) coping with the sheer massiveness of many of the sensitive data sets that are routinely created and used (papers about which can be found here) . Because these technical goals are affected by lack of agreement about the meanings of basic terms, most notably "privacy," another major PORTIA goal is the development of a conceptual framework for the study of rights, responsibilities, and public policies focused on sensitive-data handling (papers about which can be found here). The starting point for this part of the project is recent work in Philosophy on the notion of ``contextual integrity,'' which considers both the context and the content of data sets in assessing sensitivity; PORTIA investigator Helen Nissenbaum's seminal paper on contextual integrity can be found here.

Education and community formation are also part of the PORTIA agenda. Toward this end, project participants teach a wide range of relevant courses and advise many students and postdocs; information about these activities can be found on the PORTIA education page. They also sponsor or co-sponsor a series of workshops on PORTIA themes.

A brief introductory paper, written shortly after the project began, can be found here . The papers in the Expository Material section of the PORTIA Publications page are accessible to non-scientists, as are the contents of the PORTIA media-coverage page. Newcomers to the PORTIA themes should look here for some additional pointers to generally accessible material on the PORTIA website and should also visit our Related Sites page.