Privacy, Security, and Trust in KDD

Vast amounts of data are collected by service providers and system administ- tors, and are available in public information systems. Data mining technologies provide an ideal framework to assist in analyzing such collections for computer security and surveillance-related endeavors. For instance, system administrators can apply data mining to summarize activity patterns in access logs so that potential malicious incidents can be further investigated. Beyond computer - curity, data mining technology supports intelligence gathering and summari- tion for homeland security. For years, and most recently fueled by events such as September 11, 2001, government agencies have focused on developing and applying data mining technologies to monitor terrorist behaviors in public and private data collections. Theapplicationof data mining to person-speci?cdata raisesseriousconcerns regarding data con?dentiality and citizens privacy rights. These concerns have led to the adoption of various legislation and policy controls. In 2005, the - ropean Union passed a data-retention directive that requires all telephone and Internetservice providersto store data ontheir consumers for up to two yearsto assist in the prevention of terrorismand organized crime. Similar data-retention regulationproposalsareunderheateddebateintheUnitedStatesCongress. Yet, the debate often focuses on ethical or policy aspects of the problem, such that resolutions have polarized consequences; e. g. , an organization can either share data for data mining purposes or it can not. Fortunately, computer scientists, and data mining researchers in particular, have recognized that technology can beconstructedtosupportlesspolarizedsolutions. Computerscientistsaredev- oping technologies that enable data mining goals without sacri?cing the privacy and security of the individuals to whom the data correspond.