Inman Harvey · Ann Cavoukian George Tomko · Don Borrett Hon Kwan · Dimitrios Hatzinakos Editors SmartData Privacy Meets Evolutionary Robotics SmartData

Inman Harvey • Ann Cavoukian George Tomko • Don Borrett Hon Kwan • Dimitrios Hatzinakos Editors

SmartData

Privacy Meets Evolutionary Robotics Editors Inman Harvey Ann Cavoukian School of Informatics Office of the Information University of Sussex and Privacy Commissioner of Brighton, UK , ON, Canada

George Tomko Don Borrett Identity, Privacy and Security Initiative Department of Medicine University of Toronto Toronto, ON, Canada Toronto, ON, Canada

Hon Kwan Dimitrios Hatzinakos Department of Neurophysiology Electrical and Computer Engineering University of Toronto University of Toronto Toronto, ON, Canada Toronto, ON, Canada

ISBN 978-1-4614-6408-2 ISBN 978-1-4614-6409-9 (eBook) DOI 10.1007/978-1-4614-6409-9 Springer New York Heidelberg Dordrecht London

Library of Congress Control Number: 2013932866

# Springer Science+Business Media New York 2013 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. Exempted from this legal reservation are brief excerpts in connection with reviews or scholarly analysis or material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the work. Duplication of this publication or parts thereof is permitted only under the provisions of the Copyright Law of the Publisher’s location, in its current version, and permission for use must always be obtained from Springer. Permissions for use may be obtained through RightsLink at the Copyright Clearance Center. Violations are liable to prosecution under the respective Copyright Law. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. While the advice and information in this book are believed to be true and accurate at the date of publication, neither the authors nor the editors nor the publisher can accept any legal responsibility for any errors or omissions that may be made. The publisher makes no warranty, express or implied, with respect to the material contained herein.

Printed on acid-free paper

Springer is part of Springer Science+Business Media (www.springer.com) Acknowledgements

The Identity, Privacy, and Security Institute (IPSI) at the University of Toronto in association with the Information and Privacy Commissioner of Ontario, Canada, hosted an International Symposium on SmartData from May 14 to 16, 2012. Principal funding for the symposium and proceedings was provided by the University of Toronto’s Connaught Fund.

v

Contents

1 Privacy by Design and the Promise of SmartData ...... 1 Ann Cavoukian 2 SmartData: The Need, the Goal and the Challenge ...... 11 George Tomko 3 Perspectives on Artificial Intelligence: Three Ways to Be Smart ...... 27 Inman Harvey 4 Context Dependent Information Processing Entails Scale-Free Dynamics ...... 39 Donald Borrett 5 Philosophy and SmartData: Do SmartData Need to Be Smart? Does It Matter? ...... 47 Stephen Biggs 6 Relevance Realization and the Neurodynamics and Neuroconnectivity of General Intelligence ...... 57 John Vervaeke and Leonardo Ferraro 7 What Matters: Real Bodies and Virtual Worlds ...... 69 Michael Wheeler 8 The Development of Autonomous Virtual Agents ...... 81 Karl Friston 9 Patterns of Attractors in the “Brain”. Wild Dynamics at the Edge ...... 91 Enrique R. Pujals

vii viii Contents

10 A Privacy-Enabled Mobile Computing Model Using Intelligent Cloud-Based Services ...... 107 Edward R. Sykes, Huy Pham, Magdin Stoica, Khaled Mahmud, and Deborah Stacey 11 Unconstrain the Population: The Benefits of Horizontal Gene Transfer in Genetic Algorithms ...... 117 Nicholas Tomko, Inman Harvey, and Andrew Philippides 12 A Robust System for Distributed Data Mining and Preserving-Privacy ...... 129 El Sayed Mahmoud and David Calvert 13 A Distributed Mobile Application for Data Collection with Intelligent Agent Based Data Management Policy ...... 139 Marek Laskowski, Bryan C.P. Demianyk, and Robert D. McLeod 14 Security Risks Assessment Based on Intelligent Systems and Attack Graphs ...... 149 Masoud Mohammadian and Dimitrios Hatzinakos 15 An Adaptive Intelligent Fuzzy Logic Classifier for Data Security and Privacy in Large Databases ...... 161 Masoud Mohammadian and Dimitrios Hatzinakos 16 The Security Architecture Discipline as Catalyst to Effect Secure SmartData Design: Employing Abuse Case Elaboration for Attack Vector Discovery and Countermeasure Determination ...... 173 Murray Rosenthal 17 Trust and Non-person Entities: SmartData as NPE Candidate ...... 187 Murray Rosenthal 18 Privacy-Enabled Mobile-Health (mHealth)-Based Diabetic Solution ...... 197 Sasan Adibi, Rozita Dara, Nilmini Wickramasinghe, Caroline Chan, and Soumitri Varadarajan Contributors

Sasan Adibi RMIT University, Melbourne, VIC, Australia Stephen Biggs Iowa State University, Ames, IA, USA Donald Borrett Department of Medicine, University of Toronto, Toronto, ON, Canada David Calvert School of Computer Science, , Guelph, ON, Canada Ann Cavoukian Office of the Information and Privacy Commissioner of Ontario, Toronto, ON, Canada Caroline Chan RMIT University, Melbourne, VIC, Australia Rozita Dara Office of the Information and Privacy Commissioner of Ontario, Toronto, ON, Canada Bryan C.P. Demianyk University of Manitoba, Winnipeg, MB, Canada Leonardo Ferraro University of Toronto, Toronto, ON, Canada Karl Friston The Wellcome Trust Centre for Neuroimaging, University College London, London, UK Inman Harvey School of Informatics, University of Sussex, Brighton, UK Dimitrios Hatzinakos Bell Canada Chair in Multimedia, Department of Electrical and Computer Engineering, University of Toronto, Toronto, ON, Canada Marek Laskowski , Toronto, ON, Canada El Sayed Mahmoud School of Computer Science, University of Guelph, Guelph, ON, Canada Khaled Mahmud Faculty of Applied Science and Technology, Sheridan College, Oakville, ON, Canada

ix x Contributors

Robert D. McLeod University of Manitoba, Winnipeg, MB, Canada Masoud Mohammadian Faculty of Information Science and Engineering, University of Canberra, Canberra, ACT, Australia Huy Pham Faculty of Applied Science and Technology, Sheridan College, Oakville, ON, Canada Andrew Philippides University of Sussex, Brighton, UK Enrique R. Pujals IMPA-OS, Rio de Janeiro, Brazil Murray Rosenthal Information and Technology, City of Toronto, Toronto, ON, Canada Deborah Stacey College of Physical and Engineering Science and School of Computer Science, University of Guelph, Guelph, ON, Canada Magdin Stoica Faculty of Applied Science and Technology, Sheridan College, Oakville, ON, Canada Edward R. Sykes Faculty of Applied Science and Technology, Sheridan College, Oakville, ON, Canada George Tomko Identity, Privacy and Security Institute (IPSI), University of Toronto, Toronto, ON, Canada Nicholas Tomko University of Sussex, Brighton, UK Soumitri Varadarajan RMIT University, Melbourne, VIC, Australia John Vervaeke Cognitive Science, University of Toronto, Toronto, ON, Canada Michael Wheeler School of Arts and Humanities: Philosophy, University of Stirling, Stirling, UK Nilmini Wickramasinghe Epworth HealthCare, Richmond, VIC, Australia RMIT University, Melbourne, Victoria, Australia Chapter 1 Privacy by Design and the Promise of SmartData

Ann Cavoukian

Abstract Recent years have seen technology grow at a rate never before encountered. The expansion of new technologies into daily life has offered unprecedented opportunities. However, as we benefit from the many advantages presented to us, we must also grapple with never before known concerns. Many of these pertain to the protection of our personal information. In this paper, it is my goal to address how personal data may be safeguarded by using information technology—to our advantage, not the opposite. My practical PrivacybyDesign(PbD) framework advances the concept that privacy should be built into technology and business practice right from the outset—well before the security of an individual’s personal data could ever be put at risk. An extension of PbD—PbD 2.0—is the concept of SmartData.SmartData empowers an individual’s personal data to “protect itself” by using virtual cognitive agents, in a manner that is both contextual and responsive to each individual’s needs. As technological innovations continue to impact the security of our personal informa- tion, I believe it is critical that privacy-enhancing technologies, such as SmartData, be employed to neutralize the threats that jeopardize our vital right to privacy, and in turn, our freedom.

1.1 Introduction: Naysayers and Innovators

Throughout history, there have always been naysayers—those who dismiss new ideas that do not fit into their understanding of “the way things are.” These are the individuals who are quick to utter the words never, impossible,orimpractical, forgetting about the limitless potential of human ingenuity. These people are entrenched in the present and suffer from a lack of imagination. As Albert Einstein once said, “The true sign of intelligence is not knowledge, but imagination.”

A. Cavoukian (*) Office of the Information and Privacy Commissioner of Ontario, Toronto, ON, Canada e-mail: [email protected]

I. Harvey et al. (eds.), SmartData: Privacy Meets Evolutionary Robotics, 1 DOI 10.1007/978-1-4614-6409-9_1, # Springer Science+Business Media New York 2013 2 A. Cavoukian

Imagine if the Wright Brothers had listened to Lord Kelvin, President of the Royal Society, who said, “Heavier-than-air flying machines are impossible.” Imagine if Henry Ford had given his ear to the president of the Michigan Savings Bank, who said, “The horse is here to stay but the automobile is only a novelty.” Imagine our world today if Bill Gates or Steve Jobs had taken the advice of Ken Olson, President and Founder of Digital Equipment Corporation who pronounced that, “There is no reason why anyone would want a computer in his home.” One of my favourite heroes of science is Nikola Tesla, who was highly maligned in his day. The famous inventor, Thomas Edison, was quick to dismiss Tesla’s work with alternating current, saying that, “[It] is just a waste of time.” Of course, it was Tesla’s work with alternating current that formed the basis of wireless radio, starting with transistors, and all that has stemmed from it. Just imagine what our lives would look like today, if these brilliant inventors had listened to the naysayers who would have stopped them dead in their tracks! While our history books glorify the work of innovators and dreamers, it would appear that the attitude of the naysayers rules the present. But we must reject that view—this is the era of rapidly evolving possibility. Many of the technological advancements that we are seeing today pertain to the Internet. However, with expanding Internet use, we have seen a surge of surveillance. Never before have there been so many opportunities for our personal information to be exploited. We cannot, and must not, listen to the naysayers who tell us that privacy is obsolete and that we should simply “get over” our concerns and move on. As the right upon which our freedoms are founded, privacy protections must coexist with security and other business functionalities. To explore the way forward, all we need to do is use our imaginations.

1.2 Era of Expanded Surveillance

The information technology revolution of the 1990s offered enormous benefits to society, but it also generated a new paradigm of concerns about privacy and data protection. In the late 1980s, surveillance cameras were not yet ubiquitous features in urban landscapes; biometric passports were still a vision of science fiction; identity theft, for the most part, involved a photocopier, scissors, and glue sticks; and surveillance drones that fly by themselves had not yet taken to the skies. Today, surveillance cameras are abundant in most of the world’s largest cities; biometric passports are being used in a variety of countries; identity theft is the fastest growing form of consumer fraud in North America; and, in some urban areas, surveillance drones pass overhead on a daily basis. Databases around the world store previously inconceivable amounts of personal information—mine, yours and every- one else’s. Unlike the paper-based records of the past, electronic records can be easily copied, duplicated, and shared. Sometimes the unauthorized use of personal data is not even illegal: Since bureaucracy often lags behind the rate of technological development, there are rarely effective policies that can keep pace to protect 1 Privacy by Design and the Promise of SmartData 3 personal data. More and more granular information is now being collected about us all, and this data is being used in multiple ways—not all of which are beneficial. Big Data is another growing phenomenon that is proving to be a significant challenge in the ever-changing privacy and information technology landscape. Governments and businesses, citizens and consumers, are now privy to a seemingly infinite amount of information. For example, more data was created in any 48-hour period in 2010, than had been created in the last 30,000 years, and by 2020 the same amount of data is predicted to be available for any single one-hour period!1 One of the things that concerns me the most about Big Data is that data analytics may be applied to personally identifiable information (PII). The term Big Data is often used to describe situations where an organization has collected so much information that it has become challenging to manage it all using current analytical technology. Future developments in data analytics will make obscure connections in mass stores of data possible, and at unprecedented speeds. A great fear of mine is that in our effort to make sense of the information available in these growing databases, the importance of privacy will be entirely overlooked. In our 24-7 wired world, where we turn to the Internet and smartphones to shop, bank and communicate, some of what will be digested in Big Data is information about personally identifiable individuals (PII). Who will have control over this informa- tion? How will it be used? To address essential questions like these, I developed a practical, business and consumer-friendly framework a number of years ago, called Privacy by Design (PbD). In 2010, Privacy by Design was unanimously passed as an International Privacy Standard in Jerusalem by the International Assembly of Privacy and Data Protection Authorities. PbD advances the view that privacy protection should be built into information technology and business practices alike, right from the outset—preventing the risks to privacy from arising, before a technology ever interacts with the information of an identifiable individual. PbD creates an ecosystem that ensures user control, user trust and the need for transparency, all of which are critical to the implementation of information systems. SmartData builds on this by advancing the proposition that intelligent “smart agents” can be integrated into IT systems—creating data that can in effect “protect itself.”

1.3 Privacy by Design

In my career as a privacy professional, my goal has always been to ensure the future of privacy, which lies at the heart of all of our freedoms. One of the most important steps I have taken to attain this goal is developing Privacy by Design [1]. At the core of PbD is the idea of engineering privacy directly into new technologies, business

1 Chrystia Freeland, Yuri Milner on the future of the Internet, Reuters, September 23, 2011, http:// blogs.reuters.com/chrystia-freeland/2011/09/23/yuri-milner-on-the-future-of-the-internet/