Information, Security, Privacy, and Anonymity: Definitional and Conceptual Issues Björn Lundgren Doctoral Thesis in Philosophy KTH Royal Institute of Technology Stockholm, Sweden, 2018 1 Abstract Björn Lundgren, Information, Security, Privacy, and Anonymity: Definitional and Conceptual Issues, Doctoral Thesis in Philosophy. Theses in Philosophy from the Royal Institute of Technology 61. Stockholm, 2018, 224 pp. ISBN: 978-91-7729-759-8. TRITA-ABE- DLT-1811. Public defense of this Doctoral Thesis will be held at Monday, June 4, 2018, 1.00 pm., Kollegiesalen, Brinellvägen 8, Royal Institute of Technology, KTH, Stockholm. This doctoral thesis consists of five research papers that address four tangential topics, all of which are relevant for the challenges we are facing in our socio-technical society: information, security, privacy, and anonymity. All topics are approached by similar methods, i.e. with a concern about conceptual and definitional issues. In Paper I— concerning the concept of information and a semantic conception thereof—it is argued that the veridicality thesis (i.e. that information must be true or truthful) is false. In Paper II—concerning information security—it is argued that the current leading definitions suffer from counter-examples, and lack an appropriate conceptual sense. Based on this criticism a new kind of definition is proposed and defended. In Paper III—concerning control definitions of privacy—it is argued that any sensible control-definition of privacy must properly recognize the context as part of the defining criteria. In Paper IV—concerning the concept of privacy—it is argued that privacy is a normative concept and that it is constituted by our social relations. Final, in Paper V— concerning anonymity—it is argued that the threat from deanonymization technology goes beyond harm to anonymity. It is argued that a person who never is deanonymized can still be harmed and what is at stake is an ability to be anonymous. Keywords: definitions; distinctions; conceptual analysis; philosophy of information; philosophy of risk, security; information; information security; semantics; semantic information; veridicality thesis; informativity; appropriate access; CIA; privacy; control; context; pro tanto good; social relations; anonymity; deanonymization; ability to be anonymous 2 Thesis composition This doctoral thesis consists of an introduction and the following research papers: I. Björn Lundgren (2017) “Does Semantic Information Need to be Truthful?” Synthese. https://doi.org/10.1007/s11229-017- 1587-5.* II. Björn Lundgren & Niklas Möller (2017) “Defining Information Security” Science and Engineering Ethics. https://doi.org/10.1007/s11948-017-9992-1.* III. Björn Lundgren (under review) “Privacy as a Relational Concept”. IV. Björn Lundgren (under review) “A Dilemma for Privacy as Control and Why the Context Matters”. V. Björn Lundgren (under contract for publication) “Beyond the Concept of Anonymity: What is Really at Stake?” In K. Macnish and J. Galliot Big Data and the Democratic Process. ISBN: 978-91-7729-759-8. TRITA-ABE-DLT-1811. © 2018 by Björn Lundgren. Printed by US-AB, Stockholm, Sweden 2018. * Paper I and II are reproduced here with kind permission from Springer Science+Business Media B.V., under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made. The versions in this thesis have been adapted to the style of the thesis, which also includes changes such as the placement of acknowledgment and copyright information, style of reference, and numbering of headings. The funding note is also removed (see acknowledgement). Both papers also include some corrections (see the added errata note for each paper). 3 Table of contents Abstract .............................................................................................................. 2 Thesis composition .......................................................................................... 3 Acknowledgement ............................................................................................ 7 Svensk sammanfattning ................................................................................... 9 Introduction .................................................................................................... 13 1. Introducing the introduction ................................................................ 13 2. Methodology ........................................................................................... 16 3. Themes ..................................................................................................... 26 4. Future research ....................................................................................... 50 Appendix: Definitions ............................................................................... 56 References .................................................................................................... 67 Does Semantic Information Need to be Truthful? ................................... 73 Abstract ........................................................................................................ 73 1. Introduction ............................................................................................ 75 2. Background and specification............................................................... 77 3. A liar paradox for a veridical conception of semantic information 81 4. Is false information genuine information?.......................................... 83 5. Must information be informative? ....................................................... 89 6. Conclusions ............................................................................................. 97 Appendix: Further arguments on the information liar paradox .......... 98 References .................................................................................................. 107 Defining Information Security ................................................................... 113 Abstract ...................................................................................................... 113 1. Introduction .......................................................................................... 115 2. Counter-examples to the CIA definition .......................................... 120 3. The Appropriate Access definition .................................................... 129 4. Further arguments for the AA definition ......................................... 140 4 5. Conclusions ........................................................................................... 147 References .................................................................................................. 149 A Dilemma for Privacy as Control and Why the Context Matters ....... 155 Abstract ...................................................................................................... 155 1. Introduction .......................................................................................... 156 2. Control and a dilemma from counter-examples .............................. 158 3. Resolving the control-based dilemma ............................................... 161 4. A contextual counter-example............................................................ 164 References .................................................................................................. 168 Privacy as a Relational Concept ................................................................. 171 Abstract ...................................................................................................... 171 1. Introduction .......................................................................................... 172 2. Privacy as a pro tanto good ................................................................... 175 3. Explicating privacy as constitutive of social relations ..................... 182 4. Summation ............................................................................................ 194 References .................................................................................................. 195 Beyond the Concept of Anonymity: What is Really at Stake? ............... 199 Abstract ...................................................................................................... 199 1. Introduction .......................................................................................... 200 2. Deanonymization and information aggregation .............................. 204 3. The risk of future deanonymization and harm without deanonymization ....................................................................................... 208 4. Explicating our ability to be anonymous .......................................... 212 5. Dual usage of deanonymization technologies .................................. 215 6. Summation and final comments ........................................................ 218 References .................................................................................................. 219 Theses in Philosophy from the Royal Institute of Technology ........... 221 5 0 Acknowledgement I wish to thank my supervisors Niklas Möller and Sven Ove Hansson for giving me the opportunity to write