Wednesday, May 29, 2013
Why does every system have to be Internet facing? I can see commerical enterprises wanting to save money but using public networks, but government and the military? For them, money is merely a way to keep score. It's not real.
Just as two can keep a secret if one of them is dead, if you want a secure system, segregate it; take it offline. While I'm pained to think of the lost information, it's even more painful to know that it could have been prevented.
Talk about being on the horns of a dilemma. As a publisher, I know there are far too many pirated versions of what I publish freely available to anyone who wants to spend a few seconds searching. Do I want to make it even easier to share? On the other hand, as a consumer I want to own, and lend, what I buy. The music industry seems to have resigned itself to this. If I buy music online, I download it and for all intents and purposes own it. I can burn it to a CD, or it send as an email attachment. Movies, too, are like music. Should I buy a DVD, I can lend it like a book, although I'm more likely to rent a movie online than buy and download it.
EBooks, as we know, aren't nearly as consumer friendly. Amazon keeps everyone imprisoned its inaptly named 'walled garden.' And while there's limited sharing within the Amazon and B&N universes, it's not true sharing. And I really don't understand the limitations on library lending. It seems the controls are similar to those for print books; a library can only lend as many copies as it has rights. Once the ebook limit is reached, I go on a waiting list, just as for print books.
Wednesday, May 22, 2013
I've had authors related tales of 1,000s of downloads of their books from pirate sites. I suspect that most of those downloads don't really represents lost sales. Still, I'm seeing a steady decline in book purchases, in any format. That needs to change.
Monday, May 20, 2013
I saw a presentation by Purdue's Prof. Tiancheng Li on how easily this can be done. Here's an example.
The Massachusetts Group Insurance Commission (GIC), which is responsible for purchasing health insurance for state employees, publishes for each employee zip, dob, sex, diagnosis, procedure, ... A researcher then purchased the Massachusetts Voter registration list, which contained name, party, ..., zip, dob, sex. Using three attributes--dob, sex, zip--the researcher was able to identify the medical record of then Governor William Weld.
This was a fairly benign example. But consider, for example, insurance companies using similar techniques to identify pre-existing conditions, or employers using them to dig into backgrounds of present or potential employees.
We know we can't trust industry to self-regulate, or place PII about its own self-interests.
It just so happens that we have two new books that deal with this problem, should you care to solve it.
Guide to the De-Identification of Personal Health Information by Khaled El Emam and
The Complete Book of Data Anonymization: From Planning to Implementation by Balaji Raghunathan.
Click here to read An Overview of Data Anonymization.