What this blog is about

September 29, 2008 at 11:41 pm 1 comment

From the About page:

This is a blog about my research on privacy and anonymity. The title refers to the fact that there are only 6.6 billion people in the world, so you only need 33 bits (more precisely, 32.6 bits) of information about a person to determine who they are.

This fact has two related consequences. First, a lot of traditional thinking about anonymous data relied on the fact that you can hide in a crowd that’s too big to search through. That notion completely breaks down given today’s computing power: as long as the bad guy has enough information about his target, he can simply examine every possible entry in the database and select the best match.

The second consequence is that 33 bits is not really a lot. If your hometown has 100,000 people, then knowing your hometown gives me 16 bits of entropy about you, and only 17 bits remain. But the real danger is that information about a person’s behavior, which was traditionally not considered personally identifying, can be used to cause serious privacy breaches in a variety of different contexts.

This blog will announce, explain and elaborate on my research as it relates to the above theme. I will also use it as an outlet for my opinions on the broader technical, policy, business and social issues related to my work.

Serious content coming soon. In the meanwhile, grab the RSS feed.

Entry filed under: Uncategorized. Tags: , .

Article about Netflix paper in law journal

1 Comment Add your own

  • 1. Álvaro Del Hoyo  |  March 17, 2010 at 11:38 am

    Arvind,

    This is the quind of site i was looking for.

    As Infosec management consultant and IT lawyer and really in anonymization and re-identification.

    All along these years and telling my customers that all we are living in un-security -anonymization is unfeasible, may be not right now, but for one, two,…. days after-, and that it is impossible to be 100% legal conformed, so that they have to manage the risks associated to information un-security, specially image damage/reputation and/or customer lost, fine rulings and crime convictions.

    Thanks for your sharing.

    Will contribute from time to time to compensate ;-p

    Regards

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed


About 33bits.org

I'm an assistant professor of computer science at Princeton. I research (and teach) information privacy and security, and moonlight in technology policy.

This is a blog about my research on breaking data anonymization, and more broadly about information privacy, law and policy.

For an explanation of the blog title and more info, see the About page.

Me, elsewhere

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 247 other followers