After A-Rod, When (If Ever) Are Assurances of Confidentiality Credible?

You may also like...

1 Response

  1. joe says:

    Well, what about technologically-mediated assurances of confidentiality? For example, what if in an informed consent protocol they included a statement that showed under what circumstances a malicious adversary could breach confidentiality. That may sound naive or subject to the technical sophistication of the participant (the one agreeing to the informed consent protocol), but here me out with an example. wesabe.com does something that would make investors and insurers very uneasy: they combine personal finance and social networking. Crazy! However, the way they protect your records involves a pretty ingenious piece of wizardry: the financial information and such is stored completely separately from your personal information. The link between the two is a password hash (read: a function that can turn your password into gibberish that no one can predict). This is effectively a “privacy wall” where they can only associate your financial records with “you” (as in your personal information) when you’re logged in (they don’t know your password). This kind of thing could be extended such that any linking keys like this are discarded after the primary analysis is done. Obviously, that would make the data less useful down the road, but for very good reasons.