Inventors' Corner: Innovations enable privacy by design

IBMers patent important privacy inventions

By 2011, the world will be 10 times more instrumented than it was in 2006. Internet connected devices will leap from 500 Million to 1 Trillion. Approximately 70% of the digital universe is created by individuals, but enterprises are responsible for 85% of the security, privacy, reliability, and compliance.

Increasingly, the proliferation of data-generating sensors and mobile computing devices, and the emergence of new forms of communication such as social networking, are driving unprecedented growth in the collection, storage and management of all types of data.

Not surprisingly, this phenomenon has sparked growing demand for the ability to extract intelligence from these massive mountains of information—intelligence that can enable organizations to improve their decision-making and run their businesses more effectively and efficiently.

With this capacity to rapidly sift thru data and gain new insights comes a significant challenge and responsibility when it comes to personal information, or information that relates to identifiable individuals: how to enable the exchange and analysis of data, while protecting privacy.

IBM has long recognized the importance of information privacy and led by example in its own privacy polices and practices: the company was the first multinational to adopt a global privacy policy in the late 1960s, and continued that leadership as recently as 2005 when it was the first company to address genetic privacy.

But policies and practices are not enough on their own to address the privacy challenges of an increasingly smarter planet. Thoughtfully-designed technologies can play a key role here, part of a paradigm that some are calling “Privacy by Design.”

IBM inventors have been designing for privacy for years, receiving many patents for inventions that support the company’s commitment to being a privacy leader. Here’s just a sampling:

Method And Apparatus For Password Based Authentication In A Distributed System -- U.S. Patent #6094721 -- this invention has been incorporated into Lotus Notes and protects an individual’s privacy by not allowing someone to impersonate them and thereby gain unauthorized access to personal data stored on a sever.

System and Method for Maintaining Customer Privacy -- U.S. Patent #7051006 -- this invention prevents unauthorized access to private data by splitting a database into two parts -- public data and private data. The private data is encrypted, but not the public data. A customer can access the public and private data via a service provider, but only the customer is allowed to decrypt the encrypted data, while remaining anonymous to the service provider. This invention prevents private data from being inadvertently disclosed to the service provider.

Secure System and Method for Enforcement of Privacy Policy and Protection of Confidentiality --U.S. Patent #7401352 -- The patent relates to controlling the exchange of private data between enterprise systems. This invention describes how each system has its own privacy rules, and, when the first system attempts to access the data on second system, the second system examines the privacy rules from first system to ensure that they meets its pre-determined privacy policy before permitting access to its private data.

Digital persona for providing access to personal information -- U.S. Patent #6581059 -- This invention describes a method for regulating access to personal information by ensuring that a requestor (computer or computer user) will adhere to prearranged conditions that govern use of the information. The computer system or user must explain how the requested information will be used. If the proposed conditions of use are acceptable, the information will be released to the requestor. If the suggested conditions are unacceptable, the request will be denied and the requestor will have to negotiate the conditions of use until acceptable conditions are reached, or until it is determined that acceptable conditions cannot be obtained.

IBM’s privacy leadership and innovation was recently recognized by the Society for Computer Science (GI), a German nonprofit professional society, which lauded work by scientists from our Zurich lab for their pioneering work on a smart card to embed advanced technology that offers simultaneously both strong authentication and privacy.

As the physical and digital worlds increasingly converge, and private information flows from desktop to cloud, IBMers around the globe are helping the company invent, deliver thought leadership, and continue its dedication to providing clients with trusted and secure technologies, services and solutions.