Female pioneers in data privacy and security: a tribute on International Women’s Day

By Theresa Stadler - March 08, 2018


When I first started working in data privacy, it really struck me that two of the most popular statistical data privacy models were invented by female computer scientists: Differential Privacy by Cynthia Dwork and k-anonymity by Latanya Sweeney. Having come from the male-dominated world of Machine Learning research, the presence of all these women  was a surprise to me (even though it really shouldn’t be worth mentioning anymore).

I discovered that the number of leading female academics in privacy and security is exceptionally high, especially compared to other research areas related to computer science and statistics. Every time I encountered one of them I took a note and started my list of personal role models: female pioneers in data privacy and security.

In preparation of International Women’s Day, I asked my fellow Privitarians to contribute to this list. I was sure that they would have come across other impressive women that I hadn’t even heard about. And indeed, they introduced me to new names and new discoveries. This blog is just a tiny glimpse into the contribution of women to privacy and security.

Happy International Women’s Day 2018!

Cynthia Dwork

Without her: One of the strongest privacy guarantees for publishing aggregate statistics would not exist.

About her: Cynthia Dwork is arguably one of the most famous figures in the data privacy world. She is the inventor of Differential Privacy, a formal, statistical notion of an individual’s privacy in aggregate statistics (see Charlie’s introduction article). To get a grasp of the impact of this pioneering work, just have  a look at the deployment of Differential Privacy techniques nowadays: Google, Apple, Microsoft and the US Census Bureau all use technologies based on Cynthia Dwork’s ideas to privately compute summary statistics from sensitive user data. One thing’s for sure, Cynthia Dwork does not shy away from the hard challenges that need to be solved in the age of big data analytics. She has moved on to researching fairness and bias in Machine Learning.

Must read: Cynthia Dwork, Frank McSherry, Kobbi Nissim, and Adam Smith. Calibrating noise to sensitivity in private data analysis. In Theory of Cryptography Conference, pages 265–284.Springer, 2006

Latanya Sweeney

Without her: The risk of re-identification through linkage attacks on sensitive datasets would still be underestimated.

About her: Latanya Sweeney did some groundbreaking work on the privacy risks of re-identification through linkage attacks (see Alex’s blog post on data masking). She demonstrated, in a real-world case, how easily background information could be linked to insufficiently anonymised, sensitive datasets to re-identify individuals. But her work didn’t stop there. Latanya further advised ways to fix the problem she had identified and proposed a new data privacy model: k-anonymity (see Will’s blog post on k-anonymity). Ever since, she’s been fighting hard to educate governments and policy makers about the risks in data sharing and to help them adopt the risk mitigation strategies she had co-developed.

Must read: Sweeney, Latanya. "k-anonymity: A model for protecting privacy." International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 10.05 (2002): 557-570.

Dorothy Denning

Without her: Many of the vulnerabilities of statistical databases would have been left undiscovered.

About her: Dorothy Denning and her colleagues were among the first to explore how sensitive information about individuals could be leaked from multiple queries on statistical databases. Her work provided the basis for a whole class of privacy-preserving methods aimed at protecting the confidentiality of databases if queried by an analyst. This class of techniques is often referred to as statistical disclosure controls. Without the work of Dorothy Denning, who introduced for example the concept of tracker attacks, our understanding of the risk in statistical databases would be much less complete.

Must read: Denning, Dorothy E., Peter J. Denning, and Mayer D. Schwartz. "The tracker: A threat to statistical database security." ACM Transactions on Database Systems (TODS) 4.1 (1979): 76-96.

Helen Nissenbaum

Without her: We would lack a framework for understanding privacy expectations and their implications on law, public policy, and political philosophy.

About her: Helen Nissenbaum’s work on privacy brings together expertise in philosophy, politics, and technology. She invented the Contextual Integrity theory of privacy. Helen Nissenbaum has contributed to privacy-enhancing software, including TrackMeNot (for protecting against profiling based on Web search) and AdNauseam (protecting against profiling based on ad clicks). Both are free and freely available.

Must read: Nissenbaum, Helen. "Privacy as contextual integrity." Wash. L. Rev. 79 (2004): 119.

Katrina Ligett

Without her: There would be a large gap between the theory of Differential Privacy and the concept of privacy as a social value.

About her: Katrina Ligett started her academic career as a theoretical Differential Privacy researcher and, among many other major contributions, invented an algorithm to safely release synthetic datasets. But as she saw the need to move these mechanisms from theory into practice, she started another new and exciting stream of work: Combining concepts from economics, algorithmic game theory and data privacy to understand the value of privacy-enhancing technologies in business applications and real-world contexts. Not only does Katrina Ligett have outstanding expertise in so many different fields - she’s also an excellent lecturer who can explain some of the most complex concepts in statistics and computer science in plain language, and to a wide audience.

Must read: Ligett, Katrina, and Aaron Roth. "Take it or leave it: Running a survey when privacy comes at a cost." International Workshop on Internet and Network Economics. Springer, Berlin, Heidelberg, 2012.

These are just five of the many women who’ve done - or are still doing -  outstanding work in data science. Here’s to a time, in the hopefully not too distant future, when we won’t even have to mention the fact that they’re women anymore.