Technology Science is an open access, peer reviewed, online publication of research on the unforeseen consequences of technology on society. We launched Technology Science http://techscience.org here at Harvard last summer. We’ve since published dozens of studies, received press coverage from around the world, and impacted the actions of governments, private companies, and civil society.
This week, we published our third issue of papers. Check out the highlights below. Come and join us as the authors present the papers and talk about the work. Refreshments will be served.
De-anonymizing South Korean Resident Registration Numbers Shared in Prescription Data by Latanya Sweeney, Ji Su Yoo
- South Korea’s national identifier, the Resident Registration Number (RRN) includes encoded demographic information and a checksum with a publicly-known pattern
- We conducted two de-anonymization experiments on 23,163 encrypted RRNs from prescription data of South Koreans
- We demonstrate the data’s vulnerability to de-anonymization by revealing all 23,163 unencrypted RRNs in both experiment
Full paper appears at <http://techscience.org/a/2015092901/>
Identity as a Service: Iceland’s Kennitala and the Convergence of Identifier and Authenticator in Online Third Party Applications by Gili Vidan
- Iceland’s national identifier, the Kennitala (KT), is computed from one’s date of birth and some random digits
- I found five Icelandic subjects online and was able to guess and verify their KT using a dating app
- This experiment suggests that KT registry may be reverse-engineered and expose personal data on services that rely on the KT for authentication
Full paper appears at <http://techscience.org/a/2015092902/>
Only You, Your Doctor, and Many Others May Know by Latanya Sweeney
- Washington State is one of 33 states that share or sell anonymized health records
- I conducted an example re-identification study by showing how newspaper stories about hospital visits in Washington State leads to identifying the matching health record 43% of the time
- This study resulted in Washington State increasing the anonymization protocols of the health records including limiting fields used for the re-identification study
Full paper appears at <http://techscience.org/a/2015092903/>
Defeating ISIS on Twitter by Batsheva Moriarty
- I evaluated 1.5 million tweets from 1,500 ISIS-affiliated Twitter accounts to determine if they were humans or bots
- I compared ISIS tweets to a control group of 700,000 non-ISIS Arabic tweets
- ISIS tweets exhibited unique, un-unified tweet, retweet, and favoriting patterns suggesting that the accounts are controlled by humans
Full paper appears at <http://techscience.org/a/2015092904/>
Finding Fraudulent Websites Using Twitter Streams by Daniel Rothchild
- I developed a monitoring program that searches Twitter in real time for tweets with potentially suspicious links
- The program found more than 70,000 suspicious tweets in 24 hours, with 56% of the tested links appearing fraudulent
Full paper appears at <http://techscience.org/a/2015092905/>
