Minimising collateral damage: privacy-preserving Investigative data acquisition platform.

Abstract

Investigators define invasion of privacy during their operations as collateral damage. Inquiries that require gathering data about potential suspects from third parties, such as banks, Internet Service Providers (ISPs) or employers are likely to impact the relation between the data subject and the data controller. In this research a novel privacy-preserving approach to mitigating collateral damage during the acquisition process is presented and Investigative Data Acquisition Platform (IDAP) is defined. IDAP is an efficient symmetric Private Information Retrieval (PIR) protocol optimised for the specific purpose of facilitating public authorities’ enquiries for evidence. This research introduces a semi-trusted proxy into the PIR process in order to gain the acceptance of the general public for the trap-door based privacy-preserving techniques. Then the dilution factor is defined as a level of anonymity required in a given investigation. Defining this factor allows restricting the number of records processed, and therefore, minimising the processing time while maintaining an appropriate level of privacy. Finally, the technique allowing retrieval of records matching multiple selection criteria is described.