Skip to Main content Skip to Navigation
Conference papers

Privacy Risks from Public Data Sources

Abstract : In the fight against tax evaders and other cheats, governments seek to gather more information about their citizens. In this paper we claim that this increased transparency, combined with ineptitude, or corruption, can lead to widespread violations of privacy, ultimately harming law-abiding individuals while helping those engaged in criminal activities such as stalking, identity theft and so on.In this paper we survey a number of data sources administrerd by the Greek state, offered as web services, to investigate whether they can lead to leakage of sensitive information. Our study shows that we were able to download significant portions of the data stored in some of these data sources (scraping). Moreover, for those datasources that were not ammenable to scraping we looked at ways of extracting information for specific individuals that we had identified by looking at other data sources. The vulnerabilities we have discovered enable the collection of personal data and, thus, open the way for a variety of impersonation attacks, identity theft, confidence trickster attacks and so on. We believe that the lack of a big picture which was caused by the piecemeal development of these datasources hides the true extent of the threat. Hence, by looking at all these data sources together, we outline a number of mitigation strategies that can alleviate some of the most obvious attack strategies. Finally, we look at measures that can be taken in the longer term to safeguard the privacy of the citizens.
Document type :
Conference papers
Complete list of metadata

Cited literature [16 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, September 22, 2016 - 2:24:22 PM
Last modification on : Friday, November 19, 2021 - 12:42:03 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Zacharias Tzermias, Vassilis Prevelakis, Sotiris Ioannidis. Privacy Risks from Public Data Sources. 29th IFIP International Information Security Conference (SEC), Jun 2014, Marrakech, Morocco. pp.156-168, ⟨10.1007/978-3-642-55415-5_13⟩. ⟨hal-01370362⟩



Record views


Files downloads