Automatic Privacy Protection

Overview
The Automatic Privacy Protection (APP) program ended in 2010 after achieving two goals. First, it developed secure distributed private information retrieval (PIR) protocols that permit an entity (Client) to query a cooperating data provider (Server) and retrieve only the records that match the query without the Server learning what query was posed or what results were returned. These protocols are able to add only minimal overheads in computation and communication for simple queries and databases by using a cooperating third party who has access only to encrypted data.

Second, APP demonstrated algorithms to determine automatically if complex queries are in compliance with privacy policies. This allows a Client's auditor with access to the policy and the query history to rapidly verify that only authorized queries have been submitted to the Server.