NorthSec 2022

Formalizing the right to be forgotten: law meets crypto
2022-05-19, 10:40–11:10, Ville-Marie

How does the "right to be forgotten" translate into operational requirements? Regulations list requirements, but natural language is ambiguous. We explore how cryptography can help in this regard.

The “right to be forgotten” is a concept that confers individuals more control over their digital data. This right has been codified as regulations or case law in a few famous examples. However, laws are by
their very nature vague and open to interpretation. To address this ambiguity, researchers began to frame privacy laws in the formal language of cryptography to facilitate compliance.
In this talk, we will review recent results in this young line of research. We will introduce the concept of deletion-compliance of Garg, Goldwasser and Vasudevan (Eurocrypt 2020). We will highlight some issues with this concept that were later addressed by Godin & Lamontagne (PST 2022) and independently by Gao, Garg, Mahmoody & Vasudevan (PETS 2022) using a different approach. We will highlight some of the difficulties that arise when formalizing broadly-defined notions of privacy.

What is the language of your talk/workshop?


Philippe Lamontagne is a research officer in the cyber security team of the
National Research Council. He received his PhD from Université de Montréal in
2018. His areas of expertise are cryptography and quantum information. He
studies the use of quantum information for cryptographic tasks from lesser
assumptions and the provable security of cryptographic protocols against quantum
adversaries. He also has interest in the security of classical cryptography
against quantum adversaries, also known as post-quantum cryptography, and in
cryptographic solutions to privacy.

This speaker also appears in: