JP2022133036A - Information processing device - Google Patents

Abstract

To appropriately specify a risk that personal information on a user may be inferred from an image.SOLUTION: An extraction section 22 extracts an image object from image data included in posted data acquired by a data acquisition section 21. Further, the extraction section 22 classifies a plurality of image objects extracted from the image data and additional data added to the image data into categories to which the respective image objects or the additional data belong. A selection section 23 selects any of a plurality of specification methods for specifying risks that personal data on users may be inferred from the image objects and additional data. According to the specification method selected by the selection section 23, a specification section 25 specifies a risk that the personal information on a user may be inferred from the image object or additional data extracted by the extraction section 22. A processing section 26 executes processing according to the risk specified by the specification section 25.SELECTED DRAWING: Figure 3

Description

The present invention relates to technology for protecting personal information.

In recent years, a service called SNS (Social Networking Service) has been widely used, and it has been pointed out that personal information related to user's privacy may be inferred from images and the like shared by the SNS. Therefore, for example, in Patent Document 1, an object is extracted from image data, a characteristic portion such as a person's face, name, address, etc. is extracted from the extracted object according to the reliability of the object, and the extracted characteristic portion On the other hand, a mechanism for generating a moving image with privacy protection by performing processing such as mosaic is disclosed.

JP 2010-268055 A

The risk of a user's personal information being inferred from an image can vary depending on various circumstances. SUMMARY OF THE INVENTION Accordingly, it is an object of the present invention to appropriately identify a risk that a user's personal information may be inferred from an image.

In order to solve the above problems, the present invention provides an extraction unit for extracting an image object from image data, and a selection method for selecting one of a plurality of identification methods for identifying the risk of inferring personal information of a user from the image object. and a specifying unit that specifies a risk that a user's personal information is inferred from the extracted image object according to the selected specifying method.

According to this configuration, the risk of the user's personal information being inferred from the image object is specified according to the specifying method selected from among the plurality of specifying methods.

According to the present invention, it is possible to appropriately identify the risk that a user's personal information is inferred from an image.

It is a figure showing an example of composition of information processing system 1 concerning one embodiment of the present invention. It is a figure which shows the hardware constitutions of the server apparatus 20 which concerns on the same embodiment. It is a figure which shows the functional structure of the server apparatus 20 which concerns on the same embodiment. It is a figure which illustrates the content of the contribution in the same embodiment. It is a figure which illustrates the data memorize|stored by the server apparatus 20 which concerns on the same embodiment. It is a figure which illustrates the data memorize|stored by the server apparatus 20 which concerns on the same embodiment. It is a figure which illustrates the data memorize|stored by the server apparatus 20 which concerns on the same embodiment. 4 is a flow chart showing an example of the operation of the server device 20 according to the embodiment;

[Constitution]
FIG. 1 is a diagram showing an example of an information processing system 1 according to this embodiment. As shown in FIG. 1, an information processing system 1 includes a plurality of (three in FIG. 1) user terminals 10 used by a plurality of users as communication terminals, and a server functioning as an example of an information processing apparatus according to the present invention. It comprises a device 20 and a network 2 including a wireless communication network or a wired communication network for communicably connecting them. The network 2 is, for example, a wireless communication network conforming to LTE (Long Term Evolution) or 5G (5th generation mobile communication system), for example, LAN (Local Area Network), WAN (Wide Area Network), public switched communication network (PSTN (Public Switched Telephone Networks), Integrated Services Digital Network (ISDN), or wired communication networks such as the Internet.

In the present embodiment, the server device 20 provides an SNS (Social Networking Service) function, and an individual user who is concerned with the privacy of each user among users who share data posted by this SNS (hereinafter referred to as posted data). It also has a personal information protection function that identifies the risk of information being guessed and performs processing according to that risk. However, in the server device 20 functioning as an example of the information processing device in the present invention, the personal information protection function is an essential function, and the SNS function does not necessarily have to be provided. In this case, the server device having the personal information protection function is communicably connected to the SNS device having the SNS function, and can acquire post data stored in the SNS device. The server device 20 may be managed by a telecommunications carrier that provides communication services via the network 2 to the user terminals 10, but is not limited to this. The server device 20 may be realized by a single computer, or may be realized by an aggregation of a plurality of computers.

The user terminal 10 is a computer, such as a smart phone, wearable terminal, tablet, or personal computer, which can be connected to the network 2 wirelessly or by wire. Each user can use the SNS function provided by the server device 20 using his/her own user terminal 10 . Posted data posted by each user using the SNS function is stored in the server device 20 and shared with other users, that is, can be referred to by other users. For this reason, especially when the sharing range of the posted data is set to include a third party, there is a risk that personal information related to the user's privacy may be inferred from the posted data.

FIG. 2 is a diagram showing the hardware configuration of the server device 20. As shown in FIG. The server device 20 is physically configured as a computer including a processor 2001, a memory 2002, a storage 2003, a communication device 2004, and a bus connecting them. Each of these devices operates with power supplied from a power source (not shown). Note that in the following description, the term "apparatus" can be read as a circuit, device, unit, or the like. The hardware configuration of the server device 20 may be configured to include one or more of the devices shown in FIG. 2, or may be configured without some of the devices. Further, the server device 20 may be configured by connecting a plurality of devices having different housings for communication.

Each function in the server apparatus 20 is performed by causing the processor 2001 to perform calculations, controlling communication by the communication apparatus 2004, and controlling the and by controlling at least one of reading and writing data in the storage 2003 .

The processor 2001, for example, operates an operating system and controls the entire computer. The processor 2001 may be configured by a central processing unit (CPU) including an interface with peripheral devices, a control device, an arithmetic device, registers, and the like. Also, for example, a baseband signal processing unit, a call processing unit, and the like may be implemented by the processor 2001 .

The processor 2001 reads programs (program codes), software modules, data, etc. from at least one of the storage 2003 and the communication device 2004 to the memory 2002, and executes various processes according to them. As the program, a program that causes a computer to execute at least part of the operations described below is used. The functional blocks of server device 20 may be implemented by a control program stored in memory 2002 and running on processor 2001 . Various processes may be executed by one processor 2001, but may also be executed by two or more processors 2001 simultaneously or sequentially. Processor 2001 may be implemented by one or more chips. Note that the program may be transmitted to the server device 20 via the network 2 .

The memory 2002 is a computer-readable recording medium, and is composed of at least one of, for example, ROM (Read Only Memory), EPROM (Erasable Programmable ROM), EEPROM (Electrically Erasable Programmable ROM), and RAM (Random Access Memory). may be The memory 2002 may also be called a register, cache, main memory (main storage device), or the like. The memory 2002 can store executable programs (program code), software modules, etc. to perform the methods of the present invention.

The storage 2003 is a computer-readable recording medium, for example, an optical disc such as a CD-ROM (Compact Disc ROM), a hard disk drive, a flexible disc, a magneto-optical disc (for example, a compact disc, a digital versatile disc, a Blu-ray disk), smart card, flash memory (eg, card, stick, key drive), floppy disk, magnetic strip, and/or the like. Storage 2003 may also be called an auxiliary storage device.

The communication device 2004 is hardware (transmitting/receiving device) for communicating between computers via the network 2, and is also called a network device, a network controller, a network card, a communication module, or the like.

Each device such as processor 2001 and memory 2002 is connected by a bus for communicating information. The bus may be configured using a single bus, or may be configured using different buses between devices. The server device 20 also includes hardware such as a microprocessor, a digital signal processor (DSP), an ASIC (Application Specific Integrated Circuit), a PLD (Programmable Logic Device), and an FPGA (Field Programmable Gate Array). may be configured, and a part or all of each functional block may be realized by the hardware. For example, processor 2001 may be implemented using at least one of these pieces of hardware.

The server device 20 includes an input device (for example, various input interfaces such as keys, switches, and buttons) that receives input from the outside, and an output device that outputs to the outside (for example, a display, an LED lamp, etc.). various output interfaces).

FIG. 3 is a block diagram showing the functional configuration of the server device 20. As shown in FIG. Functions of the data acquisition unit 21, the extraction unit 22, the selection unit 23, the storage unit 24, the identification unit 25, the processing unit 26, and the output unit 27 are realized by the cooperation of the above hardware in the server device 20. .

The data acquisition unit 21 acquires various data. This data is posted data stored in the server device 20 by the SNS function, for example. The posted data includes image data generated by the user capturing an image with the camera of the user terminal 10, and additional data such as text data and posted date/time data added to the image data. The text data is data input by the user using the operation UI of the user terminal 10 . The posting date and time data is data corresponding to the time stamp given by the server device 20 .

Here, FIG. 4 is a diagram exemplifying the content of a post by a user. FIG. 4 shows an image 100 displayed on the user terminal 10 according to the posted data. This image 100 includes, for example, an image object 101 of some physical object and an image object 102 of a person. The image 100 also includes a posted date and time 103 as additional data and a comment 104 as additional data input by the user who posted the image.

FIG. 5 is a diagram illustrating post data stored in storage unit 24 realized by storage 2003 of server device 20. As shown in FIG. As shown in the figure, posting date and time data representing the date and time when the user posted the posted data and the posted data (image data, additional data) are stored in association with the user ID that identifies each user. Note that the data stored in the storage 2003 of the server device 20 regarding the SNS function is not limited to the example shown in FIG. may be included.

Returning to the description of FIG. 3 , the extraction unit 22 extracts an image object from the image data included in the posted data acquired by the data acquisition unit 21 . The image object referred to here is a predetermined image object such as an object representing a human face, an object representing clothes worn by a human, an object representing a name or name of a person or a place, and the like. As a technique for extracting these image objects from image data, for example, well-known algorithms in the field of image recognition using machine learning may be used.

Further, the extraction unit 22 classifies the plurality of image objects extracted from the image data and the additional data added to the image data into categories to which each image object or additional data belongs. The category here includes a category related to person (hereinafter referred to as who category), a category related to place (hereinafter referred to as where category), or a category related to date and time (hereinafter referred to as when category).

Here, FIG. 6 is a diagram illustrating a database defining image objects and additional data belonging to each category. This database is stored in the storage unit 24 implemented by the storage 2003 of the server device 20 . As illustrated in FIG. 6, image objects belonging to the who category are image objects that may be used by a third party to guess who the user who posted the posted data is. They include a face image object representing a face, a uniform image object representing a uniform worn by a person, a name image object representing the name of a person or an organization, and the like. An image object belonging to the where category is an image object that may be used by a third party to guess where the user who posted the posted data is located. They are a /facility image object, an address/name image object representing an address or place name, an event image object representing an event, a scenery image object representing scenery, and a weather image object representing weather conditions. An image object belonging to the when category is an image object that may be used by a third party to guess when the user who posted the posted data exists. For example, it represents an image of the shadow of some object. Examples include a shadow image object and a clock image object representing a clock. As a technique for determining which image object belongs to which category, for example, a well-known algorithm in the field of image recognition using machine learning may be used.

The additional data also follows the same concept as the image object. Additional data belonging to the who category is data representing a person's name, and additional data belonging to the where category is location data representing a place. Additional data belonging to the category is date and time data representing date and time. As a technique for determining what kind of additional data belongs to which category, for example, a well-known algorithm in the fields of syntactic analysis and semantic analysis may be used.

Returning to the description of FIG. 3, the selection unit 23 selects one of a plurality of identification methods for identifying the risk of inferring the user's personal information from the image object and the additional data. More specifically, the selection unit 23 selects an identification method according to a nuisance that may occur due to guessing of the user's personal information. The nuisance here is, for example, stalking, stalking (including stalking in the real world and stalking on the network), fraud, theft, robbery, and the like. The user inputs which nuisance behavior the user wants to prevent using the user terminal 10 and notifies the server device 20 of the input. That is, the selection unit 23 selects the identification method according to the user's designation.

Here, FIG. 7 is a diagram illustrating a database that defines a method of identifying risks for each nuisance. This database is stored in the storage unit 24 implemented by the storage 2003 of the server device 20 . In the example of FIG. 7, for example, with respect to harassment such as stalking or stalking, if the posted data includes an image object or additional data belonging only to the who category, the risk of guessing the user's personal information is low. If the posted data contains an image object or additional data belonging to the where category, the risk is low. If the posted data contains an image object or additional data that belongs only to the where category, the risk of guessing the user's personal information is medium. , If an image object or additional data belonging to the who category and an image object or additional data belonging to the when category are included in the posted data, the risk is high, and an image object or additional data belonging to the when category and an image object or additional data belonging to the where category The risk is low when image objects or additional data are included in the posted data, and the risk is high when image objects or additional data belonging to the who category and image objects or additional data belonging to the where category are included in the posted data. The risk is high if the posted data includes an image object or additional data belonging to the who category, an image object or additional data belonging to the when category, and an image object or additional data belonging to the where category.

In the above example, in the nuisance behavior of stalking or stalking, the nuisance behavior occurs even if it is independently guessed who the user is, where the user is, and when the user is. The risk is small, but the combination of multiple pieces of information about who these users are, where they are, and when they are, increases the risk that personal information can be inferred, resulting in stalking. Or it is based on the idea that the possibility of nuisance behavior such as stalking will increase. However, even if multiple pieces of information about who the user is, where the user is, and when the user is, the information about where the user is and when the user is When combined, it is more personal than the combined information of who the user is and when the user is, or the combined information of who the user is and where the user is. The risk of information being inferred is low, and as a result, the nuisance of stalking or stalking is also low. Note that the content of FIG. 7 is merely an example, and the method of identifying the risk for each nuisance can be freely defined.

In this way, in the database illustrated in FIG. 7, information regarding the risk of guessing the user's personal information is registered for each combination of categories to which image objects or additional data belong. The selection unit 23 selects the risk identification method exemplified at the top of FIG. 7 when, for example, stalking or stalking is to be prevented as a nuisance, and when it is desired to prevent, for example, theft or robbery as a nuisance. , select the risk identification method exemplified at the bottom of FIG.

Returning to the description of FIG. 3 , the specifying unit 25 specifies the risk of guessing the user's personal information from the image object or additional data extracted by the extracting unit 22 according to the specifying method selected by the selecting unit 23 . More specifically, the identification unit 25 selects a plurality of image objects extracted from the image data and additional data added to the image data, based on the database illustrated in the drawing, in accordance with the combination of these image objects. Identify the risk that the user's personal information is inferred from the image object and additional data.

The processing unit 26 performs processing according to the risks specified by the specifying unit 25 . The processing performed by the processing unit 26 is to perform image processing on the image object extracted by the extraction unit 22 according to the risk specified by the specifying unit 25, or to perform image processing according to the risk specified by the specifying unit 25. It includes performing notification processing for notifying the user of the information in response. The image processing corresponding to the risk of the image object extracted by the extracting unit 22 means that when the risk is at a certain level (for example, medium risk) or higher, the resolution of the image object is lowered, for example, so that the image is blurred. Blur processing, non-display processing for hiding the image object, replacement processing for replacing the image object with another image object, and the like. Also, the higher the risk, the lower the resolution of the image object, for example. Further, the notification process for notifying the user of information corresponding to the risk identified by the identifying unit 25 means that a message is sent to the user terminal 10 to notify the user that personal information may be guessed from the image object or additional data. , and the like. The output unit 27 outputs data including results processed by the processing unit 26 .

[motion]
Next, operation of the information processing system 1 will be described with reference to FIG. In the following description, when the server device 20 is described as the main body of processing, specifically, the processor 2001 and the memory 2002 are loaded with predetermined software (program) on hardware such as the processor 2001 and the memory 2002. performs an operation and controls communication by the communication device 2004 and data reading and/or writing in the memory 2002 and storage 2003 to execute processing. The same applies to the user terminal 10 as well.

In FIG. 8, first, the data acquisition unit 21 of the server device 20 acquires the post data stored in the storage unit 24 of the server device 20 by reading it from the storage unit 24 (step S11). If the server device 20 has only the personal information protection function and does not have the SNS function, the post data may be acquired from the SNS device having the SNS function.

Next, the extracting unit 22 of the server device 20 extracts an image object from the image data included in one post data acquired by the data acquiring unit 21 (step S12).

Next, the extracting unit 22 extracts a plurality of image objects extracted from the image data and additional data added to the image data according to the definition illustrated in FIG. It is classified into the category to which it belongs (step S13). As a result, a plurality of image objects extracted from image data included in one post data and additional data added to the image data are classified into one of the who category, where category, and when category. be done.

Next, the selection unit 23 of the server device 20 selects one of a plurality of identification methods for identifying the risk of inferring the user's personal information from the image object and the additional data (step S14). Specifically, the user inputs which nuisance behavior the user wants to prevent using the user terminal 10, and is notified to the server device 20 together with the user ID. For posted data posted by a user, a method of specifying corresponding to the reported nuisance is selected according to the example in FIG. Here, it is assumed that the identification method corresponding to the nuisance behavior of stalking or stalking, and the identification method represented by the content at the top of FIG. 7 are selected.

Next, the specifying unit 25 of the server device 20 specifies the risk of estimating the user's personal information from the image object or additional data extracted by the extracting unit 22 according to the specifying method selected by the selecting unit 23 (step S15). Here, the image objects extracted from the image data by the extracting unit 22 are, for example, a face image object and a uniform image object, and the additional data added to the image data are the place data "XX Cafe" and the year 2020. Assume that the date and time data is "October 23, 18:57". In this case, in the example of FIG. 6, the face image object and the uniform image object belong to the who category, the additional data (location data) "○○ cafe" belongs to the where category, and the "October 23, 2020 18:57 ” (date and time data) belongs to the when category. Therefore, in the example of FIG. 7, in the identification method for dealing with nuisance behavior such as stalking or stalking, image objects and additional data belonging to the who category, where category, and when category are included in the posted data. A "high risk" corresponding to a combination of who, where and when categories will be identified.

On the other hand, the image object extracted from the image data by the extracting unit 22 is, for example, a clock image object, and the additional data added to the image data are the location data "○○ cafe" and "October 23, 2020". In the example of FIG. 6, the clock image object belongs to the when category, the additional data (place data) of "○○ cafe" belongs to the where category, and the date and time data "2020 10:57" belongs to the where category. The additional data (date and time data) "18:57 on the 23rd of the month" belongs to the when category. Therefore, in the example of FIG. 7, "low risk" corresponding to the combination of the where category and when category is specified in the specifying method corresponding to the harassing behavior of stalking or stalking.

Next, the processing unit 26 of the server device 20 performs a handling process according to the risk specified by the specifying unit 25 (step S16). As described above, the process performed by the processing unit 26 is to perform image processing on the image object extracted by the extraction unit 22 according to the risk specified by the specifying unit 25, or It includes performing notification processing for notifying the user of information corresponding to the identified risk. The output unit 27 outputs data including results processed by the processing unit 26 . As a result, when the post data processed by the processing unit 26 is referred to, the image object extracted by the extraction unit 22 is subjected to blurring processing, etc., so that personal information is less likely to be guessed. In addition, information corresponding to the risk is notified to the user who is the poster, so that the user can take measures such as deleting or editing the posted data, for example.

According to the embodiments described above, the risk that a user's personal information may be inferred from an image may change depending on various circumstances. can. As a result, it is possible to prevent nuisance behavior based on the inferred personal information.

[Modification]
The invention is not limited to the embodiments described above. The embodiment described above may be modified as follows. Also, two or more of the following modified examples may be combined for implementation.
[Modification 1]
In the embodiment described above, the user substantially designates the method of identifying the risk, and the selection unit 23 selects the method of identifying the risk according to the user's designation. It is not limited to this example, and the selection unit 23 may select the risk identification method by a procedure other than the specification by the user. For example, the selection unit 23 may select the identification method according to the attributes of the user. For this reason, the storage unit 24 of the server device 20 stores user attributes (for example, gender, age, celebrity status, etc.) in association with the user ID of the user. is stored in correspondence with the method for specifying the . For example, if the user's gender is female, a risk identification method is associated to prevent nuisance behavior such as stalking or stalking. If the user is a celebrity, a risk identification method for preventing nuisance such as net stalking, theft or robbery is associated. Then, the selection unit 23 refers to the attribute corresponding to the user ID of the poster, and selects a risk identification method according to the attribute. This makes it possible to prevent nuisances that typically occur in users with certain attributes.

[Modification 2]
Further, the selection unit 23 may select a risk identification method according to the site or social networking service to which the posted data is posted. Therefore, the storage unit 24 of the server device 20 associates and stores the site or social networking service identifier (site name or social networking service name) with the risk identification method. For example, if a certain site or a certain social networking service is said to be popular with young women, a risk identification method for preventing harassing behavior such as stalking is associated with it, and a certain site Or if a social networking service is deemed popular with older users, then associated risk identification methods to prevent fraud or robbery nuisances. Then, the selection unit 23 identifies the identifier of the site or social networking service where the posted data is posted, and selects a risk identification method according to the identifier. As a result, it is possible to prevent nuisances that typically occur in users who frequently use certain sites or social networking services.

[Modification 3]
In the embodiment, the identification unit 25 selects a user's image from the plurality of image objects and the additional data according to the combination of the plurality of image objects extracted from the image data and the additional data added to the image data. It identified the risk of personal information being inferred. Without being limited to this example, the identifying unit 25 may identify the risk based only on the image data included in the posted data. In other words, the specifying unit 25 may specify the risk that the user's personal information is inferred from the plurality of image objects according to the combination of the plurality of image objects extracted from the image data included in the posted data. good.

[Modification 4]
Since a user who is a contributor generally makes multiple contributions, a third party can refer to a plurality of pieces of post data for one contributor and guess the personal information of the individual contributor. Therefore, server device 20 may identify a risk using a plurality of pieces of image data included in a plurality of pieces of posted data posted by one user. In this case, the plurality of pieces of posted data may be posted using the same SNS function, or may be posted using a plurality of different SNS functions. When a plurality of pieces of posted data are posted using the same SNS function, the extraction unit 22 extracts image objects and additional data from the plurality of pieces of posted data stored in association with the same user ID. The specifying unit 25 specifies the risk that the user's personal information is inferred from the combination of the plurality of image objects extracted from the plurality of image data included in the plurality of different post data and the additional data. Further, when a plurality of pieces of post data are posted by a plurality of different SNS functions, identifiers for identifying the same user are prepared in the plurality of SNS functions, and the extracting unit 22 uses the plurality of SNS functions. extracts image objects and additional data from a plurality of pieces of image data included in a plurality of pieces of posted data stored in association with the identifier of the same user, and the specifying unit 25 extracts image objects and additional data from the plurality of pieces of posted data. A risk that a user's personal information is inferred from a combination of a plurality of image objects and additional data is specified.

[Modification 5]
When a user who is a contributor makes multiple posts, it may be difficult to guess personal information from posts made a considerable period of time after the previous and subsequent posting times. For example, if a certain post is posted for the first time in two years and the next post is three years later, even if the user's location is inferred from that certain post, the user's privacy may be compromised. There are some things that can be considered unrelated. Therefore, when the server device 20 identifies a risk using a plurality of pieces of posted data posted by one user, the extracting unit 22 extracts a plurality of pieces of posted data whose posting intervals are equal to or less than a threshold. image objects and additional data are extracted from the image data. As a result, the image object and the additional data are not extracted from the posted data whose posting interval before and after exceeds the threshold. Then, the specifying unit 25 specifies the risk that the personal information of the user is inferred from the combination of the multiple image objects and the additional data extracted from the multiple image data included in the multiple pieces of posted data. As a result, posted data whose personal information is considered difficult to guess is not processed by the processing unit 26, and the content posted by the poster can be published as it is.

[Modification 6]
When a user who is a contributor posts multiple times, there is a small possibility that personal information can be guessed from post data posted a long time ago. Therefore, when the server device 20 identifies a risk using a plurality of pieces of posted data posted by a single user, the identification unit 25 determines whether the user's personal information may identify the estimated risk. Specifically, the extracting unit 22 extracts image objects and additional data from a plurality of pieces of image data included in a plurality of pieces of post data stored in association with the same user ID. The specifying unit 25 specifies the risk that the user's personal information is inferred from a combination of a plurality of image objects extracted from a plurality of image data included in a plurality of different post data and additional data. Processing is performed so that the older the time, the smaller the weight of the identified risk. As a result, posted data whose personal information is considered difficult to guess is not processed by the processing unit 26, and the content posted by the poster can be published as it is.

[Modification 7]
In the present invention, the image data may be still image data or moving image data. Moreover, the service to which the present invention is applied is not limited to SNS.

[Modification 8]
The server device 20 or the like according to an embodiment of the present disclosure may function as a computer that performs processing of the present disclosure. In other words, the present invention comprises a computer comprising: an extraction unit for extracting a plurality of image objects from image data; It can also be thought of as a program for functioning as an identification unit that identifies risks that may occur.

Further, the present invention provides an extraction step of extracting an image object from image data; and a identifying step of identifying the risk that the user's personal information will be inferred from the extracted image object according to the identifying method described above.

[Other Modifications]
It should be noted that the block diagrams used in the description of the above embodiments show blocks in units of functions. These functional blocks (components) are realized by any combination of at least one of hardware and software. Also, the method of implementing each functional block is not particularly limited. That is, each functional block may be implemented using one device that is physically or logically coupled, or directly or indirectly using two or more devices that are physically or logically separated (e.g. , wired, wireless, etc.) and may be implemented using these multiple devices. A functional block may be implemented by combining software in the one device or the plurality of devices.

Functions include judging, determining, determining, calculating, calculating, processing, deriving, investigating, searching, checking, receiving, transmitting, outputting, accessing, resolving, selecting, choosing, establishing, comparing, assuming, expecting, assuming, Broadcasting, notifying, communicating, forwarding, configuring, reconfiguring, allocating, mapping, assigning, etc. can't For example, a functional block (component) that makes transmission work is called a transmitting control unit (transmitting unit) or a transmitter (transmitter). In either case, as described above, the implementation method is not particularly limited.

Each aspect/embodiment described in the present disclosure includes LTE (Long Term Evolution), LTE-A (LTE-Advanced), SUPER 3G, IMT-Advanced, 4G (4th generation mobile communication system), 5G (5th generation mobile communication system), FRA (Future Radio Access), NR (new Radio), W-CDMA (registered trademark), GSM (registered trademark), CDMA2000, UMB (Ultra Mobile Broadband), IEEE 802.11 (Wi-Fi (registered trademark) )), IEEE 802.16 (WiMAX®), IEEE 802.20, UWB (Ultra-WideBand), Bluetooth®, and other suitable systems and extended It may be applied to at least one of the next generation systems. Also, multiple systems may be combined (for example, combining at least one of LTE and LTE-A with 5G).

The processing procedures, sequences, flowcharts, etc. of each aspect/embodiment described in this disclosure may be rearranged as long as there is no contradiction. For example, the methods described in this disclosure present elements of the various steps using a sample order, and are not limited to the specific order presented.

Input/output information may be stored in a specific location (for example, memory), or may be managed using a management table. Input/output information and the like may be overwritten, updated, or appended. The output information and the like may be deleted. The entered information and the like may be transmitted to another device.

The determination may be made by a value represented by one bit (0 or 1), by a true/false value (Boolean: true or false), or by numerical comparison (for example, a predetermined value).

Although the present disclosure has been described in detail above, it should be apparent to those skilled in the art that the present disclosure is not limited to the embodiments described in this disclosure. The present disclosure can be practiced with modifications and variations without departing from the spirit and scope of the present disclosure as defined by the claims. Accordingly, the description of the present disclosure is for illustrative purposes and is not meant to be limiting in any way.

Software, whether referred to as software, firmware, middleware, microcode, hardware description language or otherwise, includes instructions, instruction sets, code, code segments, program code, programs, subprograms, and software modules. , applications, software applications, software packages, routines, subroutines, objects, executables, threads of execution, procedures, functions, and the like. Software, instructions, information, etc. may also be sent and received over a transmission medium. For example, the software uses wired technology (coaxial cable, fiber optic cable, twisted pair, Digital Subscriber Line (DSL), etc.) and/or wireless technology (infrared, microwave, etc.) to create websites, Wired and/or wireless technologies are included within the definition of transmission medium when sent from a server or other remote source.

Information, signals, etc. described in this disclosure may be represented using any of a variety of different technologies. For example, data, instructions, commands, information, signals, bits, symbols, chips, etc. that may be referred to throughout the above description may refer to voltages, currents, electromagnetic waves, magnetic fields or magnetic particles, light fields or photons, or any of these. may be represented by a combination of
The terms explained in this disclosure and the terms necessary for understanding the present disclosure may be replaced with terms having the same or similar meanings.

In addition, the information, parameters, etc. described in the present disclosure may be expressed using absolute values, may be expressed using relative values from a predetermined value, or may be expressed using other corresponding information. may be represented.

As used in this disclosure, the phrase "based on" does not mean "based only on," unless expressly specified otherwise. In other words, the phrase "based on" means both "based only on" and "based at least on."

Any reference to elements using the "first," "second," etc. designations used in this disclosure does not generally limit the quantity or order of those elements. These designations may be used in this disclosure as a convenient method of distinguishing between two or more elements. Thus, reference to a first and second element does not imply that only two elements can be employed or that the first element must precede the second element in any way.

The “unit” in the configuration of each device described above may be replaced with “means”, “circuit”, “device”, or the like.

Where "include," "including," and variations thereof are used in this disclosure, these terms are inclusive, as is the term "comprising." is intended. Furthermore, the term "or" as used in this disclosure is not intended to be an exclusive OR.

In this disclosure, where articles have been added by translation, such as a, an, and the in English, the disclosure may include the plural nouns following these articles.

In the present disclosure, the term "A and B are different" may mean "A and B are different from each other." The term may also mean that "A and B are different from C". Terms such as "separate," "coupled," etc. may also be interpreted in the same manner as "different."

1: information processing system, 2: network, 10: user terminal, 100: image, 101, 102: image object, 103, 104: additional data, 20: server device, 21: data acquisition unit, 22: extraction unit, 23 2001: processor, 2002: memory, 2003: storage, 2004: communication device.

In order to solve the above problems, the present invention provides an extraction unit for extracting an image object from image data, and a selection method for selecting one of a plurality of identification methods for identifying the risk of inferring personal information of a user from the image object. and a specifying unit that specifies a risk of nuisance caused by inferring personal information of a user from the extracted image object according to the selected specifying method. offer.

Claims (10)

an extraction unit that extracts an image object from image data;
a selection unit that selects one of a plurality of identification methods for identifying a risk that a user's personal information is inferred from an image object;
and a specifying unit that specifies a risk that a user's personal information is inferred from the extracted image object according to the selected specifying method. The information processing apparatus according to claim 1, wherein the selection unit selects the identification method according to a nuisance that may occur due to guessing of the user's personal information. 3. The information processing apparatus according to claim 1, wherein the selection unit selects the identification method according to user attributes. 4. The information processing apparatus according to any one of claims 1 to 3, wherein the selection unit selects the specifying method according to a user's designation. The information processing apparatus according to any one of claims 1 to 4, wherein the selection unit selects the specifying method according to a site or social networking service to which the image data is posted. The extraction unit extracts the plurality of image objects from the image data,
6. The identifying unit identifies a risk that the user's personal information is inferred from the plurality of image objects according to the combination of the plurality of extracted image objects. The information processing device according to item 1. The extraction unit extracts the image object from a plurality of different image data,
The specifying unit specifies a combination of the plurality of image objects extracted from the plurality of image data different from each other, and specifies a risk that the user's personal information is inferred from the plurality of image objects. The information processing apparatus according to any one of claims 1 to 6. The identifying unit, according to a combination of an image object extracted from the image data and additional data added to the image data, risks inferring personal information of a user from the image object and the additional data. 8. The information processing apparatus according to any one of claims 1 to 7, characterized in that: The information processing apparatus according to any one of claims 1 to 8, further comprising a processing unit that performs processing according to the risk identified by the identification unit. The processing performed by the processing unit is to perform image processing on the extracted image object in accordance with the identified risk, or to notify the user of information in accordance with the identified risk. 10. The information processing apparatus according to claim 9, comprising performing.

Images