Author: privacymaverick

Mobile and Location Privacy


As readers of my blog will already know, I’ll be attending the Wall Street Journal hackathon, also known as the Data Transparency Project in April. In searching for more information I came upon this one day conference, Mobile and Location Privacy A technology and policy dialog, starting the day of the hackathon. My plane arrives 15 minutes before the conference and I submitted a request to attend, so hopefully I’ll get to spend my day there!

Pretend. Protect. Preserve.

I’ve been thinking about a categorization of information systems as to how they relate to privacy. This has mostly been in the context of and in preparation for my speech on privacy engineering in the cloud. I want to give people a sense of the differences between approaches. So here is my breakdown:

Privacy Pretending is essentially when a system owner says “Trust us. We respect your privacy. Your privacy is important to us” but doesn’t really take any steps to protect or preserve privacy.

Privacy Protecting means information security. Steps are taken by the system owner to protect confidential information, be that encryption, physical security measures, policies or procedures.

Privacy Preserving is the pinnacle where privacy is preserved and by privacy I mean the decision making capabilities of the data subject as to the confidentiality.

When you frame privacy as a matter of decisional control over information, it’s easy to see the three options. Pretending you respect privacy means control is neither retained by the data subject nor are previous indications of what to do with information respected. Protecting privacy means that previous decisions are respected but control is ceded to the system owner. Privacy preserving allows the data subject to retain control.

Financial Cryptography and Data Security #16 recap

Had a great time down in Bonaire at the recent Financial Cryptography and Data Security conference. The last one I attended was 2002 in Bermuda. Interestingly enough, IFCA, still uses the main website logo and design that my previous company made for them for the 2001 conference.

Besides the wonderful scuba diving I did, I also managed to meet some very interesting people and discuss data security and privacy issues. Here is just a snippet of what I learned:

Ross Anderson discussed Social Authentication, particularly Facebook’s use of pictures of your friends as a double check on who you are. Upon hearing the title, I half expected the talk to be about using your friends to verify you, something I discussed last year in a previous blog post. Ross told me later that Facebook does have a system in place similar to my idea. It is called Guardian Angel. Hmmmm…I wonder if somebody at Facebook read my blog post back in March of last year. 🙂

Joseph Bonneau described the non-random user chosen PINs are not so hard to crack and that random 3 digit pins would be better than user picked 4 digit PINs.

One of my favorite presentations was by Dan Bogdanov on deploying secure multi-party computation for financial data analysis. What’s great about what Dan did is it wasn’t just theoretical, they actually create a distributed system using Javascript that was put to actual use. Dan’s blog and more information is available at Sharemind. The night before the conference I also had the pleasure of having dinner with Dan and his lovely (wife? girlfriend?) and a few others including Barry Peddycord, Ben Mood and Riivo Talviste.

One of the most entertaining talks was about a hack of the DC Internet voting system. The team only had a few days to crack the system, which was based on an open source project. However, they totally demolished it, to the degree that DC had to completely give up any hope of using the system for a real election.

Daniel Slamanig gave a good talk on access control and outsourced storage. I need to read up more on it as well as Mariana Raykova’s talk on privacy enhanced access control for outsourced data sharing before I can talk intelligently about it. Right before my panel session we heard about some uses of and deficiencies in the BitCoin system. Makes me want to re-investigate BitCoin. Of course, my panel session went off without a hitch and the audience really seemed to enjoy it. Many thanks to Peter Swire, Travis Breaux and Stuart Shapiro for making it go smoothly.

I was unable to attend the last days session as I went out scuba diving.

Some of the other interesting things I learned include

the concept of shingling. More information at http://codingplayground.blogspot.com/2009/03/hashing-shingling-and-hashtrees.html

Amazon’s mTurk https://www.mturk.com/mturk/welcome

The microfinance system M-Pesa

Dan also told me a little about ISO 29100-2011 Privacy Framework and 29101 Privacy Reference Framework which are both in development.

All of these things I need to look into in more detail.

In the coming weeks, I’m going to go more in detail on a few of these topics that interest me. Specifically I’m going to be looking at the Secure MultiParty Computations and how they can be applied to cloud computing environments.

P.S. Many thanks to Springer publisher Jennifer Evans for the book Computers Privacy and Data Protection: an Element of Choice and also to her and her husband John for the enjoyable time diving together!

The PATH to privacy

This article about Path really highlights a significant problem. Namely, the attitude among technology companies towards privacy. I’ve previously written about how Google doesn’t get it but it appears the attitude runs much farther. You really have to have somebody in the company “thinking Privacy.” It’s not just about regulatory compliance and making sure one’s privacy policy comports with actual practice, you have to examine “how is the market going to react” if they knew exactly what was going on. In law school ethics class, one of my professors used to tout the “what would my mother say” if I told her what I’d done. Companies need a privacy person acting as their internal brain sometimes.

Personal Data Lockers

One of the problems with the personal data lockers concept is that fails to address the transfer-ability of data. This is the same problem that DRM faces. It tries to solve a problem by making something harder. In the case of DRM, it tries to make it harder to make copies or transfer data. What’s the result? Hackers and crackers come around to eliminate the self imposed technological barrier. Some thing with Personal Data Lockers, in my opinion. I’m not saying it won’t work in certain circumstances and to certain degrees but this solution is just an anti-productivity solution. I’ll try to write more about this in the future.

Breaking News: GPS tracking requires search warrant.

This just in: the Supreme Court has unanimously ruled that attaching a GPS tracking device to a car constitute a search, require a warrant from a neutral magistrate. See the Washington Post for details. It was telling in the oral arguments when justices asked the government attorney whether a GPS device could be attached to their (the Justices’) vehicles without probable cause. I, at least, thought the outcome would be as it was. However, I didn’t expect it to be unanimous. It appears the Justices were just as creeped out by the prospects of being followed 24/7 for weeks or months without some type of judicial oversight.

What’s even more interesting is that Justice Alito, joined interestingly enough by Ginshburg, Breyer and Kagan (didn’t expect that combination did you?), also wanted to go further and rule on the GPS tracking of wireless devices. Clearly the writing is on the wall for that case and I would suspect it won’t ever reach the Supreme Court with lower courts also being able to see where the Justices would rule in that regards. I understand why the majority of the court didn’t rule that way as they generally try to stick to the narrow topic at hand and not rule prospectively.

I’m eager to read the entire opinion, when I can find the time.

Law Enforcement needs a warrant…but privacy citizens do not.