Title: Balancing Privacy and Security in the Age of Cyberterror
1Balancing Privacy and Securityinthe Age of
Cyberterror
- Steve Worona
- EDUCAUSE
- sworona_at_educause.edu
- Wayne State University
- October 7, 2008
2The Internet ObeysOnly One Law
3The Internet ObeysOnly One Law
- The Law of
- Unintended Consequences
4Example 1 A Story from the Dawn of (Internet)
Time
- It all started in 1995 with a simple question
- Whats the best resource for filtering out adult
material for K-12 students? - Net Nanny
- Cybersitter
- Surfwatch
- Cyber Patrol
- Etc.
5Example 2 An Election-Year Poll
6Example 2 An Election-Year Poll
- Proposition 1Everyone should be able to find
outwho our candidates are taking money
from.(Agree/Disagree?)
7Example 2 An Election-Year Poll
- Proposition 1Everyone should be able to find
outwho our candidates are taking money
from.(Agree/Disagree?) - Proposition 2Everyone should be able to find
outwhat candidates you are giving money
to.(Agree/Disagree?)
8www.fec.gov
9www.fec.gov
- Candidate Search
- Search for contributions received by a specific
campaign using candidates name, state, or party
affiliation.
10www.fec.gov
- Candidate Search
- Search for contributions received by a specific
campaign using candidates name, state, or party
affiliation. - Individual Search
- Search for contributions made by individuals
using contributor name, city, state, zip code,
principal place of business, date, and amount.
11Example 3Do you want Privacyor Privacy?
12Example 3Do you want Privacyor Privacy?
- Sorry, you cant have both.
13You cant have Privacywithout Security
14You cant have Privacywithout Security
- Privacy Ensuring that your personal information
doesnt fall into the wrong hands
15You cant have Privacywithout Security
- Privacy Ensuring that your personal information
doesnt fall into the wrong hands - VA Data Files on Millions of Veterans Stolen
- Bank of America Loses A Million Customer
Records - UCLA Warns 800,000 of Computer Break-In
- HIPAA, FERPA, etc.
- State and federal data-spill notification mandates
16You cant have Privacywithout Security
- Privacy Ensuring that your personal information
doesnt fall into the wrong hands - VA Data Files on Millions of Veterans Stolen
- Bank of America Loses A Million Customer
Records - UCLA Warns 800,000 of Computer Break-In
- HIPAA, FERPA, etc.
- State and federal data-spill notification
mandates - Security Limiting everyones activity to only
the things they have a right to see and do - Who is trying to access data (Authentication)
- Whether they have the right (Authorization)
17So Whenever Anyone Does Anything Online,We Want
to Know
18So Whenever Anyone Does Anything Online,We Want
to Know
19So Whenever Anyone Does Anything Online,We Want
to Know
- Who they are
- What theyre doing
20So Whenever Anyone Does Anything Online,We Want
to Know
- Who they are
- What theyre doing
- Why theyre doing it
21So Whenever Anyone Does Anything Online,We Want
to Know
- Who they are
- What theyre doing
- Why theyre doing it
- Etc.
22Another Definition of Privacy
- Privacy The ability to go about your daily life
without leaving a trail the ability to read,
speak, attend meetings, etc. anonymously
23The Importance of Anonymity
- Anonymous pamphlets, leaflets, brochures and
even books have played an important role in the
progress of mankind. Persecuted groups and sects
from time to time throughout history have been
able to criticize oppressive practices and laws
either anonymously or not at all. Hugo Black,
Talley v. California, 1960
24Privacy1 vs Privacy2
- Privacy1 Ensuring that your personal information
doesnt fall into the wrong hands.
(Confidentiality) - Privacy2 The ability to go about your daily life
without leaving a trail the ability to read
(speak, attend meetings, etc.) anonymously.
(Anonymity)
25The Dilemma
26The Dilemma
- We want to go through cyber-life without leaving
a trail
27The Dilemma
- We want to go through cyber-life without leaving
a trail - But we want everyone who comes in contact with
our data (and with us) to be identified and
monitored
28The Dilemma
- We want to go through cyber-life without leaving
a trail - But we want everyone who comes in contact with
our data (and with us) to be identified and
monitored, in order to detect, punish, prevent
29The Dilemma
- We want to go through cyber-life without leaving
a trail - But we want everyone who comes in contact with
our data (and with us) to be identified and
monitored, in order to detect, punish, prevent - Spam
30The Dilemma
- We want to go through cyber-life without leaving
a trail - But we want everyone who comes in contact with
our data (and with us) to be identified and
monitored, in order to detect, punish, prevent - Spam
- Phishing
31The Dilemma
- We want to go through cyber-life without leaving
a trail - But we want everyone who comes in contact with
our data (and with us) to be identified and
monitored, in order to detect, punish, prevent - Spam
- Phishing
- Threats
32The Dilemma
- We want to go through cyber-life without leaving
a trail - But we want everyone who comes in contact with
our data (and with us) to be identified and
monitored, in order to detect, punish, prevent - Spam
- Phishing
- Threats
- Poison-pen postings
33The Dilemma
- We want to go through cyber-life without leaving
a trail - But we want everyone who comes in contact with
our data (and with us) to be identified and
monitored, in order to detect, punish, prevent - Spam
- Phishing
- Threats
- Poison-pen postings
- Baseless accusations
34The Dilemma
- We want to go through cyber-life without leaving
a trail - But we want everyone who comes in contact with
our data (and with us) to be identified and
monitored, in order to detect, punish, prevent - Spam
- Phishing
- Threats
- Poison-pen postings
- Baseless accusations
- Etc
35The Dilemma
- We want to go through cyber-life without leaving
a trail - But we want everyone who comes in contact with
our data (and with us) to be identified and
monitored
Not Much Different Than
- We want everyone to know who the candidates are
getting money from - But we dont want anyone to know who we are
giving money to
36The Dilemma
- We want to go through cyber-life without leaving
a trail - But we want everyone who comes in contact with
our data (and with us) to be identified and
monitored
Not Much Different Than
- We want everyone to know who the candidates are
getting money from - But we dont want anyone to know who we are
giving money to
37Identified and Monitored
- Government Plans Massive Data Sweep
- Feds Get Wide Wiretap Authority
- NSA Has Massive Database of Americans Phone
Calls - Finance-Monitoring Program Amounts to Spying
- Police Chief Wants Surveillance Cameras in
Houston Apartments - Big Brother Is Listening
- New Surveillance Program Will Turn Military
Satellites on U.S.
38Airport Security Tomorrow
- Airport security chiefs and efficiency geeks will
be able to keep close tabs on airport passengers
by tagging them with a high powered radio chip
developed at the University of Central London.
The technology is to be trialled in Debrecen
Airport in Hungary after being in development for
two-and-a-half years by University College London
as part of an EU-funded consortium called Optag. - Dr Paul Brennan, of UCLs antennas and radar
group, said his team had developed a radio
frequency identification tag far in advance of
any that had been used to now to label
supermarket produce. - People will be told to wear radio tags round
their necks when they get to the airport. The tag
would notify a computer system of their identity
and whereabouts. The system would then track
their activities in the airport using a network
of high definition cameras. - The Register (UK), Oct. 12, 2006
39Big Brother Is Listening(Daily Telegraph (UK)
May 2, 2007)
- Hidden microphones that can eavesdrop on
conversations in the street are the next step in
the march towards a Big Brother society, MPs
were warned yesterday. - Richard Thomas, the Information Commissioner,
said a debate had begun about whether listening
devices should be set up alongside Britains 4.5
million CCTV cameras. - In evidence to the Commons home affairs
committee, Mr. Thomas said he would be hostile to
such an idea. - He was also alarmed by the prospect of tiny
cameras, hidden in lamp posts, replacing more
obvious monitors. - He said it was arguable that surveillance in
Britain - which is greater than in any other
democratic nation - may already have gone too far.
40Big Brother DatabaseWill Ruin British Way of
Life(London Daily Mail July 16, 2008)
- Plans for a massive database snooping on the
entire population were condemned yesterday as a
step too far for the British way of life. In an
Orwellian move, the Home Office is proposing to
detail every phone call, e-mail, text message,
internet search and online purchase in the fight
against terrorism and other serious crime. - Town halls are already using extraordinary
surveillance powers under the controversial
Regulation of Investigatory Powers Act to
investigate minor issues such as littering. The
Home Office defended the need to keep its
surveillance powers up to date with changing
internet technology. Officials said the internet
was rapidly revolutionizing communications and it
was vital for surveillance powers to keep up with
technology in order to fight serious crime and
terrorism.
41Big Brother DatabaseWill Ruin British Way of
Life(London Daily Mail July 16, 2008)
- Britains crime-fighting DNA database was the
worlds first and is now the worlds largest.
Originally samples were taken from those arrested
but destroyed if they were not convicted. Today
anyone who is arrested has DNA taken without
consent. It is added to the database, and is
virtually impossible to have it removed. - Police forces use hundreds of Automatic Number
Plate Recognition cameras across the UK, some at
fixed sites and some in cars. Computers are able
to compare numbers with a national database of
cars which may be stolen, or whose owners are
wanted for questioning. Each check takes around
four seconds. Since last year, the Government has
been developing a central database which also
records the details every time a car passes an
ANPR camera, anywhere in Britain.
42Why Now?
43Why Now?
- Because we can
- Technology now makes it possible to collect,
maintain, and process everything you do - Moores Law is not being repealed
- Brain 1TB 250 retail
- Coming soon Terabyte thumb-drives
- Gordon Bell MyLifeBits (10TB)
- Library of Congress 100TB
- WORM drives
- The Internet Archive
- Ray Kurzweil The Singularity Is Near
44Why Now?
- Because we can
- And so our only limitations are those we choose
to impose on ourselves
45Why Now?
- Because we can
- Because we (think we) must
- Why?
46Why Now?
- Because we can
- Because we (think we) must
- Because it makes law enforcement easier
47Why Now?
- Because we can
- Because we (think we) must
- Because it makes law enforcement easier
The Home Office defended the need to keep its
surveillance powers up to date with changing
internet technology. Officials said the internet
was rapidly revolutionizing communications and it
was vital for surveillance powers to keep up with
technology in order to fight serious crime and
terrorism.
48Law Enforcement and Data
- Specific, focused, temporary
- Tap, probe, monitor, investigate whats needed to
deal with a particular crime or threat - Just in case
- Capture all possible information so that,
whenever something goes wrong, we can just play
back the tape
49Law Enforcement and Data
- Specific, focused, temporary
- Tap, probe, monitor, investigate whats needed to
deal with a particular crime or threat - Just in case
- Capture all possible information so that,
whenever something goes wrong, we can just play
back the tape
50The Fourth Amendment
- The right of the people to be secure in their
persons, houses, papers, and effects, against
unreasonable searches and seizures, shall not be
violated, and no Warrants shall issue, but upon
probable cause, supported by Oath or affirmation,
and particularly describing the place to be
searched, and the persons or things to be seized.
51Law Enforcement and Data
- Specific, focused, temporary
- Tap, probe, monitor, investigate whats needed to
deal with a particular crime or threat - Just in case
- Capture all possible information so that,
whenever something goes wrong, we can just play
back the tape
52Some just in case examples
- Toll-gate license-plate photos
- No longer needed if the bell doesnt ring
- But very helpful if you want to get a list of
possible suspects for yesterdays crime - Metro cards
- Paying for your trip
- Who was where when?
- ATM cameras
- If no robbery occurred, no need to retain
- But might have caught a glimpse of a kidnapper
53Network Authentication
- For every bit originating on our campus networks,
we have the capability to know who put it there,
when, and from where.
54Network Authentication
- For every bit originating on our campus networks,
we have the capability to know who put it there,
when, and from where. - Will we do it?
55Network Authentication
- For every bit originating on our campus networks,
we have the capability to know who put it there,
when, and from where. - Will we do it?
- Why?
56Network Authentication
- For every bit originating on our campus networks,
we have the capability to know who put it there,
when, and from where. - Will we do it?
- Why?
- Who should be involved in the decision?
57Déjà Vu?
- Homeland Security Monitored Students
- surveillance by the Pentagon database of
military protests and demonstrations at
institutions of higher education
58Déjà Vu?
- Homeland Security Monitored Students
- surveillance by the Pentagon database of
military protests and demonstrations at
institutions of higher education - Although there does not appear to be any direct
terrorist nexus to the event, a large gathering,
especially on a college campus, may gain momentum
and create public safety concerns. I do not see
an issue of civil liberties being violated,
rather proactive precautionary measures being
taken by DHS and DoD. William H. Parrish,
Assoc. Prof. of Homeland Security, VCU
59The Dilemma in Other Words
- They that can give up essential liberty to
obtain a little temporary safety deserve neither
liberty nor safety. Benjamin Franklin (1755)
60The Dilemma in Other Words
- They that can give up essential liberty to
obtain a little temporary safety deserve neither
liberty nor safety. Benjamin Franklin (1755) -
- While the Constitution protects against
invasions of individual rights, it is not a
suicide pact. Arthur Goldberg (1963)
61The Constitution Is Nota Suicide Pact
62The Constitution Is Nota Suicide Pact
63Or
- Give me Liberty or give me Death!
- Patrick Henry
- (Delegate, Virginia, 1775)
64Or
- Give me Liberty or give me Death!
- Patrick Henry
- (Delegate, Virginia, 1775)
- You have no civil liberties if youre dead!
- Patrick Roberts
- (Senator, Kansas, 2006)
65The Privacy/Security Rorschach
66The Privacy/Security Rorschach
- Law enforcement is not supposed to be easy.
Where it is easy, its called a police state.
Jeff Schiller, in Wired (1999)
67The Eternal Value of Privacy(Bruce Schneier)
- The most common retort against privacy advocates
is this line If you arent doing anything
wrong, what do you have to hide? - Some clever answers If Im not doing anything
wrong, then you have no cause to watch me.
Because the government gets to define whats
wrong, and they keep changing the definition.
Because you might do something wrong with my
information. - My problem with quips like these as right as
they are is that they accept the premise that
privacy is about hiding a wrong. Its not.
Privacy is an inherent human right, and a
requirement for maintaining the human condition
with dignity and respect. - Cardinal Richelieu understood the value of
surveillance when he famously said, If one would
give me six lines written by the hand of the most
honest man, I would find something in them to
have him hanged. Watch someone long enough, and
youll find something to arrest or just
blackmail with. - Privacy protects us from abuses by those in
power, even if were doing nothing wrong at the
time of surveillance. - We do nothing wrong when we make love or go to
the bathroom. We are not deliberately hiding
anything when we seek out private places for
reflection or conversation. We keep private
journals, sing in the privacy of the shower, and
write letters to secret lovers and then burn
them. Privacy is a basic human need.
68PrivacyIs aBasicHumanNeed
69End