Privacy and Security

Links

• EPIC — Electronic Privacy Information Center
• EFF — Electronic Frontier Foundation
• National Do-Not-Call Registry
• Free encryption software: Gpg4win, GnuPG

Notes

(These notes are mainly from Snyder's chapter on privacy and security.)

I. Privacy

1. Snyder's definition: "the right of people to choose freely under what circumstances and to what extent they will reveal themselves, their attitude, and their behavior to others."

2. What have they got to hide? Dating for Dummies.

3. A range of possibilities for control of business transaction information:

   1. No use
   2. Approval or opt-in
   3. Objection or opt-out
   4. No limits

Snyder notes that in Europe or several other places, law and standards are between (1) and (2), but closer to (1); in the US, law and standards are between (3) and (4), but closer to (4). How do you feel about the fact that as an American, you have less legal protection of the right of privacy than Europeans?

4. OECD Fair Information Practices (Organization of Economic Cooperation and Development — 29 country organization mostly concerned with international trade; the USA is a member)

   Eight principles (for information collectors and holders, e.g., corporations doing business with individual consumers, employers, medical care providers, insurers, government agencies):

   1. Limited collection — don't collect unnecessary personal information.
   2. Quality — personal information should be accurate.
   3. Purpose — state the reason for collecting personal information, and don't use it for other purposes.
   4. Use limitation — use or disclosure for other purposes requires the individual's consent or legal authority.
   5. Security — take reasonable security precautions to safeguard personal information.
   6. Openness — publicly state the kinds of personal information collected and how they will be used.
   7. Participation — individuals should be able to find out what personal information you have about them, and to challenge them and have them corrected in case of inaccuracy
   8. Accountability — each organization collecting personal information has a "data controller" who is responsible for implementing these 8 principles.

US and EU Laws

The US does NOT have privacy laws based on the OECD principles; the European Union does, and many non-EU nations such as Australia, Switzerland.

Instead, the US takes a piecemeal ("sectoral") approach to regulating privacy. Specific laws cover, e.g., electronic communication, video rentals, drivers' privacy (BMV records). HIPPA (medical information, enacted 1996, took effect 2003), FERPA (education, 1974).

Is this better or worse?

Whether it's better or worse for individual Americans, it presents a problem for US business doing business with Europeans. The US Department of Commerce developed a Safe Harbor program in which US companies can certify that they comply with European privacy laws, enabling them to transfer personal data from Europe. But does this protect U.S. citizens?

II. Encryption

We will skip the heavy math and just note the most important points.

1. Terminology:

   1. Clear text or plain text is the unencrypted message.
   2. Cipher text is the encrypted message.
   3. Encrypt = transform clear text into cipher text
   4. Decrypt = transform cipher text into clear text.

2. Simple ciphers transform each letter or character of a message in a uniform way, for example, a → b, b → c, ..., y → z. The key in this case is 1, because we are adding one to each character code, or shifting each letter by one position.

   Birthday → Cjsuiebz

3. Because of statistical regularities, simple ciphers are easy to break. E.g., whatever character occurs most frequently most likely represents E, the most frequent character in English writing.

   Besides, there are only 26 ciphers of this kind; with computers, it would be easy to try all 26 in an attempt to crack the code.

4. Both sender and receiver need to possess the key, so this is called a "private key" system.

5. A weakness in private key encryption: how can sender and receiver securely agree on which key to use? If someone is intercepting their messages … A big problem for Internet commerce.

6. Solution: public key encryption. The ingenious idea developed by Whit Diffie and Martin Helman, 1976.

   Use two keys: one, the public key, to encrypt; the other, the private key, to decrypt. The public key is the product of two large prime numbers (typically a few hundred or thousand bits). The private key is derived from the prime numbers in another way (for the curious, the formula is at the top of page 499).

   Prime numbers are numbers like 2, 3, 5, 7, 11, 13, ..., which are divisible without remainder only by themselves and 1. For example, 10 is not prime, because it can be divided by 2 and 5 without remainder.

   Why does this work? If the public key is public, can't the snooper reconstruct the private key from it? The answer depends on the difficulty of factoring large numbers into primes. The only known algorithms for doing this employ a brute force technique of trying each prime number in turn as a potential divisor — it just takes huge amounts of time to do this, even for supercomputers

   Example: what are the prime factors of (decimal) 199201? Is it divisible by 2? 3? 5? 7? 11? You can see this is going to take a while.

7. US Government Encryption Policy

   The US government for a long time suppressed strong encryption, especially its export, fearing what criminals and terrorists could do with it, but at the same time putting a big obstacle in the way of international e-commerce. Now we seem to recognize that encryption protects the privacy of all of us.

   Internet commerce depends heavily on encryption (https) to secure credit card numbers and other private data.

   Especially since the terrorist attacks on September 11, 2001, Americans have increasingly had to balance the needs of security and privacy. How do you balance two such important needs? Very carefully, I hope!

8. Most frequent application? https

9. Examples:

   1. My contact page tells you my public key so you can send me an encrypted email.

   2. IU East does not provide any encryption software in the computer labs; however, if you have a good email program (MUA) on your home or office computer, it probably contains a plugin for encryption.

      Demonstration: KGpg or GPA on Linux via VNC

      (Incidentally, notice how easy Linux is to use)

10. Digital signatures. Ever wonder if email you received was really from the person who seemed to have sent it? Digital signatures use public key encryption in reverse to provide verifiable signatures. The sender uses his/her private key to encrypt the message; the receiver uses the sender's public key to decrypt the message. If the decryption works, the message could only have been sent by someone possessing the sender's private key.

    Also used in distributing software: software developers digitally sign their product, so users will know it is genuine.

III. Backup and Disposition of Storage Media

Back up important data systematically and regularly — or risk massive loss of data!

How many have experienced this?

When disposing of old disks or other storage media, do not just throw them away. Securely remove sensitive data first. This requires more than just erasing files; you have to "shred" the data. There are various ways to do this, ranging from the GNU shred program to physically smashing disks.