A Primer on Digital Privacy
Driven from every other corner of the earth, freedom of thought and the right of private judgment in matters of conscience, direct their course to this happy country as their last asylum. – Sam Adams
Privacy is a mainstay of free society.
In celebration of Data Privacy Day (28 January), CNet released an article discussing privacy, namely the fact that many refuse to pay for privacy. It’s been 10 years: Why won’t people pay for privacy? (available: http://news.cnet.com/8301-13578_3-10443575-38.html). Indeed, the ramifications of data privacy (or lack thereof) is increasingly becoming a crucial issue for businesses and consumers alike. Information leaks are rampant, and chances are, your personal data has already been exposed in some sort of attack.
How, then, are we to deal with data privacy threats and mitigate the risks? Our current network infrastructure is designed in ways that simply don’t guarantee security. Yet, most users also simply trust the system. It is the responsibility of the both user and the system developer to strive for information assurance, and to work towards a more secure future. Security is not necessarily about guaranteeing perfect and complete isolation from attacks (such a feat is, and has proven to be impossible in both the physical realm and in cyberspace), rather, it is about a dynamic and adaptable set of rules and policies governing the control of information and access.
An Additional Problem
Since we can safely assume that the underlying technologies of the internet are generally insecure (with the exception of specific security protocols, TLS, SSL, IpSEC, etc), we conclude that our digital privacy is not at all guaranteed, in fact, quite the contrary. Even if we rely on secure protocols, these protocols are only as secure as the implementation, and implicitly rely on the trust of other systems/organizations (for example Public Key Infrastructure relies on the fact that we generally believe prime number factorization to be difficult; HTTPS websites rely on the integrity of Certificate Authorities to only provide certificates to the owner of a site, not to third parities).
Therefore, trust must be a vital aspect of any security protocol, and every step of the system (from the physical hardware and protocols, to third parties) must be thoroughly vetted before integrated into the system.
Data Breach vs Difficulty – Cost/Benefit Analysis
Let’s take a step back, for a moment, and look at the big picture of data security. Let’s say I am sending an unencrypted email to my friend Alice. Would this email be appealing to the attacker if it contained a beautiful picture of the mountains? Well, maybe, but definitely not as appealing as if it contained my credit card number. The difficulty of “sniffing” (capturing) the contents of this email is not too great, but the payoff in the first case is not great either.
If we modify this example so that the same emails are being exchanged, only the contents are encrypted with a system that we generally trust. Now, the difficulty of obtaining the contents of the email is significantly intensified. Would it be worth the enormous effort to decrypt the email in the first case? Most likely, not. But, let’s say that the attacker really, really wanted the contents of the email (say, it contained important financial info, for example). Now would it be worth the effort?
This example demonstrates the classic issue of cost-benefit analysis. From the attacker’s perspective (and this holds true in general as well), if the payoff (benefit) outweighs the difficulty (cost), the attacker makes the effort. Otherwise, generally speaking from a psychological perspective, most attackers would not waste the time or effort. From the other perspective: would it be worth it to take the extra time (and computational resources) to encrypt an generally unimportant personal message? In other words, is the cost of implementing security protocols commensurate with the level of necessity of information security it provides?
This is the classic question of security through difficulty - if you maximize the cost of breaching your data, when compared to the benefits such a breach would provide, in this area, security is upheld.
A Practical Discussion
Every member of the society spies on the rest, and it is his duty to inform against them. All are slaves and equal in their slavery… The great thing about it is equality… Slaves are bound to be equal. – Fyodor Dostoevsky
Your data, theoretically, is not completely secure over the internet. Perfect data security is an impossible goal, or otherwise an hallucination. Indeed, what we strive for is to provide the level of security that prompts an attacker to “give up” – to minimize our transmitted data, and guard our relevant data using offline means and physical safeguards. This is a call for the user and the administrator to beware of what they post and transact online.
In most areas, there is a reasonable expectation of freedom of information and thought, but the freedom to transact data unobserved should not be relied upon as a reliable safeguard. It is our responsibility to be proactive in implementation, monitoring and enforcement of our infrastructure, and to not transmit unnecessary data over networks. Just like we guard your wallets, our cash, our identities, so must we guard our information.
Leave a Reply