Is This A Back Door We Can All Handle?
David Chaum 'Godfather of anonymous communication' - BBC News [Source: https://www.youtube.com/watch?v=IXr_6jqBTj0]
Remember the 'God View' incident? A reporter was researching an article about Über that included - not surprisingly - riding around in the company's vehicles. Long story short: The company was accused of using a tool known as 'God View' to track the reporter. The tool allowed Über executives to get an aerial view of the area in which the reporter was riding as well as her personal information, according to law enforcement officers.
As part of its settlement with New York City's attorney general, Über "removed all personally identifiable information of riders from its system that provides an aerial view of cars active in a city, has limited employee access to personally identifiable information of riders, and has begun auditing employee access to personally identifiable information in general." So the next time you want to hitch a ride without anyone knowing about it, it seems you're able to do so. The incident captured the very essence of our digitally enabled society: Consumers want all the benefits and conveniences of mobile apps and ride services that track them, but also demand a complete cloak of anonymity and security.
In cities like New York, where anyone who has ridden in one of its traditional yellow cabs has (at least one) nightmarish experience to share, Über and competitors like Lyft are generally welcomed additions to the transportation market. I find it somewhat amazing that a consumer would be shocked to learn that a tech-savvy company like Über could obtain aerial views of its cars and personal information of its clients. That's called data mining and it results in the service becoming evermore responsive to the consumer's needs. I suppose it's tough to satisfy every digital consumer.
I was reminded of a village in the state of Maharashtra, India called Shingnapur. Houses in the village do not have doors. Residents believe that a deity will protect their assets and punish anyone attempting a robbery. Yet, each house hangs curtains to retain privacy. The Internet is no different. The entire notion of privacy on the Internet, which has been percolating since the Wikileaks incident a few years ago, is a fascinating one because people want the world at their fingertips or at the swipe of a smartphone but don't want to divulge any information about themselves. How, then, are consumer-focused companies supposed to improve their services if they can't learn more about the expectations of their consumers?
One of the fathers of Internet security is a man named David Chaum who made waves when he discussed his latest project at Stanford University's Real World Crypto conference: PrivaTegrity. PrivaTegrity (he's been working on it for years with various academic institutions) creates a format in which secret and anonymous communications can take place that no eavesdropper can crack, whether it be a malicious hacker or an intelligence agency. Chaum has invented plenty of online privacy tools in the past, but this time round he is creating a back door as part of the overall PrivaTegrity platform. He is aware of the ramifications of creating a back door on a fully encrypted communications platform and the potential fallout that it could entail. So, he is creating a security council not unlike the one at the United Nations. This council would consist of managers of nine servers around the world with unique access to unlock a back door in the case of a threat to global security. No one manager could unlock the door. Not even eight of the nine - all nine managers must be in agreement to unlock a back door to allow access. Chaum described the security measure to Wired magazine as a back door with nine different padlocks on it. And the location of the servers? Chaum has said he would like them to be in democratic countries such as Iceland, Canada, and Switzerland.
In today's 'crypto-wars', which pit government authorities against the citizens they are sworn to protect, we're in unchartered territory. Companies, governments, and private citizens for the most part want to do the right thing in combatting the growing threat of cyber-crime but also want to preserve notions of privacy. It's an incredibly tough issue to balance and the likelihood of all parties going home fully pleased with the eventual outcome is close to none. But at least experienced Internet personalities like Chaum are part of the debate and are proposing very reasonable solutions to how we can all move forward in a new and challenging digital marketplace.