Abstract
We discuss how the personal privacy that we are used to as a way of life is continuously being threatened by modern technology. We divide these threats into different categories based on who the perpetrator is, and the extent to which the privacy invasion was intended by the system designer. We discuss in detail how some technologies, like the web, compromise privacy. We explain why privacy is important and describe the conflict between privacy and law enforcement. Finally, we explain our ideas for the future, which include a system for verifiable accountability to allow citizens to see what and how much information is collected and used. We give some examples of how such technology could be used in the future.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Web interface at http://www.boeingsuppliers.com/ldap_proxy/get_cert.html.
References
Monkey brains control robot arms. (2003). BBC. http://news.bbc.co.uk/1/hi/health/3186850.stm.
Sony recalls copy-protected CDs. (2005). BBC. http://news.bbc.co.uk/1/hi/technology/4441928.stm.
Chaos computer club analyzes government malware. (2011). http://www.ccc.de/en/updates/2011/staatstrojaner.
Facebook sorry over face tagging launch. (2011). BBC. http://www.bbc.co.uk/news/technology-13693791.
Germany spyware: Minister calls for probe of state use. (2011). BBC. http://www.bbc.co.uk/news/world-europe-15253259.
NSA slides explain the PRISM data-collection program. (2013). The Washington Post. http://www.washingtonpost.com/wp-srv/special/politics/prism-collection-documents/.
Live Q&A with Edward Snowden. (2014). http://www.freesnowden.is/asksnowden.html.
The NSA files. (2014). The guardian. http://www.theguardian.com/world/the-nsa-files.
Abelson, H., Anderson, R., Bellovin, S. M., Benaloh, J., Blaze, M., Diffie, W., Gilmore, J., Neumann, P. G., Rivest, R. L., Schiller, J. I., & Schneier B. (1998). The risks of key recovery, key escrow, and trusted third-party encryption. http://www.schneier.com/paper-key-escrow.html.
Acquisti, A., Gross, R., & Stutzman, F. (2011). Faces of Facebook: Privacy in the age of augmented reality. BlackHat USA. http://www.heinz.cmu.edu/acquisti/face-recognition-study-FAQ/acquisti-faces-BLACKHAT-draft.pdf.
Arapinis, M, Borgaonkar, R., Golde, N., Mancini, L., Redon, K., Ritter, E., & Ryan, M. (2012). New privacy issues in mobile telephony: fix and verification. In ACM Conference on Computer and Communications Security (pp. 205–216). http://www.cs.bham.ac.uk/mdr/research/papers/pdf/12-UMTS.pdf.
Bamford, J. (2012). The NSA is building the country’s biggest spy center. Wired magazine. http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1.
Black, J. (2001). Don’t make privacy the next victim of terror. Bloomberg Businessweek. http://www.businessweek.com/bwdaily/dnflash/oct2001/nf2001104_7412.htm, 2001.
Blaze, M. (1994). Protocol failure in the escrowed encryption standard. In Proceedings of the Second ACM Conference on Computer and Communications Security (CCS). http://www.crypto.com/papers/.
Blaze, M. (2013). Phew, NSA is just collecting metadata. (you should still worry.). Wired magazine. http://www.wired.com/opinion/2013/06/phew-it-was-just-metadata-not-think-again/.
Boneh, D., Sahai, A., Waters, B. Functional encryption: Definitions and challenges. In Theory of Cryptography (pp. 253—273). Springer.
Bosker, B. (2011). Facebook’s Randi Zuckerberg: Anonymity online “has to go away”. Huffington Post. http://www.huffingtonpost.com/2011/07/27/randi-zuckerberg-anonymity-online_n_910892.html.
Britten, N. (2010). Facebook users warned of burglary risk. The Telegraph. http://www.telegraph.co.uk/technology/facebook/8004716/Facebook-users-warned-of-burglary-risk.html.
Carrier iQ, Inc. What data is collected? http://www.carrieriq.com/what-data-is-collected/.
Chothia, T., & Smirnov, V. (2010). A traceability attack against e-passports. In Proceedings of the 14th International Conference on Financial Cryptography and Data Security. http://www.cs.bham.ac.uk/tpc/Papers/PassportTrace.pdf.
Clayton, R. The Phorm “Webwise” system. http://www.cl.cam.ac.uk/rnc1/080518-phorm.pdf.
PrimeLife Consortium. (2011). Privacy-enhancing browser extensions. http://www.w3.org/2011/D1.2.3/.
Microsoft Corporation. Application storage. http://www.microsoft.com/getsilverlight/resources/documentation/AppStorage.aspx.
Eckersley, P. (2010). How unique is your web browser? In Proceedings of the Privacy Enhancing Technologies Symposium (PETS 2010), volume 6205 of Lecture Notes in Computer Science. Springer. http://panopticlick.eff.org/browser-uniqueness.pdf.
Trevor Eckhart. CarrierIQ part 2. androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/carrieriq-part2/.
Espiner, T. (2012). ISPs kept in dark about UK’s plans to intercept Twitter. http://www.zdnet.co.uk/news/security-threats/2012/02/20/isps-kept-in-dark-about-uks-plans-to-intercept-twitter-40095083/.
Inc. Facebook. Data use policy. https://www.facebook.com/about/privacy/your-info.
Inc. Facebook. (2013). What information does Facebook get when i visit a site with the like button or another social plugin? https://www.facebook.com/help/186325668085084.
Felten, E. W., Schneider, M. A. (2000). Timing attacks on web privacy. In ACM Conference on Computer and Communications Security, pp. 25–32.
Electronic Frontier Foundation. Sony BMG settlement FAQ. https://w2.eff.org/IP/DRM/Sony-BMG/settlement_faq.php.
Gahran, A. (2010). Using Wi-Fi? Firesheep may endanger your security. CNN. http://edition.cnn.com/2010/TECH/mobile/11/01/firesheep.wifi.security/index.html.
Gentry, C. (2009). A Fully Homomorphic Encryption Scheme. PhD thesis, Stanford University, Advisor Dan Boneh.
Miniwatts Marketing Group. (2012). World internet users and population stats. http://www.internetworldstats.com/stats.htm.
Trusted Computing Group. (2007). TPM Main Specification.
Hinsliff, G. (2008). MI5 seeks powers to trawl records in new terror hunt. The Observer. http://www.guardian.co.uk/uk/2008/mar/16/uksecurity.terrorism.
The White House. (1994). Statement of the press secretary. http://epic.org/crypto/clipper/white_house_statement_2_94.html.
Huber, N. (2013). The tax man is watching you: (HMRC) snoops on public 14,000 times in a year. The Independent. http://www.independent.co.uk/news/uk/home-news/the-tax-man-is-watching-you-hmrc-snoops-on-public-14000-times-in-a-year-8449862.html.
Adobe Systems Incorporated. What are local shared objects? http://www.adobe.com/products/flashplayer/articles/lso/.
Johnson, B. (2010). Privacy no longer a social norm, says Facebook founder. Guardian. http://www.guardian.co.uk/technology/2010/jan/11/facebook-privacy.
Kamkar, S. Evercookie—virtually irrevocable persistent cookies. http://samy.pl/evercookie/.
Keneally, M. (2013). Yahoo CEO Marissa Mayer feared being sent to jail for treason over NSA scandal. Daily Mail. http://www.dailymail.co.uk/news/article-2419441/Yahoo-CEO-Marissa-Mayer-feared-sent-jail-treason-NSA-scandal.html.
LaPlante, M. D. Spies like us: NSA to build huge facility in Utah. The Salt Lake Tribune. http://www.sltrib.com/ci_12735293.
Laurie, B., Langley, A., & Kasper, E. (2013). Certificate transparency. http://tools.ietf.org/html/rfc6962.
Lewis, P. (2008). Fears over privacy as police expand surveillance project. The Guardian. http://www.guardian.co.uk/uk/2008/sep/15/civilliberties.police.
Lewis, P., & Vallée, M. (2009). Revealed: police databank on thousands of protesters. http://www.guardian.co.uk/uk/2009/mar/06/police-surveillance-protesters-journalists-climate-kingsnorth?INTCMP=ILCNETTXT3487.
ARM Limited. (2009). ARM TrustZone API Specification, version 3.0.
Path Intelligence Ltd. Revolutionary technology for detailed data insights. http://www.pathintelligence.com/technology/.
Martin, R. (2005). Mind control. Wired magazine. http://www.wired.com/wired/archive/13.03/brain.html.
McKeen, F., Alexandrovich, I., Berenzon, A., Rozas, C., Shafi, H., Shanbhogue, V., & Savagaonkar, U. Innovative instructions and software model for isolated execution. In Second Workshop on Hardware and Architectural Support for Security and Privacy (HASP 2013).
Mitchell, S. Anger over mass web surveillance plans. PC Pro magazine. http://www.pcpro.co.uk/news/security/372985/anger-over-mass-web-surveillance-plans.
Nightingale, J. (2011). Fraudulent *.google.com certificate. Mozilla Security Blog. https://blog.mozilla.org/security/2011/08/29/fraudulent-google-com-certificate/.
The Home Office. (2010). Communications data. http://www.homeoffice.gov.uk/counter-terrorism/communications-data/.
Page, L. (2008). Spooks want to go fishing in Oyster database. The Register. http://www.theregister.co.uk/2008/03/17/spooks_want_oyster/.
Pegoraro, R. (2011). Google’s Eric Schmidt steps down, depriving web of future quotes. Washington Post. http://www.washingtonpost.com/wp-dyn/content/article/2011/01/20/AR2011012006128.html.
Perlroth, N. (2013). NSA able to foil basic safeguards of privacy on web. The New York Times. http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html.
Poulsen, K. (2007). FBI’s secret spyware tracks down teen who made bomb threats. Wired magazine. http://www.wired.com/politics/law/news/2007/07/fbi_spyware?currentPage=all.
Q-Success. W3Techs web technology surveys. http://w3techs.com/technologies/overview/social_widget/all.
Ben Quinn. (2008). Virgin sacks 13 over Facebook “chav” remarks. The Guardian. http://www.guardian.co.uk/business/2008/nov/01/virgin-atlantic-facebook.
RIsen, J., Lichtblau, E. (2005). Bush lets U.S. spy on callers without courts. The New York Times. http://www.nytimes.com/2005/12/16/politics/16program.html?pagewanted=1_r=1.
Ryan, M. (2014). Enhanced certificate transparency and end-to-end encrypted mail. In Network and Distributed System Security (NDSS). http://www.cs.bham.ac.uk/mdr/research/papers/pdf/14-ndss-cert.pdf.
Saunders, L. (2009). Is “friending” in your future? Better pay your taxes first. The Wall Street Journal. http://online.wsj.com/article/SB125132627009861985.html.
Schneier, B. (2010). Anonymity and the internet. https://www.schneier.com/blog/archives/2010/02/anonymity_and_t_3.html, 2010.
Sid Stamm. Plugging the CSS history leak. http://blog.mozilla.com/security/2010/03/31/plugging-the-css-history-leak/.
Story, L. (2008). A company promises the deepest data mining yet. The New York Times. http://www.nytimes.com/2008/03/20/business/media/20adcoside.html.
Sullivan, B. (2001). FBI software cracks encryption wall. MSNBC. http://www.msnbc.msn.com/id/3341694/ns/technology_and_science-security/t/fbi-software-cracks-encryption-wall/.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2014 The Author(s)
About this chapter
Cite this chapter
Phillips, J., Ryan, M.D. (2014). A Future for Privacy. In: Privacy vs. Security. SpringerBriefs in Cybersecurity. Springer, London. https://doi.org/10.1007/978-1-4471-6530-9_2
Download citation
DOI: https://doi.org/10.1007/978-1-4471-6530-9_2
Published:
Publisher Name: Springer, London
Print ISBN: 978-1-4471-6529-3
Online ISBN: 978-1-4471-6530-9
eBook Packages: Computer ScienceComputer Science (R0)