230 likes | 369 Views
Balancing Security and Privacy in Times of Cyberterror. EDUCAUSE Western Regional Conference 2005 April 28, 2005 Steve Worona EDUCAUSE sworona@educause.edu Tracy Mitrano Cornell University TBM3@cornell.edu. A Campaign Finance Poll. A Campaign Finance Poll.
E N D
Balancing Security and Privacyin Times of Cyberterror EDUCAUSE Western Regional Conference 2005 April 28, 2005 Steve Worona EDUCAUSE sworona@educause.edu Tracy Mitrano Cornell University TBM3@cornell.edu
A Campaign Finance Poll • All citizens should be able to find out who each candidate is taking money from
A Campaign Finance Poll • All citizens should be able to find out who each candidate is taking money from • All citizens should be able to find out what candidate you are giving money to
A Campaign Finance Poll • All citizens should be able to find out who each candidate is taking money from • All citizens should be able to find out what candidate you are giving money to • Demo: http://www.fec.gov
Lessons • Law of unintended consequences • Logic can’t be legislated • Technology can’t “fix” unintended consequences • In fact, it’s often technology that creates them • Technical/social interactions are tricky • We make trade-offs on privacy all the time
“You can’t have Privacywithout Security” • Privacy: Ensuring that your personal information doesn’t fall into the wrong hands • Choicepoint; Lexis-Nexis; Ameritrade; BofA; etc. • Tufts; CMU; Berkeley; etc. • FERPA; GLB; HIPAA • Data-spill notification laws in CA, US • Security: Limiting everyone’s activity to only the things they have a right to see and do • Who is trying to access data (“Authentication”) • Whether they have the right (“Authorization”)
A FewAuthentication/Authorization Issues • Authenticate at network or application level? • What to do with logs? • How long to keep? • When/how/why to access? • Machine vs person • Cross-institutional information distribution • The government • USA/Patriot
Another Definition of Privacy • Privacy: The ability to go about your daily life without leaving a trail; the ability to read, speak, attend meetings, etc. anonymously
The Importance of Anonymity “Anonymous pamphlets, leaflets, brochures and even books have played an important role in the progress of mankind. Persecuted groups and sects from time to time throughout history have been able to criticize oppressive practices and laws either anonymously or not at all.” – Hugo Black, Talley v. California, 1960
Privacy1 vs Privacy2 • Privacy1: Ensuring that your personal information doesn’t fall into the wrong hands. (“Confidentiality”) • Privacy2: The ability to go about your daily life without leaving a trail; the ability to read (speak, attend meetings, etc.) anonymously. (“Anonymity”)
The Dilemma in a Nutshell • We want to go through cyber-life without leaving a trail • But we want everyone who comes in contact with our data (with us?) to be known • And if we don’t, others do, to minimize • Phishing • Spoofing • Fraud • Spam • Viruses • Hacking • Denial-of-service attacks • Cyber-terrorism
The Dilemma in Other Words… “They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” – Benjamin Franklin (1755)
The Dilemma in Other Words… “They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” – Benjamin Franklin (1755) “While the Constitution protects against invasions of individual rights, it is not a suicide pact.” – Arthur Goldberg (1963)
What Has Changed Since 1963? • The potential threats • Limitless damage from an individual act • Even death is not a deterrent • Emphasis switches from punishment to prevention • The potential responses • RFID; micro- and macro-cameras; linked databases; unlimited storage; unlimited processing power; unlimited communication capacity;… • And that’s just today • Technology is no longer the limit; we must decide • What to collect • How to use what’s collected • Narrowly drawn limits or “just in case” • When and how to change the rules
Whether by intentionor by default,we will decideon the tradeoffs
Some simple examples • Toll-gate license-plate photos • Not needed if the bell doesn’t ring • But sure useful if you want to get a list of possible suspects for yesterday’s crime • Metro-passes • Anonymous or registered? • Rules for access (probable cause or dragnet?) • ATM cameras • If no robbery occurred, no need to retain • But might have caught a glimpse of a kidnapper
The Tradeoff Rorschach “Law enforcement is not supposed to be easy. Where it is easy, it’s called a police state.” – Jeff Schiller, in Wired (1999)
Your Mission as a Citizen:Think about the Tradeoffs • Be aware of how your own activities are being monitored • Think about options • Decide how you feel • Let your legislators know • Apply these lessons on your own campuses
Some Closing Plugs • EDUCAUSE/Cornell Institute for Computer Policy and Law, 10th Annual Seminar • Ithaca, NY: June 28-July 1, 2005 • Flyers available here • EDUCAUSE Policy Page • http://www.educause.edu/policy • EDUCAUSE Annual Policy Conference • Washington, DC: April 26-27, 2006