three cheers for encryption and anonymity?

February 8, 2013

locked door

An obscure company called Silent Circle wants to secure your smartphone using nifty tricks you wouldn’t think are out of place in a Bond film, if movie studios could manage to get a technically literate edition of the franchise out there. Not only will its app secure your data with some really powerful encryption algorithms, it will also allow you to build a self-destruct into e-mail, text, and media messages, and the data about how you used the company’s services will be deleted from their servers after a week, data that could easily be anonymized to protect you even further. Oh and the servers happen to be in Canada, where digital privacy laws are much stricter than in the United States, meaning that by the time anyone wants to file a subpoena to get to your data, the data in question will either be long gone by the time it could be reviewed, or not exactly usable. It’s nice to have this sort of data protection and privacy as a consumer, isn’t it? And if anything, Silent Circle’s approach to your privacy should be adopted by the next iteration of the web.

Basically, the whole Web 2.0 business model is predicated on giving you free tools in exchange for the ability to mine data about everything you do. Social networks are basically stalking you, not for something nefarious mind you, but to show you ads, thinking that somehow they can use your online data to predict your tastes. Unfortunately, this has the nasty side-effect of leaving a lot of digital fingerprints easily accessible to pranksters, criminals after your credit card number, and hackers working for an authoritarian regime that would like to see you silenced. Likewise, it allows any company offering a service tied to a mapping app on your phone to see not only the places you go, but how often you go there, how long you stay, and thanks to Facebook’s utter lack of respect for your privacy settings from version rollout to version rollout, with whom you go there should you fail to keep on top of every setting on a regular basis. To be blunt, very few of your tracked behaviors, if any, offer any real predictability in your buying habits, so most of the free Web 2.0 services just log everything, hoping to find the magic formula for ad makers.

Now, with cloud storage easily accessible to all, and more and more of us trying to keep rather important data online just in case, hopefully in encrypted file lockers, we need more privacy and social media data that allows hackers to guess answers to our security questions, narrow down our password guesses, or track when we’re out of the house and about how long we’ll be gone, compromises this privacy. So for the sake of their users, companies need to track users less, to log fewer of their actions, to stop following them around with ads they didn’t opt to see, and do a periodic log purge not to hand hackers treasure troves of sensitive data should anyone ever get into their backend servers and snoop through a few of their databases. This would mean that a typical online user would have to pay a small fee to make the service viable, but considering the return on investment will be security and privacy, isn’t a few dollars a month worth erasing huge, exploitable chunks of data about him or her from the web? Of course no security scheme can ever be perfect, but any security and anonymity is better than the flimsy pretenses of it used by major online services now. And that goes double for their vast logs of everything you do…

Share