IR’14 Panel on “Inconsistency Robustness in Cyberspace Security and Privacy” http://ir14.org
This panel will discuss current issues in cyberspace security and privacy grounded in an ongoing saga including the following hypotheses about the future and recent events:
· Computation and storage on phones, personal computers, etc. can be made more trustworthy (e.g., secure, reliable, robust, and resilient) than on large datacenters (Amazon, Google, Microsoft, NSA, etc.). Mass cyberspace surveillance can be made uneconomical by greater endpoint security for phones, personal computers, etc.
· Public key encryption communication will become ubiquitous. Trans-national directories will be created to enable authentication of public keys. NSA has targeted for surveillance parties communicating using encryption (with keys not available to NSA) and stored their communications forever.
· Criminals (including in government) should be brought to justice.
· Law enforcement will increasingly rely on cell tower tracking, automobile tracking, ubiquitous video tracking (including drones) using facial recognition in public places.
· Surveillance and remote attacks via the Internet are almost universal, whether by nation states, corporations, or others. Whistleblowers are persecuted everywhere. Reporters who refuse to reveal their sources are being jailed. Journalists and publishers have been subject to government surveillance in their purely investigative and reporting activities.
· In US, leakers to the press have been dealt long prison sentences based on the justification that leaking to the press is espionage for a foreign power. These leakers have not been allowed to raise whistleblower defenses at their trials.
· In US, the Constitution is the ultimate law of the land.
· US companies face diminished foreign business prospects because US claims jurisdiction (in secret using gag orders) over foreign operations of US companies. CEOs of major tech companies have complained loudly about how NSA surveillance has been ruining their business. Facebook founder and CEO Mark Zuckerberg recently called the US a “threat” to the Internet, and Google Board Chair Eric Schmidt called some of the NSA tactics “outrageous” and potentially “illegal”. Governments can issue (unexplained) gag orders to Internet companies that they surrender their encryption keys and any other data they possess both domestically and in other countries. “It is not blowing over,” said Microsoft General Counsel Brad Smith, adding “In June of 2014, it is clear it is getting worse, not better.”
· Governments are preparing military offensive and defensive forces for devastating massive cyberwar attacks that can be delivered without prior detection. Offensive retaliation is often challenged by not being certain of the identity of attacker(s). Greater endpoint security could mitigate the dangers of such attacks.
· Al Gore proclaimed that the Internet is a “stalker economy.” Almost all consumers have Internet services (e.g. Internet search, email, etc.) paid by exploiting (and even selling) their personal information and attention. Unlike credit information, personal information held by Internet service companies does not have to be revealed to consumers. In “Why we fear Google”, Axel Springer CEO Mathias Döpfner recently declared,
“Nobody knows as much about its [users] as Google. Even private or business emails are read by Gmail [arbitrary server programs without legal restriction]. You [Eric Schmidt] yourself said in 2010: ‘We [Google] know where you [Google users] are [and] where you’ve been. We can more or less know what you're thinking about.’ Are users happy with the fact that this information ... [can] end up in the hands of [government] intelligence services ...?”
· Sir Martin Sorrell, CEO WPP (the world’s largest advertising company) recently declared:
“People understate the importance of Snowden and NSA. [They] underestimate the impact on consumers.
We have been removing third-party networks for our sites, those ads are also data-gathering mechanisms. We want to be more respectful of privacy and also want to monetise our audiences our way. Being more focused on privacy is not bad for business, it can be good.”
What precise contradictions (including goals, norms, and values) are contained in the above information? How can they be rigorously stated? (A very long-term goal is for computer systems to have a formal understanding of these contradictions.)
Please join us for an exciting discussion.