28.09.14 - 02.10.14, Seminar 14401

Privacy and Security in an Age of Surveillance

Diese Seminarbeschreibung wurde vor dem Seminar auf unseren Webseiten veröffentlicht und bei der Einladung zum Seminar verwendet.

Motivation

The Snowden revelations have demonstrated that the US and other nations are amassing data about the minutiae of the daily lives of all citizens on an unprecedented scale. The data includes all forms of electronic communications among people, as well as web accesses, financial data, and the physical movements of people through cell-phone location tracking. The data is collected in numerous ways, using active as well as passive measures. Internet and telecommunication companies contribute their customers' data to the NSA, via programmes including PRISM and Tempora. Additionally, the NSA and GCHQ have, allegedly, covertly weakened the encryption implementations in commercial software products and international standards - for example, by weakening the randomness of generated keys - in order to gain access to still more data.

Nevertheless, intelligence services perform an important role in protecting democratic societies against the threats posed by criminal and terrorist activities. Indeed protecting citizens from harm is the first duty of government. In any society, individuals have to be accountable to society as a whole. Privacy is not an absolute right, but has to be balanced against other requirements, including security. But the scope of surveillance must be limited by an understanding of its costs as well as benefits. As technology continues to mediate in all aspects of our lives, it becomes vital to identify principles about when data may be gathered and what it may be used for. This is a task requiring sociologists, political scientists, and computer scientists.

Thus, a tension exists between the privacy rights of the individual and the security of society as a whole; establishing and maintaining the right balance between these is a major challenge. The activities of intelligence services cannot be fully transparent, and this makes it challenging to find mechanisms for oversight that provide sufficient public assurance. The data generated by our online lives is also valuable to commercial organisations, including the companies that directly collect it. Here again there is a balance to be struck between an individual's need for privacy, her wish for functionality, her limited ability to understand and make decisions in this space, and businesses' desire to sell products and services.

A major challenge here is to find ways to ensure that the intelligence services are acting within agreed laws and regulations without revealing the exact details of their activities and capabilities. At first glance this seems like a classic problem addressed using techniques from "modern cryptography"; such techniques include secret sharing, key escrow, private information retrieval, secure multiparty computation, and private, outsourced computation. For example, zero-knowledge protocols are frequently used to ensure that agents are obeying the rules of a protocol but without revealing their exact behaviour. It is not clear however that such techniques transfer cleanly to the problems at hand: for example, the notion of "correct" behaviour for intelligence agencies seems harder to characterise precisely. Exploring the boundary of what aspects of this problem can be solved by technical means and which require procedural, legal means etc. is a key theme of this workshop.

In most countries, the legal frameworks for dealing with privacy and intelligence seem to be arcane, out-of-date, and largely rooted in historical accident. They were made for a different era when we simply didn't have the problem we are facing today. The interaction of new technology, the law, and fundamental human values makes the topic difficult and interdisciplinary.

The workshop aims to address the following questions.

    Principles

  • What principles underlie policy about what data is gathered and how it should be used? How can individual privacy be respected alongside the needs of societal security and commerce?
  • In what ways should these questions be framed so that security is not the inevitable winner in matters that pitch personal privacy against state security or financial growth?
  • What are the limits on the intrusions that nation states should be allowed to make on their citizens?

    Technology

  • In what ways can technology contribute to finding ways of reconciling or balancing opposing requirements?
  • What are the limits of what can be achieved used technology and what has to be handled using procedural and legal means?
  • Are the cryptographic tools that have been developed to date solving the "right" problems?
  • Is there practicable privacy-preserving technology that is not being deployed?
  • Can we develop computing technology that better resists being subverted by powerful attackers such as nation states?

    Business

  • In what ways can the data interests of commerce be addressed without at the same time allowing companies' unfettered access to the data generated by their customers?

    Law

  • What can be done to modernize and harmonize the law so that nations respect the privacy rights of non-nationals and governments cannot circumvent privacy through arrangements with foreign intelligence agencies?