FITUG e.V.
Förderverein Informationstechnik und Gesellschaft
FITUG e.V.Förderverein Informationstechnik und Gesellschaft |
|
------- Forwarded message follows ------- Date sent: 26 Feb 2000 23:40:07 -0000 To: cypherpunks@cyberpass.net, cryptography@c2.net From: lcs Mixmaster Remailer <mix@anon.lcs.mit.edu> Subject: Brands on privacy
Stefan Brands' thesis finally came yesterday from Fatbrain, almost two months after ordering. His techniques are very powerful and interesting, but unfortunately patented and hence of no practical value for anyone other than the one licensee. How different the world might be if he and Chaum had made their technology freely available.
Brands has some very strong and brave words in his epilogue in favor of privacy, which deserve to be widely read:
"Anyone who considers 'key escrow' as a way of protecting privacy is, of course, in a state of sin. On a fundamental level there can be no mistake about this. Westin's widely accepted definition of privacy clearly requires that individuals themselves are in control over their own information. Key escrow takes this control completely away, and therefore offers zero privacy....
"In recent years, many cryptographers have worked fiercely to replace privacy-protecting systems by key escrow systems:
"The first area that fell victim is electronic voting. Following proposals guaranteeing unconditional privacy, [cryptographers] introduced key escrow electronic voting. Virtually all electronic voting schemes proposed since then are key escrow systems...
"The most recent area that has fallen victim is electronic cash. Starting with [certain cryptographers] a floodgate of papers on key escrow electronic cash opened...
"Here, the primary excuse to squander privacy has been to combat money laundering. However, money laundering concerns can be addressed effectively witout giving up privacy by (prudently) applying one or more of the following measures: placing limits on amounts; ensuring payee traceability (by the payer only); limiting the issuing of electronic cash to regulated institutions; disallowing anonymous accounts; issuing only personalized paying devices; identifying payers in high-value transactions; and, checking the identity of parties who convert other forms of money into electronic cash...
"Many of the key escrow papers sport exaggerated and sometiems downright ignorant statements about how privacy will hurt individuals, organizations, and societies at large... [T]he key escrow smoke screen enables the researcher to downplay the annihilation of privacy by claiming that the new system provides 'balanced' privacy; many authors do not even shy from claiming that their key escrow systems 'preserve' or even 'improve' privacy....
"Privacy is protected only if each individual for him or herself is able at all times to control and determine which parties, if any, are capable of recovering a secret. If a user decides to give up some of that control, that is his or her choice, but it should not be hardwired into the design of the system....
"It is time to stop tolerating (let alone promoting) misleading practices towards privacy, be they self-regulation, seal programs, infomediaries, key escrow systems, or otherwise. Schemes in which users do not have control over their own personal data offer zero privacy. No smoke and mirrors can change this fact....
"Today, the foundations for the communication and transaction technologies of the next century are being laid. Digital certificates will be hardwired into all operating systems, network protocols, Web browsers, chip cards, application programs, household utensils, and so on. To avert the doom scenario of a global village founded wholly on inescapable identification technologies, it is imperative that we rethink our preconceived ideas about security and identity - and build in privacy before the point of no return has been reached."
This is powerful writing, but one can't escape the thought that making his advanced technology available on a non-exclusionary basis would be a significant first step in bringing about this desirable outcome.
------- End of forwarded message -------