• Privacy & Security

last modified April 3, 2014 by tomlowenhaupt

­­Ask people about security and privacy and you'll find they want to maximize both. But privacy and security work hand in hand, a fair balance is necessary. Here we examine a security framework that will enable a TLD-wide privacy policy for the .nyc TLD.


Navigating the Scylla & Charybdis
of Privacy & Security

Scylla-and-Charybdis.JPG 

Cyber Security Models

Health & Fire: Traditional Three Level Responses
 Situation  Health  Fire
Emergency -->
Ambulance Fire Engine
Contagion/Arson --> C.D.C.
Marshall
Ongoing -->
Education Education

Joined with an individual digital ID (or equivalent) issued to all New Yorkers, an emergency response system modeled on traditional city entities will moderate an unruly Net. For more, see this model as used in Estonia.

To avoid an Orwellian future...

privacy.jpg
(Commons photo courtesy of Mikey G. Ottawa.)

...build privacy in from the start 

From a Realtime Community article quoting Carnegie- Mellon's Latanya Sweeney:

"My answer is that the privacy problems that I've seen are probably best solved by the person who first created the technology. What we really have to do is train engineers and computer scientists to design and build technologies in the right kind of way from the beginning. Normally, engineers and computers scientists get ideas for technologies on their own and engage in a kind of circular thinking and develop a prototype of their solution and then do some kind of testing. But we are saying we will give them tools that help them see who are the stakeholders and do a risk assessment, and then see what barriers will come up and deal with the riskiest problems and work to solve them in the technology design. I think if we are successful in producing a new breed of engineers and computer scientists, society will really benefit. The whole technology-dialectics thing is really aiming at how you should go about teaching engineers and computer scientists to think about user acceptance and social adoption [and also that they] have to think about barriers to technology [from the beginning]. So the best scenario is that this kind of training takes hold and as new technologies emerge they are less likely to be constantly clashing with accept-or-reject options." 

Of Note
DUBLIN, IRELAND – 7 October 2008 – Afilias, a global provider of registry services, today announced a new registration policy that makes the nature of domain name abuses clear for registrants and registrars, and furthers the power of the registry to take quick and appropriate action regarding .INFO domains used for abusive behavior. This policy will go into effect on 6 November 2008.
Under the policy, abusive use has been more clearly defined and includes, but is not limited to: phishing, e-mail spam and other types of spam, the willful distribution of malware, the use of botnets and fast-flux hosting, distribution of child pornography, illegal access to other computers or networks, and other illegal or fraudulent actions. Domains that are being abused will be reported to the sponsoring registrar, and Afilias has the option of removing them from the DNS and reporting the abuser to law enforcement. Afilias is committed to working closely with its registrars, legal authorities, security professionals, and others to rid the Internet of the scourge of domain abuse."

The full details of the .INFO Anti-Abuse Policy can be found at: http://www.info.info/info/abusive_use_policy.

Ghost Rat

"There's more behind that screen then what meets the eye."  Ron Deibert of Citizen Lab

Which bag has  a ghost? "With Ghost Rat we've entered the world of DIY spyware." See Deibert's TedX 2012 YouTube

digital-suitcase.JPG

Global Cyber Security

A recent insightful speech on cybersecurity and the role of the nation-state was given by Toomas Hendrik Ilves, president of Estonia in June 2012.

"The key to cyber defense, even against sophisticated state actors, is civilian cyber-security. Cyber attacks are such an attractive option for our adversaries because they neutralize the West's conventional military superiority, targeting our personal data, banks, utilities, sources of information and confidence in our government. For this reason, our center of gravity must lie in raising the security savvy of our private sector and individual users." See full speech

 

One way the .nyc TLD might benefit a great city is through the creation of a secure digital city, where trust prevails and person and property are safe from tampering and theft.

Former British Prime Minister Gordon Brown described the task of securing our digital borders as:

Just as in the 19th century we had to secure the seas for our national safety and prosperity, and in the 20th century we had to secure the air, in the 21st century we also have to secure our position in cyberspace in order to give people and businesses the confidence they need to operate safely there.1  

As New York City prepares for the arrival of its TLD, it has the opportunity to become a trusted location on the Internet, where clear privacy standards prevail and security is enhanced by a collaborative community and its government's resources.

The following are being considered for their value in providing security to those under the .nyc umbrella:

  • Registrant Privacy Assertion - Central to a secure city are a Terms of Service agreement committing those registering a .nyc domain name to privacy, data sharing, and transparency enhancing standards. Users of websites using .nyc domain names should be comforted by a clear expectation that their personal privacy and security are being secured by the city's police power, and enforced by an entity such as the Department of Consumer Affairs.
  • Registration Oversight - When Net users are asked if they like the comfort level within the .gov or .edu environment, the response is "yes absolutely." But the reality is that charging $20 for a domain name - a rate that would make .nyc names readily accessible - there's no way to perform a thorough security check. So how do we avoid the prevailing distrust afflicting the .com and other generic TLDs? One advantage we have is that time is on our side, there is no immediate, desperate need to issue names NOW! The TLD will be ours for all time and the initial steps are critical. (See Time and the .nyc TLD.)
  • Education - The promise that technology alone will provide for our security is hollow. Internet security will always require an educated public and education is a key step to creating a trusted .nyc web. Programs and curricular to educate the public are essential. It seems appropriate that funds from name sales should be dedicated to this purpose.

Privacy

In this era of the Open & Transparent, privacy is frequently seen by many, especially the young, as unimportant and/or a lost cause. Some say: “If you have nothing to hide, then what do you have to fear?” This video might get the Scott McNealy-types (see sidebar) thinking. And then there's Daniel J. Solove's analysis of the "The I've Got Nothing To Hide" fallacy:

data mining aims to be predictive of behavior, striving to prognosticate about our future actions. People who match certain profiles are deemed likely to engage in a similar pattern of behavior. It is quite difficult to refute actions that one has not yet done. Having nothing to hide will not always dispel predictions of future activity. The problems are not just Orwellian, but Kafkaesque.

      Privacy is the ability of an individual or group to keep their lives and personal affairs out of public view, or to control the flow of information about themselves. In fulfillment of Connecting.nyc Inc.'s education mission we propose to:

      • Develop a privacy curriculum.
      • Advocate that the privacy.nyc domain name be developed as a learning resource for New Yorkers.
      • Develop a privacy policy on the use of data acquired by accessing the registry data log. (See DNS Data Log for a related database with privacy implications.)
      • Develop public spaces where privacy options are visible.

      Basic principles to meet individual privacy expectations need to be established. These should include:

      • Users must have a simple way to opt out of any data sharing. Too often controls are hard to interpret, if you can find them at all.
      • Those collecting data should tell users what information is being shared and regularly remind them of their options, including opting out.
      • Firms should only gather information essential to the services they're providing.
      • Sites should prominently display a description of those they share data with, and why.
      • When a company changes its rules, it should fully disclose the changes in clear language.

        Security/Privacy and TLDs

        In these late days of planning for the .nyc TLD, we're thinking about ways a TLD might be used to improve civic life, about how .nyc might facilitate the reality and perception of privacy and security. Might the DNS play a role in improving civic life in our small geographic entity? In 2007, a DNS inventor answered our question on this as follows:

        I think your challenge is a bit different from the technical. 
        What you really need to do is either:
        
           - go down the same old roads that were pioneered by .com,
             .biz, .cat, ...
        
           - try and come up with a totally new paradigm (assuming
             you haven't painted yourself in a corner already with ICANN)
        
        Its more about thinking of a structure that's innovative and breaks
        the mold, I think. I'd suggest you do a lot of thinking about that
        before you get to immersed and ossified in the old way of doing
        things. It's about thinking of what you could do by giving all of
        your constituents a unique digital identity and an organization
        for those identities.
        
        ­­­­­­Good luck!

        Supporting the idea that a clean TLD attracts users was a 2013 study by The Cooperative Association for Internet Data Analysis entitled "Correlation between country governance regimes and the reputation of their Internet (IP) address allocations. " It examined the impact democracy and transparency levels in nation-states had on trust of IP addresses within a nation's network. See http://www.caida.org/research/policy/country-level-ip-reputation/.

        Another DNS app that relates to both privacy and security in a most complex way is the DNS Data Query Log file, how is it maintained and accessed, by whom, and when.

        Search Transparency

        A related issue is search transparency. At a civic level, it's vital that we know why a search presents one site higher than another. For example, think of search within the governance realm: We can not have ourselves dependent on a opaque, "secret sauce" search supplier to set our priorities in issue and candidate listings. Same for creating a level business environment. But you might imagine that the big engines will find it difficult to operate under today's shadow of suspicion, and choose to open up. With suitable transparency they might be trustworthy for civic use with connecting.nyc's role relegated to one of testing and assurance. See Transparent Search for more on this.

        Security Links

        Privacy Links

        Key .nyc Pages

        1. Tom Espiner, “UK launches dedicated cybersecurity agency,” ZDNet UK online, 25 June 2009.^