In comparing the contents of two databases, such as an airline-passenger list and a no-fly list, for example, officials should be interested only in the names that appear on both lists. They have no need for the rest of the passengers’ names. Those mutual names can be found by first encrypting both lists using strong encryption.[From Sharing information while preserving privacy is a technologically trivial challenge, researcher says — Government Computer News]
Quite. And if the lists are encrypted, and don’t need to be decrypted to make them work, then privacy is automatically improved without ombudsmen, best endeavours and the rest of it. A rudimentary understanding of the issues is all that is needed to deliver vastly better solutions.
Who should provide these better solutions? Over on the Identity & Privacy blog, I noted that some people want the ISPs, essentially, to get hold of this problem and deliver the solution (even if no-one is entirely sure what this solution is) But I think there’s a danger that this approach delivers the wrong kind of infrastructure: an infrastructure that is perfectly safe for the “incumbents” but with no room for opposition, for creativity, for novelty, for experiment. I think it would be better to leave the network infrastructure alone and put a new layer of infrastructure on top of it, a digital identity infrastructure that allows for optional degrees of confidence in the connection between virtual and real identities. I was thinking about this again because I went to a Mobile Operator “Smart Pipes” conference recently and this struck me as one of things that a smart pipe might do to distinguish itself from a dumb pipe.
So what is a smart pipe? It’s a pipe with a digital money and digital identity services built in, naturally. Digital money so that you can bill and be billed, pay and get paid. This means that the pipe will become a place for commerce to grow, expand and evolve. Digital identity so that you know who (and where) you and your counterparties are.[From 15Mb: yet another blog from Dave Birch]
While some form of, for want of a better name, “identity and privacy layer” over the top of existing network infrastructure may seem an additional complexity, I would argue that it delivers the combination function and flexibility that is needed. None of us know how the interconnected society is going to work in practice so we need to create a better balance. One way of doing this, of course, would be to encourage transparency and competition. If consumers were better informed and could choose between different degrees of privacy and service, thanks to some standardisation in the identity and privacy layer, then we would find out how much they really value privacy as part of the proposition.
consumers should vote with their clicks—use the search engine that gives them the right balance of privacy and search quality. Instead, my fear is that search engines are going to engage in a contest to tacitly agree to fix the length of data retention to get the regulators off their backs. In the end, that will be bad for consumers.[From Privacy Pandering at The Catalyst Code]
Personally, I have a suspicion that in many ways privacy is just too subtle a concept for consumer choice to work properly (but am obviously hoping to learn more about this through our involvement with the VOME and PVNet projects), so a better approach might be to make privacy an integral part of a bigger customer proposition rather than as a distinct component that may not be properly understood. Nevertheless, we have to do something.
These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]