At 10:03 AM -0500 10/31/00, Declan McCullagh wrote:
ZERO-KNOWLEDGE SYSTEMS INTRODUCES MANAGED PRIVACY SERVICES TO SOLVE THE PRIVACY CHALLENGES OF BUSINESSES
Montreal -- October 31, 2000 -- Zero-Knowledge(R) Systems, the leading developer of privacy solutions, today introduced its new Managed Privacy Services(TM) offering to solve the privacy challenges of businesses and enable enterprise to thrive in a privacy-conscious climate. Delivering a unique combination of technology, policy and strategy expertise, Zero-Knowledge Managed Privacy Services (MPS) enables clients to turn privacy into a competitive advantage by leveraging rich data resources while building stronger and more profitable relationships with customers, employees and partners. MPS is based on responsible and ethical information management in accordance with relevant legislation and industry standards.
"Relevant legislation"? In Canada, in Iran, in Denmark, where? Surely ZKS is not claiming that they will be somehow targetting each instance of their product to specific countries. If not, if the product is a general one, then just _whose_ "relevant legislation" applies? (I presume this is related to their split key/key escrow/"trusted third parties" nonsense.)
* ASSESS AND ADVISE -- Managed Privacy Services begins with a thorough assessment of each client's data storage and usage patterns, as well as their business objectives. From this assessment, recommendations are made regarding areas where data can be better utilized through the addition of a strong privacy layer, and areas of potential privacy risk are identified.
This is beginning to sound like ZKS is restructuring itself as a consulting company, a la Arthur Anderson or the (now in the process of divorce) Kroll-O'Gara outfit.
Zero-Knowledge is committed to deploying systems that are transparent and accountable. In keeping with this policy, MPS will incorporate third party verification and split encryption key structures
Split encryption key. I think that says it all.
, as well as provide consumers with access to white papers, independent auditors' reports or other materials that assure a company is doing what it claims. With MPS Zero-Knowledge strengthens its commitment to building responsible systems that empower consumers to control the disclosure and use of their personal information, while still enabling businesses to thrive in a data and relationship-driven marketplace.
"Empower consumers"? "Responsible systems"? "Strengthens its commitment"? How about: -- no key escrow, no split keys, no trusted third parties -- public key crypto With strong crypto widely available, what business (or knowledgeable private person) is going to want or need this "ASSESS AND ADVISE" and "COMMIT AND CAPITULATE" (ok, I'm changing their stages) stuff/ I can't see how a large company, like an Intel or an Amgen, is going to move away from mathematically robust PKS systems and adopt some throwback to the 1940s, some kind of split key or key escrow system. And I can't see how Joe Consumer is going to pay for the (apparent) "review" of his (presumed) needs and then get some key escrow package tailored to his (presumed) needs. So, what sort of customer is this product tailored for? Some middle-sized company which is clueless on crypto and which wants hand-holding? Some company in a country which _requires_ key escrow? Is ZKS setting itself up to be the premier supplier of key escrow and LEAF tools? Sounds like it. The "relevant legislation" language is the real kicker. Sounds like the many former government types working at ZKS got the focus shifted from truly secure systems to basically uninteresting--and even pernicious!--systems which "meet the legitimate needs of law enforcement." Key escrow, in other words. "Big Brother Inside" Whew. --Tim May -- ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, "Cyphernomicon" | black markets, collapse of governments.