Random Privacy

Adam Shostack adam at homeport.org
Sat Sep 21 14:07:29 PDT 2002 

On Sat, Sep 21, 2002 at 01:15:18PM -0700, AARG!Anonymous wrote:
| Greg Broiles wrote about randomizing survey answers:
| 
| > That doesn't sound like a solution to me - they haven't provided anything
| > to motivate people to answer honestly, nor do they address the basic
| > problem, which is relying on the good will and good behavior of the
| > marketers - if a website visitor is unwilling to trust a privacy policy
| > which says "We'll never use this data to annoy or harm you", they're
| > likely to be unimpressed with a privacy policy which says "We'll use
| > fancy math tricks to hide the information you give us from ourselves."
| >
| > That's not going to change unless they move the randomizing behavior
| > off of the marketer's machine and onto the visitor's machine,
| > allowing the visitor to observe and verify the correct operation of
| > the privacy technology .. which is about as likely as a real audit of
| > security-sensitive source code, where that likelihood is tiny now and
| > shrinking rapidly the closer we get to the TCPA/Palladium nirvana.
| 
| 
| On the contrary, TCPA/Palladium can solve exactly this problem.  It allows
| the marketers to *prove* that they are running a software package that
| will randomize the data before storing it.  And because Palladium works
| in opposition to their (narrowly defined) interests, they can't defraud
| the user by claiming to randomize the data while actually storing it
| for marketing purposes.

No, it allows security geeks to talk about proof.  My mom stil won't
get it.

Pd doesn't allow you to prove that there's no sniffer doing other
things with the data, that nothing is logged at the wrong time, etc

If you really want to randomize the data, do it close to me.  Or
better yet, run some software from Credentica and accept a proof of
whatever data is in question.

But the reality is that people hand over most of their data now.

So why would I invest in this expensive technology?  (Mike Freedman,
Joan Feigenbaum, Tomas Sander and I did a paper which touches on the
power imbalance between the companies that offer DRM technology and
their customers...same analysis applies
here... http://www.homeport.org/~adam/privacyeng-wspdrm01.pdf )

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume

More information about the cypherpunks-legacy mailing list