Designing Software That Protects People's Privacy
Designing Software That Protects People's Privacy
As the amount of personal information on the internet grows every year, the need for enhanced privacy and security settings has never been more apparent.
Join the DZone community and get the full member experience.Join For Free
The objective of this post is to make developers aware of the privacy-related aspects we must take into account as we design our software systems.
By this time Valentine's Day has come and gone. You, dear Reader, have probably gone out on a special evening with your loved one, and I'm sure you had a terrific time!
Now, try to remember with precision all those great, intimate moments you had that evening... including how that special night ended. Got them?
Now write them all down and post them in DZone's comments. Don't miss any details! We want to know it all! What have you got to hide anyway?
Are You Insane? That's None of Your Business!
Of course it's none of my business! That's between you and your loved one, that's how it should be! The bad news, though, is that much of what defines you and your relationship is already out for sale.
When the Internet became widespread around the mid-1990s it allowed people around the world to break those geographic barriers and freely exchange information. To say that it opened many doors is an understatement! Today, however, the Internet is becoming a mass surveillance tool used by multiple parties to identify and monitor users' habits. The original dream is over.
This is the consequence of the huge amount of information we produce on the web. Just have a look at how much data we generate per minute. In 2013, the SINTEF estimated that 90% of the world's data was generated over the last two years. That was before the reported data explosion of 2014, and before we bring IoT data into the equation.
So Who's Collecting Data On Me?
- You are providing an endless amount of info about yourself on social networks.
- You are paying your "free" SaaS applications, such as Gmail, with full access to your content (you DID read that EULA thing, didn't you?).
- The Internet of things is also contributing to feeding the worldwide database. And it will keep on gaining momentum.
- Mobile carriers also play that game quite successfully.
- And let's not forget all those loyalty cards we use in "offline" shops!
Right, but have you thought about who has actually accessed to that information?
- SaaS companies gather all the data they can lay their hands on. Their business model relies on mining it to sell optimized advertising space. So whoever buys that space (advertisers, for example) has indirect access to your data. System administrators, on the other hand, have direct access to it.
- IoT does essentially the same thing.
- The vast majority of Internet websites track you and leak data to third parties, without your consent.
- Hackers have been successful in leaking your data and passwords: LinkedIn, VTech or teen social site i-Dressup. Even the big ones got hit at some point!
- Governmental agencies are truly gifted at snooping on you, even over encrypted traffic. They can also issue subpoenas towards companies to get what they need, essentially gaining the same access as, say, Google administrators. It's pretty easy for them!
By gathering all that information you are essentially being profiled. Whether it is by snooping on your messages or by analyzing your phone logs, your profile is giving away your religious, political or even sexual inclinations... among others!
It used to be only your family and best friends who would know so much about you. Not anymore.
More worrying is the propensity of government agencies to profile you, the citizen. The counterintelligence argument does not explain why they keep on gathering data over ordinary Internet users. Or spy on journalists. The CIA even invests in data mining tools to browse through those large datasets! And if you think you're safe in Europe... think twice.
Why Should You Care?
Your privacy, your secrets, all those little things that you keep for yourself are defining you as a human being. Whoever profiles you is, in essence, stripping you from your identity. What remains is a malleable entity whose parameters are known and modifiable at one's will.
And whoever knows enough about you can influence you, like a good friend who knows which buttons to push.
This is not a tale of fiction anymore. There is now little doubt on whether all this information is shared, either with other government agencies or with foreign countries.
And if you think you're safe in Europe, you might be interested to know that your privacy rights as a non-American have also been completely disregarded. Angela Merkel might tell you one or two things about it.
Who can you trust to access your data? The answer should be obvious: trust no one.
It is not a question of paranoia. It all comes down to one thing: we are all humans.
Humans can make mistakes, which is why IT systems are hacked.
Humans can be attracted by quick profit, which is possibly what led US and UK police forces to abuse confidential databases.
Humans can have an opinionated view on how to finance their SaaS: selling your privacy to third parties.
There might be alternatives, though.
Your Mission as a Software Engineer and Developer
Back in 2014, two naïve developers agreed that a person's privacy should be protected no matter what the circumstances are. And without realizing it, we started using "privacy by design" to achieve our goal. The result of that experiment became Seeld: a messaging application using a privacy-centric design and multiple encryption techniques in order to protect the confidentiality of the exchanged data against intruders, governments, and against ourselves, the system administrators!
More than two years down the line we log into our production database and find out that we are technically unable to count how many messages our early adopters had exchanged so far. The information is simply not accessible, not even to us.
Considering all the above, we took it as a good sign. But here's the best bit: these results are achievable by you, developers of the world!
Most of you (all of you!) have probably learned their lesson and hashed those passwords. Good.
But have you thought about using AES to encrypt that sensitive user information? Why should you, you may ask. Because all systems will eventually be hacked! So once your security layers are broken or circumvented, you nevertheless have prevented a data leak.
You can even push it as far as Open Whisper Systems and make the FBI go home empty-handed!
So yeah, you could argue that data mining is an effective and lucrative business model, so by cutting yourself out of that mine of gold, you will be turning your back to a proven source of revenues.
But remember: there's a growing awareness on privacy issues on the Internet. So there's a chance that privacy-centric development will be the new skill on demand in a near future.
It's the developer's important new mission. We're betting on it.
Nothing to Hide. Really?
Then again, maybe you have watched Glenn Greenwald's excellent TED talk and are still convinced that good guys have nothing to hide?
Never mind then. Let's go back to your Valentine's evening with your loved one.
Everything went perfectly well, and you decided to drive back home. Candles were lit, the mood became Barry White-sweet and you ended up in each other's arms.
Who said dystopia's are works of pure fiction?
Published at DZone with permission of Diego Pappalardo . See the original article here.
Opinions expressed by DZone contributors are their own.