NNSquad - Network Neutrality Squad

NNSquad Home Page

NNSquad Mailing List Information

 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Urgent Call for Privacy-Enhanced Mobile Data Storage and Self-Destruct Mechanisms 

            Urgent Call for Privacy-Enhanced Mobile Data Storage 
                       and Self-Destruct Mechanisms

               http://lauren.vortex.com/archive/000797.html


Greetings.  Once upon a time -- not so very long ago -- an individual
arrested by law enforcement, or subjected to search at border custom
checkpoints, would typically be carrying little more of interest than
clothing, a purse or wallet containing limited sundry items, and more
recently a very simple cell phone.

But now many of us carry powerful computing devices that frequently
contain immense volumes of personal and business data -- laptops,
smartphones, tablets, flash memory thumb drives, and soon other yet to
be imagined marvels.  While it is increasingly possible to store data
only in the cloud for download or streaming on demand, many users
still need to maintain significantly large amounts of data on their
local devices due to data access speed requirements, or to assure data
availability when remote data connections are not available.

Governments in general and law enforcement in particular are
increasingly taking the view that their detailed inspections of mobile
devices, and the masses of data that they frequently contain, are no
different in kind than a simple search of a suspect's or traveler's
pockets.

Now the California Supreme Court has alarmingly ruled that arrested
suspects' phones -- and by extension any other devices on their person
or in their vehicles at the time of their arrest -- can be
comprehensively searched in detail.  This includes all contained data,
without the need for a search warrant: "Photos, address book, Web
browsing history, data stored in apps (including social media apps),
voicemail messages, search history, chat logs, and more." 
( http://bit.ly/gdUj6K [CNN] )

While this ruling is not without conflict vis-a-vis some rulings in
other states, and may ultimately be decided by the U.S. Supreme Court,
it still appears on its face to represent an enormous overreaching of
law enforcement in a highly inappropriate manner.

As I mentioned above, international travelers have long faced the risk
of U.S. Customs not only inspecting the data on their laptops or other
computers upon reentry to the U.S., but of having those devices
arbitrarily confiscated for detailed inspection, data copying, and
other intrusive investigations for prolonged periods of time.

If the framers of the U.S. Constitution had been able to anticipate
that individuals would one day carry such vast quantities of
information representing virtually the sum totals of their business
and personal lives, it is likely that the Fourth Amendment prohibiting
unreasonable searches and seizures would have been written in ways
that even more explicitly prohibited "high-tech" data device strip
searches.

It's very important to remember that this is not about protecting
criminal behavior -- we're talking about the protection and
preservation of fundamental constitutional rights, that are now being
eroded by opportunistic overreaching on the part of authorities
(whether for laudable motives in any given case or not).  Nor can we
confidently assume that all future governments will even be as
"benign" as our own at any given time -- encroachments on privacy
rights by government are fundamentally dangerous, especially for
innocent, law-abiding citizens.

Fortunately, we do have the means at hand to restore some sense of
balance regarding the privacy of our personal, mobile data devices.

The powerful combination of local device storage, increasingly fast
"persistent" data connections, cloud-based data repositories,
high-grade encryption, and associated technologies, can provide the
foundation for an open-source framework to provide privacy-enhanced
mobile data storage and data "self-destruction" systems to help
return "search and seizure" closer to the concept that the Founding
Fathers had in mind.

So, I'm now making this urgent call for broad cooperation in the
development of *open-source* systems and environments that would
include at least the following initial attributes:

   --- Provide for the "continuous and automatic" backing up of *all*
       mobile device data (as desired) in secure off-device locations.
       Such locations could include cloud-based services and/or
       locally controlled (e.g. business or home) computer systems and
       data arrays.  Note that under current laws the precise physical
       location of data greatly impacts the required mechanisms for
       government inspection or seizure of that data.  Mobile devices
       (certainly in California for now) are pretty much an open book
       after the new Supreme Court ruling.  Various groups are working
       toward trying to achieve harmonization of laws to provide the
       equivalent of locally-hosted data privacy protections for
       cloud-based data, but battles in this regard are still ahead.
       Also, the ability of authorities to try compel the provision of
       data decryption keys and related information varies depending
       on situations, jurisdictions, and other factors.

   --- Users should be able to optionally specify degrees of data
       security desired on a per-item basis.  For data without
       significant privacy-related concerns, mobile device data
       self-destruct mechanisms could be flagged to bypass that
       specific data (e.g. specific files, databases, etc.) under
       particular usage scenarios.  Individual data items could also
       be flagged for various degrees of off-device data repository
       security -- unencrypted (e.g. publicly shared data), encrypted,
       or various combinations as appropriate.

   --- All communications between mobile devices and remote data
       repositories would be encrypted.

   --- Mobile device data self-destruct mechanisms would be designed
       to enable ease of use in routine, unusual, and emergency
       situations for selected or full data.  For example, a traveler
       about to enter U.S.  customs could use a routine activation
       sequence to "cleanse" sensitive business data from a mobile
       device, then restore it completely (restoration priority at the
       control of the user) afterwards.  In unusual or emergency
       situations, data self-destruct activation may be through a
       unique device key sequence or carefully confirmed voice command
       sequence.  Sequences to delete off-device stored backup data in
       remote repositories, and methodologies for remote triggering of
       mobile device data self-destruct (including both manually
       triggered and "tamper triggered" sequences, would likely be
       commensurately more complex to avoid undesired data loss,
       depending on the level of backup data chosen and available.

   --- Self-destruct/deletion procedures for stored data (both locally
       stored on mobile devices and to the greatest extent possible on
       remote repository backup data systems), would be designed to
       offer varying levels of resistance to forensic deleted data
       reconstruction, as specified by users for particular data and
       usage scenarios.

I hope that's enough to get the ball rolling.  It's very important
that such concepts be implemented in an open-source environment, and
that strong, high-grade encryption be used throughout the framework
wherever encryption is employed.

Again, this is most definitely not about protecting illegal activities
or criminals.  The goal is to protect us all -- and our completely
legal personal, business, and other data -- from unreasonable acts by
those entities who are now leveraging our advanced mobile data devices
to a level of intrusion into our lives that is simply not in keeping
with our fundamental rights and liberties.

While I do have my own very preliminary, somewhat specific
implementation concepts relating to this project, I'm very much
inviting all comers and all ideas.  In terms of practical project
goals, I would encourage the development of these principles into
exploratory code as rapidly as possible, across a wide array of mobile
platforms and supporting backup repository system environments.

Linux, Windows, and Android are currently available to me in various
incarnations.  Google's Cr-48 Chrome notebook would be another obvious
implementation target platform that I would like to explore early on
for the project, though unfortunately I do not have one of those units
in hand.

I am not a routine user of the Apple ecosystem, so developers
comfortable in the Mac/iPhone world are definitely needed as well,
plus Blackberry, Symbian, and any other common mobile platforms.

Please let me know if you're interested in participating.  Any and all
comments, questions, criticisms, and ideas are of course welcome.

Thanks all.  Be seeing you.

--Lauren--
Lauren Weinstein (lauren@vortex.com)
http://www.vortex.com/lauren
Tel: +1 (818) 225-2800
Co-Founder, PFIR (People For Internet Responsibility): http://www.pfir.org
Founder, NNSquad (Network Neutrality Squad): http://www.nnsquad.org
Founder, GCTIP (Global Coalition for Transparent Internet Performance): 
   http://www.gctip.org
Founder, PRIVACY Forum: http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Twitter: https://twitter.com/laurenweinstein
Google Buzz: http://bit.ly/lauren-buzz