Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
07/10/16
1
Privacidade e Cibersegurança
na era Snowden
Paulo Esteves VeríssimoUniversity of Luxembourg, SnT
http://wwwen.uni.lu/snt/people/paulo_verissimo
15º Fórum da Arrábida
Privacidade, CiberSegurança e Regulação Económica
Convento da Arrábida, 7 de outubro de 2016
«Neverbeforehaditbeenpossibletocaptureand storeand processand correlatequickly,i.e innear-real-time,somuchdataonsomanypeopleororganizations.»
07/10/16
2
Google had a beautiful academic idea about data ...
Google had a beautiful academic idea about data ... and elegant algorithms …
07/10/16
3
Google had a beautiful academic idea about data ...
Then more data ...
• GmailandDocs• Translate• VoiceRecognition• GoogleHealth,R.I.P.• GoogleDrive
07/10/16
4
What if we also do Metadata? ...
What if we also do Metadata? ...
• GmailandDocs• Translate• VoiceRecognition• GoogleHealth,R.I.P.• GoogleDrive• GoogleAndroid Services• Hangouts• Maps• Google+• GoogleNow
07/10/16
5
Google Now: Your intelligent knows-all-about-you personal assistant
GGooooggllee KKnnoowwss YYoouu BBeetttteerr TThhaann
YYoouu KKnnooww YYoouurrsseellff……
07/10/16
6
WHEN BIG DATA STARTS GETTING TOO INVASIVE …
07/10/16
7
Smartphones: a privacy nightmare or, justbusiness as usual?
07/10/16
8
07/10/16
9
07/10/16
10
WHEN BIG DATA STARTS GETTING TOO
GOOD …
07/10/16
11
Photo metadataGeolocationFace tagging
Hi!Canyoutelluswhothispersonis?
Is automated computer-based facial recognition around the corner?
DeepFace@Facebook: Closing the Gap to Human-Level Performance in Face Verification, Yaniv Taigman et al.
07/10/16
12
Removing identifying information is notsufficient for anonymityThe Netflix Prize Dataset problem
Robust De-anonymization of Large Datasets (How to Break Anonymity of the Netflix Prize Dataset), Arvind Narayanan and Vitaly Shmatikov, 2006
Re-identifying de-identified dataOn the reidentifiability of credit card metadata
On the re-identifiability of credit card metadataYves-Alexandre de Montjoye et al., 2015
07/10/16
13
Target has got you in its aim
February 2012
Re-identifying de-identified dataWhen ZIP code says a lot about you
Simple Demographics Often Identify People Uniquely,Latania Sweeny, 2000
07/10/16
14
Re-identifying de-identified dataIdentifying individuals from the anonymous 1000-Genomes Project database
Identifying Personal Genomes by Surname InferenceMelissa Gymrek et al., 2013
Are anonymisation schemes working?
07/10/16
15
BRINGING IT ALL TOGETHER
…
Computing and communications are becoming pervasive commodities
ISP
ISP
“buying computing and communications asbuying electricity”
CLOUD COMPUTING AND
COMMUNICATIONS
07/10/16
16
Is the world becoming net-centric?Let’s dare a vision of the near future
ISP
ISP
CLOUD COMPUTING AND
COMMUNICATIONS
Internet minute
www.intel.com/.../internet-minute-infographic.html
07/10/16
17
36
THE ROLE OF NATION-STATES …
in some
DANGEROUS STEPS …
07/10/16
18
THE ALL-SEEING-EYE a.k.a. BLANKET DATA COLLECTION
http://www.digitaljournal.com
1exabyte=1018
“Wekill peoplebasedonmetadata …butthat’snotwhatwedowith thismetadata.”
“It’sonlymetadata …They'renotlooking atcontent.”
President Obama. Gen. Michael Hayden, former NSA and CIA Director @ (JHU/ David Cole), 2014
07/10/16
19
“Inourcountry,dowewanttoallowameansofcommunicationbetweenpeoplewhich[…]we
cannotread?”
AND WHAT ABOUT
PORTUGAL …
07/10/16
20
07/10/16
21
The Snowden era…
07/10/16
22
Tailored Subversion and Intrusion
07/10/16
23
What about the others?
Is UDC (Utah Data Center) inexpugnable?
http://www.digitaljournal.com
“That general is skillful in defense whose opponent does not know what to attack.”
[SunTzu, The Art of War]
07/10/16
24
… WITH A LITTLE HELP
FROM MY FRIENDS (us all) …
07/10/16
25
«Is private informationunder control?»
07/10/16
26
What must change in people’s attitudes“Ihavenothingtohide“Whatdoyouhavetohide?”“”They”cannotfolloweverybody! (notmethen…)”“Idon’tworry,only 2%ofpeoplearepersonsofinterest(the“others”)”“Theygivemecoupons, evencars”
Some shystart…
SOME ENCOURAGING
SIGNS OF CHANGE?
07/10/16
27
07/10/16
28
07/10/16
29
• seeks‘…toensureahighcommonlevelofnetworkandinformationsecurityacrosstheEU’byvariousmeansofregulation…’
• NISseekstoharmonisecybercapabilities inMS:– designingandimplementingnationalNISstrategies– settingupNIScompetentauthorities(cybersec centers)– institutingComputerEmergencyResponseTeams (CERTs)– Mandatorymonitoringandreportingofsecurityonregulateddomesticpublicandprivatecompanies(or‘marketoperators’)
• collaborationwithandwithinEuropeancounterparts,(ENISA,CERT-EU).
AnalysisofEUcybersecuritystrategiesNetwork and Information Security Directive
07/10/16
30
• GeneralDataProtectionRegulation– willenablepeople tobettercontroltheirpersonaldata;willallowbusinesses tobenefitfromsimplerrulesandreinforcedconsumertrust.
• DataProtectionDirective– forthepoliceandcriminaljusticesector- willensurethatthedataofvictims,witnesses,andsuspectsofcrimes,aredulyprotectedinthecontextofacriminalinvestigationoralawenforcementaction;facilitatescross-bordercooperationofpoliceorprosecutorstocombatcrimeand terrorismmoreeffectivelyacrossEurope
AnalysisofEUprivacyanddataprotectionstrategiesandpolicies
• SafeHarbourdeclaredinvalidin2015byECJ• Newregulation,EU-USPrivacyShield (2016),somewhatmendsprevious asymmetryinrelationships betweentheUSandEU,indisfavouroftheEU:– StrongobligationsoncompanieshandlingEuropeans'personaldataandrobustenforcement
– ClearsafeguardsandtransparencyobligationsonU.S.governmentaccess
– EffectiveprotectionofEUcitizens'rightswithseveralredresspossibilities
TopicmattersindataprotectionSafe Harbour vs. Privacy Shield
07/10/16
31
SOME ENCOURAGING
SIGNS OF CHANGE?
That was last year LL ...
Recent developments ...
07/10/16
32
… Wrapping-up …
• Securityandprivacyoftenseenascontradictingorconflictingobjectives:– ‘privacy’ concernstheindividualandcanthusbesacrificedtothecollectivegood, supposedlyrepresentedby ‘security’ofthenation.
• Thisstatus-quo gavewaytolawsallowing:– systematic,sometimesunwarranted,monitoringbynationstates
– andpermissivede-regulationsanctioningpervasivedatacollectionbycorporations,ofcitizensandcorporations,nationalandforeign.
Security vs. privacy
07/10/16
33
• Western(democratic) governmentsareincreasingtheamount,coverageanddepthofsurveillance ofcitizensandcompanies,notalwaysonlyinsideborders.
• Insomecases,thereisample(voluntaryorforced)cooperationofprivatecompanieswithgovernmentagencies, ineasingandamplifyingharvestingthisdata.
• Twokeyaspects havepolitically sustainedthistrend:– “only(harmless)meta-dataarecollected”– “blanketdatacollectionnecessarytoensurenationsecurity”
Mass vs. Targeted Surveillance
• Securitary trendsmakeSecurity andPrivacy lookcontradicting:
• ‘Privacy’is ‘security’ fromtheperspectiveofanindividualorcollective person’sdataand/ormetadata
• Incasesofblanketdatacollection, wecannolongertalkabout‘oneindividual’,butpotentially,mostinhabitantsandbusinessesofanation.
Security vs. privacy: wrong equation
07/10/16
34
• Conclusions ofarecentE.P.study:– meta-dataisbynomeansharmless,andinwhatconcernsequatingtheprivacy risksofsurveillance,whateverthegovernments’strategiesinthisareamaybe,itmustbeconsideredthat “meta-dataAREdata”.
Mass vs. Targeted Surveillance: weak excuses
• Schemeslike:escrowsecuritysystems;systematiccommunications interception,orwiretapping;systematicsubversionofcommunicationsandcomputingsystemssecurity,or“backdoor”,havebeenusedorproposedby lawenforcementorintelligenceagencies
• Thisisaproblematicdebatewheredecisionmakersareoftentimeseitherill-informedorhavevestedinterests
• Eveninthecaseofjusttechnicallyenablinglawfultargetedinterception,anymeasures(liketheiPhoneor theWhatsAppcases)whichimplyglobalweakening,mayhavemanymorerisksthangains.
Deliberate weakening of systems: shooting one’s own foot
07/10/16
35
Some reflections
• Inthishigh-techworld,anymeasuresthatseemsociallyandpoliticallyright(liketargetedsurveillance)mustbeseriouslyassessedforfeasibility,magnitudeofnegativeimpacts
• Seenfromthislogicalviewpoint,itisinevitabletoputinperspective:– (i)thepotentialgainsofblanketdatacollection forthenation’ssecurity
– (ii)versusthemagnitudeofthevaluedestruction occurring bymassivecapture, analysis,archive,useandmisuseofinformationforawholenation ofindividual andcollective persons
Geopolitical status-quo
• Generalisedtrendtowardblanketdataand“meta-data”collection
• Deliberateweakeningofcommunicationandcomputingsystemsinfrastructures
• Experimentalstate-sponsored sabotageandkineticcyberattacks
• Escalationincyberweapondevelopment,passive andactive
• Loomingorganisedcrimeandcyber-terrorism
07/10/16
36
We live a non-declared low-intensity cyber-war, under a cyber-weapons proliferation ambience.Without proper “cyber-Geneva” and “anti-Proliferation of cyber weapons” treaties, this can scale-up unexpectedlythreatsbecameglobal,persistent,andperpetratedbypowerful,
motivated,competentandnon-regulatedadversaries
itisimpossibletodopervasiveandblanketdatacollectionwithoutdamagingsocietyanddemocracyasawhole
undermining integrityand trustworthinessoftheinfosocietyandinfrastructurecanbedisastrous
Epilogue: some key strategic measures for a global cyber détente
threatsbecameglobal,persistent,andperpetratedbypowerful,motivated,competentandnon-regulatedadversaries
itisimpossibletodopervasiveandblanketdatacollectionwithoutdamagingsocietyanddemocracyasawhole
undermining integrityand trustworthinessoftheinfosocietyandinfrastructurecanbedisastrous
Before it is too late,we must:setclearmissionsforcybersecurityandcyberdefense
redefineprivacyasaformofsecuritygobacktotargetedsurveillanceunderdemocraticruleoflawregulate the commercial rights foracquisition of private info
regulate international trade in ICT
07/10/16
37
“Arewegoingto[…]allowthegovernments todomoreandmorecontrol[…and]surveillance?[…becausewithout]anopen,neutralinternetwecanrelyonwithoutworryingaboutwhat'shappeningatthebackdoor,wecan'thaveopengovernment,gooddemocracy,…”
[SirTimBernersLeeonBBCRadio,Mar2014]
“Peacecannotbekeptbyforce;itcanonlybeachievedbyunderstanding.”
[AlbertEinstein]
Thank You!Paulo Esteves-Veríssimo, University of Luxembourg, [email protected]