Roger Clarke's Web-Site
© Xamax Consultancy Pty Ltd, 1995-2018
|Identity Matters||Other Topics||Waltzing Matilda||What's New|
National Science Week, Adelaide - 2 August 2018
'Privacy and the Science of Cryptography'
Notes of 31 July 2018
Roger Clarke **
© Xamax Consultancy Pty Ltd, 2018
Available under an AEShareNet licence or a Creative Commons licence.
This document is at http://www.rogerclarke.com/DV/DAP18.html
The accompanying slide-set is at http://www.rogerclarke.com/DV/DAP18.pdf
This event comprises a 15-minute presentation on the science of cryptography, by Prof. Jennie Seberry of the University of Wollongong, a 15-minute presentation on ethics and law of privacy in the digital age by myself, and up to 1-1/2 hours of audience discussion.
Technological change continues apace. There are currently many challenges confronting humankind, and threatening human values. Among the current round of challenges are drones, autonomous motor vehicles, visual surveillance, so-called 'facial recognition', many other forms of biometrics, expropriation and exploitation of genetic data, 'big data', 'open data', 'big data analytics', yet another round of 'AI', 'machine learning' (ML) and in particular neural networks. These give rise to a whole swathe of issues in such areas as data expropriation, data exploitation, transparency, automated decisions and actions, unfair discrimination, accountability and recourse.
The prospect exists that decisions about people will be dominated by powerful organisations, with limited recourse by the individuals concerned. Further, decisions may be progressively 'delegated' to devices and software that acts autonomously and in incomprehensible ways.
The discussion this evening has a particular focus:
My comments start by providing background on the current state of privacy laws in Australia. I then talk about why much more substantial safeguards are needed now than was the case in even the recent past. This leads to a consideration of how enhancements to privacy protections might come about. If there's time, this could be applied to the question of how society should be approaching cryptography.
It's first necessary to appreciate the current state of laws relating to the various dimensions of privacy.
(1) A Privacy Act exists. The original provisions relating to the public sector, enacted in 1988, were reasonable enough for the time. They were whittled away over the following decades, have been comprehensively gutted by a recent re-write of the Act, and are being further compromised by the current mania for 'open data'. Further, under the MADIP project, personal data from multiple government agencies is already being merged into a consolidated view of everyone in the country. So safeguards against privacy invasions by government agencies are not all that far from non-existent.
(2) In 2000, provisions were inserted into the Privacy Act relating to the private sector. They were written by and for the private sector, and were highly permissive of business abuse of personal data. Such protections as they contained have been further reduced by subsequent amendments. So safeguards against privacy invasions by private sector organisations are not all that far from non-existent.
In case this sounds surprising, Clarke (2016) provides some partial evidence in in the form of lists of exemptions embedded within the Privacy Act.
(3) The Privacy Act is administered by a Privacy Commissioner. Since 2004, the incumbents have interpreted their role as being the protection government and business against the ravages of privacy law, not the protection of people's privacy. Moreover, they have avoided scrutiny by ensuring that most decisions that they make are not subject to appeal. Added to that, the Office ('OAIC') has been crippled by the compression of 2-1/2 Commissioners' roles into a single person, and the loading up of long successions of new bureaucratic functions with only limited additional resources. And now the Privacy Act and the OAIC are to be over-ridden by a new 'open data' law and commissioner.
(4) Communications Interception and Access laws exist. Their primary purpose, however, is to authorise national security and law enforcement agencies to perform acts that might otherwise be illegal. Such limited protections as they provide for the public can only be invoked by the AFP, which shows little interest in such activities. So safeguards against message interception and access are very limited.
(5) There is no privacy right of action in Australia. Despite learned mutterings ever since the 1960s, common law jurisdictions have moved at glacial speed to develop remedies. (The UK does have a limited tort, but it appears to be restricted to the protection of celebrities, most recently Cliff Richard). In 2011, a Labor Minister courageously floated the idea of creating a privacy tort; but Rupert Murdoch exercised his right of veto. So Australian courts have no capacity whatsoever to protect people's privacy.
(1) We've already reached the point that almost all new data is 'born digital', and a significant amount of old data has been digitised. Data silos have been broken down, and now rich data-records about each of us are being widely disseminated in re-identifiable form. The need for effective safeguards for data privacy is far greater than ever before.
(2) A large proportion of our communications are now conducted electronically, and exist in digital form. All are subject to interception and access. Even the communications that we think are ephemera are recorded, at least temporarily, and in many cases for significant periods of time and even permanently. The need for effective safeguards for communications privacy is far greater than ever before.
(3) A large proportion of our experiences is now recorded as having occurred, and our identities are associated with that data. Anonymous purchase, borrowing and reading of books and newspapers has migrated into online downloads, streaming and viewing on devices and in browsers that are controlled by service-providers. Anonymous viewing of broadcast free-to-air TV has migrated to narrowcast, identified form. Event tickets bought at the entrance for cash have been replaced by purchase in advance using identified payment mechanisms. The need for effective safeguards for experiential privacy is far greater than ever before.
(4) A large proportion of our activities are now recorded in identified form. In some cases, this is because they are wholly or partly undertaken in an electronic medium. Other records arise from the burgeoning surveillance apparatus, including pre-issued chips and biometrics for accessing spaces, CCTV for associating faces with identifiers, and ANPR for recognising vehicles. The need for effective safeguards for behavioural privacy is far greater than ever before.
(1) I should probably first say something about the role of ethics in all of this. I regret to say that, in 50 years in business and 45 years in public interest advocacy, I've yet to see ethical discussions have much real-world influence on anything. Ethics is an intellectually stimulating topic for the dinner-table, and it might grace ex post facto reviews of disasters such as the systemic misbehaviour of the major banks in relation to their customers. But ethics is a branch of philosophy, it embodies every complexity and contradiction that smart people can dream up, and it enables prevarication and provides endless excuses for inaction. To an instrumentalist - who wants to get things done - ethics diversions are worse than a time-waster; they're a barrier to progress.
(2) To achieve understanding of the nature of a technology, its implications, and the options for mitigating negative impacts and managing risks, it's necessary to adopt a pragmatic approach. Various forms of 'impact assessment' provide the appropriate basis for determining what needs to be done.
(3) Parliaments have been reduced to bear-pits, and political reporting now bears a strong resemblance to the sports pages. The priorities of political parties are driven by their funders and their market researchers. The public service, which is the source of most new laws, serves its own perceived needs, not those of the public. To the extent that privacy has a place, it is perceived as an impediment to business and to 'national security', and is therefore to be ratchetted down, not up. There are currently very limited prospects for meaningful improvements in legal protections for privacy.
(4) Organisations could themselves recognise the threats to the interests of their employees, their customers and the general public, and conduct processes and implement measures that would mitigate predictable harm and address risks. However, despite many calls to treat privacy as a strategic factor, corporations and government agencies alike blunder from one misconceived design to the next data breach, strewing meaningless PR statements behind them, and putting up with the short-term financial and reputational harm. There are currently limited prospects for meaningful improvements in organisational protections for privacy.
(5) Individual technology-developers vary greatly in their degree of social conscience. Some have developed 'privacy-enhancing technologies' (PETs); but very few of these have achieved widespread adoption. (Rare exceptions: SSL/TLS, and ad-blockers). The corporations that sell IT, on the other hand, have little compunction in embedding surveillance and breaching privacy. There are currently limited prospects of meaningful improvements in technical protections for privacy.
(6) In the parlous state that we're in, it's necessary for individuals to become far more activist, and for civil society to become organised, resist the imperative to develop and apply technologies in ways that harm humanity, and force the hands of political parties, parliaments, government agencies and corporations. If this sounds like a call to resist and revolt, so be it. We and our children are under threat of having to exist in a dehumanised world.
The government has long required telcos (referred to in the relevant law as CSPs) to assist law enforcement agencies not just in serious criminal matters, but also in minor activities in relation to "pecuniary penalties", e.g. administering fines, and "protecting the public revenue", e.g. performing prettymuch any kind of investigation. (The powers are established by Part 14, ss.311-316 of the Telecommunications Act - TA). The government has recently been granted far greater intrusiveness into telcos' architecture and infrastructure (by means of the so-called Telecommunications Sector Security Reforms - TSSR - embedded in the Telecommunications and Other Legislation Amendment Act 2017, which comes into effect in September 2018). Added to this, there is widespread use of a provision whereby agencies can demand data from telcos and Internet Service Providers (TA s.313). When this long-hidden practice came to light, a Parliamentary Committee supinely permitted the wildly excessive powers to remain in place, with the skimpiest possible window-dressing added.
And now the government has declared that a new Bill is imminent, which would somehow provide government agencies with powers to achieve access to cryptographically protected data in storage and in transit.
Every one of these measures, and the processes whereby they have come into existence, abjectly fail the tests of due process: evaluation, consultation, transparency, justification, proportionality, mitigation, controls and audit (APF 2013). In the case of the emergent Bill, for example, efforts by Internet Australia and other civil society organisations to make submissions, gain access to drafts, and understand the justification, the design, mitigation measures and safeguards, have all been rebuffed. The government and the government agencies involved routinely override due process, ram Bills into the Parliament, and blackmail or buy support from the Opposition and/or the cross-benches in lieu of public debate.
The public needs to rise from its slumber and beat the government and government agencies around the ears. If we continue to permit autocratic behaviour invoking the 'national security' / 'counter-terrorism' mantra, we will reap the whirlwind of a Dutton-like person exercising massive powers over the populace. The hare-brained idea of crippling crypto is a very good place for the revolution to start.
Clarke R. (1996) 'Privacy and Dataveillance, and Organisational Strategy' Proc. Conf. I.S. Audit & Control Association (EDPAC'96), Perth, 28 May 1996, PrePrint at http://www.rogerclarke.com/DV/PStrat.html
Clarke R. (1997-) 'Introduction to Dataveillance and Information Privacy, and Definitions of Terms' Xamax Consultancy Pty Ltd, August 1997, at http://www.rogerclarke.com/DV/Intro.html
Clarke R. (2000-) 'Australian Federal Privacy Laws' Xamax Consultancy Pty Ltd, at http://www.rogerclarke.com/DV/PLawsClth.html
Clarke R. (2000-) 'Privacy Laws of the Australian States and Territories' Xamax Consultancy Pty Ltd, at http://www.rogerclarke.com/DV/PLawsST.html
Clarke R. (2000-) 'Privacy Oversight Agencies' Xamax Consultancy Pty Ltd, at http://www.rogerclarke.com/DV/POA.html
Clarke R. (2001) 'Introducing PITs and PETs: Technologies Affecting Privacy' Privacy Law & Policy Reporter 7, 9 (March 2001) 181-183, 188, PrePrint at http://www.rogerclarke.com/DV/PITsPETs.html
Clarke R. (2006) 'Make Privacy a Strategic Factor - The Why and the How' Cutter IT Journal 19, 11 (October 2006), PrePrint at http://www.rogerclarke.com/DV/APBD-0609.html
Clarke R. (2006-) 'Vignettes of Corporate Privacy Disasters' Xamax Consultancy Pty Ltd, at http://www.rogerclarke.com/DV/PrivCorp.html
Clarke R. (2009) 'Privacy Impact Assessment: Its Origins and Development' Computer Law & Security Review 25, 2 (April 2009) 123-135, PrePrint is at http://www.rogerclarke.com/DV/PIAHist-08.html
APF (2011) 'A Privacy Right of Action' Policy Statement, Australian Privacy Foundation, 21 July 2011, at https://privacy.org.au/policies/right-of-action
Clarke R. (2011) 'Stop Misrepresenting the Privacy Right of Action' Xamax Consultancy Pty Ltd, 28 July 2011, at http://www.rogerclarke.com/DV/OpEd-RoA-110727.html
APF (2013) 'Meta-Principles for Privacy Protection' Australian Privacy Foundation, 10 March 2013, at https://privacy.org.au/policies/meta-principles/
Clarke R. (2014) 'Approaches to Impact Assessment' Notes for a Panel Presentation at CPDP'14, Brussels, 22 January 2014, on the topic of 'Legal and Non-Legal Technology Impact Assessments', at http://www.rogerclarke.com/SOS/IA-1401.html
Clarke R. (2014) 'Key Factors in the Limited Adoption of End-User PETs' Proc. Politics of Surveillance Workshop, University of Ottawa, 8-10 May 2014, PrePrint at http://www.rogerclarke.com/DV/UPETs-1405.html
Clarke R. (2015) 'Telecommunications Act s.313' Notes in Preparation for an Appearance before the Standing Committee on Infrastructure and Communications, Canberra, 4 March 2015, at http://www.rogerclarke.com/DV/TA313.html
Clarke R. (2016) 'Privacy Impact Assessments as a Control Mechanism for Australian National Security Initiatives' Computer Law & Security Review 32, 3 (May-June 2016) 403-418, PrePrint at http://www.rogerclarke.com/DV/IANS.html
Clarke R. (2016) 'Can We Productise Secure eWorking Environments?' Workshop for 11th IFIP Summer School on Privacy and Identity Management, 21-26 August 2016, Karlstad, Sweden, at http://www.rogerclarke.com/DV/SeWE16.html
Clarke R. (2016) 'Exemptions from Provisions of the Privacy Act (Cth)' Xamax Consultancy Pty Ltd, December 2016, at http://www.rogerclarke.com/DV/PAct-161205.pdf
Clarke R. (2018) 'Risks Inherent in the Digital Surveillance Economy: A Research Agenda' Forthcoming, Journal of Information Technology, 2018, PrePrint at http://www.rogerclarke.com/EC/DSE.html
Roger Clarke is Principal of Xamax Consultancy Pty Ltd, Canberra. He is also a Visiting Professor in Cyberspace Law & Policy at the University of N.S.W., and a Visiting Professor in the Research School of Computer Science at the Australian National University. He has been on the Board of the Australian Privacy Foundation since its formation in 1987, and is Secretary of the Internet Society of Australia. He was awarded only the second Australian Privacy Medal, following that to Justice Michael Kirby.
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.
From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 50 million in early 2015.
Sponsored by Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916
Created: 23 July 2018 - Last Amended: 31 July 2018 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at www.rogerclarke.com/DV/DAP18.html