Traffic camera evidence incriminates a car, not a driver. The paper, written by a law professor, is interesting because it shows that the current processes around such evidence are not well covered by law (at least by U.S. law). When reading this paper, it becomes obvious that a “normal” citizen (i.e., not a law professor) would have great difficulties challenging the traffic camera evidence.

Of course, this becomes scary when we add to the mix the gazillions devices that are currently spying or reporting on us. Google Maps tells us that Bob’s phone was around here at 10:33, Bob’s alarm system tells us that his phone or his badge was used to turn off the alarm at 10:36 exactly, Bob’s security camera recorded something at 10:39 exactly, Bob’s fitness sensor tells us he ran between 10:43 and 10:47. I am not sure that police would be able to get all this data, but I am quite certain that they will be able to get some in the very near future.

And I am also quite certain that most of these devices are hackable, clonable, or that cybercriminals could misuse them to plant digital evidence against many people (especially someone sleeping alone at home). Not sure that this will get anywhere, because there are ways to make a lot of money misusing connected stuff without doing anything that sophisticated.

Yet, the Gone Girl story reminds us that some people are highly motivated to do such things, and most likely ready to pay good money for it. I am really wondering how the legal system will deal with the flow of cyberevidence and other IoT data, and how they will combine it with the possibility that most systems collecting this data are fully automated (no real witnesses), and subject to many hacks. It will be interesting to follow how this evidence will be trusted in courts, compared to traditional forensic evidence like fingerprints, DNA, and other things who can also be planted.

We are moving into a post-truth world, not only in politics, and this lack of certitude will deeply impact our society.

The first question is to understand how privacy and trust are similar and different from the typical security issue. A first interesting thing is that the smart card industry is one of the rare industries that is able to ship 4 billion personalized objects every year. That makes it suitable for use with companies like Google or Yahoo! who deal with hundreds of millions of customers.

The kind of things that smart card vendors usually propose in the Web arena are the following:

• Two-factor authentication. This can be provided in the form of OTP (one-time-password) applications, or solutions reusing the eID infrastructure using in goverment applications.
• Privacy enhancements. A card may securely store credentials, and only release them as needed and required (with appropriate proof), without disclosing the entire information. Think of a system that would simply assure that you are over 18, without disclosing your name.
• Identity management. Identity with a token can improve authentication with Web mail, instant messaging, and more, and then allow the enforcement of better access control policies.

The next issue is to figure out how this matches the needs of digital security, which are as follows:

• Protecting our digital identities. That’s something where smart objects can bring an immediate value, as we have seen ajust above.
• Protecting our digital assets. Our assets on the Web are very varied (contacts, images, and all kinds of content) need to be protected, from other people, and also from the Web service providers, who may be tempted to abuse them.
• Protecting our e-transactions. Online transactions today are often very simple, and involve a low-level of security. There are proposals from the smart card industry, but they do not always match the requirements of Web service providers.

This view is very valid, but it is also a very traditional view of digital security. It may be more interesting to look at the things that become possible when our digital assets are well protected. By bringing more security, we bring more value and more freedom to the users, because there will be new ways to exploit these assets, which are not possible today. Eventually, mandating a higher level of digital security brings more choices to the end user, not less choices.

If we dig a bit deeper into Web services, we all love them because of their ubiquity. They are accessible from anywhere, they don’t put constraints on us like updates and backups. We love this, but we also need to be aware that there is a tradeoff between availability and security.

As an example, the tendency towards free, viral services that later monetize their user’s data suffers a few exceptions. In particular, there are few such services around money management and personal health record management. This means that most users don’t place enough trust in Web services to allow them to manage what they regard as their most sensitive data. The kind of issues that Web services face include the following:

• No network, no service. This is slowly becoming a thing of the past. Slowly in some cases (roaming, for instance). We can provide solutions, but they should not be our main focus.
• Security limited to username and password. There isn’t much worse in terms of security.
• Privacy. Users basically have no choice. You need to accept the service provider’s conditions, or use another service.
• Trust. There are no standard metrics to establish trust like there can be in the smart card business.

If we focus even more on security, privacy and trust, the challenges for Web services are as follows, from the user’s prospective:

• Identity theft.
• Unclear data access control
• Unclear service definition
• Unclear terms and conditions

Another aspect of things is data protection, which is another set of user worries:

• Storage. Where is my data? What is the disaster process? How are permissions set? How can I control the access to my data?
• Revision Management. Is there a tracability of the changes? A possibility to be warned of canges? A possibility to track changes and review them later?
• Life cycle (retention/termination). How to terminate hosting data?

Next, we get into the heart of the topic: what is it possible to offer from the smart secure devices point of view? The first initiative is about transforming the World Wide Web into My Web, by combining several aspects that restrict accesses:

• IP Geo-Localization. Make some services accessible only when I am located in a given area or set of areas.
• Appliances ID restricted access. Make some services accessible only from some computer (based on a more or less secure characteristic of the computer).
• Time restricted access. Make some service accessible only at a given time, like allowing children to access instant messaging only between 4:00PM and 8:00PM.

Next, there are solutions for data protection:

• Data encryption, RAID applied to data centers, with smart secure devices controlling it.
• Smart Secure Devices acting as Proxy server. Re-route SOAP messaging via a proxy, and apply some filtering at that level.

The last idea consists in plugging a Smart Card Web Server into a fixed device (for instance, a home gateway, or “box”), and to make it accessible from Internet. Such a device can have many uses, and its main advantage is that it is not with you at all times. There are many applications for this, ranging from basic secure proxy/filter to two-factor authentication. Of course, there is a trick here, since your second factor is actually on the Internet, so you will need to use a different kind of credential on these things, to prove who you are. One of them, provided by Xavier Larduinat, consists in presenting you the pictures of 20 random Facebook members, including your friend Alice, and to ask you to click on Alice’s picture. I’ll come back on authentication in later posts, because there are many new ideas in this area.

To conclude, Eurosmart pushes in favor or regulation, in particular at the European level:

• Rules about identity ownership and accountability.
• Data protection as a fundamental right

Such regulations could be interesting, mostly because they would facilitate the establishment of trust between users and service providers, which would in turn make the development of new services, based on that new trust, that could grealty enhance the user experience.

The service offered by AwareSpot goes a bit further. They describe the service as:

AwareSpot is a FREE service that allows trusted sources, such as public safety, community services, TV and radio stations, and even friends and family, to send location based text message alerts. It does not require GPS, and works on any mobile phone!

Of course, their main advantage is that they will not send you all messages, but only the ones that are relevant to your location. Why do I think that this is different from finding friends? This service is really about social networks, information sharing, and the information can have some value. They are also interesting in the sense that the inforamtion sharing may be global (public and searchable), and also private, limited to invites parties. Overall, I think that it is an interesting service.

Why is this important? First, because such a location-based service requires an important bandwidth. Either the information is broadcast and filtered on the mobile (quite unlikely), or the mobile regularly updates its location by communicating it to the server. In both cases, communication is frequent, and potentially large. In the end, services like that may lead to unlimited mobile Internet access, and that would in turn open many doors.

Another interesting thing is the fact that we may end up broadcasting our location to numerous sites and services. And this is quite scary. I don’t know what all these sites do with this location data. Do they simply use it to perform a query on a database? Do they keep a few minutes of history? Do they archive it forever (or at least for a few years)? The basic privacy policy of AwareSpot does not mention location information, but they mention that:

We can (and you authorize us to) disclose any information about you to law enforcement or other government officials as we, in our sole discretion, believe necessary or appropriate in connection with an investigation […]

Another reason not to be in the wrong place at the wrong time, except that you don’t know when and where that may be. And things are not going to get better. Google is a very large company, and they need to be careful with your data; but what about a cash-strapped start-up that offers a location-based service?