Archives

Stephen B. Wicker and Stephanie Santoso, The Breakdown of a Paradigm – Cellular Regime Change and the Death of the Wiretap

By privacylaw | Posted on

Stephen B. Wicker and Stephanie Santoso, The Breakdown of a Paradigm – Cellular Regime Change and the Death of the Wiretap

Comment by: Susan Landau

PLSC 2013

Workshop draft abstract:

The coming change from a centralized cellular network to an end-to-end architecture imperils both law enforcement surveillance and the content/context model embodied in ECPA and CALEA.  This paper explores the nature of the new technology, and suggests possible models for future legislation.

Traditional cellular is a wireless add-on to a network, the public switched telephone network (PSTN), whose basic architecture is highly centralized.  The endpoints – the handsets – have virtually no control over how calls are processed.  This centralized architecture has enabled wiretaps, pen registers, and trap and trace devices, all dependent on the handset passing content and context information to the network for processing.  This centralized architecture is in sharp contrast to the “end-to-end” architecture exemplified by the Internet.  The network fabric of the Internet contains routers that generally operate only at the network, data link, and physical layer.  Higher layer activity, from transport up to the application layer, resides in the endpoints.  Barbara van Schewick [1] and others have shown that this end-to-end approach provides better performance, is more economical, and greatly spurs innovation relative to centralized architectures.  There is thus strong pressure for centralized networks to move towards an end-to-end approach.

Voice-over-IP represents an initial movement in this direction.  Though still centrally controlled, VoIP telephony promised to free voice and data traffic from having to follow the same network path.  CALEA reigned in this process by requiring a single point (usually in the form of a session border controller) that facilitates the creation of a duplicate packet stream that can be routed to law enforcement.  Law enforcement is thus able to “maintain technological capabilities commensurate with existing statutory authority” [2].  Universal Mobile Access (UMA) is a more ominous development.  UMA allows cellular handsets to offload data and voice to unlicensed WiFi channels when such channels are available.  Once again, a central point of focus – in this case, the network controller – preserves data collection capabilities.

The endpoint of the cellular technology trajectory is becoming clear.  A combination of unlicensed spectrum and open-source development will result in a commons-based cellular system with an end-to-end architecture.  This paper considers what such a cellular network might look like.  Incorporating the work of Elinor Ostrom [3] and the Open Source revolution [4], this paper explores how network routing and handset location algorithms can be developed in such a manner that wiretaps, pen registers, and trap and trace devices will be completely obsolete.  In particular, the paper considers networks that have no concept of dialing, and have no centralized location databases.  Having established a general model for a commons-based cellular system, possible solutions for limited, yet effective support for law enforcement data collection will be considered that acknowledge the nature of the new technology.  Consideration of appropriate alternatives to the content/context distinction will also be provided.

[1] Barbara van Schewick, Internet Architecture and Innovation, Cambridge: MIT Press 2010.

[2] Freeh, Louis Joseph, “Digital Telephony and Law Enforcement Access to Advanced Telecommunications Technologies and Services,” Joint Hearings on H.R. 4922 and S. 2375, 103d Cong. 7, 1994.

[3] Hess, C. and Ostrom, E. Understanding Knowledge as a Commons: From Theory to Practice, MIT Press: Boston, 2006.

[4] Glyn Moody, Rebel Code: Linux And The Open Source Revolution, Cambridge MA: Basic Books, 2002.

Dawn E. Schrader, Dipayan Ghosh, William Schulze, and Stephen B. Wicker, Civilization and Its Privacy Discontents: The Personal and Public Price of Privacy

By privacylaw | Posted on

Dawn E. Schrader, Dipayan Ghosh, William Schulze, and Stephen B. Wicker, Civilization and Its Privacy Discontents: The Personal and Public Price of Privacy

Comment by: Heather Patterson

PLSC 2013

Workshop draft abstract:

Privacy awareness and privacy law ought to be built proactively and grounded in specific moral principles that protect our fundamental rights to live together, yet autonomously, in civilized society. In reality, people are willing to compromise their individual liberty in favor of peaceful societal co-existence. In this paper, we examine both the psychological need for the self to be connected to the outside world, and the simultaneous sense that the self wishes to have autonomy separate from that world; thus building loosely on Freud’s thesis from which this paper draws it’s title. We explore how people both want and fear opportunities that public (utility) collection of consumer data provide, even though they might know that control over, and regulation of, thought and behavior may ensue (e.g. Thaler & Sunstein; Wicker & Schrader, 2011).  What is the price, or value, placed on private information? Does the value of privacy shift as risks and benefits shift? Is this valuing influenced by media?

Power consumption metering offers a real-world contextualization in which a price is paid for private information. In order for the real-time prices to be broadcast to consumers who decide on their energy consumption, advanced technology is required for billing purposes. Temporally precise consumption levels are needed in order to charge consumers properly for their usage, so advanced technological monitoring records usage at short intervals and reports the fine granularity usage data. As these temporally precise data are directly reported to the utility, private details of the consumer’s life are effectively revealed, posing a risk of privacy violation. Cellular technology creates a similar context, one in which location information is given to a service provider in return for mobile communication services.  We therefore designed and conducted two national surveys to ascertain the value of personal privacy and the comparative social and economic costs of privacy impacts of the use of these two exemplary technologies.

Our paper examines consumers’ use of these technologies, whether or not they are aware of the privacy and security risks, what prices they are willing to pay to keep that risk at bay, and what they are willing to accept to give their private information.   What is the balance is between convenience, cost savings, and privacy protection?  We experimentally manipulated whether or not people would be persuaded by a media presentation that was designed to increase their awareness of privacy and security.  We further examined the economic cost-benefits and risk ratios and decisions to either adopt new privacy-aware measures/technologies or to change their behavior.  In essence, this paper examines the “tipping point” between personal privacy value and public offering cost.  We conclude by examining the price people are willing to pay to accept for privacy in relation to privacy law and policy, and make recommendations to limit corporate society, and protect individuals, from creating and accepting tempting risky behaviors that erode privacy rights.

Thaler, R. H, and Sunstein, C. R. (2008).  Nudge: Improving decisions about health, wealth and happiness.  New Haven, CT: Yale University Press.

Wicker, S. B. & Schrader, D. E. (2011).  Privacy Aware Design Principles for Information Networks.  Proceedings of the IEEE.  Issue 99, pp. 1-21. Digital Object identifier: 10.1109/JPROC.2010.2073670.

Stephen Wicker & Dawn E. Schrader, Privacy-Aware Engineering Design Practices for Mobile Networks

By privacylaw | Posted on

Stephen Wicker & Dawn E. Schrader, Privacy-Aware Engineering Design Practices for Mobile Networks

Comment by: Lance Hoffman

PLSC 2009

Workshop draft abstract:

In this paper we propose a framework for the development of privacy-aware engineering design practices.  A brief overview of the various forms that the invasion of privacy can take is provided, reiterating the taxonomy developed by Daniel Solove in Understanding Privacy (2008).  Various perspectives on the harm that may be caused through loss of privacy are then considered, both in terms of the individual and the public acting in concert.  Emphasis is placed on the potential for inhibited epistemic growth and potential damage to public institutions.  We conclude that information system design policies that ignore privacy considerations are harmful, and that information engineers have a moral obligation to protect the privacy interests of the public that extends well beyond current legal requirements.  We then review the Fair Information Practices proposed in Records, Computers, and the Rights of Citizens (1973), and show how they can be translated into privacy-aware engineering design policies.  These rules begin with an absolute imperative to limit information collection to explicit and publicly expressed mission requirements.  We then show that this simple imperative flows into a mandate for distributed information processing, anonymity-preserving information routing and tracking functions, and strong distinctions between identifying active equipment and identifying operators and owners.  We show that privacy-invading design decisions were made (without malice) in the development of cellular technology, and then show how the proposed design rules can guide the development of near-term power consumption monitoring technologies in general, and demand response systems in particular.