The Principle of Least Identity

Posted: April 30, 2012 in Uncategorized

Identity and privacy on the internet are increasingly fraught issues as the rapid pace of change continues to challenge governments, excite citizens and disrupt businesses.

Governments, usually citing counter terrorism or combatting paedophilia, seek to monitor our email and web interactions; witness the recent furore in Britain as the coalition proposed the installation of on demand snooping equipment at ISPs – This may or may not happen but under the provisions of the Patriot Act the US can already read any information held by US companies even if those servers are outside the US; that’s anything on Facebook, in your Dropbox folder and all your Gmail. Meanwhile businesses make billions collecting every last piece of behavioural information possible. If you have a Facebook or Google account then not only do they store the huge amount of information we directly share, but as you surf the web all those little Facebook Like and Google Plus buttons enable them to know every site you visit – even if you don’t click them. The reality is that every search, every click and every status is catalogued and analysed in order to bring higher value advertising to your screen.

In the other corner we have a groundswell of groups emerging and evolving that rely absolutely on the traditional secrecy of the Net. Groups with political agendas, technical savvy and the conviction that freedom is utterly dependant on anonymity. Wikileaks gives us the skeletons that governments wish were firmly tucked away in the closet. Occupy protests, hidden behind their vendetta masks, cascade from city to city threatening authoritarians and democrats alike and of course Anonymous move from corporation to government spying agency probing and taunting with apparent impunity.

The paradox is that both sides believe they are doing the right thing. Identity allows for reputation, it breeds trust, co-operation and frequently security. Im more likely to lend you money if I’ve known you some time and know that you are who you say you are. On the other hand democracy depends on the anonymity of the secret ballot and freedom is crushed if we live in fear of being identified and pursued for what we say. Most creativity and originality is honed and polished in private; free from the premature judgement of the status quo.

The question becomes how do we operate online in an environment where both identity and anonymity have real value?

Luckily within computing we have had a similar issue for years with regards to the privilege of accounts we run under. Since the dawn of Unix admins have repeated the Mantra – “We don’t run as root”; the account with the privilege to do anything on a system. For security reasons we mandate running with a standard account until a time when we need that privilege and only for so long as we need it.

This is the Principle of Least Privilege and it’s time it had a counterpart Principle of Least Identity that was built into our legislation, networks, operating systems and applications. We would run in a state of anonymity until we needed to identify ourselves, for some agreed useful purpose, and only for as long as it was required.

How would this work in practice?

1. The principle needs to be built into law in those democratic societies where the rule of law must be followed. If it is to hold any power over the big hitters in cyberspace and government it needs to be a part of data protection and enshrined as a part of free speech and backed up with significant penalties.

2. Our ISPs would be required to rotate our IP addresses relatively frequently so that 3rd parties could not track our Internet usage.

3. ISPs would only retain usage records in cases where a person was suspected of serious illegality or terrorism and then only in response to an order with judicial oversight.

4. It would be illegal to sell or provide a browser that had 3rd party cookies enabled by default. This is one of the primary ways that organisations track you across the web. The Facebook like buttons and similar only operate because 3rd party cookies are allowed.

That would be a start amongst many other possible measures.

There are some serious dangers here the Internet is rapidly moving from a wild west of anonymity to a loaded dice of government and corporate snooping. Most citizens don’t understand or care and those that do have the skills not only to avoid snooping but increasingly to fight back. Witness the websites of the CIA and MI5 being DDoS’d off the web, by Anonymous, last week. If this is not going to get worse then saner heads need to take action to enshrine a Principle of Least Identity into our networked world.

In subsequent articles I’ll address individual steps that you can take to protect your identity online.

Footnote: The day after writing the following appeared on the Security blogs Anonymous vs CISPA


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s