Skip to content

Instantly share code, notes, and snippets.

@rjchow

rjchow/credentica-1.1.3.md

Created March 31, 2021 15:29
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save rjchow/ce738b3d235cc5e72a86625349f39fec to your computer and use it in GitHub Desktop.
Save rjchow/ce738b3d235cc5e72a86625349f39fec to your computer and use it in GitHub Desktop.
Download ZIP
Prescient write up on centralised databases and data privacy
Raw
credentica-1.1.3.md

Excerpt from http://www.credentica.com/mit/Chapter1.pdf

It is ironic that digital certificates today are considered by many to be a secure way to provide access to personal data stored in central databases. The practice of looking up data in real time in a central database goes against the philosophy behind digital certificates, which is to allow offline verification of digital signatures. In many PKIs it is a waste of efficiency to use digital certificates in combination with central database lookup; one might as well do away with digital certificates altogether and simply check the validity of public keys in a central database. Indeed, Wheeler and Wheeler and the Accredited Standards Committee X9 for this reason propose a return to the online key repository model of Diffie and Hellman. (This model cannot protect the privacy of certificate holders, though, as we will see later on.) The central database paradigm is even less desirable from the perspective of individuals:

  • Individuals can be discriminated against on the basis of data that is not relevant for the situation at hand. Such discrimination could go about without the individual being aware of the source of the discrimination, the nature of the data used against him or her, or even the mere fact of the discrimination. A qualified job applicant may be rejected just because some manager who bothered to consult a few databases (such as Internet newsgroup archives) cannot relate to his or her lifestyle. Likewise, individuals soliciting a loan or any one of a myriad of other services may find their applications turned down because somewhere in the process someone discriminated against them, or in favor of others, on the grounds of irrelevant data. Material damage may result when personal data is accessed with malicious in-tent. Stalkers, murderers, and extortioners use address information from credit reports and other sources that reveal consumer data to track down their victims. Blackmailers persuade their victims by threatening to reveal sensitive personal data, and kidnappers and robbers plan when to strike by following the whereabouts of their victims. Many criminals are not concerned about targeting a particular individual, but instead select their victims on the basis of their profile; robbers and blackmailers mainly target wealthy singles, and political aggressors are often interested in individuals with particular political or religious convictions.

  • When data records do not reflect an individual’s true situation, perfectly eligible individuals may end up losing their insurances, loans, housing, jobs, reputations, and so on. Errors are far from uncommon. For instance, the sixth study of the U.S. Public Interest Research Group on credit report accuracy and privacy issues found that 29% of U.S. credit reports contain serious errors that could result in the denial of credit, loans, or jobs, and that altogether 70% of credit reports contain mistakes. Data in central databases may not reflect an individual’s true situation for a number of reasons:

    • A substantial portion of all captured data is outdated. One cannot reason-ably expect individuals to inform all database operators each time their personal circumstances change; individuals in developed countries are stored on average in roughly a 1000 databases, most of which are unknown to them.
    • Another portion contains information that was composed by drawing in-correct inferences from other sources of data.
    • Whenever data is conveyed orally or in writing, errors are bound to be made when the data is translated into machine-readable form.
    • Data stored in databases may be modified or destroyed by hackers and other outsiders. With the rise of the Internet, the risks are increasing dramatically. Hackers almost routinely gain access to databases, both commercial and governmental, and are rarely prevented from erasing or modifying data records without leaving a trace. In an infamous hack in the mid 1980s, a hacker broke into the databases of Experian (one of the three largest U.S. credit bureaus) to peak into the credit records of Ronald Reagan, and discovered 63 other requests for Reagan’s records,all logged on the same day.
    • Data stored in databases may be modified or destroyed by authorized database users and other insiders. Any organization of substantial size is bound to have employees who are willing to accept bribes or have malicious intentions of their own. A 1998 survey [215] by the Computer Security Institute found that the attack that was by far the most reported by its respondents (520 security practitioners in U.S. corporations, government agencies,financial institutions, and universities) was unauthorized access by employees.
    • Misbehavior by identity thieves often ends up registered in the database entries of their victims. The incidence of identity fraud has been rising dramatically since the mid eighties. Since 1996, calls on identity theft have been the number one topic on the hotline of the U.S. Privacy Rights Clearinghouse. For details on identity fraud, see Cavoukian [78], the Federal Trade Commission [164], the General Accounting Office [183],Givens [186], and the U.S. National Fraud Center [392].

    Since errors spread throughout the system and accumulate as data is disseminated and merged, victims mayf ind themselves affected by the same errors over and over again.

  • Individuals have lost all control over how personal data in databases is becoming available to others. Collectors of personal data are always tempted to sell the data or to provide access to it in other ways (thousands of information re-sellers already offer their services over the Internet to anyone willing to pay),information brokers and private investigators resort to trickery (“pretexting”)to obtain all kinds of personal data, and most countries around the world have laws that require database maintainers to provide access to law enforcement when presented with a court order or a warrant. Also, personal data increasingly becomes available to others by error. In recent years the popular press has reported on numerous cases whereby commercial organizations (such as providers of free e-mail services, credit bureaus, and Internet merchants) as well as government organizations (including social security administrations,law enforcement, and taxation authorities) inadvertently released sensitive personal data to the wrong parties or to the public at large.

In many cases it is virtually impossible for victims to seek and obtain redress. The basis or source of discrimination, misuse, or other harmful actions may never become known in the first place, and even if it does, it may be very hard to repudiate the action.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment