March 29, 1995
Privacy, Security and Intellectual Property Task Force
International Center for Communications
In Attendance: Beth Givens, Privacy Rights Clearinghouse (PRC); Gilbert J. Huey, Merdan Group; Howard Stapleton, City of San Diego; Barry D. Fraser, PRC; Herman W. Land, SDSU; Guylyn R. Cummins, Gray, Cary, Ware & Freidenrich; Martin Lazarow, Compro Consulting; R. Alan Smith, Law Offices of R. Alan Smith; George J. O'Neil, AARP-San Diego; Mae Braund, AARP.
The meeting called to order at 3:12 by Beth Givens.
I. Presentations on Security Issues
Gilbert Huey and Martin Lazarow each delivered presentations on security. Mr. Huey provided the group with an informative handout. Huey said that the analogy to development of the interstate highway system is very good for understanding security issues. While the highway system evolved from private roads and bridges to a public transportation system, the information system is moving from a public network to a privatized system of interconnected private networks.
Huey outlined the various existing telephone/cable/cellular/ broadcast/satellite systems. The information superhighway will require integrated interconnection of all these networks. Security plays an important role in this integration. Security issues include identification and authentication; access control; confidentiality; integrity; nonrepudiation; and availability. Risks to security include control over restricted information; unauthorized modification of information; destruction of information (viruses, worms, etc.) and system failure/down-time (cable cut in digging, etc).
Huey identified five functional layers: management; applications; information; networks; and transport. It is most difficult to deal with security on the two latter levels. He discussed the process of transmitting information: broken down into packets, routed by switches. Switches pose a security problem because they may malfunction, resulting in lost data; but the system will normally resend the lost packets. To try to protect every path and switch would be cost prohibitive; instead use "dumb" switches and "smart" interfaces.
Many security issues may be resolved using strong encryption technology. However, it is difficult to integrate encryption into today's existing networks.
Two types of encryption:
1. Secret Key: the "key" must be transmitted to the receiver separately.
2. Public Key: Everyone has a "public" key and a "private" key. There needs to be a certification process for public keys to ensure authenticity. Directories of public keys may become commonplace (like today's phone directory).
Public key encryption is better for short messages than longer ones.
Barriers to encryption:
1. Encryption is difficult to use on many existing networks.
2. Government issues; wiretapping; "back door" key escrow questions.
3. How to transmit data through the network that is unintelligible to the system. The problem of lost messages.
Mae Braund provided an article for the group which provides information about current conflicts surrounding encryption technology. Important local government issues will include: protocol selection; interface standards; steps to take to ensure interconnectivity and national uniformity.
Martin Lazarow, in his presentation discussed the following issues:
The interrelation between security and privacy are highlighted by two critical situations:
1. Information superhighway poses severe threats to the ability of individuals to avoid disclosure of their personal information.
2. Large amounts of personal information are already available in data files, out of the individual's control.
Examples:
- AIDS information.
- IRS matching tax returns with lifestyle information.
The global nature of the superhighway means that information can go all over the world. Big brother is catching up with us in ways that individuals do not realize. There is a tension between open society and secret society. The government insists on a right to keep secret information; while insisting on the right to access the private information of individuals with Clipper Chip technology.
II. General Discussion of Security Issues
Several members of the group observed that Clipper Chip will likely fail because it is opposed by international business interests. Its implementation would put the United Sates too far behind other countries.
Other security actions:
1. Multiple layers of encryption.
2. Firewalls--hardware/software to protect proprietary information from access. This technology isolates the system from the network. Available in various levels of sophistication.
3. Methods for anonymous communication/interaction. Public libraries are an existing analogy: Users remain anonymous if nothing checked out - and lending activity is confidential even if materials are checked out. There needs to be a comparable method for online anonymity.
The strongest encryption uses algorithmic rules. Even with access to the public key and a decrypted message, hackers must use a trial and error method to guess the rule. It is very time consuming to crack PGP (Pretty Good Privacy) or other strong encryption.
Increasing the size of the key decreases the risk to security. But there is always a probability of access. These types of encryption systems work better with perishable data. Non- perishable data require multiple layers of encryption, or simply changing the key often.
The bottom line is that protection can be increased at a cost; but there is no such thing as 100% security. Info San Diego will be segmented into private users and business users. Many uses may not require all these measures. However, electronic transactions will be require safeguards (ex. paying utility bill online).
Possible solution discussed included use of "smart cards" to decrypt video programming and use of "digital cash".
The UCSD Supercomputer Center is working with data standards with Department of Defense; this could be a great local resource.
One problem discussed was that consumers will want to have simple and free access to technology--user friendly technology (at a reduced security risk?) If the security measures are too complex and difficult to operate, no one will use the network. The highway itself should be free and open--the user should be able to choose his or her level of security. The City should be held to some level of responsibility to ensure security of proprietary information, that goes with custody of information. Perhaps a baseline standard--a reasonable degree of security ensured by the City. The law should impose reasonable steps to keep information private--but with no obligation beyond that.
Who is the owner of personal data? Do consumers have any property interest in their personal information? The government might be looked on as a trustee of the personal information rather than the owner. The information would be held in trust and government would be subject to a fiduciary duty to protect it from security breaches.
Other Recommendations:
1. Establish an advisory committee to review and make recommendations on security standards, procedure, etc.
2. Mandatory public disclosure of City information security policy.
3. Ongoing research and monitoring of other government entities' security practices. There is a need for cooperation among all government entities to ensure uniformity.
4. Mr. Stapleton stated that the City wants input as to what the government's role should as a participant on the information superhighway. What should be available online and in what format?
Example: Cox Cable Television will soon provide access to Internet via Prodigy; cable viewers can then access many government archives; they should also have access to City information.
The City can't afford not to pursue these goals; competitive nature of the market requires that they participate.
III. Closing Remarks
Beth Givens outlined a plan to have the task force co-chairs and Fraser get together and compile a draft report, send it out to members, and contact each member personally for final comments. If needed, a final meeting may be held to complete the recommendations.
Givens also suggested the possibility of interaction with the other tasks forces to develop comprehensive policies.
Finally, the members should keep open the possibility of future activity as these issues are ongoing and will increase in importance.
The meeting was adjourned at 4:40 pm.
**Notes compiled by Barry D. Fraser, Privacy Rights Clearinghouse.
Return to Previous Page
Return to City of the Future Page
Return to the ICC Home Page