Published April 12, 2000
Handwritten signatures are unnecessary over the Internet. Instead, digital ones contain more than just an ID; anonymity and personal confidentiality are issues that concern the experts and many more of us these days.
The recent Computers, Freedom and Privacy conference issued warnings that the pressures from companies and government to glean more about you is increasing. The common uninformed trust is, “what’s the harm.”
A Digital Signature Algorithm (DSA) substitutes the need for a written signature for one that is stored in a computer file and transmitted over secure lines. It’s also been extended to include personal information about your life and habits.
The digital signature’s purpose is, “to verify the identity of the originator and integrity of the data.” When buying something online, or using a secure server (where the padlock icon is locked) the certificate is accessed.
Currently, digital certificates are a form of authentication, a proof of credentials while accessing secure Web sites. Encryption is used to scramble the information that only the issuer of the certificate, usually the online store or trusted third party, can unscramble and read.
Thus far, commerce continues without detriment to the majority of participants. However, security-conscious users are attentive to the excessive amount of personal information that is encoded with the signature.
A site that offers a discount for a certain age group—AARP, for instance—solicits supporting proof. Austin Hill, of the online privacy firm Zero-Knowledge Systems Inc., says “It’s like handing-over your wallet full of ID to prove your age.”
The Department of Motor Vehicles could sign a credential that only reveals that, “The bearer is over 21,” hiding the consumer’s real age and birth date. A bank could sign a credential that states, “The bearer’s credit line is $5,000,” eliminating any need to pass along exact bank records and credit reports.
Commercial sites are actively collecting all they can on users for their marketing. The temptation is to sell that very desirable information to others without the knowledge or consent of the subjects.
Credit card companies are eager for details of online habits about their creditors. Companies like CD Universe put credit card information on a server actively on the Internet, prey to ambitious crackers.
Information theft is at risk, stressed Carl Ellison, a security architect. “While the encryption is strong, the system itself may have flaws that can be exploited. It’s like building a vault door into a cardboard box.”
Adding fingerprint scans or other biometric enhancements helps little. A thumbprint presents 10-12 bits of entropy, or randomness, which is very weak security these days. With enough motivation and time, any digital signature can be broken and its contents revealed.
The pattern of a person’s searches online, be it for specific company stocks, banking exchanges, travel itinerary, or choice of favorite cartoons, should not be anyone else’s business; nor should birth dates and social security numbers. The only exception is if the individual knowingly, and without duress, volunteers it.
Margot Freeman Saunders, managing attorney for the National Consumer Law Center, says that any legislation with good intentions “will lead to many problems of lost privacy.” The digest of information stored is greater than commonly needed, revealing more than necessary about an individual and their activities.
Congress is considering a bill that would reveal the online identity of patients and doctors in both Canadian and US health care systems. The convenience is obvious to doctors prescribing drugs and patients retrieving the prescriptions online.
Proponents believe the information would not compromise the existing confidentiality standards. Privacy advocates show technical evidence that such assumptions are wishful thinking. Access would naturally extend, unchecked, to administering nurses, administrating receptionists and insurance companies. Insecure real-world identities online could be stolen and used by others.
“For an ATM, the banks bear the loss of a card,” says Saunders. “That’s why security is good and improving. With digital signatures, the issuing company does not bear the loss of any breaches in security.”
Hammett Hill, COO for Zero-Knowledge, is in favor of digital credentials that imbed only the specific information needed to validate the user, nothing more. Just as the Clipper Chip was abandoned by public outcry, so can this.
David Flaherty, a professor at the University of Victoria, previously the privacy commissioner for British Columbia said, “Digital signatures no longer seem like a Holy Grail to me.”
See next week’s suggestions for protecting your confidential information online.