Internet Economics Seminar Privacy, Anonymity and Pseudonymity in Business Transactions over the Internet Daniel Bruggesser Jarkko Laine Contents Introduction (definitions, history) State of the privacy in today s internet Economics Law Protecting yourself Technologies now and tomorrow
Definitions Privacy The inverse of the amount of information about one party transferred to another i.e. everything you keep to yourself Anonymity The state of being anonymous, unidentified Pseudonymity The state of being identified by a false name ( nickname ) Definitions (2) A business transaction in the internet Activity where something is being bought over the internet
History of [Ano Pseudo]nymity Historical weapon of those feared of prosecution or worse Considered as a cornerstone of free speech in western civilization Many famous writers have been using pseudonyms to conceal their real identity Mark Twain (known), William Shakespeare (still, and probably forever, unknown) History of anonymity on the world wide web Last fortress of the free speech Anonymous writings have put people in jail Legislators want to restrict anonymity......but anonymity is admittedly part of the nature of the www
Is anonymity good or bad? + You can hide your identity from repressive regime + People of sexual minorities can hide who they are - Makes criminal actions easier - Accountability issues The Economical Meaning of (the Lack of) Anonymity The era of regular customer cards Why give away bonuses to customers? Shops want to know how you consume If knowledge is power, then a God am I! Riddler, Batman Forever Information is money Customer Relationship Management
How s Your Privacy Compromised in the Internet They ll know your IP Issue or not? Cookies are part of the axis of evil Much of wrong information about cookies in the Internet How cookies work Cookie just tells that this browser has been there before Doesn t give any private information Makes it possible to keep file on the user GET / Set-Cookie: browser=3535xxx GET / Cookie: browser=3535xxx
Golden Rule of Cookies Cookies are only sent back to the same web domain as they came from The only thing preventing web sites from swapping information about you How can the rule be subverted, part I How Doubleclick and other advertisers subvert the Golden rule? Advertisements on different pages are served from the same server (e.g. doubleclick.com) Browser thinks your on the same page and returns the cookie Is mostly used to track where a particular (anonymous) user has been Possible to serve targeted ads
How Microsoft Passport Does It? Idea: just one login for the customer in the whole internet User is redirected to Passport always when she enters a member site Hotmail knows you just visited Investor! All Passport services use the same huge customer database Why should you care? All the member sites share the user information Higher flight prices on Expedia for those holding over 1 Million in Investor portfolio The more services involved, the more valuable your information is The network effect (a.k.a. Metcalfe s law) Huge business!
Does Law Protect You? Directive 95/46/EC of the European Parliament: You have to have a customer or equal relationship with the people in the register Passport register probably meets this BUT: The directive doesn t apply to direct marketing Microsoft promises to protect your data How secure has Hotmail proven to be? 27 page agreement: "Microsoft reserves the right to amend this agreement at any time." Technical Aspects Single Servers Networks Protocols Applications Mobile Internet
Anonymous Servers Re-Mailers Removes any private data Pseudoanonymous Server generate a pseudonym for user Server saves relation user - pseudonym Replies are possible Servers Anonymity Servers Anonymity Servers (Anonymity Proxy) for different services www, ftp, news, email, irc,... anonymous or pseudoanonymous Result: you have to trust the serviceprovider
Networks Pseudoanonymity Networks Known also as Onion Routing User gets: ent-to-end connection through a tunnel a pseudonym (IP-Address) PP Webserver PP Browser Browser Local Proxy PP Browser Local Proxy PP Webserver Networks Pseudoanonymity Networks (2) Local Proxy (LP) Pseudoanonymous Proxy (PP) use 1 TCP connection encrypted with SSL (Link Encryption) Nested Encryption with SSL (additional layer) LP NE 3 PP3 NE 2 PP2 LE 1 PP1 LE 2 LE 3
Networks Pseudoanonymity Networks (3) LE1 contains encrypted data from NE2 NE2 contains encrypted data from NE3 needs a lot of SSL connections: 2n+1 LP NE 3 PP3 NE 2 PP2 LE 1 PP1 LE 2 LE 3 Networks Pseudoanonymity Networks (4) For attackers: difficult to link incoming/outgoing traffic on a Proxy difficult to infiltrate an own proxy User (or Local Proxy) knows all SSL-Keys
Networks Crowds similar to Onion Routing User is a member of the crowd Link encrypted choose path through Proxies randomly on hop-by-hop basis request and reply path are the same other request seems to come from your computer Networks Hordes multiple proxies to route towards the responder (similar Crowds) Onion Routing also possible Uses multicast to anonymously reply to the sender IP-Address is a multicast group address difficult to find the membership of the group even you know the group, the receiver is hidden in the receiver set
Protocols Anonymous Subscriptions Subscribe a service newspapers, books, videos... Anonymous access to the service Electronic Cash/Blind Signatures (later) Unlinkable Serial Transactions User holds a token, get a new one on access unlimited access... Applications Electronic Cash many E-Cash systems, here is an example: DigiCash ECash Currency: Ecash Coins: Cyberbucks Everyone has a wallet User pays in Cyberbucks for a service
Applications Electronic Cash (2) Change Ecash Pay for a service Ecash transfer Blind signature Applications Electronic Cash (3) DigiCash ECash Also transfer User-User possible Bank logs all Cyberbucks Online verification by the bank Bank gives blind signatures provides anonymity untraceability
Anonymous Mobile Internet Today s state Providers don t garantee privacy They record to each universal number: (through their centralized billing system) Every call (incoming/outgoing) Movement Time They know our habits, movements,... Anonymous Mobile Internet Where we go tomorrow? Possible solution: Basic idea: Prepaid Handy on-the-fly payment or prepayment random, temporarly, inpersonal numbers A 2 nd device next to our personal one?
Questions 1. Why do people think that their former supposed privacy will evaporate in the internet? 2. Why should an e-commerce customer remain anonymous? 3. So why aren t the means to remain anonymous in wider use? 4. What will be used by a normal user? End