Each year, Data Privacy Day is celebrated on January 28 to commemorate the signing of the first legally binding international data protection treaty. It is an opportunity to promote user empowerment and education about protecting personal data.
The IETF has seen the launch of many new privacy-relevant activities in recent months, including efforts that reflect the particular kinds of user empowerment that standards organizations such as ours can effectuate. Last year the IAB published RFC 6973, Privacy Considerations for Internet Protocols, one goal of which was to provide guidance to those working in the IETF about how to consider privacy threats and mitigations within their protocol designs. Since then, the IAB Privacy Program has been refining a privacy tutorial to help put RFC 6973’s guidance into practice. After several trial runs, the tutorial has been solidified and will be conducted for all IETF participants on Sunday, March 2, at the start of the next IETF meeting.
Recent revelations concerning pervasive monitoring have spurred work on empowering users in a different way, by re-emphasising the need for security and privacy technologies to be easier to deploy and use. At least some of the attacks that we’ve learned about in recent months could have been deterred or mitigated if technologies and standards that already existed had been deployed (for example, the use of transport layer security to encrypt traffic between mail servers or data centers). But we know far too well that the difficulty of deploying and using security technologies has often prevented their adoption, both by corporations and individual end users. One consequence of the pervasive monitoring revelations has been to re-focus the technical community’s attention on usable security.
This trend is apparent within many different IETF efforts. Using TLS in Applications (UTA) is a new working group that aims to (among other things) provide greater clarity for application developers about best practices for using transport layer security in their applications. There have been discussions in many different workings groups, mailing lists, and Internet drafts about whether and how to increase the use of opportunistic encryption, which can have fewer deployment barriers compared to fully authenticated encryption and could thereby help to mitigate passive traffic sniffing.
While these examples reflect a desire to make encryption more usable, encryption alone does not suffice for meeting all data protection needs. Even with payload encryption, meta-data collection and traffic analysis can still reveal sensitive information to intermediaries, and care must be taken to ensure that payloads themselves do not include personal data unnecessarily.
Tackling these sorts of problems requires adopting data minimization and anonymization techniques that in some cases have proved even more onerous to deploy and use than transport encryption. Making this class of solutions more usable will require significant effort going forward meaning that there is plenty more work to be done both inside and outside the IETF.
The IETF has long been committed to building secure protocols (see RFC 3365, RFC 3552) and is currently debating extending that commitment to defending against pervasive monitoring. We still have a ways to go to make security more usable and to build in additional privacy protections beyond what security features already provide, but today we can celebrate our recent efforts and the renewed enthusiasm for privacy protection emerging throughout the IETF community. Let’s turn that energy into concrete solutions in the coming months and years.