FTC: Consumer Privacy Comments Concerning Pretty Good Privacy, Inc.--P954807 SUPPLEMENTAL COMMENTS -- PROJECT
P954807 Pretty Good Privacy, Inc. Please include the following supplemental comments to the original comments filed by Pretty Good Privacy for the Public Workshop on Consumer Information Privacy. Question 2.14: Evolution of Technology to Protect Consumer Privacy: Authentication In the faceless world of electronic communications, authentication introduces integrity and accountability. Through digital signature and encryption technology, users can ensure that a message is actually from whom it appears to be from, and that the message has not been electronically altered in transmission. This message authentication is an invaluable tool in the protection of privacy and the prevention of fraud. In the digital world, individuals want to be able to engage in confidential transactions and communications online, but they also want to be sure that the information they send is being sent to a legitimate, authorized entity. For example, suppose that Jane is engaged in on-line banking or financial transactions, and a vendor requests personal information, such as a credit card or social security number. How does Jane determine whether the requestor is authentic? Encryption technology is the basis for digital signatures (authentication), guaranteeing that a person with whom you are communicating is accurately representing their identity and that a message you have received has not been altered or compromised in transit. To understand how digital signatures work, one must first understand the concept of public key cryptography. Public Key Cryptography Public key cryptography -- which relies on the use of two compatible keys -- was invented in the 1970s as an alternative to the old method of encrypting data using one key. Prior to the invention of public key cryptography, if you wanted to send a secret message to someone else, you had to first give them the key to unscrambling the message. This transfer of keys was the weak security link, because the key could be compromised in transit. With the invention of public key cryptography, there is no key transfer. An individual or organization creates a unique public key - private key pair. The private key remains private, and is never shared with anyone. The public key is widely disseminated -- usually published on a web site or in a directory of some kind. The public key can decrypt anything encrypted by the private key, and vice versa. So, if I want to send a secure message to someone, I use their public key to encrypt the message, and they use their private key to decrypt it. No one else can decrypt that message, so the message is private. Authentication uses the same steps, but basically in reverse. If I want to prove that a message originated from me, I sign the message using my private key. This generates a unique “fingerprint” that -- like my physical fingerprint -- cannot be duplicated without my private key. Using my public key, the recipient of the message can authenticate the message. By referencing my public key, the recipient’s personal computer can determine if the fingerprint is authentic. If even so much as a space has changed in the document since it was digitally signed, the fingerprint will not match and the document will not be authenticated. This has monumental implications for consumer privacy. For example, let’s say that Jim is applying for a home loan from County Federal Bank. When County Federal Bank asks Jim for his annual salary, Jim needs to be sure that the request is coming from the Bank, and not from someone -- be it a burglar or a marketer -- who is seeking to profit from the use of that information. Naturally, Jim can also choose to encrypt the private information when he submits it to the Bank, further protecting his privacy. Questions 2.18 and 2.19: Authentication and Mass Unsolicited Email Mass unsolicited email can take three forms: nuisance, harassment, or fraud. In any form it is an invasion of privacy. In many cases, senders of unsolicited email attempt to mask their identity, or to masquerade as a trusted person. With widespread use of encryption technology to authenticate senders of email, this misuse of email would be diminished. While the technology does not prevent the sending of mass unsolicited email, it does cut down on the damage that it can potentially create. Members of Congress, for example, were recently spammed with huge quantities of unsolicited email, all of which purported to be from a single journalist. The messages actually originated from an unidentified source who used the journalist’s mailbox to send fraudulent messages. This version of identity theft can result in misunderstandings or malevolence. The receivers of such mislabeled mail, believing that the mail is what it purports to be, may take the messages seriously, and even respond to the fraudulent senders with private information. Authentication through digital signatures can reduce the incidence of harassment or fraud through unsolicited email by making the practice more transparent. The ability to digitally sign communications gives the unwilling victims of the nefarious process the technology to thwart the kidnapping of their identities and to prove their identities and innocence. Question 3.14: Children’s Online Privacy and Authentication The use of authentication, verification and certification technologies also have the potential to protect children from violations of privacy. For example, through digital signature technology, children’s online activity could be monitored by parents in a way similar to their activities at school. Children typically need “permission slips” signed by parents before they are allowed to participate in activities that go beyond traditional school activities. The same could be made true for online activities, with parental consent granted through the use of digital signatures backed by certificate authorities that contain parameters imposing certain limits on children’s exposure. This implies some level of responsibility on the part of the receiver of information, which most likely would require some government mandate. Cookie Filtering Technology--Supplemental Information This information is intended to provide background to supplement a demonstration of PGPcookie.cutter during Session 2 of the workshop. Surfing the Web is not an anonymous sport. When you surf the web, the web surfs back. After a visit to some Web sites, "cookies" are set on your hard disk. Although some cookies are beneficial, many threaten your privacy by collecting personal information about who you are, what you’ve seen, and where you’ve been. PGPcookie.cutter lets you decide who has access to your private information. PGPcookie.cutter adds a menu item to your browser software and analyzes the HTTP stream to identify cookies. Blocked access prevents a cookie from returning to its server, with information about you, and shuts the door on intrusions to your privacy. Features Selective Blocking and Access - You select cookies that are allowed access, such as password information or product preferences, and block cookies you consider invasive. Instant Delete - With the easy-to-use interface, you can instantly delete cookies without opening cryptic cookies.txt files. Choice of Privacy Levels - You can block all cookies, allow only specified cookies, allow all cookies from trusted domains, or allow all cookies. Noninvasive Cookie Warning -PGPcookie.cutter minimizes disruptions by issuing only one on-screen warning per cookie. Easy Viewing of Cookie Contents - From your browser you can instantly display information, including a cookie's value and expiration date, eliminating the need to open and read the cookies.txt file. Identify Cookie Web Sites -Within the cookie's preference window, you can easily identify the site that placed the cookie. Cookie Man -While you're on-line, an icon on the browser tallies how many cookies Web servers have attempted to set. Thank you for adding this supplemental information to the original comments filed by Pretty Good Privacy, Inc. |