1
Legal and technical challenges in Legal and technical challenges in the next generation Internet.the next generation Internet.
”Finding the right balance between Data Protection ”Finding the right balance between Data Protection and fighting Cybercrime” and fighting Cybercrime”
12th February 2003, rel 1.012th February 2003, rel 1.0United Nations Economic Commission for Europe (UNECE)United Nations Economic Commission for Europe (UNECE)
Workshop on E-Regulations: E-Security and Knowledge EconomyWorkshop on E-Regulations: E-Security and Knowledge Economy Geneva. Switzerland. Geneva. Switzerland.
Dr. Alberto Escudero-Pascual <[email protected]>Dr. Alberto Escudero-Pascual <[email protected]>
Isafjordsatan 39 8tr, IMITIsafjordsatan 39 8tr, IMIT
S-16 440 StockholmS-16 440 Stockholm
2
MotivationMotivationBefore (Me)
Alberto Escudero-PascualSpanish30 years oldResearch FellowRoyal Institute of Technology+46 70286 7989
<who:ID> <when:Time> <what:Action> <where:Position>
Mobile Internet and Location PrivacyData Protection and Cybercrime
Identity Management
Now (my E-Me)SP-Y997936721205-8347aep @ it.kth.se192.16.125.240 qwerty.ssvl.kth.se3ffe:200:15:2:260:1dff:fef1:64d400:60:1D:F1:64:D4N59.40.54, E19.094.3VoIP 08 3133732
3
Goal…Goal…
Identify timely important emerging areas for privacy in the development of the next generation Internet.
Study if the new legal provisions are suitable to deal with new telecommunication infrastructures.
Provide recommendations to technical and regulatory bodies to enhance next generation Internet privacy.
4
AgendaAgenda
Living in year 2003… • Next generation Internet • Next generation E-Policy
Three challenges• Right balance in identification, security
and privacy• Right balance in location privacy• Legal threatment of ’Internet traffic data’
Conclusions and recommendations
5
Year 2003…Year 2003…
””Living in an all-IP E-world Living in an all-IP E-world with new E-Laws”with new E-Laws”
6
BackgroundBackground”The All-IP E-world””The All-IP E-world”
The next generation InternetThe next generation Internet
WHAT HOW?
All IP-network IPv6
Convergence of core and wireless 2.5G, 3G ,4G
Native IP mobility and security MobileIPv6 and IPSEC
Self-configurationIPv6 Service discovery and autoconfiguration
7
BackgroundBackgroundIPv6/MobileIPv6IPv6/MobileIPv6
Ethernet IPv6 Header ESP TCP | HTTP
SOURCE ADDRESSCare-of-address(t)
Destination OptionMobile Node
Home network (t1)
Mobile NodeForeign Network
(t2)
DEST. ADDRESSwww.epic.org
HOME ADDRESS
Ethernet IPv6 Header Mobility Header
HOME ADDRESS
Care-of-address(t2)
SPI
Correspondent Node
1. AlwaysAddressable
by home address
2. Native integrity, Authentication,
and confidentiality
3. Self-Configuration 4. Route Optimitation
8
BackgroundBackground”The new E-laws””The new E-laws”
e.g. European Union New E-regulatory frameworke.g. European Union New E-regulatory framework
July 2000
- European Commission proposed 5 packages of measures for a new E-regulatory framework
- COM(2000)385: Updates Data Protection Directive (97/66/EC)
July 2002
- ”E”-Data Protection Directive (2002/58/EC)
9
BackgroundBackground(2002/58/EC)(2002/58/EC)
1. Aims to update (97/66/EC) 2. Technology-neutral policy3. Data Protection Directive Areas
Location data processing of traffic data (§6, §9)Security and confidentialityPrivacy-compliant soft and hardwareEx-directory defaultUnsolicited commercial communications
10
The space of things…The space of things…
Information SecurityInformation Security
Before
National OrganisationsNational communication networksCore network securityClose systems
CLOSE InfoSEC
National Bodies
Now
International OrganisationsPublic and private infrastructurePeriphery securityOpen systems
OPEN InfoSEC?
G8, CoE UN, OCDE
EU Cybercrime Forum?
11
Three risks & challenges for Three risks & challenges for privacy privacy
in the nextin the nextgeneration Internetgeneration Internet
1
2
3
12
11
Right balanceRight balance in Identification in Identification
Privacy and SecurityPrivacy and Security
1
13
Implications of Implications of global unique identifiersglobal unique identifiers
While global unique identifiers make things technicaly easier… also
make possible to track a user device and the associated activities
Set of actions associated with
one ”address” can be linked together!
15
Seamless mobility and location privacySeamless mobility and location privacy
R
R
R
R
Mobility supportLocation Privacy
Right balance in (pseudo)anonymous services
16
33
Legal aspects of Legal aspects of traffic and content traffic and content
DataDataAnalysis of Data Protective Directive Analysis of Data Protective Directive
(2002/58/EC)(2002/58/EC)Location and Traffic DataLocation and Traffic Data
3
17
Legal aspects of “traffic and Legal aspects of “traffic and content data”content data”
The “Current” legal definitions of Internet trafficdata are a threat for privacy
Definitions
a) "traffic data": all data processed which relate to the routing of a communication by an electronic communications network.
b) "communication": all information exchanged or routed between a finite number of parties via an electronic communications network accessible to the public.
c) "Telecommunications service": services which consist in total or in part of the transmission and routing of signals on telecommunications networks, with the exception of radio and television.
18
Technology ITechnology IThe Phone – Call Data RecordsThe Phone – Call Data Records
Traffic data in POTS
EVENT: Someone makes a phone call
19991003070824178 165 0187611205 46732112106 ----------001------003sth 46 4673000-----0013 1410260
1999100307083041 33 01541011341 46708314801 ----------001------003sth 46 4670000--8 0013 11 10260
1999100307162963 51 0187614815 46739112106 ----------001------003sth 46 4673000-----0013 13 10260
1999100307182788 74 015410124301 46708314801 ----------001------003sth 46 4670000--8 0014 11 10260
1999100307204736 18 0187614805 46739112106 ----------001------003sth 46 4673000-----0013 14 10260
1999100307222326 20 01317023888 46706263087 ----------001------003sth 46 4670000--6 0013 1 10260
1999100300131791 90 0131654200 46854543084 ----------001------002sth 46 46 001-----0014 14 10260
19
Technology ITechnology IThe Phone – Call Data RecordsThe Phone – Call Data Records
Someone makes a phone call for 3 minutes and 20 seconds
1999-10-03 07:08:24 from telephone 46 732112106 to telephone 46
4673000
20
EVENT: Someone dials with a traditional telephone line using a modem to an Internet provider
Fri Oct 19 11:30:40 2001User-Name = "[email protected]"NAS-IP-Address = 62.188.74.4NAS-Port = 3239NAS-Port-Type = AsyncAcct-Status-Type = StartAcct-Delay-Time = 0Acct-Session-Id = "324546354"Acct-Authentic = RADIUSCalling-Station-Id = "01223461172"Called-Station-Id = "9061000"Framed-Protocol = PPPFramed-IP-Address = 62.188.17.227Proxy-State"PX01\0\0`\0xcdntg\0x13\0xdfV\0xa4\[...]\0xfc\0x8c"
Technology IITechnology II Radius – Internet Dialup recordsRadius – Internet Dialup records
21
Technology IITechnology II Radius – Internet Dialup recordsRadius – Internet Dialup records
User: [email protected] Place of call: Cambridge (UK) 01223461172
Calling to: London (UK) 9061000 IP address: 62.188.17.227
Durantion of call: 21 Seconds Type of connection: ASYNC MODEM
Date and time: from Fri Oct 19 11:30:40 2001 to Fri Oct 19 11:31:00 2001
22
Technology IIITechnology IIIWireless radio cell authenticationWireless radio cell authentication
EVENT: User A and B using WLAN network
time GMT=20010810010852 Cell ID=115 MAC ID=00:02:2D:20:47:24 (A)time GMT=20010810010852 Cell ID=115 MAC ID=00:02:2D:04:29:30 (B)time GMT=20010810010852 Cell ID=115 MAC ID=00:60:1D:21:C3:9Ctime GMT=20010810010853 Cell ID=129 MAC ID=00:02:2D:04:29:30time GMT=20010810010854 Cell ID=129 MAC ID=00:02:2D:1F:53:C0time GMT=20010810010854 Cell ID=129 MAC ID=00:02:2D:04:29:30 (B)time GMT=20010810010854 Cell ID=129 MAC ID=00:02:2D:20:47:24 (A)time GMT=20010810010856 Cell ID=41 MAC ID=00:02:2D:0A:5C:D0time GMT=20010810010856 Cell ID=41 MAC ID=00:02:2D:1F:78:00time GMT=20010810010856 Cell ID=41 MAC ID=00:60:1D:1E:D4:53time GMT=20010810010858 Cell ID=211 MAC ID=00:60:1D:F0:E4:D8time GMT=20010810010900 Cell ID=154 MAC ID=00:30:65:00:62:27time GMT=20010810010900 Cell ID=154 MAC ID=00:02:2D:05:0B:25time GMT=20010810010900 Cell ID=154 MAC ID=00:60:1D:22:26:A7time GMT=20010810010900 Cell ID=154 MAC ID=00:02:DD:30:06:90time GMT=20010810010900 Cell ID=154 MAC ID=00:02:2D:0D:27:D3
23
Technology IIITechnology III Wireless radio cell authenticationWireless radio cell authentication
The 2001-08-10 01:08:52 AM (A) was in radio cell 115 with user (B)
and move together at 01:08:54 AM to cell 129.
Radio cell 115 is covering the Electrum C1 (Stockholm)
Radio cell 129 is covering the Electrum Resturant (Stockholm)
24
Technology IVTechnology IVWeb server logsWeb server logs
EVENT: User A connects to a webserver B
295.47.63.8 - - [05/Mar/2002:15:19:34 +0000] "GET/cgi-bin/htsearch?config =htdigx&words=startrek HTTP/1.0"20 2225
295.47.63.8 - - [05/Mar/2002:15:19:44 +0000] "GET/cgi-bin/htsearch?config =htdig&words=startrek+avi HTTP/1.0"200x
215.59.193.32 - - [05/Mar/2002:15:20:17 +0000] "GET/cgi-bin/htsearch?config= htdig&words=Modem+HOWTO …
192.77.63.8 - - [05/Mar/2002:15:20:35 +0000] "GET/cgi-bin/htsearch?config =htdig&words=conflict+war HTTP/1.0"200
211.164.33.3 - - [05/Mar/2002:15:21:32 +0000] "GET/cgi-bin/htsearch?confi g=htdigx&words=railway+info …
211.164.33.3 - - [05/Mar/2002:15:21:38 +0000] "GET/cgi-bin/htsearch?confi g=htdigx&words=tickets HTTP/1.0" 200
211.164.33.3 - - [05/Mar/2002:15:22:05 +0000] "GET/cgi-bin/htsearch?config =htdigx&words=railway+info+London
212.164.33.3 - - [05/Mar/2002:15:22:35 +0000] "GET/cgi-bin/htsearch?confi g=htdigx&words=union+strike HTTP/1.0…
82.24.237.98 - - [05/Mar/2002:15:25:29 +0000] "GET/cgi-bin/htsearch?confi g=htdigx&words=blind+date HTTP/1.0
25
Technology IVTechnology IVWeb server logsWeb server logs
The 2002-04-05 at 15:21:32PMUser 211.164.33.3 searches for info about:
railway, tickets, London, union, strike
26
Where is the content?Where is the content?Where is traffic? Where is traffic?
SIGNALINGPhone numbers/Time
CONTENTThe Conversation
INTERNETOpen architecture
POTSClose System
27
Conclusions…Conclusions…
• Unique identifiers are a threat for privacy.
• We need models for strong content/location privacy in the Mobile world.
• IP addresses should be considered personal Identifiable Information and protected as such.
• The traditional division of content and traffic (as in telephone networks) is not longer valid.
• Traditional powers applied to new technologies break the right balance between data protection and fighting Crime.
28
RecommendationRecommendation
• The Internet brings an open architecture where close security models are no longer valid.
• The Internet Open architecture requires also open discussion forums.
There is still a need for an ”open” discussion forum in InfoSEC
That brings together Law enforcement agencies, services providers, network operators, consumer groups, civil society and data protection authorities
29
Thanks!Thanks!Electronic version:http://www.it.kth.se/~aep/PhD
Dr. Alberto Escudero-PascualIsafjordsgatan, 39 tr8KTH/IMIT/TSLABSE-16440 Kista – [email protected] +46702867989
Also Google (Alberto Escudero)