Zeropaid has this story about Google CEO Eric Schmidt Google Chrome and privacy:

There has been a bit of an uproar about a recent quote by Google CEO Eric Schmidt. While talking to CNBC, Schmidt remarked that, “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place. If you really need that kind of privacy, the reality is that search engines–including Google–do retain this information for some time and it’s important, for example, that we are all subject in the United States to the Patriot Act and it is possible that all that information could be made available to the authorities.”

Not surprisingly, the familiar pro-surveillance slogan of, “if you’ve got nothing to hide, you’ve got nothing to worry about,” raises the hackles of privacy advocates, and especially so coming this time from someone like Schmidt who has, theoretically at least, more access to users’ information than just about anybody else in the private sector. And Schmidt is not the first Silicon Valley executive to say disturbing things about privacy in the digital age, as the former Sun CEO Scott McNealy once said, “You already have zero privacy. Get over it.” While not disagreeing with the current state of the situation, noted security expert Bruce Schneier despairs of just this kind of attitude, that clashes so strongly with his own principle of how privacy corresponds with fundamental human rights, preserving internal domains from prying eyes, even if nothing nefarious is occurring.

What makes the question of privacy, user tracking and data collection so complex currently is the daily, almost constant exchange that occurs between users today and the service providers that make up the backbone of the web ecology. Every time we search on Google, use Google Apps (where this post is being written actually), visit a site using the Chrome browser, click on a friend’s link via Facebook , etc. etc. we are being “paid” in a sense via these services for the data we provide to the companies. They of course collate all that data in order to sell it, manipulate it, exploit it, what have you. It is precisely that data that has turned Google into a giant of 21st century business and will likely be the eventual route to revenue for innovative companies like Facebook and Twitter and many more.

Is this exchange, surrendering our data (and ultimately our privacy) for services a fair balance? Who is coming out ahead? Do users deserve more compensation for their online footprints, or at least have more control over who gets the data and what they do with it? What are the implications of an entire Chrome OS built upon this notion of exchange?

As we continue to examine the immense promise of cloud computing and online digital services, we should always keep these kinds of questions in mind, if only to be at least aware of what we are giving up, and what precisely we are getting in return.

Zeropaid

“Maybe you shouldn’t be doing it in the first place”. Hmmmm; maybe you should? Who knows.

What all readers of BLOGDIAL do know is what we think about “nothing to hide, nothing to fear”.

The fact of the matter is if you really want privacy, you can have it. We have been saying this on BLOGDIAL for many years; if you want privacy online, all you have to do is take it.

Even with cloud services like Google’s Chrome OS, that are inherently non private.

Here is how you do it.

Chrome OS is open source.
GPG is open source.
You put them together.

Imagine that your copy of Chrome OS is a layer that sits between you, GPG and the Google controlled cloud. Chrome OS and GPG are both running on your hardware, and you have total control over that hardware and what runs on it. Anything that you do on your machine, via Chrome OS is encrypted before it is sent to and stored on the cloud:

That means that when Google, at the request of the NSA or Homeland Security, look at your cloud data, all they see are a series of GPG encrypted ciphertexts that no one, and I mean NO ONE can decrypt.

That means all of your:

• Email
• Spreadsheet Data
• Documents
• Calendar items

and anything else that Google want to provide to you as a service are all encrypted and decrypted on the fly, and while they are stored on Google’s servers, they are in a form that cannot be read by anyone.

Your Google address book would need to stay in plaintext on the Google Cloud, since the email systems need that information in plaintext for your recipients to get mail from you. This system cannot do anything to protect you from having your email subjected to traffic analysis.

You have all the advantages of the Google cloud, without any of the privacy downside. Google maintains the parts of the Chrome OS that do their work, and people outside of Google maintain the Chrome GPG layer (under open source peer review) protecting your privacy. It’s a win-win scenario for everyone except the police state, and since all of the source is developed in the open, it will not be possible for, say, the French to cripple the GPG layer that everyone uses to secure their data, as they have done with the A5 cipher that is used to encrypt GSM phone calls.

All the cryptographic services to do this of this could be hacked into the Chrome OS so that it is completely seamless and transparent to the user; the only difference in operation of Chrome OS would be that there is a second login page where you type in your GPG passphrase that would unlock all your cloud data.

Zeropaid said:

As we continue to examine the immense promise of cloud computing and online digital services, we should always keep these kinds of questions in mind, if only to be at least aware of what we are giving up, and what precisely we are getting in return.

You do not have to give up any of your privacy for convenience. You can have total, unprecedented levels of privacy in your communications without any degradation of service whatsoever. For generations people have suffered having their letters opened, their telexes, faxes and phone calls tapped and their reading habits known to snoops; now, with GPG and ubiquitous and very powerful computing, it is possible for you to have all your letters absolutely secured, the content of all of your phone calls absolutely private, without any degradation in the utility of the services you use.

All you have to do is THINK, create the tools and then USE THEM.

And in there is a snazzy term to help you think about this… “Cloudy Cloud”… hmmmm ‘Chrome OS: Cloudy Cloud Edition’!

Related posts:

1. Germany VS Google The Germans do not like ‘Der Google’: The Federal Office for Information Security warned Internet users of the new browser Chrome. The application by the company Google should not be used for surfing the Internet, as a spokesperson for the office told......
2. Hypocritical and violent ‘information tsars’ attack Google Google ‘not interested’ in privacy, say information tsars Google has repeatedly shown a “disappointing disregard” for safeguarding private information about its users, the privacy officials from 10 major countries have said. Britain’s Information Commissioner Chris Graham and equivalent officials from Canada, France,......
3. German constitutional court creates new fundamental right to digital privacy February 27, 2008 (presse@ccc.de)Today, Germany’s Federal Constitutional Court, the country’s highest court, flatly rejected North Rhine-Westphalia’s Constitutional Protection Act, which is designed to permit the so-called online search of computers and other IT systems. The Karlsruhe judges made it clear with their......
4. We can have ‘win-win’ on security vs. privacy, says Academy People think there has to be a choice between privacy and security; that increased security means more collection and processing of personal private information. However, in a challenging report to be published on Monday 26 March 2007, The Royal Academy of Engineering......
5. Mass privacy violation in Italy There has been outrage in Italy after the outgoing government published every Italian’s declared earnings and tax contributions on the internet. The tax authority’s website was inundated by people curious to know how much their neighbours, celebrities or sports stars were making.......
6. Homeland Security gets secret access to Google Goggles Imagine this future headline: “Google Goggles is not to go public, but instead will be partitioned off for the exclusive use of Homeland Security.” Think about it; how could Google say ‘no’ to Homeland Security or the NSA if they ask them......
7. Vendors in search of a solution Just as individual identity is fundamental to our face-to-face interactions, digital identity is fundamental to our interactions in the online world. Unfortunately, many of the challenges associated with the Internet stem from the lack of widely deployed, easily understood, and secure identity......

This entry was posted on Tuesday, December 15th, 2009 at 2:43 pm and is filed under Software, The Facts, Wishware.