Just back from a Security Informatics conference EISIC held at Odense in Denmark. I gave an invited talk on the conflict between Open Source Intelligence and Privacy concerns. Here is the abstract.
In just 19 years the Internet has transformed practically every facet of modern life. The launch of Mosaic, the first web browser in 1993 was the catalyst for a communication revolution, whose implications are still unraveling. The Web was always intended to be a two-way multi-user publishing system undermining state controlled one way broadcasting. Unleashing a mass worldwide communication network to millions of people has brought huge benefits but also some dangers. Countering new threats from malicious, criminal and terrorist activity is a major topic of this conference. These security risks are difficult to control and monitor without affecting personal freedom. Securing networks, tracking attacks and countering extremism has driven the development of OSINT (Open Source Intelligence) tools and techniques. Governments and politicians have also found themselves vulnerable to the viral effect of instant communication as has been seen for instance during the Arab Spring. Counter-balancing all this and in reaction to this spread of mass communication has been a growing threat to individual privacy through electronic surveillance. Personal identity and privacy threats come from governments, criminals, and large commercial interests. The Internet genie is out of the bottle and can never be put back in. How far should governments and security services be allowed to monitor and track individual communication in a democratic society? How far can we trust the information we access on the Internet? Although we can never return to the naivety and excitement of that first Internet dream, are we instead slipping into a potential “big brother “ world where all our personal details, opinions and actions are monitored electronically?
The talk will track how the web exploded and why eventually nearly 50% of Europeans were willing to publish their personal details for better or for worse. The techniques whereby all this data can be easily accessed by anyone with simple OSINT tools will be discussed. Finally we will look at the various attempts that have been made by the W3C and others to protect Internet privacy, to authenticate sites, to validate data and why these have all failed. Can the web ever be tamed and controlled, or is it destined to remain forever an anarchic teenager?
Of course I left much of the preparation till the last moment and needed much of the previous evening until the early hours to finish it !
The talk is here: Talk-Clive