Friday, July 14, 2006

Markle Foundation Task Force releases third and final report.

Jeff Jonas has been sharing his wisdom on Mobilizing Information to Prevent Terrorism – Accelerating Development of a Trusted Information Sharing Environment as a member of the Markle Foundation Task Force. The task force have just released their final report (4.8M pdf) and Jonas has been speaking for the task force on technology related recommendations. Here are some of the things he had to say:

"A number of technologies are available that can be used to better connect the right people with the right information and at the same time these technologies can help enforce policy and enhance public trust.

In this report the Markle Task Force has highlighted technologies that will improve information sharing and enhance security, while facilitating greater accountability and higher levels of privacy protections...

For example, (on page 59) we call for the use of electronic directory services to enable organizations to locate relevant content in the enterprise; much in the same way one uses the card catalog at the library, as opposed to roaming the halls to find the book.

The Task Force has never called for the wholesale transfer of data between systems or agencies; rather, we have called for leaving the data with the original holder. The electronic directory services approach enables information to be discovered while avoiding large party-to-party data dumps.

This approach simply enables users to discover who has information specifically relevant to their case. Holders of the information can then grant access, based on policy, to each information request. This approach to discoverability delivers on the "need to share" goal by first answering the question "share what with who?"

Further (On page 63,) we encourage the use of data anonymization before transfer between systems wherever possible. While this reduces the risk of unintended disclosure of any transferred information being later stolen and repurposed, it also enhances overall privacy, as personally identifiable information is no longer being exchanged in a human readable form.

Notable, we prefer anonymization over encryption (when possible), the difference being encrypted data can be decrypted, whereas anonymized data can only be practically unlocked by requesting the human readable record from the original data holder. Again, information transfer is minimized.

(On page 70,) The Task Force also calls for the use of Immutable Audit Logs. This type of technology is intended to permanently record, in a tamper resistant manner, how users have used a system. Even corrupt database administrators cannot alter history.

Immutable logs can increase security, build trust among users, measure compliance with policies and guidelines, and improve transparency and the ability to conduct oversight by appropriate stakeholders.

We have repeatedly stressed in our reports that technologies and polices must be developed together. By designing systems and employing technologies with features that support and enforce policy, information sharing environment designers can help foster trust that automated systems and their users are conforming to governing laws, rules, and guidelines.

All this being said, the Task Force recognizes that technology, alone, cannot ensure that the information sharing environment is effective, secure or protective of privacy and civil liberties."

Brilliantly stated basic common sense which is sadly all too uncommon amongst policymakers when dealing with technology. C.P. Snow was right "some of the most important choices about a nation's physical health are made, or not made, by a handful of men in secret, and again in legal form, by men who normally are not able to comprehend the arguments in depth."

No comments: