Encryption: How to Save Privacy, Businesses and Borders

Opinion: We must have end-to-end encryption, not just to protect consumer data but to protect our borders.

There are a lot of people the U.S. government doesnt want to let into the country.

The problem is, how does the government compare notes with, say, a cruise line, to ensure that suspected terrorists and the like dont get on board? More specifically, how does it share such data without allowing it to fall into the wrong hands?

Vendors such as IBM are exploring the issue, which is a hot-button topic. After all, whenever you talk about collecting sensitive personal information nowadays, you run the risk of exposing data.

Not only does that feed the rash of identity theft weve been suffering under ever more acutely since the rise of the Internet, it also gives rise to scenarios spawned by the governments aforementioned need to share data with, for example, cruise lines, airlines, power plants and the like.

One such scenario was pointed out recently to me by Jeff Jonas, IBM distinguished engineer and chief scientist for IBM Entity Analytics. Jonas and Harriet Pearson, chief privacy officer for IBM, took part recently in IBMs first-ever podcast on information privacy.

Jonas got on the phone with me to discuss what IBMs doing with technology acquisitions and original research to tackle this issue, and in our chat he pointed to an example of how data sharing can go badly awry.

Soon after Sept. 11, when the FBI was sending around its terrorist watch list—a list of people the FBI wanted to talk to and not necessarily terrorists per se—it wound up in a score of unlikely places, as the Wall Street Journal reported, here in PDF form, in 2002. Those places included car rental companies, casinos, trucking companies, power plant operators and chemical plants.

The data spread far and wide—far beyond the reach of the FBI to keep it current or correct, and most certainly in front of the eyes of a population that had no business having access to the sensitive information.

Thats not good. Obviously, the government doesnt want the wrong people to see these lists. If a terrorist sees his name is on a list, its useful information, and he can easily change his name.

Next Page: Innocent bystanders.