Stefan Brands isn’t exactly paranoid, but let’s call him “privacy aware.”
He’s former CEO of Credentica, and the principal architect of identity and security division at Microsoft Corp. since his company was acquired by the Redmond-based software giant in March 2008.
Brands also speaks with concern about the prospect of a Big Brother-style global identity authority – an organization that knows everything about everyone – and believes there are indications society is moving towards it.
“There’s a big danger here,” he says. “We’re drifting towards a society that allows organizations to learn everything about us… I think that’s extremely scary.”
Modern privacy discussions around technology usually focus on encryption as the golden solution. But encryption only guards the privacy of an organization for its own interests, Brands says. The individual’s privacy is still at the mercy of the organization housing the data.
Recent examples prove that even organizations holding large volumes of customer data can be lax with encryption standards.
Many security experts feel the Heartland Payment Systems data breach could have been prevented if the payment processor had tougher encryption standards to protect data in motion. The data breach at TJX Companies Inc. in March 2007 was the result of sending data over a wireless network that was not properly encrypted.
With those types of privacy breaches in mind, Brands says companies should be practicing data-minimization: collecting only what they need to know and nothing else.
“Privacy is not just a matter of organizations protecting your information,” he says. “There’s the other part where you don’t want organizations to get data about you that they don’t need to know, or have no right to know.”
He built U-Prove technology on that principle at Credentica, and is now bringing the privacy mechanism with him to Microsoft. The technology is now being beta-tested with Windows Cardspace and Windows Communication Foundation.
Microsoft plans to market wider release later this year demonstrating U-Prove technology in those applications.
Cardspace is Microsoft’s client-side software designed to help users manage and control their digital identities.
Users are presented with graphical cards that represent various online profiles they might keep across different sites. Users can tweak them to submit very specific information to the services they use, limiting the data given to a service.
Using identity selector software gives the user more privacy, than a typical browser-based privacy page might, Brands says.
Currently, a typical Internet service requires an all-or-nothing response. The user must either submit all their information to use the service, or not gain access to the service at all to protect their privacy.
Inclusion of U-Prove technology to Cardspace allows users to provide anonymous “security tokens” proving they are who they say they are and so should have legitimate access to the service, without sacrificing data to another party.
“It’s a bunch of bits and bytes sent back over the wire to the user,” Brands explains. “The user sits in the middle and acts as a choke point for the information about her.”
To explain how U-Prove works, he cites the example of a fictitious Alice Smith, who lives in Washington State and was born on Feb.14, 1977. She could be issued an untraceable, digitally signed security token that authenticates her identity.
When a service that she’s trying to access on the Internet wants to know if Alice is over 21, she can verify that information without releasing her birthday. When her geographic area is needed, she can release the state she lives in without giving up her full address.
It’s a winning technology in the books of Ontario Privacy Commissioner Ann Cavoukian. (Brands gave a presentation at a conference hosted by the commissioner on Jan. 28).
“Your identity credentials will be preserved with whatever the company is, and then dispersed like grains of sand as needed,” she says.
Brands has established himself as a well-known cryptographer in the past. He worked with Montreal-based data privacy vendor Zero-Knowledge Systems in 2000, and has written a book about privacy that can be downloaded for free.
U-Prove technology fits well into Microsoft’s core privacy principles, according to Mohammad Akif, security and privacy lead at Microsoft Canada. The company seeks to create technologies and features that allow people to have control over their own data.
“We strongly believe users should have the authority to make the decision about what information they want to share and with whom,” he says.
Every employee at Microsoft undergoes privacy training, he says. The company also has experience keeping consumer data safe from its many profile-centric services offered through the Windows Live sites.
“If your data is going to be used in a certain manner, then we make sure you’re opting in,” he says. “Microsoft allows you to pick and choose the information you want to share.”
That sort of data reduction is what all identity providers should be practicing, Brands says. Technology can help users control their personal data, but government regulation is needed to further safeguard privacy.
Look for previews of Microsoft’s U-Prove technology in May’s Cardspace preview, and the full release later this year, Brands says.