Can Translucency Save Privacy In the Cloud?

MikeatWired writes "Jon Udell writes that when it was recently discovered that some iPhone apps were uploading users' contacts to the cloud, one proposed remedy was to modify iOS to require explicit user approval. But in one typical scenario that's not a choice a user should have to make. A social service that uses contacts to find which of a new user's friends are already members doesn't need cleartext email addresses. If I upload hashes of my contacts, and you upload hashes of yours, the service can match hashes without knowing the email addresses from which they're derived. In the post Hashing for privacy in social apps, Matt Gemmell shows how it can be done." (Read more, below.)

"Why wasn't it? Not for nefarious reasons, Gemmell says, but rather because developers simply weren't aware of the option to uses hashes as a proxy for email addresses. A translucent solution encrypts the sensitive data so that it is hidden even from the operator of the service, while enabling the two parties (parents, babysitters) to rendezvous. How many applications can benefit from translucency? We won't know until we start looking. The translucent approach doesn't lie along the path of least resistance, though. It takes creative thinking and hard work to craft applications that don't unnecessarily require users to disclose, or services to store, personal data. But if you can solve a problem in a translucent way, you should. We can all live without more of those headlines and apologies."

Re:Not gonna happen that way.

[MoonFog]

Actually, I find that people are starting to care a lot more these days. All the scare mongering with Facebook has ment that people take notice and think about what they do online. A bad security record gets more attention in the media as well so to me it's not so clear cut anymore, people do care and you can't get away with everything.

Re:Bullshit, market is taking care of this already

[martin-boundary]

So why go the trouble of crafting regulation to solve a problem taking care of itself already? All you can do is make things more annoying for people.

The problem isn't taking care of itself. We are seeing Apple, Google and Facebook doing rearguard actions because they are afraid of regulation and lawsuits. Remove that threat, and they'll stop worrying about privacy. It's much better to have a standardized set of laws that spell out the rights of customers than a mish mash of piecemeal solutions that companies have to invent themselves.

Moreover, the Europeans are doing it already, so why not copy^H^H^H harmonize with their laws in America? That'll save American companies a lot of work when they realize that their system must be redesigned anyway if they want European customers.

passwords too

[mcelrath]

Why are we not doing this for passwords too? Every site on the internet shouldn't need to store a plaintext password. Does there exist an algorithm by which a site owner could send the salt, the user hashes with his password, and the site owner can tell the password is the same, without actually having the password?

Re:Bad programmers making novice mistakes

[darkfeline]

Actually, I think leaving the spare keys under your neighbor's welcome mat is a very good and unorthodox backup method. I'm pretty sure someone trying to break in will check your welcome mat and top of door frame, not your neighbor's. Maybe we can extend this analogy to web security? Have sites store their users password hashed on partner sites, and vice versa. Even better, have sites store the hashing salts on another partner site's servers. Quick, you and me patent this before big name companies start doing it!