How abortion clinics can protect patients’ data from potentially being used against them
With the overturning of Roe v. Wade, the right to online privacy may very well be the next domino to fall. Like abortion, online privacy is not guaranteed by the U.S. Constitution. This means that following a decade of sweeping pieces of legislation passed by governments worldwide to legitimize mass-surveillance programs, and now with the recent Supreme Court opinion, it’s up to the private sector to stay one step ahead and eliminate the ability of massive data collection programs, and data leaks, to expose vulnerable people’s private information.
Simply put, if something is connected to the internet, it’s spyable.
Security agencies like CIA, the NSA, Interpol, Chinese Intelligence, and the FSB all want service providers to provide them with back doors so they can drop in and gather intelligence as a part of the mass surveillance programs that now take place in every developed country in the world. And where there are no back doors, spy agencies work to develop exploits.
However, a new way forward does exist, one that requires management platforms to reevaluate their relationship with their cloud service providers, and their users. This new way can be described as ‘Zero-Knowledge.’
An impossible mole hunt
With duplicitous anti-abortion “pregnancy clinics” collecting personal data of unsuspecting patients that could potentially later be weaponized against them, representatives on the other side of the aisle are calling for privacy guarantees for users of reproductive health apps in bills like the newly proposed “My Body My Data” act. But sweeping pieces of legislature are difficult to enforce, and there are always clever ways around the law for management platforms to acquire information on their users if that’s their end goal — meaning governments, too, can gain access.
This is because all current online services that require the creation of a user profile are operating under security pretenses that best suited the dial-up era of security, when a majority of non-financial services businesses still had armies of analog processes backing up their dealings in cyberspace.
Platforms like Google, Amazon, and Netflix promise security, but for the better part of the last 15 years at least (in the interim period between dial-up and now — let’s call it Web 2.0), we saw usernames, passwords, and everything else associated with a person scattered across a litany of penetrable servers spread around the globe. All you needed was the root certificate to access this information — and government agencies are allowed, legally, to ask for this piece of information. Internal moles and hackers can obtain this key if they are skilled enough to do so.
This new era may see insiders leak the information of the patients and doctors involved in abortion procedures. Within legitimate organizations like Planned Parenthood (or any other abortion clinic) there’s a very real risk that internal moles with a political agenda might plan on leaking the names of doctors willing to perform medical procedures. Worst of all, a leak doesn’t even have to come from an employee of the clinic. They could be nestled safely within the vast organizational confines of a huge cloud service provider like Amazon, Google, and Microsoft, which control roughly 65 percent of the cloud — an impossible mole hunt.
With all this in mind, legislation like the new law in Texas that allows any person to file a lawsuit against doctors they suspect to be practicing abortions risks putting data privacy in jeopardy if it could further such legal cases. Other privacy-affected Supreme Court rulings, like Kipley v. Illinois, which made it illegal in the U.S. to fire people based on political affiliation, could come under renewed scrutiny. After all, who’s to say that leaked data which ties a worker or a group of workers to a political belief or organization isn’t the covert reason behind why they were called into the main office and handed a pink slip? It’s your boss’s word against yours in the courtroom, and a heavy burden of proof for the employment lawyer tasked with this sort of wrongful termination suit.
Your data: Lock it up, throw away the key
If you have an office in a country with an authoritarian government, or an office in a democratic country, or you just tend to use the internet from time to time, Zero-Knowledge is the safest way forward. But what is Zero-Knowledge? Here are a few common physical-security examples:
In an old-style hotel, all keys are behind the front desk, paired with their room numbers. If the police want to go into a room, they can serve the manager a warrant and simply get the key. The way platforms like Amazon, Facebook, and Google manage their digital security is much like how an old hotel manages physical security. Although the guest may have a key to a private domicile, the hotel knows who and where they are and has the ability to access them and their belongings at any time. A request from law enforcement cannot go unheeded.
A slightly higher level of security is seen in the era of Airbnb, wherein property management companies or private owners will oftentimes disseminate a lockbox code granting access to a single key to the property the temporary resident has paid to rent via a WhatsApp message. This means that there’s an added layer of security as law enforcement must contact the property owner via AirBnB in order to serve the warrant to gain access. Secondly, Airbnb doesn’t have the lockbox code (usually).
These two added security measures grant an additional layer of privacy, as the renter is protected from the property owner or manager via the contract they’ve both agreed to through Airbnb’s boilerplate rental agreement. Everyone is slightly safer, and law enforcement must work to gain access, not simply request it under pretenses.
But a true Zero-Knowledge example would be how the company Yale sells its physical security services. The owner of the AirBnB property can buy a lockbox from Yale used to store their property’s key, and then change the code of the lockbox. Since the code is programmable by the owner of the lock, the only way law enforcement can get into a Yale lockbox is by physically hacking into one with some sort of metal-cutting tool.
In the digital sphere, Zero-Knowledge is a process by which the hosting provider sells the management platform a digitized version of a Yale lock. The user programs the password, and that password is fed directly to the server. The information on the server is then only retrievable via API, and those without initial access are incapable of retrieving anything of substance.
Of course, law enforcement can physically break into any server — but they need an ironclad warrant or risk a public and lengthy court case against a tech adversary with likely vast resources and privacy-specialist lawyers on retainer.
Zero knowledge, more control
Platforms are not rogue by design. Much like the hotelier handing over the room key to the police captain in the first example, online companies must comply with the government when asked — even if the requested information is about foreign nationals operating on servers in different countries (hello, DNI Haines). So long as they have the technical capability to comply, they must comply. If they cannot comply, law enforcement will then seek the help of service providers by serving them with a warrant requesting the root certificate. And up until now, that was the end of it. The spooks inevitably won.
Zero-Knowledge offers an alternative. Service providers that allow management platforms to deeply encrypt their user’s classified information are no longer able to access the root certificate once the initial password is created by the user. If a service provider has “zero-knowledge” of the encryption key that allows access to the raw, proprietary data of their users, law enforcement must go straight to the user with their warrant — or seize the physical servers where user data is stored, if servers are located in the same country.
The main drawback of Zero-Knowledge is the fact that if you forget your password, you’re done — there’s no option to reset the code once you’ve forgotten it.
Privacy is a right we all must fight for. The incredible amount of knowledge we are capable of accessing online shouldn’t be weighed against a price tag expressed in likes, clicks, shares, views, weight, age, social security number, sexual preference, income, political alignment, and location accurate up to 5m. In short: The information age should feel like The Ultimate Democracy not The Panopticon.
JP Smets is the founder and CEO of Rapid.Space, a cloud services company.
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed. Regular the hill posts