Since Edward Snowden’s revelations, people around the world seem more concerned about Internet security and confidentiality issues. Now IT experts in the United States have just developed new technology designed to reassure Internet users and promote the exchange of data for health, e-commerce, and other useful purposes.
Although a large number of Internet users are quite happy to make purchases online, that does not necessarily mean they are not at all worried about data privacy. Some governments and public and private bodies are currently seeking to filter, block or forbid public access to some websites or online information or taking the opposite path – drawing on the vast amounts of online information to keep tabs on citizens. Given the increasing number of data sharing platforms, any attempts to set up restrictive measures are always going to be tricky. Meanwhile in many fields of activity, such as the health sector, increasing the exchange of data is likely to lead to an improved service and this is equally true for people in their private lives, as they share music and video among friends and family. So there is a pressing need to come up with new data security solutions. This issue was what motivated researchers at CSAIL – the Computer Science and Artificial Intelligence Laboratory, MIT’s largest research laboratory – to develop new technology that enables Internet users to keep track of their personal data and how it is being used.
What’s happening to my data?
The MIT experts reckoned that what is needed to reassure Internet users is real transparency. The Decentralized Information Group (DIG) at CSAIL, led by World Wide Web inventor Tim Berners-Lee, has been working on the development of a new protocol called ‘HTTP with Accountability’ (HTTPA). This software automatically traces the transmission of private data and allows the person in question to see just how the information is being used. The idea behind HTTPA is that each item of private data would be assigned its own uniform resource identifier (URI). This is a key component of the Semantic Web, involving a new set of protocols championed by the World Wide Web Consortium (W3C), which is the main international standards organisation for the World Wide Web, ensuring technology compatibility among HTML, XHTML, XML, RDF, SPARQL, CSS, PNG, SVG, SOAP etc. These would convert the Web from being essentially a collection of searchable text files into a giant database. This in turn means that remote access to a web server can be better monitored. And each time a server transmits ‘sensitive’ data, a description of usage restrictions will also be generated and attached as a ‘label’.
Creating a propitious climate for e-commerce
The new HTTPA protocol is due to be presented at the International Conference on Privacy, Security and Trust (PST) to be held in Toronto, Canada on 23-24 July under the aegis of the Institute of Electrical and Electronics Engineers (IEEE), a professional association whose aim is to promote knowledge in the field of electrical and electronics engineering and which plays a major role in establishing industry standards. The idea is that HTTPA would be voluntary and it would be up to software developers to comply with its specifications when designing their systems. Oshani Seneviratne, one of the researchers on the project, points out that “it's not that difficult to transform an existing website into an HTTPA-aware website.” Moreover, HTTPA compliance could become a selling point for companies offering services that handle private data, such as e-commerce sites. This would help to reassure consumers thinking about making online purchases and thus encourage more sales activity. The protocol could also be used to log Bitcoin transactions.