Private Information, Uses and Misuses

In a modern information-driven society, the everyday life of individuals and companies is full of cases where various kinds of private information are important resources. While a cryptographer might think of PIN codes and keys in this context, these types of secrets are not our main concern here. Rather, we will talk about information that is closer to the primary business of an individual or a company. For a private person, this may be data concerning his or her economic situation, such as income, loans, and tax data, or information about his or her health, such as diseases and medicine usage. For a company, it might be the customer database or information on how the business is running, such as turnover, profits, and salaries.

What is a viable strategy for handling private information? Finding a good answer to this question has become more complicated in recent years. When computers were in their infancy, in the 1950s and 1960s, electronic information security was to a large extent a military business. A military organization is quite special in that confidential information needs to be communicated almost exclusively between its own members, and the primary security goal is to protect this communication from being leaked to external enemies. While it may not be trivial to reach this goal, at least the overall purpose is simple to state and understand.

In modern society, things get much more complicated: using electronic media, we need to interact and do business with a large number of parties, some of whom we have never met and many of whom may have interests that conflict with ours. So how do you handle your confidential data if you cannot be sure that the parties you interact with are trustworthy?

One could save the sensitive data in a very secure location and never access it, but this is, of course, unreasonable. Our private data usually have value only because we want to use them for something. In other words, we have to have ways of controlling leakage of confidential data while these data are being stored, communicated, or computed on, even in cases where the owner of the data does not trust the parties he or she communicates with.