Identity, Privacy & Presence
The right to confidentiality is part of the Universal Declaration of Human Rights. It is also one of the basic premises for a free and open society. In recent years we have seen a digital divide of privacy emerge. Governments and the private sector are arming themselves with privacy enhancing technologies using overlay networks and cryptography, sometimes even creating their own separate infrastructures for private communication. They are driven to do this by the increasing privacy threats of modern communication: tracking and tracing, data retention, uncontrollable 'lawful intercept' and data harvesting. The less financially endowed are left without much protection.
The banner of the 'war on terror' has been misused to alter the fabric of the societies it claims to protect, in many cases almost beyond recognition. A technology push has resulted in the burden of proof principle subtly but undeniably being inverted. More and more citizens are unwillingly and unknowingly the subject of investigation without being concretely suspected. Possible relieving facts are kept out of their view, and in most cases they have no access to information collected about them, denying their right of self-defence.
The end-to-end principle of the internet and its international character allows for technological measures that can restore some of the privacy and sovereignty of the more vulnerable nation states that has been taken away by interception of communication, tracking, tracing, logging and data warehousing. There is also a window of opportunity: at this moment several billion dollar industries clash as tectonic plates against each other around real-time communication. All forms of voice communication and video conferencing are moving over to the internet in one way or the other. On the other hand there is a definite convergence of instant messaging and online collaboration technologies towards using interoperable standards. This is all about the presence of the same user. It is our goal to ultimately have all presence related services consolidated into strong and robust standards that guarantee interoperability and --by design-- protect privacy.
Another aspect of confidentiality is private data of all kinds. The data concerning everything and everyone is now not only available to government institutions, but is being more and more collected and (mis)used by commercial entities. In these cases citizens can impossibly control the information. All kind of data --location data of mobile operators, videocameras on highways, in streets and shops, credit card and payment chip data, easy location tracability due to RFID chips in your clothes, emails and browsing behaviour-- are being collected both by the government and by private organisations and are coupled to each other to produce a complete track of a person. Thus, a transparent picture of the whole private life of the citizen is created and utilized for often not clear purposes.
We believe in safe, trustworthy and robust real-time presence and session technology as an enabler for privacy. The foundation will focus on technology development as well as creating awareness, and will be actively pursuing the further enhancement of online privacy and standardisation in internet based communication and presence tools.
Examples of projects and activities within this theme
- SPEAR, basis for secure P2P communication
- CuteHIP, implementation of Host Identity Protocol (HIP) on Java
- Anomos, a pseudonymous, encrypted multi-peer-to-peer file distribution protocol
- improved routing algorithm for GNUnet
- Mailman Secure List Server
- OpenMSRP support, sub-projects one, two and three
- Tor for low-bandwidth users
- Tor anonymity system Hidden Services
- XMMP in Jabber
- Privacy-Preserving Communication Protocol for OSNs
- Seahorse Smart Card Support
- WebPG, manage key distribution
- Unhosted, separating data servers from application servers
- DNSSEC in Lantern
- DNSSEC for OpenDKIM and OpenDMARC