Sunday, June 16, 2013

Zero Knowledge for Cloud Storage: A Proposed Internet Privacy Mandate

by Dietrich Schmitz

What do you know about the 'Zero Knowledge Privacy Standard'?

What?  Oh.  That's right.  Heh.  It doesn't exist.  Sorry.

So, then you probably have zero-knowledge about the Zero Knowledge Privacy Standard.  Sorry, I am getting clever.  But I hope to raise your awareness in this story about something which you will find very important. (Image credit:

What is Zero Knowledge?

For starters, it isn't a standard.  Let's get that out of the way.  It's an emerging practice used by SaaS Cloud storage providers.  Essentially, getting storage for your files in the cloud has become common-place.  The problem is that those files are directly readable by any third-party governmental agency (cough Patriot Act, National Letters, NSA PRISM) requesting access.  That makes getting to your personal and private data like 'shooting fish in a barrel'.

Zero Knowledge works by having all of your files encrypted on your local device 'first', giving you and only you ownership of the private encryption key and puts the data in the cloud SaaS provider's storage without the accompanying private key.

Effectively, that gives the ISP Zero Knowledge of what you are storing.  They don't have the private key--you do.  And, that also gives them 'plausible deniability' in not being complicit for any form of illegal activity as they can reliably assert no knowledge of what is in your files.

Also, this takes the pressure off of the ISP in acting as 'police' for governmental and powerful commericial concerns (RIAA and MPAA) who want to enforce for what types of activities people can or cannot engage in when using cloud storage.

What is happening today is a total breach of your right to privacy.

The solution, Zero Knowledge, is technically feasible and I might add being offered by several ISPs, such as SpiderOak and Wuala.

We, the U.S. citizenry, continue to watch as our constitutional rights erode.  The only tool we have to fight back against the growing incursion into all corners of our personal life is encryption.

I submit that Zero Knowledge for Cloud Storage be strongly lobbied as a Federal mandated piece of legislation.  Contact your Senator, Congressman and let them know you want Zero Knowledge for Cloud Storage enacted.

-- Dietrich
Enhanced by Zemanta


Post a Comment