A case for cloud privacy brokerage

Why not treat privacy the way we treat other aspects of the cloud?

privacy door
Cory Doctorow (CC BY-SA 2.0)

There is Software-as-a-Service, Disaster Recover-as-a-Service, SECurity-as-a-Service. What's currently missing, and the crux of much cloud-profiting malaise, is PRiVacy-as-a-Service.

Cloud Access Security Broker (CASB) software, something that's in the lab right now, does a great job of things like infiltration/exfiltration (read: filtration) of organizational data from SaaS applications. Some do some wicked things as proxies for user apps. The idea is to help keep users honest and prevent organizational assets from jeopardy.

But when we-as-civilians do everyday surfing, answering emails and going about our business on the Internet, we're protected at the firewall level as users. Perhaps it's Malwarebytes, or a myiad of client-side security packages. And we admonish people to NEVER open spam, as spam often delivers unbelievably nasty systems attack code, disguised as benign attachments.

Not one of the CASB apps is natively poised to stanch ads, however. Ads are the bread and butter of this site and others. Massive amounts of data is accumulated on each page, and where you surf and what you surf for are well-known quantities.

You can escape this, to an extent, by using VPNs and ad/script-blocking browser add-ins/apps. Much alarm has filtered through various Internet ecosystems because tracking for ads and the ability to typify the amount of composite information in a browser is a big business.

The sometimes-dozens of scripts on many pages of the Internet rat out who you actually are. And yes, you were looking for a new sofa. Or shopping for Valentines jewelry on Etsy. That cute new smartphone you cruised by on eBay will not go unnoticed by Amazon, even in your spam.

The pile of data kept about you is merciless, and yes, you—this means you—are both known and quantified to an unbelievable extent across multiple databases. The analytics of you is the crux of the financing of an enormous number of websites. The mere thought of blocking such information leeching has caused an enormous uproar across many industries.

So totally abhorrent is the thought of ad-blocking that in their quest to foil users from sending that all-important information, both Microsoft and Apple have stanched the usefulness of the traditional hosts file, a file that allows you to program any site to a “null device,” or, in civilian terms, blackhole it so that it never receives a message from you. In other words, your attempts to use the hosts to do even rudimentary outbound blocking has been stanched at the root of your operating system (presuming you use Windows or Mac OS in their more recent releases).

Ostensibly, this helps an OS vendor push updates to users. Yes, open wide, swallow these updates. Yes, allow every other mothership app, including browsers, etc., to phone home—save the ones that a browser can kind of stop via Ghostery, and other ad-blockers (including one famous one said to be selling exceptions to vendors for huge sums of money).

So, I propose, PRV-as-a-Service, or PRVaaS. It's a site where you select all of the bozo sites that you might mistype, the ad agencies, the browser trackers, the seemingly innocuous app that asked for your entire contact list, and EVERY other host that you don't want to reward. Organizations can compete to see which one delivers the best in privacy options, developing various white/black lists of organizations whose reputation for privacy is at paramount.

Imagine the day when the same service could also parse a website, looking for nasties and questionable XSS-code—like Google does on a hit-or-miss basis. A few firewall/security apps do this now. Because you're authenticated to this service, it knows the profile of stuff you're NOT INTERESTED IN and can block the draconian robbery of your personal data and perusing profile. No one needs to know you're interested in a new couch. Or whatever.

Imagine the privacy leeches falling away from your browser cookie profile cache. Imagine robbing Apple, Google, even Firefox of all that data. Whole tawdry peeper-based ecosystems might collapse into the abyss, where they belong.

Yes, it will take up more bandwidth, and yes, you might find hue and cry crocodile tears coming from a long list of people who believed you robbed them. To them I suggest: get a life—and consider privacy as an object of dignity, not of profit.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2016 IDG Communications, Inc.

IT Salary Survey: The results are in