Privacy Calls for Open Hardware

We must stop trusting our private data to untrustworthy devices. This predicament requires us to call for fully open systems including its underlying hardware.

advertisement

In America, we are all aware of the various cyber threats to our privacy: backdoors, classification, tracking, malware, and spying of unencrypted data streams to name but a few. Nonetheless, given the complexity of the systems, protocols, and opaqueness of the devices we use, most of us throw our arms up in the air, continue to use our connected gadgets, and just hope that our private data is not exposed or used against us somewhere down the road.

If we continue along this current path of using systems that do not deserve our trust, we risk permanently losing our privacy. Just consider the exponential growth of computing power, network bandwidth, storage, IoT deployment, and artificial intelligence, and it becomes a simple exercise to imagine a day in the near future where all network activity and much of our daily life are monitored by autonomous robocops. No thank you!

We must begin using systems that can be fully trusted to protect our privacy. The best response to closed, untrustworthy devices is the development of a fully open system that is architected, developed, manufactured, and tested in full public view. Many existing cryptographic algorithms and pieces of network software are already open and subject to public scrutiny, but the hardware (e.g., processors and network controllers) they execute upon is not. This needs to change for devices we trust to guard our data, and this article briefly discusses the motivation for open hardware and some of its high level requirements.

Americans should know they have a God given right to free speech, but what about privacy? There are no clear protections of data privacy in the Constitution, and it is hard to fault the founding fathers for not envisioning the Internet, smart phones, and billions of IoT gadgets watching us when electricity had barely been discovered.

For now, let us set aside the probable need to amend the Constitution to elucidate our right to privacy. However, we may be rightfully wondering to what extent our right to free speech is threatened in an environment where our private spoken and written words can be analyzed by others and potentially used against us. Are not private meeting rooms, notebooks, diaries, and family chats at a dinner table required to refine our ideas before willfully making them public?

This cannot be a “who cares” moment in American history. It is our responsibility to show devotion to the freedoms that our fellow Americans fought for in wars and died protecting. We must think pragmatically about the path we are on and what happens to our rights if privacy becomes a thing of the past.

We must also begin to demand that the systems we use be trustworthy with our private data. System is a broad term, and we would be foolish to think that every web site across the Internet could be trustworthy with our data, regardless of whether the transmission of the data is encrypted or not. However, devices that we buy and hold in our possession must keep our personal data private. Unfortunately, one of the impediments to achieving this goal is the established culture of networked devices serving multiple masters: the owner and the providers who seek to mine our data.

Help us improve this article by adding your comment or question:

email addresses are neither displayed nor shared