Keeping Data Private: Why 'Web Erasers' Can't Work
At the invitation of the German government, an IT professor has introduced software that allows people to set an expiration date for photos they post on Facebook or other sites. What it can't do, however, is prevent others from copying or stealing a person's personal data and posting it wherever they want on the Internet.
As part of its pitch to give people more personal privacy on the Web, the German government is encouraging development of software that sets expiration dates on photos and other private information.
The greater the urge to delete Internet data, the harder it seems to be to actually get rid of it. There is even a word for this effect and it comes from an incident that happened to Barbara Streisand.
Streisand didn't see any common good in the project. Instead she saw in it a photo of her giant mansion and its ocean view. Like so many Google Street View skeptics in Germany today, the singer regarded the project as an attack on her personal privacy. She instructed her lawyers to sue and have the photo removed from the Internet. Her attorneys also allegedly demanded $10 million (7.49 million) in damages from the Adelmanns. But their efforts failed to bear any fruit and the photo is still circulating on the Internet to this day.
Inevitable Loss of Control
Streisand's high-profile lawsuit had an unintended side effect that it is hard to imagine she intended: The photograph of her mansion proved to be extremely popular. Hundreds of thousands of people clicked onto the californiacoastline.org website to take a look at the entertainer's villa. Ever since, efforts to remove data online that lead to increased attention and further copying have been described using the term the "Streisand effect." The English version of Wikipedia even has a photo of Streisand's house in its entry on the subject. The recent and most prominent example of this has been the rapid multiplication of WikiLeaks mirror sites.
The story of the Streisand effect nicely illustrates a problem that digitization has created for humanity: Digital data is easily produced and copied. It doesn't take up too much drive space, and, once uploaded, it can remain online in perpetuity. If material is posted to an open site, it more or less takes on the form of a public space where people can read, study and copy the data for as long as they desire. When one publishes data in a digital form (or in Streisand's case, when it is published by others) then one must expect an inevitable loss of control.
Erasing, Razing, Expiring
In Germany, home to a very vocal public debate over privacy protection in the age of Facebook and Google Street View, politicians have been hard at work in recent months seeking ways to restore more personal control on the Internet. They have recognized as a problem the fact that digital data, especially photos, is easy to copy and lives online for a long time. They are finally, and hastily, addressing a debate that has been raging online since the Barbara Streisand case in 2003.
Interior Minister Thomas de Maizière of the conservative Christian Democratic Union (CDU) and his colleague, Consumer Protection Minister Ilse Aigner of the CDU's Bavarian sister party the Christian Social Union, are flirting with the idea of a "digital eraser," a type of Internet protocol that would provide an expiration date for a person's online postings. If someone were uncertain that a photo of them holding a martini and with bloodshot eyes would still be funny in 10 years' time, that person could just set a date for it to be automatically deleted. The photo would be uploaded together with code that would ensure it would disappear on its own after a few years.
Earlier this week, at the invitation of the Consumer Protection Ministry, Saarbrücken-based IT professor Michael Backes presented new software, X-pire, which enables users to do precisely that, be they on websites like Facebook, Picasa or others. Unfortunately, though, the software can never be 100 percent effective.
Put simply, Backes' system works like this: Pictures are encrypted before they can be uploaded and a special plug-in is required on the browser of any user who then seeks to view that image. The plug-in retrieves the key that can unlock access to the image from a special server, but the key is only available until the expiration date. A user can expire a photo uploaded using X-pire at any time.
- First and foremost is that a special plug-in is required to view the pictures. Right now, the only one available is for the Firefox browser. A huge percentage of all Internet users -- e.g. those who use Internet Explorer, Safari, Opera or other browsers -- would be completey locked out. And people who upload photos on Facebook and other places want all their friends to be able to see them -- not just a few nerds with the right plug-in.
- If the key-sharing server were to crash at any time, then all the images and whatever other data protected in this way would be suddenly become inaccessible.
- Backes also intends to charge for his service after an initial test phase is completed. Afterwards, the professor revealed to a Berlin newspaper, users would have to pay a monthly flat rate to have the added protection to their photos. He cited a 10 ($13) flat rate for unlimited use of the service as an example. The process of adding protection to their photographs would not only be a laborious process, it would also be a costly one.
- The system also lacks provisions to prevent the copying, resaving and downloading of photos, which could then be uploaded by other people wherever they wanted. So there is little the software can do to hinder the Streisand effect. If a photo is interesting enough, rest assured that multiple copies will be made early on and posted elsewhere -- even after the first is duly deleted.
- Those copies might not even be made by people with malicious intentions. They could simply be collected by crawlers and search engine robots or other Internet catalogues. To prevent this kind of automatic copying, Backes and his team have built in an addition safety provision: Before viewing a photo, viewers must type in a blurry security code known as a "Captcha" to prove they are humans and not computers. The problem is that the process becomes so cumbersome that rejection of the X-pire software would likely be widespread.
In short, Backes' system may have some value in theory, but in practice it creates work and inconvenience for users and goes against the fundamentals of an openly accessible Internet. Nor does it solve the greatest problem: the fact that it is easy to lose control of digital data and that people should think before they post photos that might come back to haunt them later. Nevertheless, Backes believes his software represents a good start.
But it won't be enough to prevent the Streisand effect. Net users can code their own photos and set whatever expiration date they like on those images and control things they have posted on their own with X-pire. What they can't do, however, is control what others do with images they have created. In Streisand's case, a couple took pictures of her home and posted them on the web in a perfectly legal manner.
© SPIEGEL ONLINE 2011
All Rights Reserved
Reproduction only allowed with the permission of SPIEGELnet GmbH