In his talk at BSides London, Stephen Bonner, partner in the information protection and business resilience at KPMG, said that privacy is key and is “enshrined in our human rights”.
One of the problems of privacy is we cannot control it, he said, and while efforts to protect against CCTV have been made, you need more. “You need to oppress the control that CCTV provides, with facial recognition and monitor people who may choose not to be monitored,” he said.
“It is not just passive surveillance we need to worry about, but the use of surveillance on what we carry around. The Internet of Things provides a level of tracking that is unprecedented so adversaries do not need to deploy cameras that people carry their own things that broadcast their position.”
Bonner, who demonstrated how facial recognition can be foiled by using wigs, make up and tin-foil on someone’s head, and said that the modern person can buy privacy solutions such as electro-magnetic wallets to store their mobile device and block calls, but we are not just worried about physical attacks but online attacks too.
“To protect our privacy online we can use Tor, and the problem is no one uses it, so the US Government can identify targets as they are using Tor. The challenge is it doesn’t work if you do any torrenting or open documents, and I do both and doesn’t solve the problem for me,” he said. “It is a nice technology but not quite ready for prime time.”
Regarding encrypted email, Bonner said that an experiment with 50 people were unable to encrypt to an email, but this is the one thing standing between us and mass surveillance. “It is funny but there is a lesson for us we should build stuff people can use.” he said.
Looking at other technologies to protect privacy, Bonner said that there is not much else, and in terms of tools there are VPNs whch are “brilliant if you want to watch BBC iPlayer on holiday”, while the Blackphone was described as making the user a target. He said that Duck Duck Go was safe, but not delivering up to date or working results., and we should fix Google and Bing rather than build new things.
In conclusion, Bonner said that people should “stand up and do something about it and make tool which make a diffrence as privacy is important to all of us”.