Friday, November 21, 2014

Futurist Friday: The Encrypted Archive

Here's a challenge for GLAMS (Galleries, Libraries, Archives and Museums): how can we guarantee the privacy of donors who want certain records to be kept from the public until a certain date? This article in The Economist kicks off with a chilling story of how Boston College was forced by the courts to release tapes by former leaders in the Irish Troubles. The archive had promised the material would not be made public until after the death of the donors.

It's bad enough when paparazzi (or a skilled research historian in search of the next hit popular biography) are sniffing around for scandal. When law enforcement gets into the act, a collecting organization can be legally powerless to enforce the conditions of a donation.

Enter the "dark archive"--encrypting digital records in such a way that they CAN'T be read until some date in the future. The Economist article outlines two approaches to the challenge: 

  • lock a digital archive up with encryption that can't be broken with current methods, and trust both that no one can crack the code too soon, and that someone will crack it eventually. Either assumption might be faulty, of course. (Consider artist Jim Sandborn's experience: 24 years ago he installed "Kryptos"--a puzzle-sculpture containing an elaborately encrypted message--at CIA headquarters in Langley, VA. Now, exasperated that no one has cracked the last bit of the code, he's resorting to giving hints.)


"Kryptos" by James Sanborn, Picture from Wired


  • use a "bank and trust" model that distributes pieces of the encryption key to a set of guardians (public organizations such as libraries, or lawyers). Some risks of this approach can be mitigated (e.g., build in redundancies to ensure no part of the key is irrevocably lost) but it is still vulnerable to valid legal challenges (even if the number of subpoenas involved, potentially needing to be served to organizations or individuals across the world, might slow things down a bit.)


Now Harvard's Jonathan Zittrain (director of the Berkman Center for Internet and Society) has received a $35k grant from the Knight Foundation to pursue the second approach, and he plans to have a prototype of the system running within nine months. 

This article is firmly grounded in the present, but it leads naturally to today's Futurist Friday assignment about the implications for our field. Read The article and consider the following:

  • What is the most sensitive information you keep in your digital records? Who or what would be damaged, if that data were compromised?
  • Are your mission, and collections, such that you can imagine the government requesting access to private data you hold, and imagine your organization fighting the request?
  • Does your museum (or library, or archive) accept donations with restrictions as to what information will be made publicly accessible, and when?
  • Are there types of information (like collecting locality information for fossils or for threatened species) that you only release to vetted users?
  • And finally, given the growing challenges to keeping any data private (the accelerating threat of data hacking; rise in legal actions forcing the release of data held by public institutions) what strategies will your organization deploy to secure your records. Can encryption play a role? 


No comments: