Friday, August 24, 2018

Holding law-enforcement accountable for electronic surveillance

MIT CSAIL's cryptographic system encourages transparency w/public log of data requests
When the FBI filed a court order in 2016 commanding Apple to unlock the San Bernandino shooter’s iPhone, the news made headlines across the globe. 



Meanwhile, every day there are thousands of court orders asking tech companies to turn over people’s private data. These requests often require some secrecy: companies usually aren’t allowed to inform individual users that they’re being investigated, and the court orders themselves are also temporarily hidden from the public. 
In many cases, though, charges never actually materialize, and the sealed orders inevitably end up forgotten by the courts that issue them. As a result, thousands of innocent people are unlikely to ever know that they were the targets of surveillance.

To address this issue, researchers from MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) have proposed a cryptographic system to improve the accountability of government surveillance while still maintaining enough confidentiality for police to do their jobs.

“While certain information may need to stay secret for an investigation to be done properly, some details have to be revealed for accountability to even be possible,” says CSAIL graduate student Jonathan Frankle, one of the lead authors of a new paper about the system, which they’ve dubbed “AUDIT” ("Accountability of Unreleased Data for Improved Transparency"). “This work is about using modern cryptography to develop creative ways to balance these conflicting issues.”

image courtesy MIT CSAIL
AUDIT is designed around a public ledger where government officials share information about data requests. When a judge issues a secret court order or a law enforcement agency secretly requests data from a company, they have to make an iron-clad promise to make the data request public later in the form of what’s known as a “cryptographic commitment.” If the courts ultimately decide to release the data, the public can rest assured that the correct documents were released in full. If the courts decide not to, then that refusal itself will be made known.

AUDIT can also be used to demonstrate that actions by law-enforcement agencies are consistent with what a court order actually allows. For example, if a court order leads to the FBI going to Amazon to get records about a specific customer, AUDIT can prove that the FBI’s request is above board using a cryptographic method called “zero-knowledge proofs.” These proofs counterintuitively make it possible to prove that surveillance is being conducted properly without revealing any specific information about the surveillance.

As a further effort to improve accountability, statistical information from the data can also be aggregated so that that the extent of surveillance can be studied at a larger scale. This enables the public to ask all sorts of tough questions about how their data is being shared. What kinds of cases are most likely to prompt court orders? How many judges issued more than 100 orders in the past year, or more than 10 requests to Facebook this month?

Frankle says the team’s goal is to establish a set of reliable, court-issued transparency reports, rather than rely on companies themselves voluntarily pulling together reports that might be inconsistent or selective in the information they disclose.

Importantly, the team developed its aggregation system using an approach called multi-party computation (MPC), which allows courts to disclose the relevant information without actually revealing their internal workings or data to one another. The current state-of-the-art MPC would normally be too slow to run across the entire court system, so the team took advantage of the court system’s natural hierarchy of lower and higher courts to design a particular variant of MPC that would scale efficiently for the federal judiciary.

According to Frankle, AUDIT could be applied to any process in which data must be both kept secret but also subject to public scrutiny. For example, clinical trials of new drugs often involve private information, but also require enough transparency to assure regulators and the public that proper testing protocols are being observed.

“It’s completely reasonable for government officials to want some level of secrecy, so that they can perform their duties without fear of interference from those who are under investigation,” Frankle says. “But that secrecy can’t be permanent. People have a right to know if their personal data has been accessed, and at a higher level, we as a public have the right to know how much surveillance is going on.”

Next the team plans to explore what could be done to AUDIT so that it can handle even more complex data requests - specifically, by looking at tweaking the design via software engineering. They also are exploring the possibility of partnering with specific federal judges to develop a prototype for real-world use.

“My hope is that, once this proof of concept becomes reality, court administrators will embrace the possibility of enhancing public oversight while preserving necessary secrecy,” says Stephen William Smith, a federal magistrate judge who has written extensively about government accountability. “Lessons learned here will undoubtedly smooth the way towards greater accountability for a broader class of secret information processes, which are a hallmark of our digital age.”

Frankle co-wrote the paper with MIT professor Shafi Goldwasser, CSAIL PhD graduate Sunoo Park, undergraduate Daniel Shaar, and a second senior author, MIT principal research scientist Daniel J. Weitzner. 

The paper will be presented at the USENIX Security conference in Baltimore August 15-17. The research was supported by the MIT Internet Policy Research Initiative, the National Science Foundation, the Defense Advanced Research Projects Agency and the Simons Foundation.