Leakage is more than an embarrassment

Nowhere is human creativity more clearly demonstrated than in our ability to invent new ways of screwing things up

Today the news is flooded with reports of a data leak committed by a UK defence official in 2022. We hear about this now because the superinjunction hiding the error finally expired yesterday. It seems that our security systems are more efficient at hiding incompetence than they are at providing security. It worries me that the reportage regarding the resulting cost to the taxpayer at least equals that regarding the risk to life imposed on the subjects of the leaked data.

The foolishness of embedding such sensitive information in an email should be self-evident, but is it so uncommon? In the US, a Signal group chat revealed Yemen attack plans and exposed the identity of an undercover agent. Banks routinely respond to requests for further information (RFIs) via email. Copies of passports, proofs of address and countless other personal details and documents fly around the internet at a rate of thousands an hour. As we the people learn of these errors, government departments suffer serious loss of public confidence. While the UK superinjunction purported to be for the security of the leaked people, the fact that the information was already in the wrong hands suggests strongly that the media gag was driven more by embarrassment.

But let’s put these considerations aside and look at the leak itself. Two elements are in play here; one is the use of communication tools for purposes for which they weren’t designed. The other is human error or, arguably, laziness. Someone fails to check that they’ve sent the right document, or reuses a chat group without looking more closely at its membership. Humans are a creative race, and nowhere is this more clearly demonstrated than in our ability to invent new ways of screwing things up. Signal is encrypred end-to-end. Email is (or at least should be) secured by TLS encryption, but none of this works if we send to, or include, the wrong people.

We can’t change human nature, so we must look to procedures that are resistant to laxity. One solution is a broadening of the system we brought to international payments. In essence it separates the sensitive data from the messaging medium, but allows any such media to carry a link to the data to be shared. It hinges on our eKeyID..

The eKeyiD identifies one block, or a collection of blocks, of information and/or documents. The actual information resides in a federated ledger that uses quantum-resistant encryption. Visibility of the information is controlled by a discrete data vault that positively identifies anyone accessing - or attempting to access - the information. At time of writing it’s used primarily to share and protect KYC data, reliably enabling around $2 billion of safe transactions a year. Users can paste an eKeyiD link into any messaging system, be it email, Signal or even social media. Accidentally include the wrong people, and they’ll still be unable to view the data. Meanwhile, those with the correct approval, can access the information, regardless of what platform or operating system they’re using.

We’re now looking at extending the model further to provide in-message encryption through all popular messaging platforms. It will use DotLedger’s quantum-resistant encryption to generate a decryption key whose use is restricted to identified parties. Every access of the decrypted message is immutably recorded and logged. The approach will allow the continued use of messaging systems that are penetrable by the mistakes we’ve recently seen.

Human nature continues to be the most prevalent cause of failure in security systems. We have practical and in-place methods of our vulnerability to our own species’ ineptitude.