Why CivicRoom does not enable a remote digital state “back door”, but an optional onsite offline user-accountable provider-managed “front door”

 In Blog


Our CivicRoom concept – central to the non-P2P deployment mode supported by the User Verified Social Telematics project – envisions a datacenter access management process that is based on citizen-jury processes to allow for legal/constitutional access for criminal investigation. It has been criticised by some leading privacy activists and experts that were attracted by our project. They have generally been misunderstood it as a proposal for very similar to “state backdoor” or “state key escrow” proposal,  with the great vulnerabilities of the most widely known proposal ones proposed for decades.

CivicRoom is not a backdoor nor a state backdoor because:

(A) it’s not standardized, certified nor managed by the state. Rather it is standardized and certified by an international extremely independent and competent user-accountable standard body (CivicAuthority), and managed by any willing certified user-accountable (CivicProvider), private, non-profit or local government,

(B) It’s not meant or accessible remotely, but just via off-line, on-site, in-person process, similar to those deployed to guarantee the secure of proper in-person paper voting procedures, with extreme socio-technical and organization safeguards, see details in the 2-pager Hybrid P2P UVST deployment scenario requirements.

(C) It is deployed in service provisioning modes that are outside legal intercept legislations (such as that for phone operators), in compliance to local legislation or constitutions, in selected redundant pairs of democratic countries;

Would that inspire the government to outlaw encryption? No, we believe that may eventually prevent and/or radically improve proposed national “back door” legislations, which have gotten wide media and public opinion support even after relatively minor terrorist attacks (sich as the recent France Hebdo attacks), such as the recent “front door” proposals by UK Prime Minister Cameron and by FBI Director Comey. The latter said:

We aren’t seeking a back-door approach. We want to use the front door, with clarity and transparency, and with clear guidance provided by law. We are completely comfortable with court orders and legal process—front doors that provide the evidence and information we need to investigate crime and prevent terrorist attacks”.

Although the CivicRoom is managed by the provider and not by the state, it nonetheless gets inspiration from (and ultimately may provide alternative to) similar processes currently deployed by the Brazilian SERPRO (governmental provider of email services to President Roussef and many Brazilian ministries) that requires 4 different gov parties to be physically and approving with passwords in order to be able to decrypt a public employee’s data in compliance with a criminal investigation. We are also inspires by the processes proposed and tested by NSA top engineers and whistleblower Bill Binney with ThinThread, before it was turned into the PRISM system.

UPDATE March 9th 2015: Given the high perceived risk of infeasibility of permitting safe enough access to the CivicRoom to law enforcemnet request, here is our new position during the initial R&D project on the matter: “Given (a) the interdependency of the constitutional rights of public safety and personal privacy, (b) the need to avoid to inadvertently aid grave crimes, and (c) the need to be legally sustainable even through a major public safety crisis, UVST – albeit acknowledging the high risk of infeasibility – will devote moderate resources to explore additional extreme safeguards for private user-accountable UVST Providers in their management of critical server-side resources, that may enable them to offer access to civilian court-warrant-based and/or state-security-based cyber-investigations, under selected conditions and national legislative contexts, and on strict condition that they are intrinsically non-scalable and do not significantly affect user’s privacy or security assurance.