Charlie Stross on network security in 2061

Charlie Stross has published the text of his smashing and mind-bending keynote to the 2011 USENIX conference, on the subject of network security in 50 years:

Initially I see lifelogging having specific niches; as an aid for people with early-stage dementia or other memory impairments, or to allow students to sleep through lectures. Police in the UK are already experimenting with real time video recording of interactions with the public – I suspect that before long we're going to see cops required to run lifelogging apps constantly when on duty, with the output locked down as evidence. And it'll eventually become mandatory for other people who work in professions where they are exposed to any risk that might result in a significant insurance claim – surgeons, for example, or truck drivers – not by force of law but as a condition of insurance cover.

Lifelogging into the cloud doesn't require much bandwidth in absolute terms, although it will probably take a few years to take off if the cellcos succeed in imposing bandwidth caps. A few terabytes per year per person should suffice for a couple of basic video streams and full audio, plus locational metadata – multiply by ten if you want high definition video at a high frame rate. And the additional hardware – beyond that which comes in a 2011 smartphone – is minimal: a couple of small webcams and microphones connected over some sort of short range personal area network, plus software to do the offline indexing.

Lifelogging raises huge privacy concerns, of course. Under what circumstances can your lifelog legally be accessed by third parties? And how do privacy laws apply? It should be clear that anyone currently lifelogging in this way takes their privacy – and that of the people around them – very lightly: as far as governments are concerned they can subpoena any data they want, usually without even needing a court warrant. Projects such as the UK's Interception Modernization Program – essentially a comprehensive internet communications retention system mandated by government and implemented by ISPs – mean that if you become a person of interest to the security services they'd have access to everything. The prudent move would be to lifelog to encrypted SSDs in your personal possession. Or not to do it at all. The security implications are monstrous: if you rely on lifelogging for your memory or your ability to do your job, then the importance of security is pushed down Maslow's hierarchy of needs. When only elite computer scientists on ARPANet had accounts so they can telnet into mainframes at another site, security was just a desirable luxury item – part of the apex of the pyramid of needs. But when it's your memory or your ability to do paid employment, security gets to be something close to food and water and shelter: you can't live without it.

USENIX 2011 Keynote: Network Security in the Medium Term, 2061-2561 AD