acm-header
Sign In

Communications of the ACM

Inside risks

Risks in Trusting -ntrustworthiness


The Internet provides ample opportunity for proving the age-old truism, "There's a sucker born every minute." Carnival-style swindles and other confidence games once limited to in-person encounters are now proliferating electronically, worldwide, at low cost and effort. A blatantly obvious example is the so-called Nigerian-style scam that requests use of one's bank account to move money; hoping for a proffered generous commission, the suckers are then separated from their assets. It is astounding that people still fall for such obvious frauds.

There are countless other kinds of scams, stings, and misrepresentations. Spam email offering bogus goods and services opens up new avenues for fraud and identity theft. Online activities are emerging with glaring opportunities for swindles, manipulations, and assorted malfeasance, such as online auctions (with various irregularities include nondelivery and secondary criminality), Internet gambling (especially offshore), and fraudulent Web sites (for example, with deceptive URLs creating the appearance of legitimacy). We have previously noted here that electronic voting systems present a significant risk—especially for use over the Internet. With independent accountability seriously lacking today, e-voting can be likened to using an offshore gambling site not subject to any regulation. Any of these and other situations could result in inordinate risks, such as financial ruin, blackmail, compromised democracy, or even loss of life. But it is perhaps less astounding that people fall for such schemes, particularly when the technology superficially appears genuine.

We tend to trust certain third-party relationships, with banks, telephone companies, airlines, and other service providers whose employees have in some way earned our trust, collectively or individually. But what about untrustworthy third parties? Some computer-based applications rely critically on the putative integrity and noncompromisibility of automated trusted third parties, with little if any easily demonstrated human accountability. Examples include digital-certificate authorities, cryptographic servers, surveillance facilities, sensitive databases for law enforcement, credit-information bureaus, and the like. With increasingly appealing short-term cost incentives for pervasive use of outsourcing, the need for trustworthiness of third-party institutions becomes even more important. However, security, privacy, and accountability often seem to be ignored in efforts to save money.

Is placing trust in offshore enterprises inherently riskier than using domestic services? Not necessarily. Corruption and inattention to detail are worldwide problems. The deciding factor here is perhaps the extent to which comprehensive oversight can be maintained.

Is domestic legislation enough? Of course not. Any legislation should not be overly simplistic; for example, it should avoid seeking solely technological fixes or purely legislative solutions to deeper problems. Besides, serious complexities arise from the fact that such problems are international in scope and demand international cooperation.

Is there a role for liability (for flagrant behavior) and differential insurance rates—for example, based on how well a purveyor is living up to what is expected of it? Yes. Such measures have significant potential, although they will be strongly resisted in many quarters.

So, how can we provide some meaningful assurance that critical entities (direct parties, third parties, or otherwise) are sufficiently trustworthy? Ideally, institutions providing, controlling, managing, and monitoring potentially riskful operations should be decoupled from other operations, eschewing conflicts of interest, and subjected to rigorous independent oversight. Enron-like situations and collusion must be avoided, even if it means the costs are greater. Furthermore, the people involved need altruism, sufficient foresight to anticipate the risks, and a commitment to effectively combat those risks. At the very least, their backgrounds should be free of criminal convictions and other activities that would create serious suspicions about their trustworthiness. In addition, we need legislators able to see beyond the simplistic and palliative, to approaches that address the real problems. Above all, we desperately need a populace that is more aware of the risks and the needs outlined here.

This column should not be news to most of you. Overall, there are many risks that must be addressed. The old Latin expression "Caveat emptor" (Let the buyer beware) seems quite timely today. Ultimately, it all comes down to "Sed quis custodiet ipsos custodes?" (But who is watching the watchers?)

Back to Top

Author

Peter Neumann moderates the ACM Risks Forum (www.risks.org).


©2003 ACM  0002-0782/03/0900  $5.00

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee.

The Digital Library is published by the Association for Computing Machinery. Copyright © 2003 ACM, Inc.