(1) blame the user for not taking enough care of the data and for making little effort in installing the encryption modules into their email programs and
(2) focusing on new technologies and better encryption and better algorithms to improve security and not considering the entire system including the human user.
Eva wrote an interesting and comprehensive article on usable security in Spectrum der Wissenschaft (it is German and the full version is online at her website). In the following I am sharing the some of the thougts..
@1: Mount the Seatbelts Yourself
Technically I agree that encryption is not really complicated to install and that most people using computers could learn how to keep their data safe and how to communicate using encryption. From my experience in the real world I see that they chose not to learn it and I completely disagree that this is the user’s fault. Making the end user responsible for security and privacy is in my view entirely and utterly wrong.
|Photo by Wikipedia/Michiel1972|
When you get a new car there are already fixtures and wholes prepared where you can attach the seat belts. In order to get the seats belts which you can than mount in your car, you just have to fill in a post-card (you get with the car) and send it to the manufacturer of your favorite seat belts. You get then the safety belts mailed to you home – free of charge – together with a 2-page manual how to fix them in the car. The only thing you need is a screwdriver and a wrench. It is so easy that really everyone can make their car safe within 30 minutes.
It is very clear and little surprising to anyone that this is not how we do it with cars. We have agreed that the car company is responsible for the safety of the car. Economically the above example would make it cheaper for the manufacturer – probably not all people would claim their seatbelt and the company saves the effort in mounting it. Nevertheless car companies still have to provide you with a build in seat belt if they want to sell their car in Germany…
@2: Live in a Bunker
In the physical world we are used to complex (social) systems that allow us to live in a secure environment. In Germany people generally live in houses and flats where people who are determined can break in (e.g. using a sledge hammer on the door, a stone from the front yard on the window, or using more subtle methods). Even though people could fortify their house most people I know value their windows and easy access to their house and do not live in a bunker or add seven additional locks to their front doors – they balance risk and comfort. In traditional environments we rely on the whole system: we expect that neighbors will keep an open eye, forced entry will leave traces, police will try to find a burglar and that they will be punished, and that for most people the risk of committing a crime is not worth the potential benefit.
From a society perspective we similarly balance risk and freedom. If a purse is stolen in a small town the police will not seal off the area and check each person and search each house. Traditionally this is not possible due to the effort involved but also due to our understanding that the actions taken by law enforcement has to follow the proportionality principle. In Germany we do not consider imposing a curfew, even though one could imagine that this would even more reduce the crime rate.
I think we should take the physical and social world as example and inspiration to create usable and secure systems that offer privacy to the end user.
Overall I think security and privacy in digital systems is much more a human computer interaction problem than most people (especially from the security community) think! If you read German you may want to look at the article Eva Wolfangel wrote on the topic.