Stanford Center for Internet and Society

TCG has published a short reply and Q&A to the European Article 29 Working Party report. There is not a whole lot of new information in there, though.

The Article 29 Data Protection Working Party, which is an independent European advisory body on data protection and privacy under the European Data Protection Directive, has published an interesting report on TCG. In regards to the opt-in myth of trusted computing, the report writes:

"At the moment the possibility for the user to decide whether or not to use a platform with
a TPM exists outside the corporate environment, although one can wonder how long this
situation will last. The use of TPM, promoted by such a strong representation from
industry, is likely to become a de facto standard, a necessary feature to participate in the
information society. This could have consequences not only in the field of data
protection, but also regarding other human rights aspects such as the freedom of speech."

There are also areas outside trusted computing where something like an owner override feature already exists. Some web browsers (such as Safari, Opera, and Konqueror) allow their users to masquerade as any version of Netscape or Internet Explorer. See also here.

A few months ago, Klaus Kursawe and Christian Stüble have published a paper that includes several proposals to improve the TCG specification. One of their proposal is to include an owner override into TCG. Compared to EFF's proposal, the proposal of Klaus and Christian includes a slight, but important variation. Under their proposal, the platform user would be allowed to send "false" integrity metrics to the remote application, service or content provider. However, at the same time, the user would always send the true integrity metrics to the provider as well, although in an encrypted form. The true integrity metrics would be encrypted with the public key of the TPM vendor.

EFF has published its comments on the Intel LaGrande Technology Policy Draft. The paper raises several interesting points. Among other things, the paper stresses that a real opt-in technology is not a technology which can simply be turned on or off. It is a technology that offers a fine-grained way to turn various components of the technology on and off. This is particularly important when the option to turn the entire technology off is useless in reality due to network effects and the dependence of the user on the technology.

I have written before about the advantages and disadvantages of including an owner override feature into trusted computing architectures. In the earlier posting, I argued that an owner override solution is "over-inclusive" because it limits the functionality of TC. TC becomes useless for DRM applications. But this does not only affect DRM. It also affects distributed computing applications which depend on a secure authentication of the client applications so that malicious users can be identified and excluded from the system.

My paper "The Present and Future of Digital Rights Management - Musings on Emerging Legal Problems" has just been published in a DRM book in Springer's Lecture Notes in Computer Science series. Besides DRM topics, I am also writing about trusted computing in this paper on pages 633-650. I finished the paper in April/May 2003, so the paper is not talking about TCG 1.2, but about 1.1b. Concerning the issues raised in the paper, not a lot has changed, though.

On November 5, the Trusted Computing Group announced the release of TCG TPM 1.2 at the RSA conference in Amsterdam. From a legal and policy perspective, TCG 1.2 solves some of the issues that have been raised by critics, but other important problems remain unresolved. I'll comment on them when some more detailed information about TCG 1.2 gets publicly available.

Many observers have pointed out that TC architectures might be used by application, service and content providers to define which client applications to interoperate with. This feature could be used to create lock-ins and hinder competition in the client application markets. Recently, EFF has proposed to enable TC platform owners to send false integrity metrics to the remote application, service or content provider ("owner override"). Thereby, the remote provider could no longer base its decision whether to interoperate or not on the particular client application that is running on the local TC platform. Owner Override could prevent lock-ins and preserve competition in the software client markets. While such a proposal has interesting features, it deserves further discussion before it could be adopted:

As Ed Felten recently wrote in IEEE Security & Privacy May/June 2003, 60, 61: "In fact, the direct effects of TC are relatively harmless. It is the indirect effects that are worrisome - not what TC does, but what others will build on top of it." All the more, it is important for TC developers to publish detailed usage scenarios and documentation about how all the different players in a TC ecology will interoperate with each other. Currrently, there are just not enough facts available out there to engage in a detailed discussion about these issues.