Aligning the Conflicting Needs of Privacy, Malware Detection and Network Protection

Abstract

Surveillance is seen as a key tool to detect terrorist activities or to counteract attacks on critical communication infrastructure. Everybody is in those systems to some degree under suspicion. The principle of innocent till proven guilty does not seem to apply to modern surveillance technology usage. On the other hand, criminals would gain easily upper hand in communication networks that are not protected and on the outlook for attacks. This poses quite a problem for the technical implementation and handling of network communication traffic. How can a communication network provider protect user data against malicious activities without screening and loss of the human right of privacy? This article provides a classification system for data usage, privacy sensitivity and risk. With those theoretical tools, we will illustrate on a concrete example how to provide user privacy, while still enable protection against criminals or unauthorized intruders.