I'm so happy to see this crowdsourcing of ideas carried out in such a public fashion! But the particular idea I want to share is for cases when talking to the government requires a more delicate balance between transparency and privacy. So I'll describe a tool that strikes that balance, which I happen to have already written for you and want to give to you right now. :) The tool is a completely free and open source ...more »
I'm so happy to see this crowdsourcing of ideas carried out in such a public fashion! But the particular idea I want to share is for cases when talking to the government requires a more delicate balance between transparency and privacy. So I'll describe a tool that strikes that balance, which I happen to have already written for you and want to give to you right now. :)
The tool is a completely free and open source system called "BlackHighlighter". It uses browser-based redaction (all Ajax, no Flash) to trade off the benefits of writing an open letter against the benefits of a private email. It also uses cryptographic methods to add accountability to the communication process:
Using something like this, correspondence with the government could be carried out through *mostly* open letters that are *partially protected* while they are being written. The intended recipients get a certificate that can be verified and plugged in to show the full text. That certificate is shared on a need-to-know basis... while the rest of the world is still able to read the public portions and get the gist. Citizens and organizations can keep tabs on topics that interest them with searches, and make sure important issues are not getting swept under the rug.
I'd be really excited to see this applied to correspondence between people and their congressional representatives or federal agencies. There's often a need for some confidentiality in that kind of dialogue (imagine sensitive subjects like welfare or disabilities). Yet there would be tremendous value unlocked if *most* of the letter was in the public sphere. Watchdogs who notice patterns could even solicit the anonymous authors of letters to share their certificates with them, in order to mobilize independent action on the issues raised.
You'll find more information through the link above, as well as the source code and a little sandbox installation. I'd be thrilled to speak with people from any government agency, but private sector applications would be great too. You can leave a comment on any of the pages on my website, and I will follow up with you A.S.A.P.
[ So just as an example with the asterisks above, if this were a message on a BlackHighlighter system, I'd have "protected" that contact information while writing the post. Whether you would be seeing the actual data right now while reading the letter would depend on if you had the certificate, which I would have sent to OSTP. It would not be feasible to fake a certificate that would pass as a match unless it provided the actual information I had entered. ]
[ Also: If you're curious, the ability to obscure or fluctuate the visual length of a redaction is in the works to make guessing harder. But I do want there to be a reasonably honest sense of how much information is actually missing, so it's a feature that will require some thought! ]