New System Makes Online Data Expire

Privacy is dead, most of us figure. We post enough personal data online weekly that any evil-doer could take over our finances or identity without too much trouble.

And there may be a few cautious emailers left, but many of us would blanche if the contents of our non-work electronic missives were printed for all to see.

Unlike paper, online data is seemingly forever, but a new system, called Vanish, has come to the rescue, computer scientists at the University of Washington say. Vanish puts an expiration date on our online personal data (pictures, emails, Facebook posts, chat messages) such that it automatically self-destructs and becomes irretrievable from all Web sites, inboxes, outboxes, backup sites and home computers, says researcher Tadayoshi Kohno.

"If people understood the implications of where and how their email is stored, they might be more careful or not use it as often," he said.

A paper on the Vanish project went public this week and will be presented at the Usenix Security Symposium Aug. 10-14 in Montreal. Vanish is somewhat different from encryption, the keys for which can be subpoenaed anyhow. It relies instead on the creation of a secret key for each message that is never revealed to the user, Kohno said, and then chopped into dozens of pieces that are scattered on worldwide file-sharing networks. Over time, the parts of the key become permanently inaccessible.

Any takers?