Recent events have given the impression that any information sent over the Internet goes straight to the NSA. Cue the image of a shadowy figure, nefariously poring over every detail of your life just because you forwarded a funny cat video to your Aunt Ethel in St. Louis.
But just when you thought it was unsafe to use the Internet, a group of engineers is developing new code that would encrypt all the data flowing between your browser and the remote servers you access. If all traffic is encrypted, theoretically NSA spooks would no longer be able to harvest your personal data like bears plucking salmon from a stream.
The new protocol is being developed by the Internet Engineering Task Force (IETF), a consortium of technology experts whose mission is "to promote the open development, evolution, and use of the Internet for the benefit of all people throughout the world." Their goal is to have the technology ready by the end of next year.
Many e-commerce sites and other businesses already use encryption, where algorithms make data unreadable to third parties, for some of their traffic. If you see "https://" in your browser's address bar (instead of "http://"), for example, the data you send and receive on that site is encrypted.
Benefits to Encryption
While businesses would not be required to implement the new protocol when it's ready, doing so could offer an advantage. Customers may prefer to use vendors that have websites with higher privacy standards. Companies could even entice new customers who previously had been reluctant to buy products online for fear of subjecting their personal information to government surveillance.
To reap these benefits, companies will have to successfully demonstrate to a wary public that the new encryption technology will make a difference. That's difficult to pull off, but making the effort is worthwhile, says e-commerce consultant Ron Rule.
"Any messaging that lets consumers know the company is proactive about security and protecting their data is positive, and will increase conversions to some degree," Rule says. "Heck, adding a simple TRUSTe or HackerSafe badge to your site can increase conversions by up to 22 percent, so letting a customer know their entire Web experience is encrypted will help score points."
Of course, adopting new standards and changing consumers' perceptions does not entirely eliminate the underlying issues. Even the IETF concedes that ensuring Internet privacy is ultimately an issue that's beyond the reach of technology-based solutions.
Rule, too, warns that encryption is not the panacea it might appear to be on the surface. "The problem with Internet security has very little to do with the transfer protocol," he says. "It's more about how the data is stored once it's received. If a cloud provider turned your data over to a government agency, all of the transfer protocol protection in the world won't protect it from prying eyes."
Want to know more about cyber security? Check out Inc.'s special feature: