Nearly every benefit you hear about interactive TV and services in some way involves the capability to “pay for it over the network.” Home shopping. Home banking. Home movie rental.

Call it “pay-per-do.” When anything you buy over the network is tied to a transaction of some sort — let’s call it “pay-per-do” — what it means is that at some point in the process, you’ll have to send over a network (cable, fiber, copper, wireless) some piece of sensitive financial data.

Beyond financial transactions, two-way TV means that whoever is on the other end of the wire — Big Brother, perhaps, and all his nosy, felonious little cousins — can see you, too. The programs you watch, the product information you seek out, the movies you download from that certain section of the online video store — all is potentially valuable data to someone, whether it’s a direct marketer, a blackmailer or a bill collector.

A SCI-FI SCENARIO IF EVER THERE WAS ONE

The potential of such scenarios hasn’t been lost on the science fiction writers, those chroniclers of our technological nightmares.

One of the consistently amusing vignettes running through Pat Cadigan’s excellent cyberpunk novel Synners involves the GridLid in the Los Angeles of the future, a computer network built into cars designed to keep traffic flowing around jammed areas. Riddled with viruses, it becomes an enormous playground for hackers and digital pranksters, absolutely never works as intended, and traffic is worse than ever.

Cadigan’s novel paints a pretty bleak picture of what can happen when people rely too heavily on unprotected commercial networks, and the seeds for her particular disaster scenario can be seen nearly anywhere you look today.

Are we nuts? So what are we, crazy that we’re talking about interactive TV, which at its apex will be a global, high-speed computer network that we’re setting up to be the pinnacle of human reliance on technology?

There are solutions to this problem, but naturally they are not simple or even straightforward. As the national security agencies feel threatened by technologies, they try to roll legislation into place that may not necessarily serve the greater good (see “The FBI wants Dumb Networks,” Vol. 1, No. 11, p. 7).

If you’ve been keeping up with your reading about the Clipper chip, you know that the Clinton administration is embroiled up to its earlobes in controversy on the subject even as you read this.

ENCRYPTION IS THE ONLY SURE PROTECTION

The only way to protect the individual privacy of people using a network, and to provide security for the information and intellectual property that travels over a network is via some type of data encryption.

Computer-based encryption is an arcane art whereby a message is transformed via mathematics into a pattern of gibberish that can only be translated if you have the correct key.

DES and public key. There are only a couple of widely used encryption schemes. The best known today, called DES, belongs to the federal government, and it requires that both you and I have the same key to unlock the message. The sticky problem is finding a secure way to get the key to you if you’re in a different place than me, which is likely if I need to send you a message rather than just whisper in your ear.

Another method of encryption that’s gaining popularity as “the net” reaches toward ubiquity is called public key encryption. A process patented by RSA Data Security in Redwood City, CA, public key solves the key security problem by creating a system based on two keys per person, one public and one private.

Allows for many levels. Public key allows for a number of levels of security and privacy. Here’s how it works in a nutshell: If I simply want to send you a private message, I encrypt my message to you with your public key (public keys can be published in a directory just like a phone number without compromising security), and you decrypt it with your private key.

Now since handwriting analysis is a useless art in electronic data exchange, public key can also provide a way of authenticating that I was the person who sent you that message. To do that, I encrypt my message to you with my private key, and you decrypt with my public key.

Protection against alteration. A bonus benefit to authentication is that if any of the data had been altered, even one bit, your key would have been unable to decode it.

It’s also possible, if I want our message to be both secret and authenticated, to use both of our keys to encrypt and decrypt the message.

This is particularly helpful to owners of intellectual property who don’t want movies, music or photographs being lifted off the network, altered (or not) and resold. It can help assure them that at least for their leg of the journey, the information is being delivered only to the person who paid for it.

Furthermore (and this is an added benefit), using encryption regularly for information sent over a digital network is an excellent way to inoculate system software, applications (and the network itself, if used widely) against viruses.

If I want to sell and distribute software over the network — which is expected to become big business — especially application software that has the ability to manipulate data, it’s important for you and important for my continuing business that I don’t unwittingly send you an infected product.

Public key plus DES. Because public key uses more computer power than DES, companies such as pay-per-view cable providers are using combination systems to perform what’s called “key management.” Instead of encrypting the entire movie, for example, the cable operator simply uses public key to encrypt the DES key that will allow you to “unlock” the channel and view the movies you paid for.

The extra authentication step isn’t necessary because your key is built into your cable decoder box, or into a “smart card” provided to you by the cable company.

Digital cash goes one step beyond. Some encryption schemes go even further to protect personal information. Called digital cash, they are an electronic means of paying for goods and services over a network; but unlike today’s credit cards, there is no personal identification tied to the transaction.

Companies like A-Squared Systems in Oakland, CA, and researchers such as David Chaum at the Center for Math and Computer Science at the University of Netherlands in Amsterdam are working on digital cash systems that will make it absolutely none of anyone’s business who you are and where your money is coming from.

HOW DO YOU MAKE SURE IT’S NONE OF THEIR BUSINESS?

Solutions such as encryption will have to be adopted if we are indeed to conduct commerce over the network. But now that we’ve solved the security problem, what about the broader one of privacy? How do we handle the potential abuses of personal information that are ripe for the picking in a two-way interactive network deeply connected into the workings of your home?

As we’ve mentioned elsewhere in these pages, Hewlett-Packard’s consumer research shows that people are very concerned about their privacy as a two-way network is deployed.

Magnifies the present. A two-way, high-capacity network certainly increases the potential for abuse; but really, it’s only a magnification of the problems we have now. And many of those problems are based simply on the fact that the United States has a very powerful direct-marketing lobby that screams bloody murder every time citizens ask for more direct control over what is done with their personal information.

Just say no. Other countries, most notably the European Community and Canada, have very strong privacy laws — Canada even has an appointed office that acts as liaison in cases where people think their privacy is being compromised — that require companies to contact you personally if they intend to sell your name to another firm. They have to tell you who the firm is, what they want to do with the information, and specifically which information they are releasing. If you say no, they can’t release it. Period.

This of course doesn’t sit well with advertisers, but as we point out in the main story, the two-way network obviates advertising as we know it anyhow. There has to be a different solution. If we want an intrusive technology like interactive TV to really reach its potential, the U.S. may need to consider a more proactive stance on personal privacy.

Denise Caruso