Researchers set up privacy and security partnership for open-source security tools

Security researchers, Dropbox and Google have joined forces to make open-source security tools easier to use

Security researchers, Dropbox, Google and the Open Technology Fund have joined forces to make open-source security tools simpler and easier to use.

The mission statement of the joint venture – Simply Secure – is to help develop security and privacy tools that make the choice of online security tools “clear, easy, and available to everyone”.

Simply Secure aims to achieve this by bringing together developers, designers and users to ensure simple daily tasks can be made private, without increasing their complexity.

According to the group, existing consumer-facing security tools that are technically effective often have low adoption rates, because they are inconvenient or too confusing for the average person to use.

“The need to overcome this challenge is particularly clear in the wake of events like the recent celebrity photo leak and the Snowden revelations,” Simply Secure said.

The group notes that, no matter how effective security technologies are, people will not use them unless they become more accessible and easier to understand.

Simply Secure is the latest industry-supported initiative aimed at improving online security and privacy.

Research into password alternatives

Fido Alliance of technology firms – including PayPal and Lenovo – is working to find viable alternatives to passwords, for users to authenticate themselves with online services.

The security industry has long recognised that passwords are becoming increasingly insecure and difficult to use, as they become more complex and difficult to remember.

Simply Secure partner Google is working on its own project to provide a more secure online authentication method.

Led by director Sara Sinclair Brody, Simply Secure will work with the open source community to develop tools that make it easy for non-technical people to choose better security without sacrificing usability.

“This transparent, community-focused approach is new, and represents a compelling adaptation of the open-source model to interaction design,” she said.

Google said the challenge lies in providing proven, open source tools to the public in ways that meet their high expectations and modern-use cases.

“With its clear mission, an exceptional board and a community-focused approach, we believe Simply Secure can bring us much closer to a world in which ubiquitous security is the norm," said Meredith Whittaker, open source research lead at Google. 

Simply Secure’s advisory board includes George Danezis, reader in security and privacy engineering at University College London; Angela Sasse, head of information security research at University College London; and Wendy Seltzer, policy counsel to the World Wide Web Consortium (W3C).

ECJ ruling on right to be forgotten

The announcement of Simply Secure comes at a sensitive time for Google, which is under investigation by European competition authorities, observes The Guardian.

The move comes in the wake of the landmark ruling in May 2014 by the European Court of Justice (ECJ), upholding the right to be forgotten.

In response to the ruling, Google has had to introduce an online application form  and other mechanisms for Europeans who want personal data to be removed from online search results.

Data protection authorities from across the EU member states met in Brussels on 17 and18 September 2014 to discuss their response to the ruling.

Read more on Privacy and data protection