“Human Practices is the study of how your work affects the world, and how the world affects your work.” - Peter Carr
In this part of Human Practices of CryptoGErM, we decided to get in contact with the main audiences that we consider important for the realization and execution of our project:
- National Institutions: What are the current challenges that the experts in the field have to overcome in the area of encryption and cybersecurity?
- Potential Users: What are the current requirements that a potential user of CryptoGErM needs?
- Society: What is the current perception about cybersecurity among society in general and how can we get them closer to our project and synthetic biology?
National Cyber Security Center from the Ministry of Security and Justice of the Netherlands
We got in contact with the National Cyber Security Centre (Nationaal Cyber Security Centrum, NSCS) from the Ministry of Security and Justice of the Netherlands, in order to understand what the current challenges and requirements in the development of a system for the storing and sending of sensitive information are. Such requirements are important for our project since we are able to have a clear idea of the actual and real application of CryptoGErM.
The feedback received from the NCSC relies in trying to solve two problems that are present each time that the storing and sending of sensitive information is intended. The difficulty, according with the comments from the National Cyber Security Center, in securing stored information generally does not lie with the encryption methods, but rather with two other problems:
How we propose to approach these problems:
To make it especially hard for unauthorized parties to access our key, the key-spores will be sent in a mixture of decoy spores. The decoy is present in a much higher ratio than the key-spores. The key-spores have to be recovered using a specific selection mechanism. We have developed a ciprofloxacin resistance cassette that can be integrated into the B. subtilis genome. Only the knowledge of this specific selection antibiotic will allow the recovery. To access the key not only general knowledge about molecular biology is required. The recipient has to know specific information about the exact biological procedure that has to be applied in order to access the key.
We believe that getting in contact with the National Institutions in charge of the protection of digital information, gave us a better understanding of what professionals and experts might expect from our project.
CryptoGErM is a project focused on the storing of potentially large encrypted data to ensure its protection and durability, and subsequent shipping by conventional means... In order to understand what the currents systems for the storing of data are and how CryptoGErM could be used by Private and Public Institutions for the storing and preserving of their information, we got in contact with the Groningen Archives!
The Regionaal Historisch Centrum Groningen Archieven is the information centre for the History of the city and the province of Groningen. Files, books, newspapers, maps, photos, films, videos, and voice recordings are stored and tell the story from the province of Groningen from the Middle Ages until now.
We learned that the Groninger Archives store the old administrations of the State Institutions of the province of Groningen, besides that, they also manage the archives of families, churches, societies and private companies.
Currently in the Groningen Archives, most of the information is stored on special, high quality paper, although other storing means are used such as tapes, CD’s, DVD’s for multimedia (films and audio recordings). However, for that type of storing, specific conditions are required to ensure the correct and long preservation of the paper, i.e. a specific temperature (18°C) in dry air carton boxes. Within the Groningen Archives the air composition and quality paper is controlled by a system in the building because the presence of acid in paper, that can come either from air or plastic, is the most common reason of disruption of the stored paper. We found out that if it is true that on the one hand, even with the right conditions the low quality paper (for example from newspapers) cannot be stored for a long time (a few decades), it is also true that by taking right and strict controlled conditions some high quality papers can be stored for even hundred of years.
This is why, for 20 years the Groningen Archives has been preparing for the change from analogous data storage to digital data storage.
“Two things are important: the storability and the accessibility” - Jan Jaap Hoogstins
“DNA in spores is a considerable option (for the storing of information) if the information does not change through mutations” - Jan Jaap Hoogstins
According to Jan Jaap Hoogstins, collection manager from the Groninger Archieven, the nature of the medium used for the storing does not matter as long as it is insured that the stored information is completely preserved. For him, “DNA in spores is a considerable option if the information does not change through mutations”
As result of this interview we found out that our system can be used for such Institutions for the long-term storing of information, according to Jan Jaap Hoogstins, “there is no system yet that stores information forever in an entirely preserved manner”
However, Jan Jaap Hoogstins insisted that the bacteria must not present mutations…
In order to consider this problem CryptoGErM has done some research and modelling about it!
We found out that it is unlikely that there are mutations in the message stored in our system. For more details and full description please go here.
We performed a survey to understand what the current perception about digital and physical storing of information is among different sectors of society.
The survey was designed together with one specialist, in order to adapt it with the requirements and professionalism that the conduction of a survey requires.
Our survey studies the following points:
- The current perception about the storing of sensitive information
- What is the impression of sending information through conventional means
- How the nationality influences the perception of digital and physical storing of information
To achieve the aims of the survey mentioned above, we planned to reach as many people as possible from different countries and different ages. By looking to previous surveys conducted for former iGEM Teams, we have found out that most of the surveys carried on were mostly in English, thus their results would be limited exclusively to English-speakers. However, how about the people that use social media but do not speak English?
CryptoGErM is also interested in their opinion! They are important to us!
We invited iGEM Teams to share the survey on their social media in order to achieve as many people as possible. In addition to that, we collaborated with iGEM Teams around the world that translated the original survey to their native languages. We have versions in English , Chinese and Spanish.
The following map shows the nationalities of the participants involved in the present survey:
Firstly, we asked our survey respondents which is the most frequent method that they use to send sensitive information. As depicted in Graph 1, 89% of the people send information through digital means (Email, social media and instant messaging apps) Likely because of the speed and accessibility that these communication means provide to the user when compared towards physical sending (Regular Post).
In addition to that, 50% of the people who answered our survey trust sending their information through regular post and email, while 33% trust only one between the two mentioned methods. 17% of the population does not trust sending information by any of the methods mentioned above. This is summarized in Graph 2
From the two questions above, we formulated an initial conclusion: Survey respondents use and trust digital and physical means for sending of information.
However, what would happen if they might need to send highly secure information. Would they trust current and conventional methods such as a letter in regular post or an email? How would their initial conclusion change when the information that has to be sent would change from hardly secret to highly secret?
The answers to these questions are the first point of interest of the study: What is the current perception in the sending of sensitive information?
We found out, by asking to our survey respondents if they would send highly-secret information by regular mail or email (Graph 3), that 46% of the population would not trust sending such information through those conventional means (either by post or email) 39% commented that it would depend on the destination of the information. Survey respondents commented that the locations where the post service is efficient and reliable, could be considered as an option: however, in places where such systems are not completely efficient, they would not consider it as an option.
By analyzing deeply each individual responses we found out that 84% of the survey respondents that would not trust to send sensitive information through conventional means belong mostly to Latin American countries (taking only into account the nationality of the survey respondents: Mexico, Brazil, Guatemala and Costa Rica) In contrast, most of the percentage of the people who trust sending such information by both post and email correspond to European Countries. It might be that in Latin American countries the efficiency of the post is low compared with the European service. We truly believe that the improvement of the current post services in Latin American countries will lead to an enhancement of the current postal services, and also will open the market to our system in a near future.
“89% of the survey respondents send information through digital means, but 46% would not do it if it is highly-secure information”
But such a low trust is not limited only by the physical means of sending. Actually it is more pronounced when it comes to the digital storing and sending of information. From the total of our survey respondents, 76% does not feel that the information on the internet is safe from digital espionage. (Graph 4)
“What is contrasting is that 89% of the survey respondents use digital means to send information, but 76% consider that such information is not safe from digital espionage”
Actually, according to our surveys respondents, private companies are the principal target from digital espionage (the aim of the digital espionage is to obtain information) and consequently of the theft of information (theft of information “occurs when attackers steal data with the aim of selling these data for commercial gain, to publish them or to abuse them for activist purposes”) As depicted in Graph 5, for our survey respondents, governments are the next most popular target of digital espionage, and citizens are the less popular sector affected for digital espionage and theft of information.
However, the reality is a little bit different when we compare these results with the data published by the Cyber Security Assessment Netherlands CSAN 2015 from the National Cyber Security Centre from the Ministry of Security and Justice from the Netherlands. For professional criminals, as the source of the threat, “there are clear developments which make the threat expedient” against private organisations and citizens, making these two sectors the principal targets of digital espionage and theft of information, In the case of Governments, either phenomena of threats have been observed or there are sufficient measures to remove the threat.
Since the aim of the digital espionage is to obtain and steal information from digital sources, we asked our survey respondents how they store their information. Surprisingly we found out that 57% of them store sensitive information either physically or digitally while the remaining 43% do not store it. Survey respondents commented that they do not store them because they are afraid of being hacked. On the other side, the physical storing is not used because of the possibility to be stolen. (Graph 6)
Now that we know that almost half percent of our survey respondents do not store information because they are afraid of being hacked, we asked them if they would trust storing their sensitive information in bacteria.
As depicted in Graph 7, 43% of the survey respondents would trust to store information within bacteria, which shows that CryptoGErM could be used by citizens as a storing method.
However, an outstanding amount of 26% of the survey respondents answered that they did not know what bacteria were. This result motivated us to reach as much people as possible by focusing our Human Practices on the promotion of synthetic biology besides our project itself.
As a consequence the actions of the educational and outreach sections of CryptoGErM were focused to reduce the amount of people that do not what bacteria are, by promoting the knowledge of synthetic biology, the iGEM competition and of course our project. This has been done through media, conferences, invitation of students to join our lab work and by receiving students from High Schools for a lecture of Bio-ART: Painting with Bacteria!