It Takes Two to #MeToo (and How Robots and Secure Enclaves Can Help)

Since October, the phrase ‘Me Too’, originally coined by Tarana Burke and popularized as a hashtag by Alyssa Milano, has been tweeted over 1.7 million times. The hashtag went viral in the wake of sexual harassment allegations against Hollywood mogul Harvey Weinstein.

Why have victims been silent until now, and why has the #MeToo campaign become so intensely viral? Because it takes two to #MeToo and someone had to be first. But if it’s your word against that of someone more powerful, their testimony typically has more weight. In the process you can be shamed, isolated behind closed doors, sued for libel, offered legal settlements on the condition you keep quiet, and you might be lucky to escape with the remnants of a career. Investigative journalism had to uncover accounts from a large group of women reporting abuse by Harvey Weinstein years after the fact before it became undeniable. This shows the immense power of bringing together victims of the same offender.

These are some of the thoughts that went through my mind as I followed the campaign, trying to think of how we, as researchers, can use technology to help combat this type of victimization.

Can technology help?

Recently software systems such as Callisto have been deployed to help victims of sexual assault record and possibly report offences. Callisto allows private documentation of the incident, with the option to release the records to authorities if the complaint matches another complaint for the same perpetrator.

Bringing together victims of the same perpetrator empowers them by offsetting the first mover disadvantage. Even in today’s social media climate, isolated victims still pay an inordinately high price to speak out, and can use systems like Callisto to privately report their abuse while potentially being matched with others harmed by the same offender.

Would you risk this data getting into the wrong hands?

One of the complex aspects of such a system is the sensitive nature of the data. Documented evidence of sexual harassment is extremely private data, and if it’s leaked in an untimely fashion it can cause permanent lifelong damage. Huge efforts are made to secure the data, but all systems today are susceptible to data leakage caused by human error and insider attacks, simply because there are humans involved with access to the data.

Managing sensitive data requires trust in a small number of privileged individuals with full access rights, such as system and database administrators. Despite heavy employee screening and large investments in privacy protection, data can be leaked owing to the simple fact that humans have access to it, humans are fallible, and sometimes not trustworthy. Incidents of data theft by authorized persons have been abundant, with some high profile data breaches such as the Snowden leaks. Of all security breaches, over 55% are committed by insiders, where 31.5% are malicious insiders and 23.5% are inadvertent actors.

Beyond insider attacks, there is always a risk that data can be requested by court order using a subpoena process. The fact that Callisto users can document an assault but choose not to report it may have legal ramifications. Are the Callisto administrators considered to be in possession of this data? Could they be held responsible for refraining to take action to prevent further incidents? What about enterprises, where often HR are required to take immediate action following any complaint.

Trust no one — eliminating access by humans

So how can we apply cutting edge technology to allow private reporting yet prevent the leakage of sexual harassment information? We propose that a robot, nicknamed ‘e-Confidante’, could serve as the only one with access to the sensitive information.

To combat the problem of reporting and storing data on sexual assaults, my team at IBM Research — Haifa proposed a system design in which no humans need to access the actual information, aside from the data owner/producer. We suggest a solution built using Intel SGX enclaves, a state of the art hardware paradigm for secure code execution that provides a secluded and verifiable execution environment and encrypts all data even in memory.

In our proposed framework, sensitive data is decrypted only inside a secure sandbox, where computations such as matching sexual abuse perpetrators can be applied by e-Confidante without risk of surveillance or intervention. In a system like Callisto, if a match is found, the data could be re-encrypted by e-Confidante and sent across a private channel to authorities, but until that time it would remain unreadable by humans. Our design aims to protect against insider attacks and potentially avoids court subpoenas. Using e-Confidante together with something like Callisto in the enterprise would mean the HR team is clearly not in possession of sensitive data until a victim’s explicit policy choice results in it being sent there.

How does it work?

e-Confidante is obedient, its software always runs within an enclave, is openly available for audit, and is digitally signed through an attestation process that prevents forgery. When e-Confidante starts up, it tosses random coins to generate a secret key. This key is known only by e-Confidante, which is programmed to avoid exposing the secret key outside the enclave. Therefore, the secret key cannot be discovered by system administrators or hackers.

When a victim of sexual harassment files a report, they set up a secure channel with e-Confidante and send their data through this channel. e-Confidante then re-encrypts the data with its secret key before storing it in a database, so that only e-Confidante can subsequently read it. e-Confidante can then periodically retrieve data from the database and decrypt it within its enclave to check for matches.

What happens if e-Confidante crashes? This can happen by chance from a power failure or because of a malicious attack. This could potentially erase all data from the system since e-Confidante could forget its secret key. To handle this scenario, e-Confidante shares its key with other e-Confidante clones, after verifying they are authentic using the attestation process. This ensures both the resiliency of the system and is helpful in achieving scalability of the data service. We will be publishing more details on the technology behind e-Confidante soon. We also participate in the European H2020 project RestAssured on Intel SGX related topics — recent technical blogs are here and here.

Systems like Callisto are critical for helping victims of abuse record and possibly report their mistreatment. We believe that Intel SGX Enclave technology can be successfully applied to make these systems more resilient to data leakage and enhance the trust we put in such systems. At the same time, the technology can allow the systems to become highly scalable at lower costs — helping them reach a wider audience, so that more people and communities can benefit.