Information exchange systems include, but are not limited to instant messaging, chat, email, and streaming video. The information may be persistent, as in email systems or non-persistent, as in chat. Some systems like email rely on a client-server paradigm, where a server is between people communicating and may hold, process, or forward such email. Other systems are peer to peer, in which parties communicate directly, have the same capabilities, and where any party can initiate a communication session. Servers may be involved for authentication, login, and similar management functions.
These systems dominate how people communicate on a daily basis and make it extremely easy for people to communicate, but there may be personal costs and risks to users of these systems. Information is created by an author (“Sender”) and sent/downloaded to/by a recipient (“Recipient”). Servers may hold the information between such transactions of sending and receiving. Servers that hold such information between the Sender and Recipient may be fairly secure, but there have been cases where unauthorized users gained access to such servers and exposed Sender’s information. Noteworthy examples include instances of unauthorized access to various cloud-based computing and storage services, including dissemination of photographs.
But the bigger source risk to the disposition of a Sender’s information once sent, is by the Recipients themselves. Information received by a Recipient may be stored on a local device, replicated to other devices, forwarded to other Recipients, and/or otherwise generally shared beyond what the Sender intended. This common communications paradigm doesn’t provide a way for a Sender to control the actions allowed to the information by a Recipient or control the disposition of such information.
The potential downside to the Sender in not having control of their information once sent, are consequences that include but are not limited to:
pain and suffering;
embarrassment;
loss of confidentiality;
self-incrimination;
violating third-party confidentiality; and
monetary loss.
A Recipient may rely on a crutch that the Sender should have known that their information did not have an expectation of privacy once sent, regardless of what is done with such information. However, this may be more of a failing of the associated communication system, in not having a mechanism for the Sender to control (i) what actions can be taken on their information by a Recipient; or (ii) the disposition of such information, collectively referred to as “information rights”. A Sender must primarily rely on the good will of Recipients and any legal agreements that may be in place to safeguard the use and distribution of a Sender’s information, which opens the door for information misuse.
Inventions to enforce information rights exist for email systems, but have a common failing of sending information rights from the Sender to Recipient as part of a header of such information and/or as instructions sent after the information has already been received by Recipient. Information rights sent as part of header can’t be later altered, which precludes a Sender from changing the (i) actions that are permitted to be taken by a Recipient on the information; or (ii) disposition of the information. If information on the rights are sent as instructions after the information has already been received by Recipient, then enforcement of such instructions are not guaranteed, as a Recipient may have already exceeded them.
The most widely used information exchange system is electronic mail. It has a number of failings including a Recipient’s receipt of irrelevant or inappropriate information (“SPAM”) that may include or be linked to one or more malicious computer programs that may:
delete or damage a Recipient’s computer files (virus);
gain unauthorized access (“hack”) to the Recipient’s computer and control it remotely (“Trojan horse”);
use the network of the receiving computer to send copies of itself to other computers (“worms”);
track Internet browsing habits and send popups containing advertisements related to the sites and topics visited (“adware”); and
scan a computer drive for personal information and Internet browsing habits and report such sensitive information to a third party (“spyware”), all collectively known as malware.
SPAM is typically sent to a Recipient from an unknown Sender and is unsolicited. Even if transmitted information does not contain malware or links to malware, it may still be unsolicited and waste a Recipient’s time in processing the information. LinkedIn’s InMail is a LinkedIn service that allows users to send information to people who are not first-degree connections. The Recipient has no choice in the matter to receive such unsolicited information.
A Sender’s email message may contain sensitive information, which may be later discoverable. There may be occasions where the communicating parties don’t want such information to be discoverable.
Email systems provide little or no feedback to a Sender of information, once such information has been sent to a Recipient. There is also no way for a Sender to know what actions have been taken on the information, such as, viewing, printing, copying, deleting, or forwarding.
In video delivery systems a Sender’s information comprises video content that is typically streamed to a Recipient. It is understandable that businesses wouldn’t allow a movie to be downloaded to a device and later used, without a mechanism to restrict a Recipient’s use of such movie. Without such a mechanism, new revenue streams may be precluded, such as offline viewing for an additional charge.
SCC is a new solution to overcome these problems.