A bad argument for surveillance


The Economist is worried that technology may put limits on how effective the government is at spying on people.

Western spooks say they are losing the technological edge that has enabled them to monitor the communications of potential terrorists. Tech companies are competing in their efforts to provide their customers with unbreachable privacy through sophisticated and sometimes “default” encryption. The heads of both America’s FBI and Britain’s MI5 have complained about their inability to prevent suspects from “going dark”—dropping off the radar screen of surveillance.

Their solution? Make encryption easier to break.

The tech firms must come to terms with the fact that every previous form of communication—from the conversation to the letter to the phone—has been open to some form of eavesdropping: they cannot claim their realm is so distinct and inviolate that it can imperil others’ lives, especially as the number of people who need to be monitored is in the thousands. And it is far better to agree to some form of standard now, rather that wait for an atrocity plotted behind impenetrable walls to be unleashed: if that happens the Dick Cheneys and Donald Rumsfelds of the future will be setting the rules.

Apparently, Economist writers have failed to notice that the Dicks and Donalds are already making these rules. And there are other problems with their argument.

Let’s dispense first of all with the argument that the government has always been spying on our communication, and therefore it must be ok. That’s the same argument that always comes up in favor of continuing abuses like slavery, racist discrimination, sexist discrimination, government corruption, and so on.

Then there’s the “ticking time bomb” argument. Unless we let the government have uncontrolled and unaccountable access to everything we say (or unless we let the government torture people, or unless we let the government send the secret police to abduct and/or execute individuals without any kind of due process, etc. etc.), then “thousands of people might die.”

The article itself points out some of the flaws in this argument.

Libertarians in Silicon Valley and elsewhere point out that the spooks, especially in America, have a record of exceeding their powers, lying about what they are up to and suborning their supervisors.

That’s accurate as far as it goes, but the situation is much worse than that. The government has a record of murderously breaking the law when it is given unchecked powers and allowed to exercise them without accountability. And make no mistake, while the government wants unlimited access to our information, they’re not going to be using weak encryption on their “state secrets”! Surrendering our liberty will not make us safer, it will only turn us into pawns and serfs.

As for intercepting information about terrorist plots, let’s be serious. There have been terrorist plots a lot longer than there have been cell phones, GPS’s, and the Internet. The stupid terrorists aren’t bothering to encrypt their communications in the first place, and the smart ones aren’t going to use channels that they know have been compromised and subverted by government intelligence agencies. Sabotaging Internet security is going to compromise one group, and one group only: you and me.

Let’s not forget, too, that the government isn’t the only group of people who own computers. Weakened encryption schemes mean your bank transactions, your passwords, your email, and your private documents, are all easier for cybercriminals to access as well.

The bottom line is that this discussion is all about who owns you. If you are a free citizen with all the rights and liberties afforded you by a truly democratic society, then you own yourself, and your property (which includes your information and your communications) belongs to you. That means that third parties, including the government, cannot access it without your permission. It does not belong to them. They need to either get your permission, or else establish in a court of law, by due process, that they have a legitimate warrant to search your possessions.

The alternative is that you belong to the government. You are not your own, and your possessions are not your own. What you are, what you say, and what you know, are all government property, and they don’t need anyone’s permission to access any or all of it, whenever they like.

Now obviously, that’s a spectrum and not a set of binary alternatives. But the precedents are clear: given the opportunity, the government will turn the dial as far as it can towards the end that takes away all of our rights and liberties. We need to fight back hard and continuously against that. It might not be “safe” to protect our individual privacy, but it’s a lot safer than the alternative.

Comments

  1. Aaron says

    The Economist is among the very last newspapers I would have expected to see this from, so I am surprised. There is lots of good coverage about why this is a bad idea for technical reasons, it blows my mind that they seem ignorant of it.

  2. Dunc says

    There’s also the point that the primary problem with these sorts of data-gathering exercises is filtering the signal from the noise. Increasing the total amount of data captured makes that problem worse. It’s actively counter-productive.

    One does not increase one’s chances of finding a needle in a haystack by making the haystack bigger.

  3. dysomniak "They are unanimous in their hate for me, and I welcome their hatred!" says

    the primary problem with these sorts of data-gathering exercises is filtering the signal from the noise

    That’s assuming the purpose of these programs is to catch bad guys. If your goal is simply to create a panopticon where your citizens are afraid to express dissent then it really doesn’t matter. Orwell covered it in 1984, of course:

    Behind Winston’s back the voice from the telescreen was still babbling away about pig-iron and the overfulfilment of the Ninth Three-Year Plan. The telescreen received and transmitted simultaneously. Any sound that Winston made, above the level of a very low whisper, would be picked up by it, moreover, so long as he remained within the field of vision which the metal plaque commanded, he could be seen as well as heard. There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live — did live, from habit that became instinct — in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized.

  4. Holms says

    Why the hell would the vulnerabilities of old technology form the basis of new technology security protocols? Sure, old mail could simply be intercepted and read… encrypted email fixes that problem and that’s good.

  5. EnlightenmentLiberal says

    As a professional programmer with college degrees in the related fields such as encryption, and passing knowledge of history, I am fully qualified to say this article is full of shit. Specifically:

    The tech firms must come to terms with the fact that every previous form of communication—from the conversation to the letter to the phone—has been open to some form of eavesdropping

    Complete bullshit. Do they think that cyphers and codes only became possible with modern electric computers?

    Example:
    http://en.wikipedia.org/wiki/Code_talker

    Example: One time pads have always been possible, and they always have been impossible to crack, and they will remain forever impossible to crack – subject to the quality of your random number generator, and subject to maintaining the secrecy of your one time pad. Modern electric computers change nothing here (except perhaps for allowing for better random number generators, and allowing better analysis of sloppy random number generators to break bad one time pads).
    http://en.wikipedia.org/wiki/One-time_pad

    Example: Any fucking cypher whatsoever of the many thousands, perhaps millions, that have been used in the history of mankind before the age of modern electric computers.

    What is allowed by modern encryption technology is merely ease of use. You could have already encrypted a physical letter through any of the wide variety of past and present encryption schemes. Today the process is merely automated.

Leave a Reply to Aaron Cancel reply

Your email address will not be published. Required fields are marked *