Monday, August 12, 2013

The surveillance state

I feel like I need to have something to say about Edward Snowden.

But I'm not sure I know how I feel.

On the one hand, I agree with those who have been frustrated that so much of the coverage is about Snowden himself, rather than about the issues he raised. For example, John Naughton, writing in the Guardian: Edward Snowden's not the story. The fate of the internet is

we have been fed a constant stream of journalistic pap – speculation about Snowden's travel plans, asylum requests, state of mind, physical appearance, etc. The "human interest" angle has trumped the real story

And because of that "journalistic pap" (and because my mind was in the mountains for two weeks), I haven't been paying enough attention to the overall story.

So, I turn to some of those who have been paying attention, and whose ideas are worth listening to.

First, Bruce Sterling: The Ecuadorian Library or, The Blast Shack After Three Years. Sterling, as usual, lights it up, but along with the entertainment he has some pretty important points to make.

For one thing, Sterling professes himself somewhat surprised and disappointed that, of all the potential allies that Snowden might have found, he ended up having to rely on the rather extreme Julian Assange:

It’s incredible to me that, among the eight zillion civil society groups on the planet that hate and fear spooks and police spies, not one of them could offer Snowden one shred of practical help, except for Wikileaks. This valiant service came from Julian Assange, a dude who can’t even pack his own suitcase without having a fit.

...

did they have the least idea what was actually going on with the hardware of their beloved Internet? Not a clue. They’ve been living in a pitiful dream world where their imaginary rule of law applies to an electronic frontier — a frontier being, by definition, a place that never had any laws.

But more importantly, says Sterling, it's not clear that "we", as human beings, actually know how we feel about this:

Computers were invented as crypto-ware and spy-ware and control-ware. That’s what Alan Turing was all about. That’s where computing came from, that’s the scene’s original sin, and also its poisoned apple.

...

Digital, globalized societies — where capital and information moves, and where labor and human flesh doesn’t move — they behave like this. That is what we are witnessing and experiencing. It’s weird because we are weird. We’re half actual and half digital now. We’re like the squirming brood of a tiger mated to a shark.

As Sterling observes, we actually like to be watched.

We post our pictures on Flickr.

We post our thoughts on Twitter.

We post our relationship status on Facebook.

On our own, we built these institutions, and willingly submitted ourselves to them:

And, yeah, by the way, Microsoft, Apple, Cisco, Google et al, they are all the blood brothers of Huawei in China — because they are intelligence assets posing as commercial operations. They are surveillance marketers. They give you free stuff in order to spy on you and pass that info along the value chain. Personal computers can have users, but social media has livestock.

For me, part of the problem is that there are no heroes here. Snowden is rather a worm; the NSA are aloof, secretive, and omnipotent; our political leaders are whiny and defensive; and our civil leaders are fawning and complicit. No matter which direction you look, the first thing you want to do is wash your hands.

Others seem to feel the same way.

Danah Boyd proposes that Snowden represents the modern version of a leader in civil disobedience: Whistleblowing Is the New Civil Disobedience: Why Edward Snowden Matters

he’s creating a template for how to share information. He’s clearly learned from previous whistleblowers and is using many of their tactics. But he’s also forged his own path which has had its own follies. Regardless of whether he succeeds or fails in getting asylum somewhere, he’s inspired others to think about how they can serve as a check to power.
Boyd's take is fine, as far as it goes, but I think she's overstating the case to put Edward Snowden on the level of those for whom the term "civil disobedience" was coined.

Mike Masnick has been watching the political response, and is terribly disappointed: Confessed Liar To Congress, James Clapper, Gets To Set Up The 'Independent' Review Over NSA Surveillance

that was Friday. Today is Monday. And, on Monday we learn that "outside" and "independent" actually means setup by Director of National Intelligence, James Clapper -- the same guy who has already admitted to lying to Congress about the program, and has received no punishment for doing so. This is independent? From this we're supposed to expect real oversight?!?
Indeed, it does seem like the first thoughts of our elected leaders are: consolidate, and cover up. What a sad, sad shame.

Meanwhile, both Jeff Jarvis and Bruce Schneier are taking corporate leaders to task, arguing (as you have to with businessmen) to their wallets, while simultaneously begging and pleading for these champions of industry to step into the gap and provide the needed leadership. First, Jarvis: We need Big Tech to protect us from Big Brother

At the Guardian Activate conference in London last month, I asked Vint Cerf, an architect of the net and evangelist for Google, about encrypting our communication as a defense against NSA spying. He suggested that communication should be encrypted into and out of internet companies' servers (thwarting, or so we'd hope, the eavesdropping on the net's every bit over telcos' fibre) – but should be decrypted inside the companies' servers so they could bring us added value based on the content: a boarding pass on our phone, a reminder from our calendar, an alert about a story we're following (not to mention a targeted ad).
Oh. My. God. Vint Cerf, what have you become?

And Schneier: The NSA Is Commandeering the Internet

This is why you have to fight. When it becomes public that the NSA has been hoovering up all of your users' communications and personal files, what's going to save you in the eyes of those users is whether or not you fought. Fighting will cost you money in the short term, but capitulating will cost you more in the long term.

Awkwardly, all these conversations with the titans of technology always seem to turn to a technical solution, justified by an appeal to greed, as with the Vint Cert conversation described by Jarvis above.

As I said, it is disappointing in all directions.

But that is not to say that there are no bright lights at all.

For instance, there is the ever-wonderful Brewster Kahle, who not only took on The Man, he won: What It's Like To Get A National Security Letter

Hundreds of thousands of national-security letters have been sent. But only the plaintiffs in the three successful challenges so far—Kahle; Nicholas Merrill, of Calyx Internet Access; and the Connecticut librarians George Christian, Barbara Bailey, Peter Chase, and Janet Nocek—are known to have had them rescinded.
And there are others who are willing to stand up and proclaim that the Emperor wears no clothes; as Poul Henning-Kamp persuasively argues, the problems here are not algorithmic, but social: More Encryption Is Not the Solution
The only surefire way to gain back our privacy is also the least likely: the citizens of all nation- states must empower politicians who will defund and dismantle the espionage machinery and instead rely on international cooperation to expose and prevent terrorist activity.

It is important to recognize that there will be no one-size-fits-all solution. Different nation- states have vastly different attitudes to privacy: in Denmark, tax forms are secret; in Norway they are public; and it would be hard to find two nation-states separated by less time and space than Denmark and Norway.

There will also always be a role for encryption, for human-rights activists, diplomats, spies, and other "professionals." But for Mr. and Mrs. Smith, the solution can only come from politics that respect a basic human right to privacy—an encryption arms race will not work.

And, of course, there is Snowden himself, who, as Roger Cohen points out, has certainly achieved something: The Service of Snowden

a long-overdue debate about what the U.S. government does and does not do in the name of post-9/11 security — the standards applied in the F.I.S.A. court, the safeguards and oversight surrounding it and the Prism program, the protection of civil liberties against the devouring appetites of intelligence agencies armed with new data-crunching technology — would not have occurred, at least not now.

All this was needed because, since it was attacked in an unimaginable way, the United States has gone through a Great Disorientation. Institutions at the core of the checks and balances that frame American democracy and civil liberties failed. Congress gave a blank check to the president to wage war wherever and whenever he pleased. The press scarcely questioned the march to a war in Iraq begun under false pretenses. Guantánamo made a mockery of due process. The United States, in Obama’s own words, compromised its "basic values" as the president gained "unbound powers."

So perhaps there is hope. But when it comes to public policy, and foreign affairs, and corporate governance, I struggle. But, as Tip O'Neill said, "all politics is local". So, what does this mean to me, and to computer scientists like me?

In this, I found Emin Gun Sirer's story quite compelling: How the Snowden Saga will End. Sirer relates a story from his early academic career, when "someone very very high up in the intelligence community" came to visit him at Cornell, and made his request:

"What if I had a graph. A really, really large graph. Billions of nodes. Trillions of edges. Let's say every node on the graph was a person. Edges between people described phone calls, interactions, stuff like that." He paused for dramatic effect, as he mentally took another puff from his non-existent cigar. "How would you find bin Laden?"
When you think about it this way, it's no surprise that computer scientists jump at the chance: "I could just write a computer program, and be a national hero? Where do I sign up?" The temptation, when challenged by that Man In A Suit, must be immense.

So Sirer reviews the deep, muddy, rotten mess we are in, but then owns up to the fact that, as computer scientists are at least partly responsible for this debacle, we need to be at least partly responsible for the solution:

we need tightened definitions for what kinds of surveillance data can be collected, as well as technical and legal measures to keep that data used solely in accordance with appropriate policies. Interestingly, there are technologies that can restrict what users, including Snowden-like "super users", can do with data. Once we re-establish our principles, we have the technical means to enact them. But first, the current era of covert, boundless data collection must come to an end.

I worry that Sirer is too optimistic about the potential of these Trustworty Computing technologies.

But I'm too much the optimist to throw in the towel and concede the inevitable Orwellian future at this point.

So I'll encourage those like Sirer who think they can build better software.

And I'll loudly praise those like Kahle and the other librarians in the trenches:

Libraries have had a long history of dealing with authoritarian organizations demanding reader records—who’s read what—and this has led to people being rounded up and killed. As a librarian, you take this very, very seriously. So, when you get demands for information about a patron’s activities, there are things that sort of flash before your mind. Where am I? What century is this? What country am I in?

And I'll hope that, even as we seem to sometimes move one step forward and two steps back, enough people will open their minds, and be willing to consider the thoughts and ideas of others, and perhaps during my lifetime we will see a retreat from xenophobia and the fear of the Unknown Terrorist, somehow.

No comments:

Post a Comment