The “Chains of Cryptography”: Why Technological Solutions Should be Emphasized in the War Over Mass Surveillance

-- By DanielShiner

We can’t afford to wait for political solutions when it comes to mass surveillance. The stakes are too high and the prospects for a meaningful political change are too low. Instead, we should follow in the tradition of the cypherpunks, embracing technological solutions and empowering those building the tools to keep us free.

How did we get here?

When the first leaks from Edward Snowden were released to the public, I hoped they would inspire a political firestorm leading to some kind of reform. While they did spark outrage among civil libertarians, their political impact has been underwhelming to say the least.

While I initially found this somewhat puzzling, maybe it should not have been surprising. Although there are many reasons for the lack of reaction, two issues seem particularly important.

First, short-termism is pervasive in our current political climate. Because supporters of mass surveillance feel that the state’s motivations for wholesale surveillance are currently justified, they are unable to grasp that the massive power it entails becomes both increasingly entrenched and susceptible to abuse over time. But the 20th century is filled with lessons on the dangers of unfettered government surveillance, and their systems of listening were primitive in comparison to our current ones. Even the history of the United States government (tame when compared to the Soviet Union or Nazi Germany) is filled with examples of egregious abuse of surveillance and the information gained through from it. Notably, Martin Luther King was watched by the FBI, who uncovered his sexual affairs and then tried blackmail him into committing suicide.

Second, when short-term thinking is combined with political tribalism, the results are compounded. Even those who decry expansive state power when it’s being wielded by their political opponents, are often comfortable with its use by their allies. Regarding the public’s view on NSA surveillance, this is depressingly apparent. During the Bush administration, most Republicans supported NSA surveillance while most Democrats opposed it. Once Obama entered the Whitehouse, the numbers flipped, with more Democrats finding surveillance acceptable than Republicans. Even worse, some urged their political allies not to join forces with ideologically dissimilar groups in opposition to mass surveillance, claiming it was tantamount to “trading long-held beliefs in social and economic justice for a current hot-button issue.”

If we wait for political change, it may be too late

As the NSA’s store of data continues to grow, recording as much online activity as possible, it becomes increasingly dangerous and susceptible to misuse. Everything not shielded is recorded and never forgotten: every intimate communication, every philosophical exploration, every secret, every closeted skeleton.

Simultaneously, “the internet of things” continues to expand, broadening the scope of the listeners’ grasp dramatically. Increasingly, our offline lives are becoming increasingly swept up with our online lives, leaving a smaller and smaller sphere of meaningful privacy to those who fail to protect themselves.

It goes without saying that the potential to abuse this ubiquitous memory is enormous. Nearly omniscient, the listeners will inch closer and closer to obtaining quasi god-like vision. Everyone’s inner worlds, past and present, exposed to the prying eyes of the state.

The longer the current system remains in place, the more entrenched it will become. With constitutional challenges fizzling, and a consensus across party lines that such power is justified even in the absence of existential threats, the system will only continue to solidify as the new status quo. Once an all-seeing state is fully accepted as an essential fixture for maintaining national security in a “free society”, things may be too far gone to turn the tide.

A Way Forward

Although attempts at political reform should not be abandoned, technological solutions must be emphasized. By using cryptography and building our technology in a free and decentralized way, it is possible to constrain the listeners regardless of the political situation. As Snowden once wrote, mimicking the language of Thomas Jefferson, “Let us speak no more of faith in man, but bind him down from mischief by the chains of cryptography.”

First, encryption should be utilized wherever possible, and demanded when it’s not offered. The more encryption is built into a service or product by default, the more difficult bulk surveillance becomes. While Google and Apple are far from perfect on privacy issues, both of them have made some progress on this since the full scope of the NSA’s surveillance came to light. Gmail is now encrypted to a certain degree, and iPhones are now encrypted by default.

Second, decentralized systems should be preferred. Facebook or Google are easy targets for governments, as their users information is centralized under the firm’s control. In contrast, decentralized systems like Diaspora allow for users to control their own information, or for it to be widely distributed. In a decentralized system, the government must attack each point individually, making it much more difficult for mass surveillance to be done.

Third, free software should be preferred to closed software. Closed proprietary software lacks the transparency needed to trust it with your information and communications. Using an Apple computer, with opaque software, it’s extremely difficult to tell exactly what that software is actually doing, including whether it is snooping on its users. For example, the Apple Spotlight Search was secretly sending information to Apple every time its users conducted a search. With open software, someone could have seen this easily in the code. If you’re using any closed software, you are putting full trust in the creator of that software, and that trust could easily be misplaced.

Finally, although many of the tools necessary to protecting privacy exist already, some of them are not being used by many who are concerned with their privacy because of their inconvenience or inaccessibility to people without technical backgrounds. Because of this, accessibility and ease of use are extremely important. FreedomBox, among other projects, are aiming to solve this issue, and will hopefully play an increasingly important role going forward.

But in rewriting this, once you had this draft under your eye, perhaps you were fleetingly aware that the editor's question should be "Why?" Is this draft an answer to the question "Why should we bother with better technology when politics could do this for us?" It hardly seems likely that there is a reader whose mind is in that condition. Is the point "Which technical measures should be most important to us, once we have agreed that technical measures to improve privacy are necessary?" If so, what have you said that is novel on that point? Seems to me that "deploy strong encryption everywhere, federate centralized services, make software transparent to and modifiable by users" is a good technical program: in fact, it is the one I presented through the term. Wouldn't your essay in that case benefit from taking what I have argued as the explicit starting point? "I agree with Eben that we need technical solutions, and in general these are what we need, therefore [your new ideas here]" seems to be the right model for the next draft in that event.

Or perhaps that's not what I should be taking from the draft. That I missed the point beyond. In that case, I still recommend, as I did last time, that you lead with the point you consider your own.