- Spitfire List - https://spitfirelist.com -

Knock, Knock. Who’s there? The Clipper Chip and Four Horsemen.

This is a LONG post so here’s a short sum­ma­ry:
Angela Merkel made an omi­nous announce­ment last week. She wants to move ahead with walling off the EU’s web traf­fic and begin a “mas­sive” counter-espi­onage cam­paign against the US and its Five Eyes part­ners [1]. There’s also a new Ger­man anti-NSA state-backed email ser­vice [2]. Sim­i­lar­ly [3], Brazil is mov­ing ahead with its plans to remake the inter­net, includ­ing local data stor­age require­ments [4] and pos­si­bly state-encrypt­ed web ser­vices [5]. So domes­tic spy­ing could be on the rise, the inter­net itself is at risk [6], state-encyp­tion ser­vices are now being offered as an anti-NSA panacea, and the future of encryp­tion stan­dards are up in the air. Simul­ta­ne­ous­ly, Kim Dot­com is work­ing on mak­ing unbreak­able encryp­tion main­stream and easy to use [7].

With both state-backed anti-NSA encryp­tion and unbreak­able main­streamed strong encryp­tion on the hori­zon, it looks like an old ene­my of pri­va­cy, the Clip­per Chip [8], is back in the new form and the Clip­per Chip’s own arch-neme­ses, the Four Horse­men of the Infopoca­lypse [9], are back too. Should we wel­come these guests? The Cypher­punks thinks so. [10] But these aren’t easy guests to have around and there are no obvi­ous ways to unin­vite them with­out a LONG talk.

In the mean time, while data-local­iza­tion are laws gain­ing momen­tum, no gov­ern­ments are offer­ing state-backed encryp­tion ser­vices that even the state itself can’t break, includ­ing Ger­many and Brazil. Crises in trust can get weird and ugly fast [11]:

McClatchy in Berlin

Edward Snow­den rev­e­la­tions prompt cri­sis of trust in Ger­many

Euro­pean experts ques­tion whether they can rely on US com­put­ing mod­els or whether they need to devel­op their own fail-safe equip­ment

PUBLISHED : Mon­day, 17 Feb­ru­ary, 2014, 5:02am
UPDATED : Mon­day, 17 Feb­ru­ary, 2014, 6:22am

When Ger­many’s fed­er­al crim­i­nal police office needs to share sen­si­tive infor­ma­tion these days, employ­ees type the par­tic­u­lars and get them hand-deliv­ered.

Last year, agents would have trust­ed the secu­ri­ty of e‑mail. But that was before Edward Snow­den and the rev­e­la­tions about the US Nation­al Secu­ri­ty Agen­cy’s PRISM elec­tron­ic intel­li­gence-gath­er­ing pro­gramme. After Snow­den, it’s a new dig­i­tal world.

Note that the Ger­man police that pre­vi­ous­ly thought their email was total­ly secure were prob­a­bly rook­ies [12].


“We’re now car­ry­ing our infor­ma­tion to our allies on foot,” said Peter Hen­zler, vice- pres­i­dent of the Bun­deskrim­i­nalamt, known as the BKA. He was speak­ing recent­ly at a Ger­man Inte­ri­or Min­istry dis­cus­sion on the coun­try’s dig­i­tal future. The focus of the pan­el was how to counter US sur­veil­lance mea­sures and what it will take for Ger­mans to be safe again on the web. “We’re no longer using the open inter­net,” he said.

The mes­sage is clear: No longer can the US be trust­ed to hon­our the pri­va­cy of Ger­man life and pol­i­cy.

Hen­zler’s con­cerns weren’t iso­lat­ed. The wor­ries appear to reflect the wider Ger­man, and even Euro­pean, frus­tra­tion with the reach of the NSA’s sur­veil­lance pro­gramme.

Hard­ly a week pass­es in Berlin with­out some new rev­e­la­tion about the das­tard­ly depths to which the Amer­i­can spy pro­gramme invad­ed Ger­man pri­va­cy, or at least a new way in which to react to the scan­dal.

Last week, news broke that the Unit­ed States had tapped the mobile phone of Ger­hard Schroed­er when he was Ger­man chan­cel­lor from 1998 to 2005. This came four months after news broke that the same Amer­i­can sur­veil­lance pro­gramme was tap­ping the mobile phone of the cur­rent chan­cel­lor, Angela Merkel.

There are many more exam­ples beyond news sto­ries. Thir­ty-two per cent of Ger­mans told poll­sters that they had either quit or cut their time on Face­book because of spy­ing fears. Ger­man tele­vi­sion ads note the peace of mind and free­dom that comes with e‑mail that does­n’t leave Euro­pean servers. Providers now say that they encrypt all e‑mail.

Such thoughts aren’t lim­it­ed to Ger­many. A US$900 mil­lion French deal with the Unit­ed Arab Emi­rates for two new intel­li­gence satel­lites appears to be in doubt after the buy­ers noticed US com­po­nents in the French satel­lites that they feared could com­pro­mise their data.

Flo­ri­an Glatzn­er, a pol­i­cy offi­cer with the Ger­man Fed­er­al Con­sumer Pro­tec­tion Agency, says the office is field­ing many con­sumer ques­tions about how to ensure that com­mu­ni­ca­tions and data are safe from the NSA.

“A lot of the trust in the big inter­net com­pa­nies is gone,” he says. “And most of the big inter­net com­pa­nies were based in the Unit­ed States.”

Thomas Kre­mer, a data pri­va­cy board mem­ber for Deutsche Telekom, the Ger­man phone giant, recent­ly not­ed that: “Regard­less of what one thinks of Edward Snow­den, he cre­at­ed an aware­ness of inter­net secu­ri­ty and we should be grate­ful for that.”

Experts note that there may be no bet­ter place to find the effect of this dis­trust than in the emerg­ing cloud com­put­ing mar­ket. Before Europe met Snow­den, the con­ti­nent was mov­ing fast to an Amer­i­can-dom­i­nat­ed cloud com­put­ing future.


The Amer­i­can dream of total cloud dom­i­na­tion might be drift­ing away. There are signs of that: By 2016, US com­pa­nies are expect­ed to lose US$21 bil­lion to US$35 bil­lion in new con­tracts that they’d been expect­ed to col­lect, accord­ing to some esti­mates.

Ger­man cloud com­pa­nies are post­ing bet­ter-than-expect­ed earn­ings. There have been signs that some US tech com­pa­nies might be suf­fer­ing. Net­work equip­ment mak­er Cis­co, for instance, not­ed gov­ern­ment issues when it pre­dict­ed a rev­enue drop for the cur­rent quar­ter.

The new real­i­ty for some crit­ics is that data that pass­es through the Unit­ed States isn’t safe.

“A year ago, a Ger­man cloud was a bad idea,” says Daniel Cas­tro, a senior ana­lyst for the Infor­ma­tion Tech­nol­o­gy & Inno­va­tion Foun­da­tion in Wash­ing­ton. “Ger­man busi­ness did­n’t want a Ger­man prod­uct to help them in a glob­al mar­ket. They want­ed the best prod­uct. Today, even if busi­ness­es still believe a Ger­man cloud is a bad idea, they’re accept­ing it as a nec­es­sary idea.”

There’s even a new ini­tia­tive, “Ger­man Cloud”, backed by a vari­ety of Ger­man tech com­pa­nies. The mot­to is “My com­pa­ny data stays in Ger­many.”

Cas­tro not­ed that this is a bad time for the Amer­i­can brand to lose lus­tre. The mar­ket is grow­ing rapid­ly. Cas­tro wants hard evi­dence that con­firms his ear­li­er pre­dic­tions that the inter­na­tion­al mar­ket share of US cloud providers should fall by 5 per cent this year, and up to 20 per cent by 2016, because of the spy­ing alle­ga­tions.

The news could be even worse for Amer­i­can com­pa­nies. The recent Inte­ri­or Min­istry pan­el showed just how fear­ful Ger­many has become. Rein­hold Achatz, head of tech­nol­o­gy and inno­va­tion at the Ger­man steel giant ThyssenK­rupp, not­ed that “who­ev­er can read data is also like­ly to be able to change data.”

“For exam­ple, they could switch off a pow­er sta­tion,” he said. “So from my point of view, it would­n’t be sur­pris­ing if some­one came up with the idea of switch­ing off Ger­many. I’m seri­ous about that.”

Note that ThyssenK­rupp actu­al­ly tried to get cyber­at­tack insur­ance in 2012 over stuxnet con­cerns. It did­n’t sound like the insur­ance indus­try was very inter­est­ed [13].


Chris­t­ian Stoeck­er, edi­tor of Spiegel Online, the web ver­sion of Ger­many’s most pres­ti­gious news mag­a­zine, not­ed: “Before Snow­den, I did not know that the NSA inter­cepts hard­ware shipped to Euro­pean telecom­mu­ni­ca­tions com­pa­nies by US man­u­fac­tur­ers and swaps the BIOS to make the equip­ment usable for NSA pur­pos­es.” BIOS is the basic oper­at­ing sys­tem that starts up a per­son­al com­put­er.

“The NSA prac­ti­cal­ly turned the inter­net into a weapons sys­tem,” Stoeck­er says. “If we want to change things, we have to enter into dis­ar­ma­ment talks.”

A round of sur­veil­lance “dis­ar­ma­ment talks” should be quite a sight. Maybe it’ll be one big sweep­ing ges­ture at a UN-lev­el [14] or a series of bilat­er­al talks. Either way, it’s going to by com­pli­cat­ed and almost doomed to fail if its just “dis­ar­ma­ment talks” between the US and Ger­many. A sin­gle bilat­er­al no-spy agree­ment just isn’t that use­ful in a world of joint intel­li­gence-shar­ing agree­ments [15]:

Chris­t­ian Sci­ence Mon­i­tor
Hyper­bole in NYT report on Aus­tralia and NSA spy­ing on Indone­sia

A New York Times sto­ry about how Aus­tralian intel­li­gence might have passed infor­ma­tion involv­ing a US law firm and Indone­sia is heavy on the dra­ma.

By Dan Mur­phy, Staff writer / Feb­ru­ary 16, 2014

James Risen and Lau­ra Poitras at the New York Times have the lat­est scoop from the steady drip drip drip of Nation­al Secu­ri­ty Agency files that for­mer NSA con­trac­tor Edward Snow­den stole and has been dis­trib­ut­ing to reporters since the mid­dle of last year.

They report the news breath­less­ly, but there’s far less there there than their pre­sen­ta­tion would lead a casu­al read­er to believe. They write:

A top-secret doc­u­ment, obtained by the for­mer N.S.A. con­trac­tor Edward J. Snow­den, shows that an Amer­i­can law firm was mon­i­tored while rep­re­sent­ing a for­eign gov­ern­ment in trade dis­putes with the Unit­ed States. The dis­clo­sure offers a rare glimpse of a spe­cif­ic instance in which Amer­i­cans were ensnared by the eaves­drop­pers, and is of par­tic­u­lar inter­est because lawyers in the Unit­ed States with clients over­seas have expressed grow­ing con­cern that their con­fi­den­tial com­mu­ni­ca­tions could be com­pro­mised by such sur­veil­lance.

Scary, huh? No. Not at all. Here’s my sum­ma­ry of the key asser­tions in the arti­cle, stripped of spin, dra­ma, and adjec­tives:

“A 2013 memo leaked by Edward Snow­den shows that Aus­trali­a’s ver­sion of the NSA, while engaged in elec­tron­ic sur­veil­lance of an Indone­sian trade del­e­ga­tion, came across com­mu­ni­ca­tions between the Indone­sian offi­cials and a US law firm the coun­try had hired for help with trade talks. Aus­tralia informed the NSA liai­son office in Can­ber­ra that intel­li­gence it was col­lect­ing and will­ing to share with the US might infringe on US attor­ney-client priv­i­lege laws. The liai­son referred the mat­ter to the NSA gen­er­al coun­sel in the US and some sort of legal guid­ance was sent back. The memo does not say, nor has the Times been able to learn by oth­er means, what that guid­ance was.”

For­eign gov­ern­ments hire US law firms and lob­by­ists all the time and it would be fool­ish to assume that US and for­eign gov­ern­ment sig­nal intel­li­gence col­lec­tion oper­a­tions tar­get­ing for­eign gov­ern­ments don’t fre­quent­ly come across com­mu­ni­ca­tion between the tar­gets and the US com­pa­nies in their employ. Yet here’s an instance of what can safe­ly be pre­sumed to be a rou­tine occur­rence in which US ally Aus­tralia — not bound by any US law in its intel­li­gence col­lec­tion — imme­di­ate­ly noti­fied the US of a poten­tial legal prob­lem with intel­li­gence shar­ing.

The guid­ance the US sent back (for all we know — the Times does­n’t) may well have been: “Feed us the stuff the Indone­sian offi­cials say but redact any­thing involv­ing any Amer­i­can cit­i­zens who were involved.” Or it could have been: “Give us every­thing — our lawyers have deter­mined that all of this is legal for us to col­lect.”

In fact, an NSA spokes­woman quot­ed in the arti­cle — if you read down to the 13th para­graph — says the agency takes attor­ney client priv­i­lege very seri­ous­ly. The NSA’s Vanee M. Vines told the paper that in cas­es like the one described in the arti­cle that the agen­cy’s legal office could rec­om­mend steps includ­ing “request­ing that col­lec­tion or report­ing by a for­eign part­ner be lim­it­ed, that intel­li­gence reports be writ­ten so as to lim­it the inclu­sion of priv­i­leged mate­r­i­al and to exclude U.S. iden­ti­ties, and that dis­sem­i­na­tion of such reports be lim­it­ed and sub­ject to appro­pri­ate warn­ings or restric­tions on their use.”

This all strikes me as very pos­i­tive and a far cry from the Times’ rec­om­men­da­tion in the sto­ry’s first para­graph to add “Amer­i­can lawyers... (to) the list of those caught up in the glob­al sur­veil­lance net cast by the Nation­al Secu­ri­ty Agency and its over­seas part­ners.”

The arti­cle pro­vides evi­dence that legal con­cerns are front and cen­ter when intel­li­gence shar­ing comes up. And while Aus­tralia may be the junior part­ner in the defense rela­tion­ship with the US, they punch far above their weight when it comes to neigh­bor Indone­sia, the world’s fourth largest coun­try. Aus­tralia has more lin­guists and spe­cial­ists and resources focused on Indone­sia than the US does and Aus­trali­a’s will­ing­ness to share intel­li­gence about the coun­try of rel­e­vance to US inter­ests is evi­dence of how the so-called “Five eyes” alliance (intel­li­gence shar­ing between Aus­tralia, New Zealand, Cana­da, the UK and the US) is a two-way street.

To some, all US intel­li­gence coop­er­a­tion with for­eign gov­ern­ments is nefar­i­ous. Take Glenn Green­wald, who’s been the most promi­nent of the reporters receiv­ing doc­u­ments from Snow­den and has emerged as a sort of unof­fi­cial spokesper­son and cheer­leader for both the man him­self and the sup­pos­ed­ly earth-shat­ter­ing impli­ca­tions of every­thing he has revealed. This was his response to the Times’ sto­ry on Twit­ter:

Glenn Greenwald@ggreenwald
There’s almost no sep­a­ra­tion between Five Eyes alliance on spy­ing: Aus­tralian spy­ing on US law firm w/NSA knowl­edge http://www.nytimes.com/2014/02/16/us/... [16]
9:07 AM — 16 Feb 2014
Eaves­drop­ping Ensnared Amer­i­can Law Firm [17]

A top-secret doc­u­ment, obtained by the for­mer N.S.A. con­trac­tor Edward J. Snow­den, shows that an Amer­i­can law firm was mon­i­tored while rep­re­sent­ing a for­eign gov­ern­ment in trade dis­putes with the... [17] The New York Times @nytimes [18]

What is his point here? It would be bet­ter if Aus­tralia was con­duct­ing its spy­ing activ­i­ties while keep­ing the US in the dark? That Amer­i­ca has some pow­er to demand Aus­tralia rein in its intel­li­gence tar­get­ing of Indone­sia — one of the coun­try’s two most impor­tant intel­li­gence tar­gets?

As for “almost no sep­a­ra­tion” what is actu­al­ly shown is... sep­a­ra­tion. Aus­tralia, not as famil­iar with US laws as the NSA is — let the US know what was going on and asked for guid­ance.


The Five Eyes no-spy pro-spy agree­ment
When the above author asked the ques­tion “it would be bet­ter if Aus­tralia was con­duct­ing its spy­ing activ­i­ties while keep­ing the US in the dark?” it rais­es anoth­er aspect about cre­at­ing a spy-free world: For instance, if two nations are to enter into a ‘no-spy’ agree­ment, they pre­sum­ably are simul­ta­ne­ous­ly enter­ing into a ‘trust us to share with you any rel­e­vant info and also trust us to spy on our pop­u­lace and iden­ti­fy threats so you don’t feel the need to spy on us”-agreement. It rais­es the ques­tion of how, for exam­ple, the rela­tion­ship between the US and Ger­many would have changed in the wake of 9/11 if the US and Ger­many already had a ‘no-spy’ agree­ment with the US after the Ham­burg cell was dis­cov­ered [19]? Would 9/11 have been used as an excuse to ele­vate the domes­tic sur­veil­lance in Ger­many? Maybe not [20], but the fact remains that a ‘no-spy’ world is unprecent­ed so a lot of tricky and unprece­dent­ed ques­tions might get raised as we enter into the No-Spy World Order. For­tu­nate­ly (for pro­cras­ti­na­tors) those unprecen­dent­ed ques­tions may not need to be asked for the fore­seable future [21]:

Feb­ru­ary 13, 2014 11:14 am
Ger­many gives up on no-spy deal with US

By Jee­van Vasagar in Berlin

The Ger­man gov­ern­ment has giv­en up hope of a bilat­er­al no-spy agree­ment with the US [22], accord­ing to a senior aide to chan­cel­lor Angela Merkel.

Phillipp Miss­felder, Berlin’s co-ordi­na­tor for transat­lantic rela­tions, told a press brief­ing on Thurs­day that he did not expect talks would lead to a legal­ly bind­ing agree­ment.

He said: “I am real­is­tic that we can’t expect a no-spy agree­ment that will be bind­ing in inter­na­tion­al law. The Amer­i­cans are not pre­pared to cur­tail their secu­ri­ty mea­sures.”

Ger­many has been push­ing for a rela­tion­ship sim­i­lar to the “five eyes” agree­ment [23] between the US and four Eng­lish-speak­ing allies, includ­ing the UK. This car­ries an under­stand­ing that they will not spy on each oth­er.

There were reports of a stale­mate in talks between Berlin and Wash­ing­ton last month, but until now the offi­cial line from Ger­many has been that dis­cus­sions are ongo­ing.


Mr Miss­felder said: “The Amer­i­cans base their pre­dom­i­nant posi­tion in the world not on eco­nom­ic or on mil­i­tary grounds, but on moral supe­ri­or­i­ty. That is under­mined when friends are spied upon. When were Ger­hard Schröder or Angela Merkel a threat to US nation­al secu­ri­ty? Nev­er.”

Mr Miss­felder leav­ened his crit­i­cism with praise for Pres­i­dent Barack Oba­ma for giv­ing an inter­view to a Ger­man broad­cast­er fol­low­ing his NSA speech. He added: “We are friends, we remain friends, and Snow­den can’t change that.”

At a joint press con­fer­ence with French pres­i­dent François Hol­lande on Tues­day, Mr Oba­ma said there was no coun­try with which the US has a no-spy agree­ment. He added the US endeav­ours to pro­tect pri­va­cy rights as it gath­ers for­eign intel­li­gence.

It might sound sur­pris­ing that Pres­i­dent Oba­ma announced that there was no coun­try in the world with which the US as a no-spy agree­ment. After all, isn’t is the ‘Five Eyes’ agree­ment and its ‘no-spy­ing’ mem­ber­ship perk that Angela Merkel has been cov­et­ing all along? Well, not exact­ly. The ‘Five Eyes’ aren’t sup­posed to spy on eachother’s cit­i­zens with­out per­mis­sion but, as one might expect, that’s real­ly more of a sug­ges­tion [24]:

NSA con­sid­ered spy­ing on Aus­tralians ‘uni­lat­er­al­ly’, leaked paper reveals
2005 draft direc­tive says cit­i­zens of ‘5‑Eyes’ coun­tries may be tar­get­ed with­out knowl­edge or con­sent of part­ner agen­cies

James Ball and Paul Far­rell
theguardian.com, Wednes­day 4 Decem­ber 2013 22.29 EST

The US Nation­al Secu­ri­ty Agency has con­sid­ered spy­ing on Aus­tralian cit­i­zens with­out the knowl­edge or con­sent of the Aus­tralian intel­li­gence organ­i­sa­tions it part­ners with, accord­ing to a draft 2005 NSA direc­tive kept secret from oth­er coun­tries.

The draft direc­tive leaked by the US whistle­blow­er Edward Snow­den reveals how the NSA con­sid­ered the pos­si­bil­i­ty of “uni­lat­er­al­ly” tar­get­ing cit­i­zens and com­mu­ni­ca­tion sys­tems of Aus­tralia, New Zealand and Cana­da – all “5‑Eyes” part­ners which it refers to as “sec­ond par­ty” coun­tries.

a) (S//SI//NF) Under the British‑U.S. Com­mu­ni­ca­tions Intel­li­gence Agree­ment of 5 March 1946 (com­mon­ly known as the Unit­ed Kingdon/United States of Amer­i­ca (UKUSA) Agree­ment), buoth gov­ern­ments agreed to exchange com­mu­ni­ca­tions intel­li­gence prod­ucts, meth­ods and tech­niques as applic­a­ble so long as it was not prej­u­di­cial to nation­al inter­ests. This agree­ment has evolved to include a com­mon under­stand­ing that both gov­ern­ments will not tar­get each oth­er’s citizens/persons. How­ev­er, when it is in the best inter­est of each nation, each reserved the right to con­duct uni­lat­er­al COMINT action against each oth­er’s citizens/persons. There­fore, under cer­tain cir­cum­stances, it may be advis­able and allow­able to tar­get Sec­ond Par­ty per­sons and sec­ond par­ty com­mu­ni­ca­tions sys­tems uni­lat­er­al­ly when it is in the best inter­ests of the U.S. and nec­es­sary for the U.S. nation­al secu­ri­ty. Such tar­get­ing must be per­formed exclu­sive­ly with­in the direc­tions, pro­ce­dures and deci­sion process­es out­lined in this direc­tive.

“Under cer­tain cir­cum­stances, it may be advis­able and allow­able to tar­get sec­ond par­ty per­sons and sec­ond par­ty com­mu­ni­ca­tions sys­tems uni­lat­er­al­ly when it is in the best inter­ests of the US and nec­es­sary for US nation­al secu­ri­ty,” says the direc­tive, which was clas­si­fied as “NF” for No For­eign and is titled Col­lec­tion, Pro­cess­ing and Dis­sem­i­na­tion of Allied Com­mu­ni­ca­tions.

“Such tar­get­ing must be per­formed exclu­sive­ly with­in the direc­tion, pro­ce­dures and deci­sion process­es out­lined in this direc­tive.”

Aus­tralia is one of the coun­tries act­ing in part­ner­ship with Britain, the US, New Zealand and Cana­da to share intel­li­gence and con­duct sur­veil­lance oper­a­tions around the world. These 5‑Eyes states form part of the UKUSA agree­ment, which was believed to lim­it the abil­i­ty of the part­ner coun­tries to spy on each oth­er. The Aus­tralian Sig­nals Direc­torate main­tains a close part­ner­ship with the NSA [25].

On Mon­day Guardian Aus­tralia revealed that the Defence Sig­nals Direc­torate – now the Aus­tralian Sig­nals Direc­torate – had offered to share cit­i­zens’ per­son­al data [26] in a 2009 meet­ing. Last month an offi­cer respon­si­ble for fed­er­al parliament’s IT sys­tems left open the pos­si­bil­i­ty that par­lia­men­tar­i­ans could be sub­ject to US sur­veil­lance [27] through a Microsoft oper­at­ing sys­tem vul­ner­a­bil­i­ty.

The draft 2005 direc­tive, which was pub­lished in the Guardian in Novem­ber [28], goes on to state that the US could con­duct the tar­get­ing with­out the knowl­edge of Aus­tralian, Cana­di­an or New Zealand author­i­ties, and even if the coun­tries had reject­ed a “col­lab­o­ra­tion pro­pos­al” for the oper­a­tion.

b) (S//NF) Unilit­er­al­ly by the Sig­nals Intel­li­gence Direc­torate:
When shar­ing the planned tar­get­ing infor­ma­tion with a sec­ond par­ty would be con­trary to US inter­ests, or when the sec­ond par­ty declines a col­lab­o­ra­tion pro­pos­al, the pro­posed tar­get­ing must be pre­sent­ed to the sig­nals intel­li­gence direc­tor for approval with jus­ti­fi­ca­tion for the crit­i­cal­i­ty of the pro­posed col­lec­tion. If approved, any col­lec­tion, pro­cess­ing and dis­sem­i­na­tion of the Sec­ond Par­ty infor­ma­tion must be main­taine in NOFORN chan­nels

“When shar­ing the planned tar­get­ing infor­ma­tion with a sec­ond par­ty would be con­trary to US inter­ests, or when the sec­ond par­ty declines a col­lab­o­ra­tion pro­pos­al, the pro­posed tar­get­ing must be pre­sent­ed to the sig­nals intel­li­gence direc­tor for approval with jus­ti­fi­ca­tion for the crit­i­cal­i­ty of the pro­posed col­lec­tion.”


The orig­i­nal 1946 UKUSA agree­ment [29] between the US and Britain was pre­vi­ous­ly designed only for “for­eign intel­li­gence” oper­a­tions. The draft memo appears to indi­cate that the agree­ment has changed.

“[The 1946 UKUSA] agree­ment has evolved to include a com­mon under­stand­ing that both gov­ern­ments will not tar­get each oth­er’s citizens/persons. How­ev­er, when it is in the best inter­est of each nation, each reserved the right to con­duct uni­lat­er­al Comint [com­mu­ni­ca­tions intel­li­gence] action against each oth­er’s citizens/persons.”

In a lat­er part of the draft cleared for release to the 5‑Eyes coun­tries, the doc­u­ment sug­gests there may be cir­cum­stances in which Aus­tralia, Cana­da and New Zealand should co-oper­ate to allow the US to tar­get their cit­i­zens.

b) (S//SI//REL to UK, CAN, AUS, NZ and USA) There are cir­cum­stances when tar­get­ing of Sec­ond par­ty per­sons and com­mu­ni­ca­tions sys­tems, with the full knowl­edge and co-oper­a­tion of one or more sec­ond par­ties, is is allowed when it is in the best inter­ests of both nations,” the 2005 doc­u­ment says. “This tar­get­ing will con­form to guide­lines set forth in this direc­tive.”

“There are cir­cum­stances when tar­get­ing of sec­ond par­ty per­sons and com­mu­ni­ca­tions sys­tems, with the full knowl­edge and co-oper­a­tion of one or more sec­ond par­ties, is allowed when it is in the best inter­ests of both nations,” the 2005 doc­u­ment says. “This tar­get­ing will con­form to guide­lines set forth in this direc­tive.”

It says this type of col­lab­o­ra­tive tar­get­ing is most com­mon­ly achieved “when the pro­posed tar­get is asso­ci­at­ed with a glob­al prob­lem such as weapons pro­lif­er­a­tion, ter­ror­ism, drug traf­fick­ing or organ­ised crime activ­i­ties”.

Yes, the much vaunt­ed ‘No spying’-feature in the ‘5 Eyes’ club actu­al­ly appears to be a moot point with­in a larg­er ‘Pro spy­ing’ agree­ment. Or, more pre­cise­ly, it appears to be a ‘please don’t spy on us with­out ask­ing first and we’d like­ly be more than hap­py to help...unless we don’t want to help, in which case go ahead and spy on us anyways’-club that fos­ters the col­lec­tion and shar­ing of intel­li­gence includ­ing the intel­li­gence on ‘5 Eyes’ cit­i­zens [28].

I spy you spy­ing on me spy­ing on you
So if the ‘5 Eyes’ treaty does­n’t actu­al­ly pre­vent spy­ing, why would Angela Merkel be putting such an empha­sis on extract­ing a ‘No Spy’ agree­ment out of the US by join­ing a pro-spy­ing intel­li­gence ring? Well, one rea­son Merkel might want to gain entry into the ‘5 Eyes’ — a move that pre­sum­ably entails a great deal of data-shar­ing with the ‘5 Eyes’ part­ners — is sim­ply because Ger­many’s intel­li­gence agen­cies are already in club with the NSA and already shar­ing large vol­umes of data [30] and who does­n’t like an upgrade on their club mem­ber­ship sta­tus? [31]:

Por­trait of the NSA: no detail too small in quest for total sur­veil­lance
The NSA gath­ers intel­li­gence to keep Amer­i­ca safe. But leaked doc­u­ments reveal the NSA’s dark side – and show an agency intent on exploit­ing the dig­i­tal rev­o­lu­tion to the full

Ewen MacAskill and James Ball
The Observ­er, Sat­ur­day 2 Novem­ber 2013 12.13 EDT

Barack Oba­ma [32] hailed Unit­ed Nations sec­re­tary gen­er­al Ban Ki-moon as a “good friend” after the two had sat down in the White House in April to dis­cuss the issues of the day: Syr­ia and alleged chem­i­cal weapons attacks, North Korea, Israel-Pales­tine, and cli­mate change.

But long before Ban’s lim­ou­sine had even passed through the White House gates for the meet­ing, the US gov­ern­ment knew what the sec­re­tary gen­er­al was going to talk about, cour­tesy of the world’s biggest eaves­drop­ping organ­i­sa­tion, the Nation­al Secu­ri­ty Agency.

One NSA doc­u­ment – leaked to the Guardian by whistle­blow­er Edward Snow­den just a month after the meet­ing and report­ed in part­ner­ship with the New York Times [33] — boasts how the spy agency had gained “access to UN sec­re­tary gen­er­al talk­ing points pri­or to meet­ing with Potus” (pres­i­dent of the Unit­ed States). The White House declined to com­ment on whether Oba­ma had read the talk­ing points in advance of the meet­ing.

Spy­ing on Ban and oth­ers at the UN is in con­tra­ven­tion of inter­na­tion­al law, and the US, forced on the defen­sive this week over the Snow­den leaks about world­wide snoop­ing, ordered an end to sur­veil­lance of the orga­ni­za­tion, accord­ing to Reuters.

That the US spied on Ban is no great sur­prise. What is a reveal­ing is that the dis­clo­sure is list­ed in the NSA’s ‘top-secret’ week­ly report from around the world as an “oper­a­tional high­light”.

It sits incon­gru­ous­ly along­side oth­er “oper­a­tional high­lights” from that week: details of an alleged Iran­ian chem­i­cal weapons pro­gram; com­mu­ni­ca­tions relat­ing to an alleged chem­i­cal weapons attack in Syr­ia and a report about the Mex­i­can drug car­tel Los Zetas.

Brack­et­ing the benign, US-friend­ly Ban along­side drug traf­fick­ers and weapons in the Mid­dle East and Cen­tral Asia points to a spy agency that has lost its sense of pro­por­tion.

The inci­dent is con­sis­tent with the por­trait of the NSA that emerges from the tens of thou­sands of doc­u­ments leaked by Snow­den. Page after page shows the NSA engaged in the kind of intel­li­gence-gath­er­ing it would be expect­ed to car­ry out: eaves­drop­ping on Tal­iban insur­gents plan­ning attacks in remote Afghanistan val­leys, or lis­ten­ing in on hostage-tak­ers in Colom­bia.

But the doc­u­ments reveal, too, the dark­er side of the NSA. It is indis­crim­i­nate in the infor­ma­tion it is col­lect­ing. Noth­ing appears to be too small for the NSA. Noth­ing too triv­ial. Rivals, ene­mies, allies and friends – US cit­i­zens and ‘non-Amer­i­cans’ – are all scooped up.

The doc­u­ments show the NSA, intent on exploit­ing the com­mu­ni­ca­tions rev­o­lu­tion to the full, devel­op­ing ever more intru­sive pro­grammes in pur­suit of its ambi­tion to have sur­veil­lance cov­er of the whole plan­et: total com­mand of what the NSA refers to as the ‘dig­i­tal bat­tle­field’.


The 5‑Eyes

The NSA oper­ates in close co-oper­a­tion with four oth­er Eng­lish-speak­ing coun­tries — the UK, Cana­da, Aus­tralia and New Zealand — shar­ing raw intel­li­gence, fund­ing, tech­ni­cal sys­tems and per­son­nel. Their top lev­el col­lec­tive is known as the ‘5‑Eyes’.

Beyond that, the NSA has oth­er coali­tions, although intel­li­gence-shar­ing is more restrict­ed for the addi­tion­al part­ners: the 9‑Eyes, which adds Den­mark, France, the Nether­lands and Nor­way; the 14-Eyes, includ­ing Ger­many, Bel­gium, Italy, Spain and Swe­den; and 41-Eyes, adding in oth­ers in the allied coali­tion in Afghanistan.

The exclu­siv­i­ty of the var­i­ous coali­tions grates with some, such as Ger­many, which is using the present con­tro­ver­sy to seek an upgrade. Ger­many has long protest­ed at its exclu­sion, not just from the elite 5‑Eyes but even from 9‑Eyes. Min­utes from the UK intel­li­gence agency GCHQ note: “The NSA’s rela­tion­ship with the French was not as advanced as GCHQ’s … the Ger­mans were a lit­tle grumpy at not being invit­ed to join the 9‑Eyes group”.

Sig­nif­i­cant­ly, amid the Ger­man protes­ta­tions of out­rage over US eaves­drop­ping on Merkel and oth­er Ger­mans, Berlin is using the con­tro­ver­sy as lever­age for an upgrade to 5‑Eyes.


with top-tier spy­ing ambi­tions [34]:

Tech Dirt
Ger­many’s Spies Have NSA Envy: Cur­rent­ly Work­ing To Build Their Own Com­pre­hen­sive Snoop­ing Sys­tem
from the it’s-not-actu­al­ly-a-com­pe­ti­tion dept
by Glyn Moody

Wed, Jun 19th 2013 11:08pm

One unfor­tu­nate knock-on effect of the rev­e­la­tions about the extent of NSA infor­ma­tion gath­er­ing seems to be that the spies in oth­er coun­tries are start­ing to feel under-informed by com­par­i­son. Of course, many of them already knew about what was going on: in addi­tion to the British [35] and the Dutch [36], there are now reports that Ger­many was also kept informed at the high­est lev­els (orig­i­nal in Ger­man [37].) That would prob­a­bly explain the rev­e­la­tion by the news mag­a­zine Der Spiegel that Ger­many has been try­ing to beef up its own snoop­ing capa­bil­i­ties for a while [38]:

Last year, [Ger­many’s for­eign intel­li­gence agency] BND head Ger­hard Schindler told the Con­fi­den­tial Com­mit­tee of the Ger­man par­lia­ment, the Bun­destag, about a secret pro­gram that, in his opin­ion, would make his agency a major inter­na­tion­al play­er. Schindler said the BND want­ed to invest €100 mil­lion ($133 mil­lion) over the com­ing five years. The mon­ey is to finance up to 100 new jobs in the tech­ni­cal sur­veil­lance depart­ment, along with enhanced com­put­ing capac­i­ties.

Small beer com­pared to the NSA, but it’s a start. Der Spiegel’s arti­cle pro­vides some details on how they do it in Ger­many:

The largest traf­fic con­trol takes place in Frank­furt, in a data pro­cess­ing cen­ter owned by the Asso­ci­a­tion of the Ger­man Inter­net Indus­try. Via this hub, the largest in Europe, e‑mails, phone calls, Skype con­ver­sa­tions and text mes­sages flow from regions that inter­est the BND like Rus­sia and East­ern Europe, along with cri­sis areas like Soma­lia, coun­tries in the Mid­dle East, and states like Pak­istan and Afghanistan.

But the BND still has a long way to go before it attains NSA-like lev­els of snoop­ing:

In con­trast to the NSA, though, the Ger­man intel­li­gence agency has been over­whelmed by this daunt­ing wealth of infor­ma­tion. Last year, it mon­i­tored just under 5 per­cent, rough­ly every 20th phone call, every 20th e‑mail and every 20th Face­book exchange. In the year 2011, the BND used over 16,000 search words to fish in this data stream.

As in the US, the idea is that this tar­gets for­eign­ers:

Ger­man law allows the BND to mon­i­tor any form of com­mu­ni­ca­tion that has a for­eign ele­ment, be it a mobile phone con­ver­sa­tion, a Face­book chat or an exchange via AOL Mes­sen­ger. For the pur­pos­es of “strate­gic com­mu­ni­ca­tions sur­veil­lance,” the for­eign intel­li­gence agency is allowed to copy and review 20 per­cent of this data traf­fic. There is even a reg­u­la­tion requir­ing Ger­man providers “to main­tain a com­plete copy of the telecom­mu­ni­ca­tions.”

Here’s how the BND tries to achieve that:

If e‑mail address­es sur­face that end in “.de” (for Ger­many), they have to be erased. The inter­na­tion­al dial­ing code for Ger­many, 0049, and IP address­es that were appar­ent­ly giv­en to cus­tomers in Ger­many also pass through the net.

Of course, as in the US, it does­n’t quite work out like that:

At first glance, it’s not evi­dent where users live whose infor­ma­tion is saved by Yahoo, Google or Apple. And how are the agen­cies sup­posed to spot a Tal­iban com­man­der who has acquired an email address with Ger­man provider GMX? Mean­while, the sta­tus of Face­book chats and con­ver­sa­tions on Skype remains com­plete­ly unclear.

Giv­en this evi­dent desire to cre­ate its own snoop­ing appa­ra­tus, cou­pled with the fact that Ger­many has doubt­less ben­e­fit­ed from NSA spy­ing, per­haps it’s no sur­prise the Ger­man gov­ern­men­t’s protests about its cit­i­zens being sub­ject to exten­sive NSA sur­veil­lance [39] have been mut­ed....

I spy on you spy­ing on me and now I’m pissed
Yes, protes­ta­tions by the Ger­man gov­ern­ment when the Snow­den doc­u­ments ini­tial­ly hit the news were indeed rather muted...at least before the hack­ing [40] of Ange­la’s Merkel’s cell phone was made pub­lic [41]. Now, it’s pret­ty clear that Ger­many’s gov­ern­ment is very intent on chang­ing how the spy games are played one way or anoth­er. Of course, chang­ing how spy games are played in the age of glob­al dig­i­tal com­mu­ni­ca­tions might actu­al­ly change how glob­al com­mu­ni­ca­tions work too. It might also increase spy­ing [1]:

The Inde­pen­dent
Sur­veil­lance rev­e­la­tions: Angela Merkel pro­pos­es Euro­pean net­work to beat spy­ing by NSA and GCHQ

Tony Pater­son

Sun­day 16 Feb­ru­ary 2014

Chan­cel­lor Angela Merkel of Ger­many has announced plans to set up a Euro­pean com­mu­ni­ca­tions net­work as part of a broad counter-espi­onage offen­sive designed to curb mass sur­veil­lance con­duct­ed by the US Nation­al Secu­ri­ty Agency and its British coun­ter­part, GCHQ.

The move is her government’s first tan­gi­ble response to pub­lic and polit­i­cal indig­na­tion over NSA and GCHQ spy­ing in Europe, which was exposed last Octo­ber with rev­e­la­tions that the US had bugged Ms Merkel’s mobile phone and that MI6 oper­at­ed a lis­ten­ing post from the British Embassy in Berlin.

Announc­ing the project in her week­ly pod­cast, Ms Merkel said she envis­aged set­ting up a Euro­pean com­mu­ni­ca­tions net­work which would offer pro­tec­tion from NSA sur­veil­lance by side-step­ping the cur­rent arrange­ment where­by emails and oth­er inter­net data auto­mat­i­cal­ly pass through the Unit­ed States.

The NSA’s Ger­man phone and inter­net sur­veil­lance oper­a­tion is report­ed to be one of the biggest in the EU. In co-oper­a­tion with GCHQ it has direct access to under­sea cables car­ry­ing transat­lantic com­mu­ni­ca­tions between Europe and the US.

Again, note that Ger­man intel­li­gence works close­ly with the NSA on the sur­veil­lance of Ger­man phone and inter­net [42]. It’s a theme these days [43].


Ms Merkel said she planned to dis­cuss the project with the French Pres­i­dent, François Hol­lande, when she meets him in Paris on Wednes­day. “Above all we’ll talk about Euro­pean providers that offer secu­ri­ty to our cit­i­zens, so that one shouldn’t have to send emails and oth­er infor­ma­tion across the Atlantic,” she said. “Rather one could build up a com­mu­ni­ca­tions net­work inside Europe.”

French gov­ern­ment offi­cials respond­ed by say­ing Paris intend­ed to “take up” the Ger­man ini­tia­tive.

Ms Merkel’s pro­pos­als appear to be part of a wider Ger­man counter-espi­onage offen­sive, report­ed to be under way in sev­er­al of Germany’s intel­li­gence agen­cies, against NSA and GCHQ sur­veil­lance.

Der Spiegel mag­a­zine said on Sun­day that it had obtained infor­ma­tion about plans by Germany’s main domes­tic intel­li­gence agency, the Fed­er­al Office for the Pro­tec­tion of the Con­sti­tu­tion, for a “mas­sive” increase in counter-espi­onage mea­sures.

The mag­a­zine said there were plans to sub­ject both the Amer­i­can and British Embassies in Berlin to sur­veil­lance. It said the mea­sures would include obtain­ing exact details about intel­li­gence agents who were accred­it­ed as diplo­mats, and infor­ma­tion about the tech­nol­o­gy being used with­in the embassies.

Last year infor­ma­tion pro­vid­ed by the whistle­blow­er Edward Snow­den revealed that US intel­li­gence agents were able to bug Ms Merkel’s mobile phone from a lis­ten­ing post on the US Embassy roof. Inves­ti­ga­tions by The Inde­pen­dent sub­se­quent­ly revealed that GCHQ ran a sim­i­lar lis­ten­ing post from the roof of the British Embassy in Berlin.

Intel­li­gence experts say it is dif­fi­cult if not impos­si­ble to con­trol spy­ing activ­i­ties con­duct­ed from for­eign embassies, not least because their diplo­mat­ic sta­tus means they are pro­tect­ed from the domes­tic leg­is­la­tion of the host coun­try.

Der Spiegel said Germany’s mil­i­tary intel­li­gence ser­vice, (MAD) was also con­sid­er­ing step­ping up sur­veil­lance of US and British spy­ing activ­i­ties. It said such a move would mark a sig­nif­i­cant break with pre­vi­ous counter-espi­onage prac­tice which had focused on coun­tries such as Chi­na, North Korea and Rus­sia.

Germany’s counter-espi­onage dri­ve comes after months of repeat­ed and abortive attempts by its offi­cials to reach a friend­ly “no spy” agree­ment with the US. Phillip Miss­felder, a spokesman for Ms Merkel’s gov­ern­ment, admit­ted recent­ly that rev­e­la­tions about NSA spy­ing had brought rela­tions with Wash­ing­ton to their worst lev­el since the US-led inva­sion of Iraq in 2003.


Will poten­tial­ly break­ing the inter­net by walling it off [44] actu­al­ly obtain some degree of addi­tion­al dig­i­tal pri­va­cy for Euro­peans? Well, accord­ing to Bruno Kram­nm, a Ger­man ‘Pirate’ that pre­sum­ably cares quite deeply about max­i­miz­ing dig­i­tal pri­va­cy pro­tec­tions, no, break­ing the inter­net won’t actu­al­ly help and will just make things worse [44]:

Merkel’s mirage: ‘This new old idea of a Schen­gen net is basi­cal­ly a step back’
Pub­lished time: Feb­ru­ary 17, 2014 14:50

The idea of the inter­net with bor­ders means that nation­al states will be able to put much more mass sur­veil­lance on their own peo­ple, Bruno Kramm from the Pirate Par­ty told RT.

RT: What kind of future do you see for this pro­pos­al of Angela Merkel to cre­ate a pan-Euro­pean com­mu­ni­ca­tions net­work that would pre­vent pri­vate data from leak­ing across the Atlantic?

Bruno Kramm: Actu­al­ly, for this pro­pos­al I don’t see any future. For me it’s just anoth­er sym­bol of the way how Chan­cel­lor Merkel is doing her pol­i­tics. It’s sym­bol­ism, noth­ing else, espe­cial­ly when it comes to net pol­i­tics, and when we look into the whole NSA affair, what hap­pened recent­ly about the mass sur­veil­lance, there had been no mea­sure­ments at all, and no actions at all, and now she comes up with this new old idea of a Schen­gen net, what is basi­cal­ly a step back and nobody wants that and this will def­i­nite­ly not hap­pen.

RT: It’s been revealed last sum­mer that the US is spy­ing on Europe. How come it took EU offi­cials so long to go from anger to action?

BK: Actu­al­ly, they are still not hav­ing any kind of action on the whole thing. Of course, they tried to play, to be a lit­tle bit more [active], because the peo­ple on the street are real­ly angry about the mass sur­veil­lance. Why it takes so long, we have sev­er­al rea­sons. First of all, it is that all the secret agen­cies, also in Ger­many, are doing mas­sive sur­veil­lance on the peo­ple, on the pri­va­cy. There has been a breach of democ­ra­cy rights long time ago, and there­fore, they are just now try­ing to clean out what has hap­pened so far and to find a new def­i­n­i­tion. But basi­cal­ly, actu­al mea­sure­ments haven’t been done so far.

As we look back, there had been that wish of Merkel to start this kind of a no-spy agree­ment with the US. Of course, the US were not accept­ing that; it would have helped noth­ing, because when you have a no-spy agree­ment it does­n’t mean that for exam­ple some oth­er state from the Five Eyes, these five coun­tries who do mass sur­veil­lance, won’t then do the espi­onage, so basi­cal­ly this does­n’t help. What we need is a com­plete new law about data, secu­ri­ty, and this needs to be imple­ment­ed inter­na­tion­al­ly. And in fact we have a good chance when we look at Transat­lantic Trade and Invest­ment Part­ner­ship (TTIP), we could start putting this into it right now.

RT: British and Ger­man intel­li­gence agents have report­ed­ly been col­lab­o­rat­ing with the NSA. If that coop­er­a­tion remains, how would that affect the pro­posed Euro­pean net­work?

BK: Well, basi­cal­ly as long as Tem­po­ra, this British espi­onage is going on, noth­ing would change, espe­cial­ly with this idea of Schen­gen net. But basi­cal­ly to explain why it is not work­ing, to cre­ate these nation­al net­works is just quite sim­ple. Today all the data flows con­stant­ly around the world, we work with big data, we need to do like this inter­net trav­el between many accounts, through all bor­ders. So you can­not cre­ate a kind of a nation­al net­work. In fact, it’s quite sad that the NSA espe­cial­ly with this whistle­blow­ing leaks from Snow­den, it helps at the moment most of the nation­al states to think about an inter­net with bor­ders. What this basi­cal­ly means is that they can put much more mass sur­veil­lance on their own peo­ple. We can see this in Rus­sia, we can see this in Chi­na, we can see this most like­ly now as a try also in Europe. And basi­cal­ly this is real­ly sad because that is a step-back from the great oppor­tu­ni­ties what the inter­net gives all the peo­ple in the world, when we start now putting bor­ders around it. It does­n’t help us at all, it just helps states to bet­ter con­trol their peo­ple.

As we have recent­ly seen what a kind of infil­tra­tion ways the US and NSA have, start­ing from Mal­ware start­ing to copy­ing all kind of com­mu­ni­ca­tions from cell phones, from smart phones, from WLAN routers, from every­where, I think that this kind of mea­sure­ment would not help at all. Just look at the Ger­many, two of the big inter­na­tion­al mass sur­veil­lance sta­tions of the NSA are right here in Ger­many.

RT: The pro­pos­al ulti­mate­ly sug­gests frac­tur­ing the inter­net into inde­pen­dent zones. Would this change the World Wide Web as we know it?

BK: Of course, it would change it. In fact, in the last ITU con­fer­ence there was a large dis­cus­sion about frac­tur­ing the inter­net more and more, espe­cial­ly for states. If you look at the Far East, where [the coun­tries] have much more con­trol there over their peo­ple, over their cit­i­zens because they are afraid that some rev­o­lu­tion like the Arab Spring could hap­pen, they like to have more and more of these kinds of mea­sure­ment. The sad the sto­ry is that most of the soft­ware from this is devel­oped inside the Europe. In fact, we have a lot of pro­grams on the Euro­pean side, which help bet­ter to do this mass sur­veil­lance in the inter­net, which is frag­ment­ed in nation­al states. And we, as a par­ty, we fight real­ly strict­ly against it because it means that the free­dom which we all have vot­ed for, the idea of the future which was put it into basic seed of the inter­net would be destroyed by a nation­al total­ly con­trolled inter­net. And in fact, I don’t think that the peo­ple of the world would accept this. It is just at the moment we call it some­how that wet dream of some politi­cians, who like to have bet­ter con­trol over their cit­i­zens but this, I hope, is over, and I think peo­ple in Europe would go to the street if some­thing like this would hap­pen.

Uh oh! So, at least accord­ing to this par­tic­u­lar Pirate Par­ty rep­re­sen­ta­tive, Angela Merkel’s plan to wall off the Euro­pean inter­net [45] will not only do noth­ing to pre­vent for­eign sur­veil­lance, but it might also cause a restruc­tur­ing of the inter­net around a state-based bor­ders par­a­digm that could make it even eas­i­er for gov­ern­ments to con­trol and sur­veil their cit­i­zens. But at least he sounds quite con­fi­dent that no such inter­net-balka­niza­tion plan will ever come to fruition.

So what’s an actu­al solu­tion that can bal­ance pri­va­cy and secu­ri­ty? What does Edward Snow­den have to say on these top­ics? Might strong cryp­tog­ra­phy that no one can break be the answer [46]:

The Dai­ly Beast
Edward Snow­den: Not All Spy­ing Is Bad
In an online Q&A, the fugi­tive leak­er reject­ed a plea deal and issued some sur­pris­ing state­ments on state sur­veil­lance.
Jacob Siegel

Edward Snow­den may be under con­stant super­vi­sion in Rus­sia, unable to return to the Unit­ed States or trav­el freely, but the 30-year-old has nev­er been more pow­er­ful.

Pres­i­dent Obama’s announce­ment last Fri­day [47] of reforms to the Unit­ed States sur­veil­lance pro­gram was addressed to the Amer­i­can pub­lic but the speech was also an answer to Snow­den. The for­mer NSA con­trac­tor’s mas­sive leak of clas­si­fied intel­li­gence doc­u­ments set in motion the pub­lic debate about fed­er­al spy­ing that led to the pro­pos­als in Pres­i­dent Obama’s speech and the even more exten­sive over­hauls rec­om­mend­ed by an inde­pen­dent agency [48] on Thurs­day.

Yes­ter­day Snow­den had his chance to respond, field­ing select­ed ques­tions sent by Twit­ter using the hash­tag #AskSnow­den.

Though Snow­den gave some sur­pris­ing answers [49], his exchange with the pub­lic was also notable for the ques­tions he did not address, most notably the terms of his asy­lum or any­thing else to do with his hosts in Rus­sia.

Here are the Five Biggest Rev­e­la­tions from Snowden’s Twit­ter Sym­po­sium:

He won’t take a plea deal to return to the U.S.

After the Unit­ed States Attor­ney Gen­er­al Eric Hold­er reject­ed clemen­cy but sug­gest­ed the pos­si­bil­i­ty of a plea deal yes­ter­day, Snow­den flat­ly ruled it out in a response to CNN’s Jake Tap­per. Answer­ing Tap­per’s ques­tion, “Under what con­di­tions would you agree to return to the U.S.?” Snow­den stat­ed that repa­tri­a­tion was­n’t pos­si­ble due to the inad­e­qua­cy of whistle­blow­er pro­tec­tion laws in Amer­i­ca, which he said would mean, “no chance to have a fair tri­al, and no way I can come home and make my case to a jury.”

“I nev­er stole any pass­words, nor did I trick an army of co-work­ers.”

Snow­den denied reports [50] that he had gained access to some of the clas­si­fied files he leaked by trick­ing cowork­ers into giv­ing up their pass­words in order to access their accounts. This point is sig­nif­i­cant because, in Snowden’s telling, it was the dai­ly expo­sure to evi­dence of sur­veil­lance over­reach in the course of doing his own job that led to his dis­il­lu­sion­ment and inspired his breach. If it’s true that Snow­den deceived co-work­ers to access their accounts, it sug­gests that he went out of his way to find doc­u­ments rather than com­ing across them in the course of his rou­tine work, as he’s said.

Not all spy­ing is bad

Answer­ing a ques­tion about the appro­pri­ate scope of the U.S. nation­al secu­ri­ty pro­gram and whether any spy­ing is jus­ti­fied, Snow­den said, “Not all spy­ing is bad. The biggest prob­lem we face right now is the new tech­nique of indis­crim­i­nate mass sur­veil­lance, where gov­ern­ments are seiz­ing bil­lions and bil­lions and bil­lions of inno­cents’ com­mu­ni­ca­tion every sin­gle day.” What Snow­den didn’t address is the kind of spy­ing that he con­sid­ers legit­i­mate. More on that lat­er.

Most spooks are good peo­ple; it’s the one per­cent that’s out to get you

“Peo­ple at the work­ing lev­el at the NSA, CIA, or any oth­er mem­ber of the IC are not out to get you. They’re good peo­ple try­ing to do the right thing,” Snow­den said before warn­ing that “the peo­ple you need to watch out for are the unac­count­able senior offi­cials autho­riz­ing these uncon­sti­tu­tion­al pro­grams.”

We need a world body to over­see sur­veil­lance pro­grams

Snow­den, who twice con­tributed [51] mon­ey to Ron Paul’s elec­tion cam­paign, and is report­ed to have sup­port­ed Paul’s call for a cur­ren­cy tied to the gold stan­dard, seems high­ly out of step with the lib­er­tar­i­an line on this one. How exact­ly a world body made up of states with com­pet­ing inter­ests and inde­pen­dent sur­veil­lance pro­grams would agree to rules of spy­ing is left a mys­tery, though Snow­den does say that the key would be “the devel­op­ment of secu­ri­ty stan­dards that enforce our right to pri­va­cy not through law, but through sci­ence and tech­nol­o­gy.”


Woah!? Did uber-Lib­er­tar­i­an [51] Edward Snow­den call for a glob­al body to over­see glob­al sur­veil­lance pro­grams? That’s a dis­arm­ing­ly opti­mistic goal and yet kind of weird. How exact­ly would that work since sur­veil­lance is not sup­posed to be detect­ed? Will this world body have real­ly pow­er counter-espi­onage abil­i­ties and just oper­ate every­where to make sure no spy­ing takes place? Will the UN get an ‘un-NSA’ ’ to de-spy every­thing? Let’s take a clos­er look at Snow­den’s ‘world body’ idea [52]:


Live Q&A with Edward Snow­den: Thurs­day 23rd Jan­u­ary, 8pm GMT, 3pm EST

@mperkel #ASKSNOWDEN They say it’s a bal­ance of pri­va­cy and safe­ty. I think spy­ing makes us less safe. do you agree?

Intel­li­gence agen­cies do have a role to play, and the peo­ple at the work­ing lev­el at the NSA, CIA, or any oth­er mem­ber of the IC are not out to get you. They’re good peo­ple try­ing to do the right thing, and I can tell you from per­son­al expe­ri­ence that they were wor­ried about the same things I was.

The peo­ple you need to watch out for are the unac­count­able senior offi­cials autho­riz­ing these uncon­sti­tu­tion­al pro­grams, and unre­li­able mech­a­nisms like the secret FISA court, a rub­ber-stamp author­i­ty that approves 99.97% of gov­ern­ment requests (which denied only 11 requests out of 33,900 in 33 years http://www.motherjones.com/mojo/2013/06/fisa-court-nsa-spying-opinion-reject-request [53]. They’re the ones that get us into trou­ble with the Con­sti­tu­tion by let­ting us go too far.

And even the Pres­i­dent now agrees our sur­veil­lance pro­grams are going too far, gath­er­ing mas­sive amounts of pri­vate records on ordi­nary Amer­i­cans who have nev­er been sus­pect­ed of any crime. This vio­lates our con­sti­tu­tion­al pro­tec­tion against unlaw­ful search­es and seizure. Col­lect­ing phone and email records for every Amer­i­can is a waste of mon­ey, time and human resources that could be bet­ter spent pur­su­ing those the gov­ern­ment has rea­son to sus­pect are a seri­ous threat.

I’m going to stop here. My deep­est thanks to every­one who sent ques­tions, and whether or not we agree on where the lines should be drawn, I encour­age you to con­tact your mem­bers of con­gress and tell them how you feel about mass sur­veil­lance. This is a glob­al prob­lem, and the first step to tack­ling it is by work­ing togeth­er to fix it at home.

If you’d like to more ideas on how to push back against uncon­sti­tu­tion­al sur­veil­lance, con­sid­er tak­ing a look at the orga­ni­za­tions work­ing togeth­er to orga­nize https://thedaywefightback.org/ [54].


Note Snow­den’s state­ment, “This is a glob­al prob­lem, and the first step to tack­ling it is by work­ing togeth­er to fix it at home”. This is an impor­tant under­ly­ing ten­sion at work in craft­ing pol­i­cy solu­tions to the prob­lems of mass-sur­veil­lance. Like many glob­al prob­lems, mass-sur­veil­lance in an age where tech­nol­o­gy increas­ing­ly enables mass-sur­veil­lance abus­es is going to require some sort of ‘mass’ response. A glob­al response of fix­es at home. But as is also the case with many glob­al prob­lems, nations that uni­lat­er­al­ly attempt to imple­ment a solu­tion (cur­tail­ing sur­veil­lance, in this instance) are poten­tial­ly going to find them­selves at a dis­ad­van­tage if their neigh­bors don’t fol­low suit. Yes, glob­al prob­lems require glob­al solu­tions and glob­al solu­tions which is why so few glob­al prob­lems actu­al­ly get solved.

Skip­ping down...


@LukasReuter #AskSnow­den How should the com­mu­ni­ty of states react to the new infor­ma­tion con­cern­ing sur­veil­lance? What actions have to be made?

We need to work togeth­er to agree on a rea­son­able inter­na­tion­al norm for the lim­i­ta­tions on spy­ing. Nobody should be hack­ing crit­i­cal-to-life infra­struc­ture like hos­pi­tals and pow­er sta­tions, and it’s fair to say that can be rec­og­nized in inter­na­tion­al law.

Addi­tion­al­ly, we need to rec­og­nize that nation­al laws are not going to solve the prob­lem of indis­crim­i­nate sur­veil­lance. A pro­hi­bi­tion in Burun­di isn’t going to stop the spies in Green­land. We need a glob­al forum, and glob­al fund­ing, com­mit­ted to the devel­op­ment of secu­ri­ty stan­dards that enforce our right to pri­va­cy not through law, but through sci­ence and tech­nol­o­gy. The eas­i­est way to ensure a country’s com­mu­ni­ca­tions are secure is to secure them world-wide, and that means bet­ter stan­dards, bet­ter cryp­to, and bet­ter research.


@midwire How quick­ly can the NSA, et. al. decrypt AES mes­sages with strong keys #AskSnow­den Does encrypt­ing our emails even work?

As I’ve said before, prop­er­ly imple­ment­ed strong encryp­tion works. What you have to wor­ry about are the end­points. If some­one can steal you keys (or the pre-encryp­tion plain­text), no amount of cryp­tog­ra­phy will pro­tect you.

How­ev­er, that doesn’t mean end-to-end cryp­to is a lost cause. By com­bin­ing robust end­point secu­ri­ty with trans­port secu­ri­ty, peo­ple can have much greater con­fi­dence in their day to day com­mu­ni­ca­tions.

@savagejen Do you think it is pos­si­ble for our democ­ra­cy to recov­er from the dam­age NSA spy­ing has done to our lib­er­ties? #AskSnow­den

Yes. What makes our coun­try strong is our sys­tem of val­ues, not a snap­shot of the struc­ture of our agen­cies or the frame­work of our laws. We can cor­rect the laws, restrain the over­reach of agen­cies, and hold the senior offi­cials respon­si­ble for abu­sive pro­grams to account.

Yes, we can “cor­rect the laws, restrain the over­reach of agen­cies, and hold the senior offi­cials respon­si­ble for abu­sive pro­grams to account” in the US. Hypo­thet­i­cal­ly. And maybe even across Europe. But as Snow­den point­ed out above, end­ing mass sur­veil­lance is a glob­al prob­lem that requires a glob­al polit­i­cal solu­tions. But, of course, there’s noth­ing stop­ping a gov­ern­ment from secret­ly spy­ing even if they claim they aren’t, so tech­ni­cal solu­tions are also required if we real­ly want to cre­ate a spy-free world. As Snow­den put it:

A pro­hi­bi­tion in Burun­di isn’t going to stop the spies in Green­land. We need a glob­al forum, and glob­al fund­ing, com­mit­ted to the devel­op­ment of secu­ri­ty stan­dards that enforce our right to pri­va­cy not through law, but through sci­ence and tech­nol­o­gy. The eas­i­est way to ensure a country’s com­mu­ni­ca­tions are secure is to secure them world-wide, and that means bet­ter stan­dards, bet­ter cryp­to, and bet­ter research.

Yes, we can hold as many ‘glob­al forums’ as we want, but set­ting up glob­al reg­u­la­tions on sur­veil­lance is kind of like try­ing to get gov­ern­ments to promise not to lie: how we enforce those rules isn’t exact­ly obvi­ous, espe­cial­ly giv­en the secre­tive nature of spy­ing. An eas­i­er, and much more effec­tive approach to thwart­ing spy­ing, would be to devel­op the hard­ware, soft­ware, and encryp­tion stan­dards that are vir­tu­al­ly unbreak­able. For exam­ple, if agen­cies like the NSA did­n’t find loop­holes and exploits our dig­i­tal infra­struc­ture for the pur­pose of spy­ing but instead found these vul­ner­a­bil­i­ties and then informed the pub­lic and man­u­fac­tur­ers about the vul­ner­a­bil­i­ties and helped fix them we would actu­al­ly have a much much more secure inter­net. Every­thing could be tru­ly encrypt­ed. So we just need folks to devel­op strong encryp­tion soft­ware tools and then fix up the back­doors in the hard­ware and every­one can have strong­ly encrypt­ed dig­i­tal com­mu­ni­ca­tions, right? Well, not quite. We already have stronge encryp­tion tools that no one can defeat. At least not that we know of. But it’s not a “if you build it, they will come sce­nario”...it’s more of a ‘igno­rant chick­en and apa­thet­ic egg’ sce­nario [55]:

The Wash­ing­ton Post
NSA-proof encryp­tion exists. Why doesn’t any­one use it?

By Tim­o­thy B. Lee
June 14, 2013 at 10:50 am

Com­put­er pro­gram­mers believe they know how to build cryp­to­graph­ic sys­tems that are impos­si­ble for any­one, even the U.S. gov­ern­ment, to crack. So why can the NSA read your e‑mail?

Last week, leaks revealed that the Web sites most peo­ple use every day are shar­ing users’ pri­vate infor­ma­tion with the gov­ern­ment. Com­pa­nies par­tic­i­pat­ing in the Nation­al Secu­ri­ty Agen­cy’s pro­gram, code-named PRISM, include Google, Face­book, Apple and Microsoft.

It was­n’t sup­posed to be this way. Dur­ing the 1990s, a “cypher­punk” move­ment pre­dict­ed that ubiq­ui­tous, user-friend­ly cryp­to­graph­ic soft­ware would make it impos­si­ble for gov­ern­ments to spy on ordi­nary users’ pri­vate com­mu­ni­ca­tions.

The gov­ern­ment seemed to believe this sto­ry, too. “The abil­i­ty of just about every­body to encrypt their mes­sages is rapid­ly out­run­ning our abil­i­ty to decode them,” a U.S. intel­li­gence offi­cial told U.S. News & World Report [56] in 1995. The gov­ern­ment clas­si­fied cryp­to­graph­ic soft­ware as a muni­tion, ban­ning its export out­side the Unit­ed States. And it pro­posed requir­ing that cryp­to­graph­ic sys­tems have “back doors” for gov­ern­ment inter­cep­tion.


Make a men­tal note of the “cypher­punk” move­ment. Also note the US gov­ern­men­t’s con­cerns over encryp­tion tools over­tak­ing gov­ern­men­t’s code-break­ers and the pro­pos­al to require “back doors”. We’re going to be return­ing to those top­ics a lot lat­er.


The cypher­punks won that bat­tle. By the end of the Clin­ton admin­is­tra­tion, the gov­ern­ment con­ced­ed that the Inter­net had made it impos­si­ble to con­trol the spread of strong cryp­to­graph­ic soft­ware. But more than a decade lat­er, the cypher­punks seem to have lost the war. Soft­ware capa­ble of with­stand­ing NSA snoop­ing is wide­ly avail­able, but hard­ly any­one uses it. Instead, we use Gmail, Skype, Face­book, AOL Instant Mes­sen­ger and oth­er appli­ca­tions whose data is report­ed­ly acces­si­ble through PRISM.

And that’s not a coin­ci­dence: Adding strong encryp­tion to the most pop­u­lar Inter­net prod­ucts would make them less use­ful, less prof­itable and less fun.

“Secu­ri­ty is very rarely free,” says J. Alex Hal­der­man, a com­put­er sci­ence pro­fes­sor at the Uni­ver­si­ty of Michi­gan. “There are trade-offs between con­ve­nience and usabil­i­ty and secu­ri­ty.”

Most peo­ple’s pri­or­i­ty: Con­ve­nience

Con­sumers have over­whelm­ing­ly cho­sen con­ve­nience and usabil­i­ty. Main­stream com­mu­ni­ca­tions tools are more user-friend­ly than their cryp­to­graph­i­cal­ly secure com­peti­tors and have fea­tures that would be dif­fi­cult to imple­ment in an NSA-proof fash­ion.

And while most types of soft­ware get more user-friend­ly over time, user-friend­ly cryp­tog­ra­phy seems to be intrin­si­cal­ly dif­fi­cult. Experts are not much clos­er to solv­ing the prob­lem today than they were two decades ago.

Ordi­nar­i­ly, the way com­pa­nies make sophis­ti­cat­ed soft­ware acces­si­ble to reg­u­lar users is by per­form­ing com­plex, tech­ni­cal tasks on their behalf. The com­plex­i­ty of Google, Microsoft and Apple’s vast infra­struc­ture is hid­den behind the sim­ple, pol­ished inter­faces of their Web and mobile apps. But del­e­gat­ing basic secu­ri­ty deci­sions to a third par­ty means giv­ing it the abil­i­ty to access your pri­vate con­tent and share it with oth­ers, includ­ing the gov­ern­ment.

Most mod­ern online ser­vices do make use of encryp­tion. Pop­u­lar Web ser­vices such as Gmail and Hot­mail sup­port an encryp­tion stan­dard called SSL. If you vis­it a Web site and see a “lock” icon in the cor­ner of your brows­er win­dow, that means SSL encryp­tion is enabled. But while this kind of encryp­tion will pro­tect users against ordi­nary bad guys, it’s use­less against gov­ern­ments.

That’s because SSL only pro­tects data mov­ing between your device and the servers oper­at­ed by Google, Apple or Microsoft. Those ser­vice providers have access to unen­crypt­ed copies of your data. So if the gov­ern­ment sus­pects crim­i­nal behav­ior, it can com­pel tech com­pa­nies to turn over pri­vate e‑mails or Face­book posts.

That prob­lem can be avoid­ed with “end-to-end” encryp­tion. In this scheme, mes­sages are encrypt­ed on the sender’s com­put­er and decrypt­ed on the recip­i­en­t’s device. Inter­me­di­aries such as Google or Microsoft only see the encrypt­ed ver­sion of the mes­sage, mak­ing it impos­si­ble for them to turn over copies to the gov­ern­ment.

Soft­ware like that exists. One of the old­est is PGP, e‑mail encryp­tion soft­ware released in 1991. Oth­ers include OTR (for “off the record”), which enables secure instant mes­sag­ing, and the Inter­net tele­pho­ny apps Silent Cir­cle and Red­phone.

But it’s dif­fi­cult to add new fea­tures to appli­ca­tions with end-to-end encryp­tion. Take Gmail, for exam­ple. “If you want­ed to pre­vent gov­ern­ment snoop­ing, you’d have to pre­vent Google’s servers from hav­ing a copy of the text of your mes­sages,” Hal­der­man says. “But that would make it much hard­er for Google to pro­vide fea­tures like search over your mes­sages.” Fil­ter­ing spam also becomes dif­fi­cult. And end-to-end encryp­tion would also make it dif­fi­cult for Google to make mon­ey on the ser­vice, since it could­n’t use the con­tent of mes­sages to tar­get ads.

A sim­i­lar point applies to Face­book. The com­pa­ny does­n’t just trans­mit infor­ma­tion from one user to anoth­er. It auto­mat­i­cal­ly resizes users’ pho­tos and allows them to “tag” them­selves and their friends. Face­book fil­ters the avalanche of posts gen­er­at­ed by your friends to dis­play the ones you are most like­ly to find the most inter­est­ing. And it index­es the infor­ma­tion users post to make it search­able.

These fea­tures depend on Face­book’s servers hav­ing access to a per­son­’s pri­vate data, and it would be dif­fi­cult to imple­ment them in a sys­tem based on end-to-end encryp­tion. While com­put­er sci­en­tists are work­ing on tech­niques for cre­at­ing more secure social-media sites, these tech­niques aren’t yet mature enough to sup­port all of Face­book’s fea­tures or effi­cient enough to serve hun­dreds of mil­lions of users.

Oth­er user headaches

End-to-end encryp­tion cre­ates oth­er headaches for users. Con­ven­tion­al online ser­vices offer mech­a­nisms for peo­ple to reset lost pass­words. These mech­a­nisms work because Apple, Microsoft and oth­er online ser­vice providers have access to unen­crypt­ed data.

In con­trast, when a sys­tem has end-to-end encryp­tion, los­ing a pass­word is cat­a­stroph­ic; it means los­ing all data in the user’s account.

Also, encryp­tion is effec­tive only if you’re com­mu­ni­cat­ing with the par­ty you think you’re com­mu­ni­cat­ing with. This secu­ri­ty relies on keys — large num­bers asso­ci­at­ed with par­tic­u­lar peo­ple that make it pos­si­ble to scram­ble a mes­sage on one end and decode it on the oth­er. In a maneu­ver cryp­tog­ra­phers call a “man in the mid­dle” attack, a mali­cious par­ty imper­son­ates a mes­sage’s intend­ed recip­i­ent and tricks the sender into using the wrong encryp­tion key. To thwart this kind of attack, sender and recip­i­ent need a way to secure­ly exchange and ver­i­fy each oth­er’s encryp­tion keys.

“A key is sup­posed to be asso­ci­at­ed close­ly with a per­son, which means you want a per­son to be involved in cre­at­ing their own key, and in ver­i­fy­ing the keys of peo­ple they com­mu­ni­cate with,” says Ed Fel­ten, a com­put­er sci­en­tist at Prince­ton Uni­ver­si­ty. “Those steps tend to be awk­ward and con­fus­ing.”

And even those who are will­ing to make the effort are like­ly to make mis­takes that com­pro­mise secu­ri­ty. The com­put­er sci­en­tists Alma Whit­ten and J.D. Tygar explored these prob­lem in a famous 1999 paper called “Why John­ny Can’t Encrypt.” They focused on PGP, which was (and still is) one of the most pop­u­lar tools for users to send encrypt­ed e‑mail.

PGP “is not usable enough to pro­vide effec­tive secu­ri­ty for most com­put­er users,” the authors wrote.


Going with the flow

Fel­ten argues that anoth­er bar­ri­er to adopt­ing strong cryp­tog­ra­phy is a chick­en-and-egg prob­lem: It is only use­ful if you know oth­er peo­ple are also using it. Even peo­ple who have gone to the trou­ble of set­ting up PGP still send most of their e‑mail in plain text because most recip­i­ents don’t have the capa­bil­i­ty to receive encrypt­ed e‑mail. Peo­ple tend to use what’s installed on their com­put­er. So even those who have Red­phone will make most of their calls with Skype because that’s what oth­er peo­ple use.

Hal­der­man isn’t opti­mistic that strong cryp­tog­ra­phy will catch on with ordi­nary users any­time soon. In recent years, the com­pa­nies behind the most pop­u­lar Web browsers have beefed up their cryp­to­graph­ic capa­bil­i­ties, which could make more secure online ser­vices pos­si­ble. But the broad­er trend is that users are mov­ing more and more data from their hard dri­ves to cloud com­put­ing plat­forms, which makes data even more vul­ner­a­ble to gov­ern­ment snoop­ing.

Strong cryp­to­graph­ic soft­ware is avail­able to those who want to use it. Whistle­blow­ers, dis­si­dents, crim­i­nals and gov­ern­ments use it every day. But cryp­to­graph­ic soft­ware is too com­plex and con­fus­ing to reach a mass audi­ence any­time soon. Most peo­ple sim­ply aren’t will­ing to invest the time and effort required to ensure the NSA can’t read their e‑mail or lis­ten to their phone calls. And so for the mass­es, online pri­va­cy depends more on legal safe­guards than tech­no­log­i­cal wiz­ardry.

The cypher­punks dreamed of a future where tech­nol­o­gy pro­tect­ed peo­ple from gov­ern­ment spy­ing. But end-to-end encryp­tion does­n’t work well if peo­ple don’t under­stand it. And the glo­ry of Google or Face­book, after all, is that any­one can use them with­out real­ly know­ing how they work.

Edward Snow­den called for the use of “end-to-end cryp­to” to secure every­day com­mu­ni­ca­tions in the ques­tion and answer ses­sion above:

“How­ev­er, that doesn’t mean end-to-end cryp­to is a lost cause. By com­bin­ing robust end­point secu­ri­ty with trans­port secu­ri­ty, peo­ple can have much greater con­fi­dence in their day to day com­mu­ni­ca­tions.”

But as we just saw, tru­ly strong encryp­tion requires peer to peer imple­men­ta­tion to remain tru­ly strong. If Bob wants to send an email to Alice they can both do so in a man­ner that no one should be able to thwart, but only if it’s only Bob and Alice set­ting up the enrypt­ed com­mu­ni­ca­tion. Once Bob and Alice start using a third par­ty ser­vice to han­dle these steps, that encryp­tion is now only as strong as the trust­wor­thi­ness of that third par­ty.

And then then there’s the fact that an ever grow­ing list of cryp­to­graph­ic keys have to be safe­ly stored by the indi­vid­ual and if those keys are lost no one can ever get that data again. As Cryp­tolock­er has been teach­ing a grow­ing num­ber of peo­ple [57], it kind of sucks when your data gets encrypt­ed and you don’t have the keys.

you might be able to use text search­able strong­ly enrypt­ed email ser­vices that even the gov­er­ment can’t read [7]

Mega to fill secure email gap left by Lavabit

Sum­ma­ry: Kim Dot­com’s pri­va­cy com­pa­ny Mega pre­pares a ‘cut­ting-edge’ email encryp­tion ser­vice.
By Rob O’Neill | August 11, 2013 — 06:40 GMT (23:40 PDT)

Kim Dot­com’s “pri­va­cy com­pa­ny” Mega is devel­op­ing secure email ser­vices to run on its entire­ly non-US-based serv­er net­work as intense pres­sure from US author­i­ties forces oth­er providers to close.

Last week, Lavabit, which count­ed NSA leak­er Edward Snow­den as a user, closed and Silent Cir­cle closed its secure email ser­vice. Lavabit’s own­er, Ladar Lev­i­son, said [58] he was shut­ting it down to avoid becom­ing “com­plic­it in crimes against the Amer­i­can peo­ple”.

Last week, Mega chief exec­u­tive Vikram Kumar told ZDNet that the com­pa­ny was being asked [59] to deliv­er secure email and voice ser­vices. In the wake of the clo­sures, he expand­ed on his plans.

Kumar said work is in progress, build­ing off the end-to-end encryp­tion and con­tacts func­tion­al­i­ty already work­ing for doc­u­ments in Mega.

“The biggest tech hur­dle is pro­vid­ing email func­tion­al­i­ty that peo­ple expect, such as search­ing emails, that are triv­ial to pro­vide if emails are stored in plain text (or avail­able in plain text) on the serv­er side,” Kumar said.

“If all the serv­er can see is encrypt­ed text, as is the case with true end-to-end encryp­tion, then all the func­tion­al­i­ty has to be built client side. [That’s] not quite impos­si­ble, but very, very hard. That’s why even Silent Cir­cle did­n’t go there.”

A big issue is han­dling emails to and from non-encrypt­ed con­tacts when Mega’s core propo­si­tion is end-to-end encryp­tion, Kumar said.

“On this and oth­er fronts, Mega is doing some huge­ly cut­ting-edge stuff,” he said. “There is prob­a­bly no one in the world who takes the Mega approach of mak­ing true cryp­to work for the mass­es, our core propo­si­tion.”

Kumar said Mega is tak­ing the­o­ret­ic sound­ing tech­nol­o­gy such as Bloom fil­ters [60], and mak­ing them work for the mass­es. Work is also under way to keep Mega secure, even if SSL/TLS is com­pro­mised.

“[It’s] excit­ing stuff, but very hard, so I think it will take months more to crack it,” he said. “But Mega will nev­er launch any­thing that under­mines its end-to-end encryp­tion core secu­ri­ty propo­si­tion and does­n’t work for the myth­i­cal grand­moth­er.”

Mean­while, Kim Dot­com has said [61] that he may have to pull parts of Mega out of New Zealand if new sur­veil­lance leg­is­la­tion is passed into law.

Dot­com told Tor­rent­F­reak that the US gov­ern­ment and the oth­er Five Eyes part­ners, the UK, Cana­da, Aus­tralia, and New Zealand, are push­ing new spy leg­is­la­tion to pro­vide back­doors into inter­net ser­vices.

“The NZ gov­ern­ment is cur­rent­ly aggres­sive­ly look­ing to extend its pow­ers with the GCSB [Gov­ern­ment Com­put­er Ser­vices Bureau] and the [Telecom­mu­ni­ca­tions Inter­cep­tion Capa­bil­i­ties] Act, which will force ser­vice providers with encryp­tion capa­bil­i­ties to give them secret decryp­tion access,” Dot­com said.

He added that it might force some relo­ca­tion of Mega’s net­work to oth­er juris­dic­tions, such as Ice­land.

Dot­com explained that by design, Mega does­n’t hold decryp­tion keys to cus­tomer accounts and “nev­er will”.

Lavabit’s Lev­i­son said: “This expe­ri­ence has taught me one very impor­tant les­son: With­out con­gres­sion­al action or a strong judi­cial prece­dent, I would — strong­ly — rec­om­mend against any­one trust­ing their pri­vate data to a com­pa­ny with phys­i­cal ties to the Unit­ed States.”


So there might indeed be true “end-to-end” encryp­tion that even the NSA can’t break com­ing to the mass­es for ser­vices like email that, for the the first time, actu­al­ly include fea­tures like text search­ing. And it will also over­come a key hur­dle of get­ting every­one to use the same strong enryp­tion tool. It does­n’t sound like it will be easy but it’s pos­si­ble.

Kim Dot­com’s new plans are also a reminder that “end-to-end” encryp­tion is only as good as the “ends”. In this case, it sounds like the plans for incor­po­rat­ing real ser­vice func­tion­al­i­ty, like search­ing, is all going to hap­pen on the “client-side” (the user’s own com­put­er) so if the end user’s com­put­er is hacked, the emails are still being read by the NSA any­one else with access to the syst­sem. Encryp­tion inher­ent­ly com­pli­cates using and pro­cess­ing infor­mati­no. It’s not just a bal­ance of pri­va­cy vs secu­ri­ty. It’s also a bal­ance of pri­va­cy vs util­i­ty. This is part of why the entire glob­al dis­cus­sion about this whole slew of top­ic is such mess: it’s inher­ent­ly com­pli­cat­ed. There are issues of access to data (like Ger­many’s plans to balka­niz­ing the inter­net and encour­ag­ing domes­tic inter­net ser­vice providers), issues about whether or not you can do any­thing with the data even if you get your hands on it (encryp­tion and government/private back­doors), and part­ly about some­thing that encryp­tion can’t do any­thing about: bugs in hard­ware and soft­ware design that inevitably pop up and can be exploit­ed by any­one [62]. And then there’s the realpoli­tik and whether or not gov­ern­ments should have the rights to spy on one anoth­er at all.

Jacob Appel­baum’s anti-NSA
But it’s nev­er real­ly been about the right of the aver­age per­son to have access plug-and-play access to ful­ly encrypt­ed dig­i­tal tech­nol­o­gy that is beyond the reach of all third par­ties, pub­lic or pri­vate, because in order to make aver­age peo­ple pro­tect­ed, you’d have to see gov­ern­ments work­ing to basi­cal­ly pre­vent them­selves from being able spy on any dig­i­tal com­mu­ni­ca­tion at all. Imag­ine the NSA work­ing to stop all of the tricks and vul­ner­a­bil­i­ties it finds.

That’s actu­al­ly of the solu­tions rec­om­mend­ed by one of the key fig­ures in the Snow­den affair, Jacob Appel­baum. Appel­baum, a cyber-anar­chist mem­ber of Wik­ileaks and the cre­ator of Tor [63], first inter­act­ed with Edward Snow­den when he was used by Lau­ra Poitrois to ver­i­fy Snow­den’s tech­ni­cal exper­tise [64] in mid-May of 2013 (although ques­tions about that time­line [65] have been raised). Appel­baum brought up the top­ic of encrypt­ing every­thing and even get­ting the NSA to pub­lic announce and help fix all the expoits it finds dur­ing his recent pre­sen­ta­tion on advanced NSA sur­veil­lance at the 2013 Chaos Com­mu­ni­ca­tion Con­gress [66]. Turn the NSA into the anti-NSA. The entire pre­sen­ta­tion is avail­able here [67]. It’s just over an hour long and worth watch­ing. The tran­script of the entire talk is also avail­able here [68]:

Naked Cap­i­tal­ism
Tran­script: Jacob Appel­baum at 30c3: To Pro­tect And Infect, The Mil­i­ta­riza­tion of the Inter­net
Post­ed on Jan­u­ary 5, 2014 by Lam­bert Strether

Lam­bert here: A few days ago, Yves post­ed on Jacob Appelbaum’s talk on the NSA at 30c3 [69] com­put­ing con­fer­ence, and said:

You must watch this talk, even if some parts are a bit tech­ni­cal for mere mor­tals. No mat­ter how bad you think the NSA’s infor­ma­tion sur­veil­lance and cap­ture is, I can just about guar­an­tee that this will show you that it’s an order of mag­ni­tude worse than you imag­ined.

This post is a tran­script of Appelbaum’s talk, includ­ing the 50-odd slides, and some ref­er­ence mate­r­i­al from Der Spiegel. Note that if you click on a slide, you are tak­en to the point in Applebaum’s talk where the slide appears. (For more infor­ma­tion on the slides, see “Notes on tran­script slides” at the end of the tran­script.)

By the tran­scriber, with edi­to­r­i­al assis­tance from Cujo359, flo­ra, hip­parchia, jcasey, pan­icboy, wel­don, and an unknown indi­vid­ual who threw their own tran­script over the tran­som, at Cor­rente.

30c3: To Pro­tect And Infect, Part 2 The mil­i­ta­riza­tion of the Inter­net

YouTube [70] pub­lished on Dec 30, 2013 by: Jacob “@ioerror” Apple­baum

Audio file on Sound­cloud [71]

The Tran­script

Act One

Jacob Appel­baum: So recent­ly we heard a lit­tle bit about some of the low-end cor­po­rate spy­ing that’s often billed as being sort of like the hottest, most impor­tant stuff, so the Fin­Fish­er, the Hack­ing Team, the VUPEN and sort of in that order it becomes more sophis­ti­cat­ed and more and more tied in with the Nation­al Secu­ri­ty Agency. There are some Free­dom of Infor­ma­tion Act requests that have gone out that actu­al­ly show VUPEN being an NSA con­trac­tor, writ­ing exploits, that there are some ties there.

Skip­ping down to ~17 min­utes into the talk...

This is a Close Access Oper­a­tions box. It is basi­cal­ly car metas­ploit for the NSA, which is an inter­est­ing thing. But basi­cal­ly they say that the attack is unde­tectable, and it’s sad­ly a lap­top run­ning free soft­ware. It is inject­ing pack­ets. And they say that they can do this from as far away as eight miles to inject pack­ets, so pre­sum­ably using this they’re able to exploit a ker­nel vul­ner­a­bil­i­ty of some kind, pars­ing the wire­less frames, and, yeah. I’ve heard that they actu­al­ly put this hard­ware, from sources inside of the NSA and inside of oth­er intel­li­gence agen­cies, that they actu­al­ly put this type of hard­ware on drones so that they fly them over areas that they’re inter­est­ed in and they do mass exploita­tion of peo­ple.

Now, we don’t have a doc­u­ment that sub­stan­ti­ates that part, but we do have this doc­u­ment that actu­al­ly claims that they’ve done it from up to eight miles away.

So that’s a real­ly inter­est­ing thing because it tells us that they under­stand that com­mon wire­less cards, prob­a­bly run­ning Microsoft Win­dows, which is an Amer­i­can com­pa­ny, that they know about vul­ner­a­bil­i­ties and they keep them a secret to use them. This is part of a con­stant theme of sab­o­tag­ing and under­min­ing Amer­i­can com­pa­nies and Amer­i­can inge­nu­ity. As an Amer­i­can, while gen­er­al­ly not a nation­al­ist, I find this dis­gust­ing, espe­cial­ly as some­one who writes free soft­ware and would like my tax dol­lars to be spent on improv­ing these things, and when they know about them I don’t want them to keep them a secret because all of us are vul­ner­a­ble. It’s a real­ly scary thing.

Skip­ping down to ~25 min­utes into the talk...


So this is impor­tant, because mem­bers of the U.S. Con­gress, they have no clue about these things. Lit­er­al­ly, in the case of the tech­nol­o­gy. Ask a Con­gress­man about TCP/IP. For­get it. You can’t even get a meet­ing with them. I’ve tried. Doesn’t mat­ter. Even if you know the secret inter­pre­ta­tion of Sec­tion 215 of the PATRIOT Act and you go to Wash­ing­ton, D.C. and you meet with their aides, they still won’t talk to you about it. Part of that is because they don’t have a clue, and anoth­er part of it is because they can’t talk about it because they don’t have a polit­i­cal solu­tion. Absent a polit­i­cal solu­tion, it’s very dif­fi­cult to get some­one to admit that there is a prob­lem.

Well, there is a prob­lem, so we’re going to cre­ate a polit­i­cal prob­lem and also talk about some of the solu­tions.

The Cypher­punks gen­er­al­ly have come up with some of the solu­tions when we talk about encrypt­ing the entire inter­net. That would end drag­net mass sur­veil­lance in a sense, but it will come back in a dif­fer­ent sense even with encryp­tion. We need both a mar­riage of a tech­ni­cal solu­tion and we need a polit­i­cal solu­tion to go with it, and if we don’t have those two things, we will unfor­tu­nate­ly be stuck here.

But at the moment the NSA, basi­cal­ly, I feel, has more pow­er than any­one in the entire world – any one agency or any one per­son. So Emper­or Alexan­der, the head of the NSA, real­ly has a lot of pow­er. If they want to right now, they’ll know that the IMEI of this phone is inter­est­ing. It’s very warm, which is anoth­er fun­ny thing, and they would be able to break into this phone almost cer­tain­ly and then turn on the micro­phone, and all with­out a court.


And, final­ly, Skip­ping down to ~50 min­utes into the talk...

Here’s a hard­ware back door which uses the I2C inter­face because no one in the his­to­ry of time oth­er than the NSA prob­a­bly has ever used it. That’s good to know that final­ly some­one uses I2C for some­thing – okay, oth­er than fan con­trol. But, look at that. It’s anoth­er Amer­i­can com­pa­ny that they are sab­o­tag­ing. They under­stand that HP’s servers are vul­ner­a­ble and they decid­ed, instead of explain­ing that this is a prob­lem, they exploit it. And IRONCHEF, through inter­dic­tion, is one of the ways that they will do that.

So I want to real­ly harp on this. Now it’s not that I think Euro­pean com­pa­nies are worth less. I sus­pect espe­cial­ly after this talk that won’t be true, in the lit­er­al stock sense, but I don’t know. I think it’s real­ly impor­tant to under­stand that they are sab­o­tag­ing Amer­i­can com­pa­nies because of the so-called home-field advan­tage. The prob­lem is that as an Amer­i­can who writes soft­ware, who wants to build hard­ware devices, this real­ly chills my expres­sion and it also gives me a prob­lem, which is that peo­ple say, “Why would I use what you’re doing? You know, what about the NSA?” Man, that real­ly both­ers me. I don’t deserve the Huawei taint, and the NSA gives it. And Pres­i­dent Obama’s own advi­so­ry board that was con­vened to under­stand the scope of these things has even agreed with me about this point, that this should not be tak­ing place, that hoard­ing of zero-day exploits can­not sim­ply hap­pen with­out thought process­es that are rea­son­able and ratio­nal and have an eco­nom­ic and social valu­ing where we real­ly think about the broad-scale impact.

As Jacob Appel­baum and Edward Snow­den both acknowl­edge, dra­mat­i­cal­ly increas­ing encryp­tion stan­dards would go a long way towards cur­tail­ing spy­ing, but even per­fect encryp­tion would­n’t stop sur­veil­lance because there are all sort of oth­er ways to gain access to the data once its decrypt­ed on your com­put­er. But the mass drag­net-style spy­ing could, at least in the­o­ry, be heav­i­ly cur­tailed if spy agen­cies actu­al­ly set out to pre-emp­tive­ly close off the vul­ner­a­bil­i­ties they find, but encrypt­ing the inter­net won’t stop the Spy­ware­poca­lypse [72].

Now, take a moment and imag­ine the sce­nario where the pub­lic in nations demand­ing that their spy agen­cies pub­licly announce any secret back­doors those agen­cies find. It’s a polit­i­cal solu­tion that forces the imple­men­ta­tion of a tech­ni­cal solu­tion to the prob­lem of spy­ing that intel­li­gence agen­cies prob­a­bly aren’t inclined to imple­ment on their own. It’s also one heck of a polit­i­cal solu­tion to the prob­lem of states sur­veil­lance abus­es because it entails nations inten­tion­al­ly defang­ing their abil­i­ty to know what’s going on in the world. But it’s a use­ful pos­si­bil­i­ty to imag­ine because it high­lights the fact that — should we ever acheive a world with­out want, need, pover­ty, extrem­ism, and eco­log­i­cal col­lapse, and all the oth­er fac­tors that lead to major con­flicts — we could actu­al­ly cre­ate a world were there’s no need to spy and no need to fear embrac­ing the anti-spy agency. Now take anoth­er moment and com­pare that vision of a world with­out want, need, pover­ty, extrem­ism, and eco­log­i­cal col­lapse, and all the oth­er fac­tors that lead to major con­flicts and com­pare that vision to the world we live in [73]. It’s a reminder that mean­ing­ful guar­an­tees of pri­va­cy for the pub­lic at large can’t eas­i­ly be sep­a­rat­ed from world peace and pros­per­i­ty in the mod­ern age.

Weaponized pri­va­cy?
But what if some coun­tries aren’t will­ing to turn their spy agen­cies into anti-spy agen­cies and aren’t will­ing to stop “sab­o­tag­ing” their domes­tic soft­ware by either refus­ing to inform the pub­lic of exploits its agen­cies find or even forces the inclu­sion of secret back­doors? There is one thing that could pre­vent the pro­lif­er­a­tion of spy­ware and back­door exploits: label­ing com­pa­nies like Microsoft that work with gov­ern­ments to set up secret back­doors as sab­tours and no just no long using that soft­ware. Just boy­cott all soft­ware devel­oped in coun­tries with gov­ern­ments that man­date back­doors and nev­er use any web ser­vices by coma­nies oper­at­ing in those coun­treis. That would work. After all, Appel­baum notes, why would peo­ple want to buy soft­ware devel­oped in the US when every­one knows the NSA can hack it?

These are valid ques­tion to be ask­ing, but the idea of turn­ing the NSA into an anti-spy­ing agency rais­es a num­ber of ques­tions that don’t get asked enough. For instance, let’s imag­ine a hypo­thet­i­cal coun­try that was very intent on secur­ing all of its com­mu­ni­ca­tions from exter­nal and inter­nal sur­veil­lance. Let’s call this coun­try Jer­ma­nee. What if Jer­ma­nee devel­oped and sold vir­tu­al­ly unhack­able hard­ware and soft­ware that was made extra-secure with the help of Jer­ma­nee’s intel­li­gence ser­vices. And what if this soft­ware was sold all over the world as a safe, secure alter­na­tive to glob­al com­peti­tors and user-friend­ly enough to real­ly catch on for main­stream use and over­come the “chick­en and egg” prob­lem cur­rent­ly fac­ing strong encryp­tion. No one can spy on any­one, at least not on their dig­i­tal com­mu­ni­ca­tions if they’re using these hard­ware and soft­ware plat­forms. Gov­ern­ments can’t spy on oth­er their cit­i­zens’ dig­i­tal com­munti­ca­tions or on oth­er gov­ern­ments. Hack­ers effec­tive­ly become obso­lete. And, simul­ta­ne­ous, no one can cen­sor any­one too. Peo­ple could, in the­o­ry, swap what­ev­er con­tent they want safe­ly and anony­mous­ly even under repres­sive regimes as long as they can obtain this super-hard­ware and soft­ware. And this secu­ri­ty would be gov­ern­ment-backed, at least to the best abil­i­ties of Jer­ma­nee’s gov­ern­ment ser­vices

That sort of describes a dream sce­nario, right? Well, it does sound real­ly nice, but it rais­es ques­tions. Ques­tions like: what hap­pens when there’s forms of dig­i­tal con­tent that are gen­uine­ly harm­ful that we’de actu­al­ly real­ly like to cen­sor because its just dev­as­tat­ing to indi­vid­u­als if it isn’t some­how inter­dict­ed and cen­sored after we’ve encrypt­ed the inter­net? What hap­pens when we’ve estab­lished the infra­struc­ture that makes it effec­tive­ly impos­si­ble to know who is send­ing what to whom and gain legal access to that data when legit­i­mate law enforce­ment or nation­al secu­ri­ty oper­a­tions are under­way? What are the impli­ca­tions of that kind of choice in tech­nol­o­gy and what are our options at that point in deal­ing with harm­ful dig­i­tal con­tent?

Cypher­punks: Free­dom and the Future of the Inter­net [74]. As men­tioned above [55], the Cypher­punks and affil­i­at­ed anar­chists have been fix­at­ed on these issues for decades. That’s part­ly because it was the ear­ly cypher­punk com­mu­ni­ty of the ear­ly 90’s that was help­ing to ensure strong encryp­tion tools were going to be avail­able to the pub­lic at all [10]:

The Verge
Cypher­punk ris­ing: Wik­iLeaks, encryp­tion, and the com­ing sur­veil­lance dystopia

By R. U. Sir­ius on March 7, 2013 10:32 am

In 1989, when the inter­net was pre­dom­i­nant­ly ASCII-based and Hyper­Card [75] had yet to give birth (or at least act as a mid­wife) to the world wide web, R.U. Sir­ius launched Mon­do 2000. “I’d say it was arguably the rep­re­sen­ta­tive under­ground mag­a­zine of its pre-web day,” William Gib­son said in a recent inter­view [76]. “Pos­ter­i­ty, look­ing at this, should also con­sid­er Mon­do 2000 as a focus of some­thing that was hap­pen­ing.”

Twen­ty years ago, it was cypher­punk that was hap­pen­ing.

And it’s hap­pen­ing again today.

Ear­ly cypher­punk in fact and fic­tion
Cypher­punk was both an excit­ing new vision for social change and a fun sub­cul­ture ded­i­cat­ed to mak­ing it hap­pen

Flash­back: Berke­ley, Cal­i­for­nia 1992. I pick up the ring­ing phone. My writ­ing part­ner, St. Jude Mil­hon, is shout­ing down the line: “I’ve got it! Cypher­punk!”

Jude was an excitable girl and she was par­tic­u­lar­ly excitable when there was a new boyfriend involved. She’d been rav­ing about Eric Hugh­es for days. I paid no atten­tion.

At the time, Jude and I were con­tract­ed to write a nov­el titled How to Mutate and Take Over the World. I want­ed the fic­tion to con­tain the truth. I want­ed to tell peo­ple how cre­ative hack­ers could do it — mutate and take over the world — by the end of the decade. Not know­ing many of those details our­selves, we threw down a chal­lenge on var­i­ous hack­er boards and in the places where extropi­ans gath­ered to share their super­hu­man fan­tasies. “Take on a char­ac­ter,” we said, “and let that char­ac­ter mutate and/or take over.” The results were vague and unsat­is­fy­ing. These ear­ly tran­shu­man­ists didn’t actu­al­ly know how to mutate, and the hack­ers couldn’t actu­al­ly take over the world. It seemed that we were ask­ing for too much too soon.

And so I wound up there, hold­ing the phone away from my ear as Jude shout­ed out the solu­tion, at least to the “tak­ing over” part of our prob­lem. Strong encryp­tion, she explained, will sev­er all the ties bind­ing us to hos­tile states and oth­er insti­tu­tions. Encryp­tion will lev­el the play­ing field, pro­tect­ing even the least of us from gov­ern­ment inter­fer­ence. It will lib­er­ate pret­ty much every­thing, toute de suite. The cypher­punks would make this hap­pen.

For Jude, cypher­punk was both an excit­ing new vision for social change and a fun sub­cul­ture ded­i­cat­ed to mak­ing it hap­pen. Sure, I was skep­ti­cal. But I was also des­per­ate for some­thing to hang the plot of our book on. A few days lat­er I found myself at the feet of Eric Hugh­es — who, along with John Gilmore and Tim May, is con­sid­ered one of the founders of the cypher­punk move­ment — get­ting the total down­load.

This was my first expo­sure to “The Cryp­to Anar­chist Man­i­festo.” Writ­ten by Tim May, it opens by mim­ic­k­ing The Com­mu­nist Man­i­festo: “A specter is haunt­ing the mod­ern world, the specter of cryp­to anar­chy.” In a fit of hyper­bole that per­fect­ly fore­shad­owed the mood of tech cul­ture in the 1990s — from my own Mon­do 2000 to the “long boom” of dig­i­tal cap­i­tal­ism — May declared that encrypt­ed com­mu­ni­ca­tion and anonymi­ty online would “alter com­plete­ly the nature of gov­ern­ment reg­u­la­tion, the abil­i­ty to tax and con­trol eco­nom­ic inter­ac­tions, the abil­i­ty to keep infor­ma­tion secret.” The result would be noth­ing less than “both a social and eco­nom­ic rev­o­lu­tion.”

Just as a seem­ing­ly minor inven­tion like barbed wire made pos­si­ble the fenc­ing-off of vast ranch­es and farms, thus alter­ing for­ev­er the con­cepts of land and prop­er­ty rights in the fron­tier West, so too will the seem­ing­ly minor dis­cov­ery out of an arcane branch of math­e­mat­ics come to be the wire clip­pers which dis­man­tle the barbed wire around intel­lec­tu­al prop­er­ty.

Those words were writ­ten way back in 1988. By 1993, a bunch of cryp­to freaks were gath­er­ing fair­ly reg­u­lar­ly in the San Fran­cis­co Bay Area. In his lengthy Wired cov­er sto­ry [77], Steven Levy would describe them as most­ly “hav­ing beards and long hair — like Smith Broth­ers [cough drops] gone dig­i­tal.” Their antics would become leg­endary.

John Gilmore set off a firestorm by shar­ing clas­si­fied doc­u­ments on cryp­tog­ra­phy that a friend of his had found in pub­lic libraries (they had pre­vi­ous­ly been declas­si­fied). The NSA threat­ened Gilmore with a charge of vio­lat­ing the Espi­onage Act, but after he respond­ed with pub­lic­i­ty and his own legal threats, the NSA — prob­a­bly rec­og­niz­ing in Gilmore a well-con­nect­ed dis­si­dent who they couldn’t intim­i­date — backed down and once again declas­si­fied the doc­u­ments.

Phil Zimmermann’s PGP (Pret­ty Good Pri­va­cy) soft­ware was being cir­cu­lat­ed large­ly thanks to cypher­punk enthu­si­asts. Accord­ing to Tim May’s Cypher­nomi­con, PGP was “the most impor­tant cryp­to tool” avail­able at the time, “hav­ing sin­gle-hand­ed­ly spread pub­lic key meth­ods around the world.” It was avail­able free of charge for non-com­mer­cial users, and com­plete source code was includ­ed with all copies. Most impor­tant­ly, May wrote, “almost no under­stand­ing of how PGP works in detail is need­ed,” so any­one could use its encryp­tion to secure­ly send data over the net.

In April 1993, the Clin­ton admin­is­tra­tion announced its encryp­tion pol­i­cy ini­tia­tive. The Clip­per Chip [78] was an NSA-devel­oped encryp­tion chipset for “secure” voice com­mu­ni­ca­tion (the gov­ern­ment would have a key for every chip man­u­fac­tured). “Not to wor­ry,” Phil Zim­mer­mann cut­ting­ly wrote [79] in an essay about PGP. “The gov­ern­ment promis­es that they will use these keys to read your traf­fic only ‘when duly autho­rized by law.” Not that any­one believed the promis­es. “To make Clip­per com­plete­ly effec­tive,” Zim­mer­mann con­tin­ued, “the next log­i­cal step would be to out­law oth­er forms of cryp­tog­ra­phy.” This threat brought cypher­punks to the oppo­si­tion­al front lines in one of the ear­ly strug­gles over Inter­net rights, even­tu­al­ly defeat­ing gov­ern­ment plans.


The Clip­per Chip is a piece of his­to­ry [80] that deserves extra atten­tion these days because its pret­ty much the 1993–94 ana­logue to today’s debate over whether or not any­thing or every­thing should be manda­to­ri­al­ly hack­able for law enforce­ment pur­pos­es. Would intim­i­dat­ing trans­paren­cy — like the pub­lic enforce­ment of a “Clip­per Chip” in every­one’s com­mu­ni­ca­tion device — be a cat­a­lyst for improv­ing sur­veil­lance over­sight and reform­ing the legal sys­tem? This is where par­al­lel uni­vers­es would be handy. We’re going to be return­ing to the top­ic of the Clip­per Chip.



John Gilmore summed up the accom­plish­ments of the cypher­punks in a recent email: “We did reshape the world,” he wrote. “We broke encryp­tion loose from gov­ern­ment con­trol in the com­mer­cial and free soft­ware world, in a big way. We built sol­id encryp­tion and both cir­cum­vent­ed and changed the cor­rupt US legal regime so that strong encryp­tion could be devel­oped by any­one world­wide and deployed by any­one world­wide,” includ­ing Wik­iLeaks.

As the 1990s rolled for­ward, many cypher­punks went to work for the man, bring­ing strong cryp­to to finan­cial ser­vices and banks (on the whole, prob­a­bly bet­ter than the alter­na­tive). Still, cryp­to-activism con­tin­ued and the cypher­punk mail­ing list blos­somed as an exchange for both prac­ti­cal encryp­tion data and spir­it­ed, some­times-glee­ful argu­men­ta­tion, before final­ly peak­ing in 1997. This was when cypherpunk’s mind­share seemed to recede, pos­si­bly in pro­por­tion to the utopi­an effer­ves­cence of the ear­ly cyber­cul­ture. But the cypher­punk meme may now be find­ing a sort of rebirth in one of the biggest and most impor­tant sto­ries in the fledgeling 21st cen­tu­ry.

I am annoyed
This is begin­ning to sound very much like a dystopi­an fan­ta­sy

Flash­back: 1995. Julian Assange’s first words on the cyper­punk email list: “I am annoyed.”

Of course, Julian Assange has gone on to annoy pow­er­ful play­ers all over the world as the leg­endary fugi­tive edi­tor-in-chief and spokesper­son for Wik­iLeaks, pub­lish­er of secret infor­ma­tion, news leaks, and clas­si­fied media from anony­mous sources. And while the mass media world has tracked near­ly every aspect of Assange’s per­son­al dra­ma, it’s done very lit­tle to increase people’s under­stand­ing of Wik­iLeaks’ under­ly­ing tech­nolo­gies or the prin­ci­ples those tech­nolo­gies embody.

In the recent book Cypher­punks: Free­dom and the Future of the Inter­net, Assange enlists the help of three fel­low heroes of free infor­ma­tion to set the record straight, align­ing those prin­ci­ples with the ideas that Tim May dreamed up in 1989 with “The Cryp­to Anar­chist Man­i­festo.”


Note that the ide­ol­o­gy of Tim May, god­fa­ther of the cypher­punks, is dis­cussed quite a bit in Robert Man­ne’s 2011 arti­cle The Cypher­punk Rev­o­lu­tion­ary — Julian Assange [81]. Quite the opti­mist, May “thought the state to be the source of evil in his­to­ry. He envis­aged the future as an Ayn Rand utopia of autonomous indi­vid­u­als deal­ing with each oth­er as they pleased. Before this future arrived, he advo­cat­ed tax avoid­ance, insid­er trad­ing, mon­ey laun­der­ing, mar­kets for infor­ma­tion of all kinds, includ­ing mil­i­tary secrets, and what he called assas­si­na­tion mar­kets not only for those who broke con­tracts or com­mit­ted seri­ous crime but also for state offi­cials and the politi­cians he called “Con­gress­ro­dents”. He recog­nised that in his future world only elites with con­trol over tech­nol­o­gy would pros­per. No doubt “the clue­less 95%” – whom he described as “inner city breed­ers” and as “the unpro­duc­tive, the halt and the lame” – “would suf­fer, but that is only just”. May acknowl­edged that many cypher­punks would regard these ideas as extreme.”


The book is based on a series of con­ver­sa­tions filmed for the tele­vi­sion show The World Tomor­row while Assange was on house arrest in Nor­folk, Eng­land dur­ing all of 2011. Attend­ing were Jacob Appel­baum, the Amer­i­can advo­cate and researcher for the Tor project who has been in the sights of US author­i­ties since sub­sti­tut­ing as a speak­er for Assange at a US hack­ers con­fer­ence; Andy Müller-Maguhn, one of the ear­li­est mem­bers of the leg­endary Chaos Com­put­er Club; and Jérémie Zim­mer­man, a French advo­cate for inter­net anonymi­ty and free­dom.

The con­ver­sa­tion is sober­ing. If 1990s cypher­punk, like the broad­er tech cul­ture that it was immersed in, was a lit­tle bit gid­dy with its poten­tial to change the world, con­tem­po­rary cypher­punk finds itself on the verge of what Assange calls “a post­mod­ern sur­veil­lance dystopia, from which escape for all but the most skilled indi­vid­u­als will be impos­si­ble.”

How did we get here? The obvi­ous polit­i­cal answer is 9/11. The event pro­vid­ed an oppor­tu­ni­ty for a vast expan­sion of nation­al secu­ri­ty states both here and abroad, includ­ing, of course, a diminu­tion of pro­tec­tions against sur­veil­lance. The legal­i­ties involved in the US are a con­fus­ing and ever-shift­ing set of rules that are under con­stant legal con­tes­ta­tion in the courts. What­ev­er the let­ter of the law, a Sep­tem­ber 2012 ACLU [82] bul­letin gave us the essence of the sit­u­a­tion:

Jus­tice Depart­ment doc­u­ments released today by the ACLU reveal that fed­er­al law enforce­ment agen­cies are increas­ing­ly mon­i­tor­ing Amer­i­cans’ elec­tron­ic com­mu­ni­ca­tions, and doing so with­out war­rants, suf­fi­cient over­sight, or mean­ing­ful account­abil­i­ty.

The doc­u­ments, hand­ed over by the gov­ern­ment only after months of lit­i­ga­tion, are the attor­ney general’s 2010 and 2011 reports on the use of “pen reg­is­ter” and “trap and trace” sur­veil­lance pow­ers. The reports show a dra­mat­ic increase in the use of these sur­veil­lance tools, which are used to gath­er infor­ma­tion about tele­phone, email, and oth­er Inter­net com­mu­ni­ca­tions. The rev­e­la­tions under­score the impor­tance of reg­u­lat­ing and over­see­ing the government’s sur­veil­lance pow­er.

“In fact,” the report con­tin­ues, “more peo­ple were sub­ject­ed to pen reg­is­ter and trap and trace sur­veil­lance in the past two years than in the entire pre­vi­ous decade.”

Beyond the polit­i­cal and legal pow­ers vest­ed in the US intel­li­gence com­mu­ni­ty and in oth­ers around the world, there is the very real fact that tech­nol­o­gy once only acces­si­ble to the world’s super­pow­ers is now com­mer­cial­ly avail­able. One exam­ple doc­u­ment­ed on Wik­iLeaks (and dis­cussed in Cypher­punks) is the Zebra strate­gic sur­veil­lance sys­tem sold by VASTech [83]. For $10 mil­lion, the South African com­pa­ny will sell you a turnkey sys­tem that can inter­cept all com­mu­ni­ca­tions in a mid­dle-sized coun­try. A sim­i­lar sys­tem called Eagle was used in Gadhafi’s Libya, as first report­ed by The Wall Street Jour­nal in 2011. Sold by the French com­pa­ny Amesys, this is a com­mer­cial prod­uct, right down to the label on the box: “Nation­wide Inter­cept Sys­tem.” In the face of sys­tems designed to scoop up all elec­tron­ic com­mu­ni­ca­tion and store it indef­i­nite­ly, any show­case civ­il lib­er­tar­i­an excep­tions writ­ten into the sur­veil­lance laws are mean­ing­less. But the threat isn’t lim­it­ed to the sur­veil­lance state. There are more than a few self-inter­est­ed finan­cial play­ers with $10 mil­lion lying around, many of whom would love to track all the pri­vate data in a sev­er­al thou­sand mile radius.

All of this is begin­ning to sound very much like a dystopi­an fan­ta­sy from cyber­punk sci­ence fic­tion.
Total sur­veil­lance

If, in 1995, some cypher­punks had pub­lished a book about the upcom­ing “post­mod­ern sur­veil­lance dystopia,” most com­men­ta­tors would have shrugged it off as just a wee bit para­noid and ush­ered them into the Philip K. Dick Read­ing Room. Now, it is more like­ly that peo­ple will shrug and say, “that ship has already sailed.”

David Brin seems to think so. The author of The Trans­par­ent Soci­ety is well known for his skep­ti­cism regard­ing the like­li­hood of main­tain­ing most types of pri­va­cy as well as his rel­a­tive cheer­ful­ness in the face of near uni­ver­sal trans­paren­cy. In an email, I asked him about the cypher­punk eth­ic, as expressed by Julian Assange: “pri­va­cy for the weak and trans­paren­cy for the pow­er­ful.”

Brin’s response was scathing. The eth­ic, he says, is “already enshrined in law. A meek nor­mal per­son can sue for inva­sion of pri­va­cy, a promi­nent per­son may not.” He’s just get­ting start­ed:

But at a deep­er lev­el it is sim­ply stu­pid. Any loop­hole in trans­paren­cy ‘to pro­tect the meek’ can far bet­ter be exploit­ed by the mighty than by the meek. Their shills, lawyers and fac­to­tums will (1) ensure that ‘pri­va­cy pro­tec­tions’ have big options for the mighty and (2) that those options will be max­i­mal­ly exploit­ed. More­over (3) as I show in The Trans­par­ent Soci­ety [83], encryp­tion-based ‘pri­va­cy’ is the weak­est ver­sion of all. The meek can nev­er ver­i­fy that their bought algo­rithm and ser­vice is work­ing as promised, or isn’t a bought-out front for the NSA or a crim­i­nal gang.

Above all, pro­tect­ing the weak or meek with shad­ows and cutouts and pri­va­cy laws is like set­ting up Potemkin vil­lages, designed to cre­ate sur­face illu­sions. Any­one who believes they can blind society’s elites — of gov­ern­ment, com­merce, wealth, crim­i­nal­i­ty and tech-geek­ery — is a fool…

In oth­er words, cypher­punk may be doing a dis­ser­vice by spread­ing the illu­sion of free­dom from sur­veil­lance.

I posed a sim­i­lar ques­tion to Adri­an Lamo, who report­ed Bradley Man­ning to fed­er­al author­i­ties. Not sur­pris­ing­ly, Lamo is even more cyn­i­cal.

“Pri­va­cy is quite dead,” he respond­ed to me in an email. “That peo­ple still wor­ship at its corpse doesn’t change that. In [the unre­leased doc­u­men­tary] Hack­ers Want­ed I gave out my SSN, and I’ve nev­er had cause to regret that. Any­one could get it triv­ial­ly. The biggest threat to our pri­va­cy is our own lim­it­ed under­stand­ing of how lit­tle pri­va­cy we tru­ly have.”

In Cypher­punks, Assange rais­es an essen­tial point that at least part­ly refutes this skep­ti­cism: “The uni­verse believes in encryp­tion. It is eas­i­er to encrypt infor­ma­tion than it is to decrypt it.” And while Appel­baum admits that even strong encryp­tion can’t last for­ev­er, say­ing, “We’re prob­a­bly not using one hun­dred year (safe) cryp­to,” he implies that pret­ty good pri­va­cy that lasts a pret­ty long time is far bet­ter than no pri­va­cy at all.

Assum­ing that some degree of pri­va­cy is still pos­si­ble, most peo­ple don’t seem to think it’s worth the effort. The cypher­punks and their ilk fought to keep things like the PGP encryp­tion pro­gram legal — and we don’t use them. We know Face­book and Google leak our per­son­al online habits like a sieve and we don’t make much effort to cov­er our tracks. Per­haps some of us buy the good cit­i­zen cliché that if you’re not doing any­thing wrong, you don’t have any­thing to wor­ry about, but most of us are just opt­ing for con­ve­nience. We’ve got enough to deal with day to day with­out engag­ing in a pri­va­cy reg­i­men. Occa­sion­al­ly, some slack­er may lose his job because he post­ed a pho­to of him­self cradling his bong or the like, but as with civ­il lib­er­ties more gen­er­al­ly, as long as the dai­ly out­rages against indi­vid­u­als don’t reach epic pro­por­tions, we rub­ber­neck in hor­ror and then return to our dai­ly activ­i­ties.

Beneath this com­pla­cent sur­face lies a dis­qui­et­ing and most­ly unex­am­ined ques­tion. To what degree is the ubiq­ui­ty of state sur­veil­lance a form of intim­i­da­tion, a way to keep peo­ple away from social move­ments or from direct­ly com­mu­ni­cat­ing their views?

Do you hes­i­tate before lik­ing Wik­iLeaks on Face­book?


As Jacob Appel­baum said, “we’re prob­a­bly not using one hun­dred year (safe) cryp­to,” (encr­py­tion is so strong that it’ll take com­put­ers 100 years from now to decrypt) but pret­ty good pri­va­cy that lasts a pret­ty long time is far bet­ter than no pri­va­cy at all. And that’s cer­tain­ly true under most cir­cum­stances. But what about the Cypher­punk pro­pos­als to “encrypt the inter­net”? Appel­baum point­ed out in his Chaos Com­mu­ni­ca­tion Con­gress talk [68] that encrypt­ing the the inter­net (and just gen­er­al­ly max­i­miz­ing encr­py­tion stan­dards) can­not thwart all spy­ing, and a polit­i­cal com­po­nent is nec­es­sary because future exploits can alway be found as long as you have agen­cies with vast resources ded­i­cat­ed to learn­ing how to spy more effec­tive­ly. In oth­er words, the pub­lic needs to demand the polit­i­cal reforms that basi­cal­ly turn spy agen­cies into anti-spy agen­cies. A sort of ‘no-spy’ agree­ment for every­one.

The Cypher­punks and The Four Hores­ment of the Infopoca­lypse
But if we do embrace strong encryp­tion for the mass­es — mak­ing it the default set­ting for hard­ware and soft­ware — what about the kind of stuff Tim May was advo­cat­ing that could be enabled with an unhack­able digi­tial infra­struc­ture? Stuff like “insid­er trad­ing, mon­ey laun­der­ing, mar­kets for infor­ma­tion of all kinds, includ­ing mil­i­tary secrets, and what he called assas­si­na­tion mar­kets not only for those who broke con­tracts or com­mit­ted seri­ous crime but also for state offi­cials and the politi­cians he called “Con­gress­ro­dents”.” How do we bal­ance the need for pri­va­cy with the need not to have tru­ly anon­my­ous assas­si­na­tion mar­kets? And what hap­pens of an assas­si­na­tion mar­ket oper­at­ing in Coun­try A is suc­cess­ful­ly used against politi­cians in Coun­tries B and C? Is that an act of war if the Coun­try A’s laws specif­i­cal­ly pro­tect the assas­si­na­tion mar­kets? And what about child pornog­ra­phy? Is it just open sea­son at that point?

Well, we get quite a few answers in Cypher­punks: Free­dom and the Future of the Inter­net [74]. The entire four-way con­ver­sa­tion was filmed and is avail­able online (the book is basi­cal­ly a tran­script of the con­ver­sa­tion). The uncut ver­sion is bro­ken up into two parts (part 1 [84] and part 2 [85]) and it gives us an idea of what kind sac­ri­fices have to be made if a soci­ety that embraces strong encryp­tion. The whole thing is about 3 1/2 hours long and it’s cer­tain­ly worth view­ing. Many of the ques­tions asked dur­ing the 3 1/2 are actu­al­ly impor­tant issues that soci­ety should have been ask­ing itself years ago. And as you’ll find out when you hear their answers to these dif­fi­cult ques­tions, pri­va­cy isn’t free.

For exam­ple, jump to ~31 min­utes into part 1 [84] and you’ll hear a dis­cus­sion about the bal­ance between the need for pri­va­cy vs legit­i­mate law enforce­ment needs. Keep lis­ten­ing for the next 5 min­utes or so. At ~34 min­ues Julian Assange inter­jects that, in the­o­ry, soci­ety with the tech­no­log­i­cal infra­struc­ture that allow mass sur­veil­lance but, in prac­tice, such a sys­tem would be so tech­no­log­i­cal­ly com­plext that there is no way pos­si­ble that any soci­ety could restrain abuse through poli­cies. In oth­er words, pol­i­cy solu­tions might be nice in the­o­ry but are also impos­si­ble. Keep in mind that Assange is an anar­chist, but it does also sug­gest that in Assange’s view the polit­i­cal and tech­ni­cal solu­tions where gov­ern­ments reg­u­late them­selves aren’t real­ly pos­si­ble.

Now jump to ~57 1/2 min­utes on part 1 [84] where Assange draws par­al­lels between the the US 2nd Amend­ment and cryp­to­graph­ic tools. Sim­i­lar to the idea that the right to bear arms pre­vents tyran­ny in the US because the pop­u­lace can engage in an armed revolt is, Assange sees the for the pub­lic to devel­op cryp­to­graph­ic tools to wage a dig­i­tal revolt and retake con­trol of dig­i­tal pri­va­cy by force. ~59 min­utes, Jacob Appel­baum jumps in to make an impor­tant point that one dif­fer­ence in the anal­o­gy between guns and encryp­tion tools is that encryp­tion tools are inher­ent­ly resis­tant to vio­lence: no mat­ter how pow­er­ful a gov­ern­ment might be, if it can’t solve the math prob­lem encrypt­ing the data it can’t see it. No mat­ter what. This is an impor­tant point that must be reit­er­at­ed: we can design encryp­tion that no exist­ing enti­ty can crack. Maybe in the future it’ll be cracked, but, at least in the­o­ry, vir­tu­al­ly unbreak­able-for-a-peri­od-of-time encryp­tion should be pos­si­ble.

This real­i­ty of the poten­tial for unbreak­able encryp­tion, again, rais­es the ques­tion: what do we do about things like ter­ror­ism-relat­ed com­munca­tions, mon­ey-laun­der­ing, or child pornog­ra­phy that sud­den­ly become much hard­er to stop? Well, jump to ~1 hour 7 min­utes into part 1 [84] and you’ll hear Jacob Appel­baum’s answer: we should just accept that these things will be super-encrypt­ed and accept that as the price paid for unbreak­able dig­i­tal pri­va­cy.
And in case Appel­baum was­n’t clear enough in his answer, jump to ~1 hour 19 min­utes in part 2 [85] where Jere­mie Zim­mer­mann dis­cuss­es child por­nag­ra­phy as an exam­ple of the type of data that even Cypher­punks would agree must be active­ly removed from servers. But they did­n’t all agree. Jacob Appel­baum actu­al­ly said that Zim­mer­man­n’s atti­tude towards child pornog­ra­phy made him want to vom­it because it would be an act of eras­ing his­to­ry and that his­tor­i­cal infor­ma­tion could help catch the per­pe­tra­tors (this top­ic is appar­ent­ly a pet peeve of Appel­baum’s [86]). Julian Assange then chimes in with an anec­dote sug­gest­ing that the removal of child pornog­ra­phy also has the unfor­tu­nate effect of reduc­ing the pub­lic dri­ve to crack down on it and catch the per­pe­tra­tors.

While few would prob­a­bly expect an inter­net built to the whims of cyber anar­chists to be very child-friend­ly, it may be a lit­tle sur­pris­ing­to learn just how child-unfriend­ly the encrypt­ed inter­net might be. Unless, of course, Assange and Appel­baum are cor­rect in their assump­tion that a world that legal­izes child pornog­ra­phy would actu­al­ly lead to less abuse (again, this is where par­al­lel uni­vers­es would be nice). It’s a strange­ly opti­mistic out­look for such cyn­ics. But when you’re a cyber anar­chist — where all gov­ern­ments are deemed to be inher­ent­ly untrust­wor­thy, all cen­sor­ship leads to out of con­trol abuse of pow­er, and, more gen­er­al­ly, all poten­tial abus­es of pow­er will even­tu­al­ly tran­spire — risks will have to be tak­en by soci­ety and sac­ri­fices will have to be made. Some­times child sac­ri­fices.

So what Merkel’s solu­tion? How about we all get chipped?
So, let’s take a moment to review some of what we’ve learned so far about rela­tion­ship between spy­ing, encryp­tion, the bar­ri­ers fac­ing the cre­ation of a tru­ly pri­vate and use­ful glob­al dig­i­tal infra­struc­ture, and the asso­ci­at­ed with cre­at­ing that world. And then let’s try and relate it to Angela Merkel’s pro­pos­al to wall off the EU inter­net and begin an agres­sive counter-espi­onage cam­paign. So we’ve learned:

1. [87] The Ger­man pub­lic is freak­ing-out about NSA spy­ing while the gov­ern­ment feins igno­rance.

2. [88] The Five-Eyes spy­ing alliance don’t spy on each oth­er with­out per­mis­sion.

3. [89] Merkel wants in on the Five-Eyes alliance in order to obtain a no-spy agree­ment.

4. [90] Oh wait, the Five-Eyes actu­al­ly spy on each oth­er with­out per­mis­sion.

5. [91] Ger­many is already in the 14-Eyes and Merkel was already real­ly pissed about not get­ting “upgrad­ed” to the 9‑Eyes.

6. [92] Ger­many already has plans to sig­nif­i­cant­ly expand their sur­veil­lance capa­bil­i­ties.

7. [93] In response to not get­ting a no-spy agree­ment, Merkel is propos­ing an EU-intranet and agres­sive counter-espi­onage against the US and UK. It would also break the inter­net.

8. [94] Ger­man Pirate Bruno Kramm views this EU-intranet scheme as the­atrics that would do lit­tle to pre­vent sur­veil­lance and might actu­al­ly make it eas­i­er for oppres­sive regimes to cen­sor and sur­veil their pop­u­laces. Only inter­na­tion­al treaties can tru­ly stop the spy­ing.

9. [95] Edward Snow­den asserts that bet­ter cryp­tog­ra­phy world-wide is the key to greater pri­va­cy and end-to-end cryp­tog­ra­phy is still use­full.

10. [96] End-to-end cryp­tog­ra­phy that is anti-NSA proof does indeed already exist. It’s free. It’s a pain in the ass to use. It’s only use­ful if the oth­er oth­er peo­ple you’re com­mu­ni­cat­ing with are also using it. And it most­ly breaks the func­tion­al­i­ty of most of the soft­ware that actu­al­ly makes that data you want encrypt­ed worth hav­ing in the first place.

11. [63] Ger­man data-stor­age king Kim Dot­com is plan­ning on devel­op­ing ful­ly-func­tion­al, NSA-proof email ser­vices using client-side (end user) tools to car­ry out the use­ful fea­tures on the data. It’s expen­sive, but pos­si­ble.

12 [97]. Wik­ileaks hack­er and co-reporter on the Snow­den doc­u­ments [98], Jacob Appel­baum, is also advo­cat­ing much stronger encryp­tion stan­dards as the pri­ma­ry tool for pre­vent sur­veil­lance abus­es. He also wants to see the NSA turned into the anti-NSA.

13 [99]. Appel­baum, Julian Assange, and two oth­er Cypher­punks pub­lished a man­i­festo that strong­ly pre­dict­ed the cur­rent glob­al debate and all four large­ly agree that extreme­ly strong cryp­to­graph­ic tools are, indeed, required. There was, how­ev­er, some dis­agree­ment on whether or not every form of dig­i­tal con­tent should be legal­ized in order to avoid even the pos­si­bil­i­ty of cen­sor­ship.

Now, look­ing at all that, there’s a REALLY BIG ques­tion: What on earth does Angela Merkel have in mind? Is this entire EU-fire­wall plan pure­ly sym­bol­ism that will accom­plish noth­ing in terms of enhances pri­va­cy as Bruno Kramm sug­gests? Could the Ger­man gov­ern­ment actu­al­ly be plan­ning on devel­op­ing an entire new suite of unhack­able hard­ware and soft­ware? After all, if the new EU-intranet is still hack­able what’s the point? But it it real­ly was unhack­able, would­n’t Ger­many and the entire EU become become some sort of dig­i­tal crime safe­haven? How can the EU set up an inter­net that the NSA can’t hack but EU law enforce­ment can? Is that even pos­si­ble?

It is indeed pos­si­ble, at least in the­o­ry. There hap­pens to be a solu­tion that is both tech­ni­cal and polit­i­cal. It’s the same solu­tion the NSA was pin­ing for and the Cypher­punks suc­cess­ful­ly fought against in the ear­ly 90’s. Yep! Remem­ber the Clip­per Chip men­tioned above? That’s the polit­i­cal and tech­ni­cal solu­tion that Ger­many and the EU needs. Instead of mak­ing encryp­tion pub­licly avail­able (thus forc­ing the NSA and oth­er law enforce­ment agen­cies to secret back­doors around the encryp­tion), the Clip­per Chip solu­tion takes a very dif­fer­ent approach: the decryp­tion keys for all encrypt­ing hard­ware and soft­ware are escrowed away by a gov­ern­ment agency, only to be used when need­ed for law enforce­ment pur­pos­es. That way, incred­i­bly strong encryp­tion can be employed by pub­lic at large with­out wor­ry about ran­dom hack­ers but gov­ern­ments are still able to decrypt the data when necce­sary. It’s cer­tain­ly not an ide­al solu­tion if it’s a gov­ern­ment agency that can’t be trust­ed, but, at least in the­o­ry, such an approach could lim­it the spy­ing to only the gov­ern­ments that have access to that decryp­tion key data­base. Sound tempt­ing? No? Kind of creepy and Orwellian? Yeah, that’s how Amer­i­cans felt about the ‘Clip­per Chip’ idea two decades ago when the NSA was try­ing to con­vince every­one to get chipped [8]:

Don’t Wor­ry Be Hap­py

The Nation­al Secu­ri­ty Agency states its case for why key escrow encryp­tion — aka the Clip­per Chip — is good for you. A Wired exclu­sive.

By Stew­art A. Bak­er
Issue 2.06 | Jun 1994

With all the enthu­si­asm of Bap­tist min­is­ters turn­ing their Sun­day pul­pits over to the Dev­il, the edi­tors of Wired have offered me the oppor­tu­ni­ty to respond to some of the urban folk­lore that has grown up around key escrow encryp­tion — also known as the Clip­per Chip.

Recent­ly the Clin­ton admin­is­tra­tion has announced that fed­er­al agen­cies will be able to buy a new kind of encryp­tion hard­ware that is six­teen mil­lion times stronger than the exist­ing fed­er­al stan­dard known as DES. But this new poten­cy comes with a caveat. If one of these new encryp­tion devices is used, for exam­ple, to encode a phone con­ver­sa­tion that is sub­ject to a law­ful gov­ern­ment wire­tap, the gov­ern­ment can get access to that device’s encryp­tion keys. Sep­a­rate parts of each key are held by two inde­pen­dent “escrow agents,” who will release keys only to autho­rized agen­cies under safe­guards approved by the attor­ney gen­er­al. Pri­vate use of the new encryp­tion hard­ware is wel­come but not required. That’s a pret­ty mod­est pro­pos­al. Its crit­ics, though, have gen­er­at­ed at least sev­en myths about key escrow encryp­tion that deserve answers.

MYTH NUMBER ONE: Key escrow encryp­tion will cre­ate a brave new world of gov­ern­ment intru­sion into the pri­va­cy of Amer­i­cans.

Oppo­nents of key escrow encryp­tion usu­al­ly begin by talk­ing about gov­ern­ment invad­ing the pri­va­cy of Amer­i­can cit­i­zens. None of us likes the idea of the gov­ern­ment intrud­ing willy-nil­ly on com­mu­ni­ca­tions that are meant to be pri­vate.

But the key escrow pro­pos­al is not about increas­ing gov­ern­men­t’s author­i­ty to invade the pri­va­cy of its cit­i­zens. All that key escrow does is pre­serve the gov­ern­men­t’s cur­rent abil­i­ty to con­duct wire­taps under exist­ing author­i­ties. Even if key escrow were the only form of encryp­tion avail­able, the world would look only a lit­tle dif­fer­ent from the one we live in now.

In fact, it’s the pro­po­nents of wide­spread unbreak­able encryp­tion who want to cre­ate a brave new world, one in which all of us — crooks includ­ed — have a guar­an­tee that the gov­ern­ment can’t tap our phones. Yet these pro­po­nents have done noth­ing to show us that the new world they seek will real­ly be a bet­ter one.

In fact, even a civ­il lib­er­tar­i­an might pre­fer a world where wire­taps are pos­si­ble. If we want to catch and con­vict the lead­ers of crim­i­nal orga­ni­za­tions, there are usu­al­ly only two good ways to do it. We can “turn” a gang mem­ber — get him to tes­ti­fy against his lead­ers. Or we can wire­tap the lead­ers as they plan the crime.

I once did a human rights report on the crim­i­nal jus­tice sys­tem in El Sal­vador. I did­n’t expect the Sal­vado­rans to teach me much about human rights. But I learned that, unlike the US, El Sal­vador great­ly restricts the tes­ti­mo­ny of “turned” co-con­spir­a­tors. Why? Because the co-con­spir­a­tor is usu­al­ly “turned” either by a threat of mis­treat­ment or by an offer to reduce his pun­ish­ment. Either way, the process rais­es moral ques­tions — and cre­ates an incen­tive for false accu­sa­tions.

Wire­taps have no such poten­tial for coer­cive use. The defen­dant is con­vict­ed or freed on the basis of his own, unar­guable words.

In addi­tion, the world will be a safer place if crim­i­nals can­not take advan­tage of a ubiq­ui­tous, stan­dard­ized encryp­tion infra­struc­ture that is immune from any con­ceiv­able law enforce­ment wire­tap. Even if you’re wor­ried about ille­gal gov­ern­ment taps, key escrow rein­forces the exist­ing require­ment that every wire­tap and every decryp­tion must be law­ful­ly autho­rized. The key escrow sys­tem means that proof of author­i­ty to tap must be cer­ti­fied and audit­ed, so that ille­gal wire­tap­ping by a rogue pros­e­cu­tor or police offi­cer is, as a prac­ti­cal mat­ter, impos­si­ble.

MYTH NUMBER TWO: Unread­able encryp­tion is the key to our future lib­er­ty.

Of course there are peo­ple who aren’t pre­pared to trust the escrow agents, or the courts that issue war­rants, or the offi­cials who over­see the sys­tem, or any­body else for that mat­ter. Rather than rely on laws to pro­tect us, they say, let’s make wire­tap­ping impos­si­ble; then we’ll be safe no mat­ter who gets elect­ed.

This sort of rea­son­ing is the long-delayed revenge of peo­ple who could­n’t go to Wood­stock because they had too much trig home­work. It reflects a wide — and kind of endear­ing — streak of roman­tic high-tech anar­chism that crops up through­out the com­put­er world.

The prob­lem with all this roman­ti­cism is that its most like­ly ben­e­fi­cia­ries are preda­tors. Take for exam­ple the cam­paign to dis­trib­ute PGP (“Pret­ty Good Pri­va­cy”) encryp­tion on the Inter­net. Some argue that wide­spread avail­abil­i­ty of this encryp­tion will help Lat­vian free­dom fight­ers today and Amer­i­can free­dom fight­ers tomor­row. Well, not quite. Rather, one of the ear­li­est users of PGP was a high-tech pedophile in San­ta Clara, Cal­i­for­nia. He used PGP to encrypt files that, police sus­pect, include a diary of his con­tacts with sus­cep­ti­ble young boys using com­put­er bul­letin boards all over the coun­try. “What real­ly both­ers me,” says Detec­tive Bri­an Kennedy of the Sacra­men­to, Cal­i­for­nia, Sher­if­f’s Depart­ment, “is that there could be kids out there who need help bad­ly, but thanks to this encryp­tion, we’ll nev­er reach them.”

If une­scrowed encryp­tion becomes ubiq­ui­tous, there will be many more sto­ries like this. We can’t afford as a soci­ety to pro­tect pedophiles and crim­i­nals today just to keep alive the far-fetched notion that some future tyrant will be brought down by guer­ril­las wear­ing ban­doleers and pock­et pro­tec­tors and send­ing PGP-encrypt­ed mes­sages to each oth­er across cyber­space.

MYTH NUMBER THREE: Encryp­tion is the key to pre­serv­ing pri­va­cy in a dig­i­tal world.

Even peo­ple who don’t believe that they are like­ly to be part of future resis­tance move­ments have nonethe­less been per­suad­ed that encryp­tion is the key to pre­serv­ing pri­va­cy in a net­worked, wire­less world, and that we need strong encryp­tion for this rea­son. This isn’t com­plete­ly wrong, but it is not an argu­ment against Clip­per.

If you want to keep your neigh­bors from lis­ten­ing in on your cord­less phone, if you want to keep unscrupu­lous com­peti­tors from steal­ing your secrets, even if you want to keep for­eign gov­ern­ments from know­ing your busi­ness plans, key escrow encryp­tion will pro­vide all the secu­ri­ty you need, and more.

But I can’t help point­ing out that encryp­tion has been vast­ly over­sold as a pri­va­cy pro­tec­tor. The biggest threats to our pri­va­cy in a dig­i­tal world come not from what we keep secret but from what we reveal will­ing­ly. We lose pri­va­cy in a dig­i­tal world because it becomes cheap and easy to col­late and trans­mit data, so that infor­ma­tion you will­ing­ly gave a bank to get a mort­gage sud­den­ly ends up in the hands of a busi­ness rival or your ex-spouse’s lawyer. Restrict­ing these inva­sions of pri­va­cy is a chal­lenge, but it isn’t a job for encryp­tion. Encryp­tion can’t pro­tect you from the mis­use of data you sur­ren­dered will­ing­ly.

What about the rise of net­works? Sure­ly encryp­tion can help pre­vent pass­word attacks like the recent Inter­net virus, or the inter­cep­tion of cred­it card num­bers as they’re sent from one dig­i­tal assis­tant to anoth­er? Well, maybe. In fact, encryp­tion is, at best, a small part of net­work secu­ri­ty.

The real key to net­work secu­ri­ty is mak­ing sure that only the right peo­ple get access to par­tic­u­lar data. That’s why a dig­i­tal sig­na­ture is so much more impor­tant to future net­work secu­ri­ty than encryp­tion. If every­one on a net has a unique iden­ti­fi­er that oth­ers can­not forge, there’s no need to send cred­it card num­bers — and so noth­ing to inter­cept. And if every­one has a dig­i­tal sig­na­ture, steal­ing pass­words off the Net is point­less. That’s why the Clin­ton admin­is­tra­tion is deter­mined to put dig­i­tal sig­na­ture tech­nol­o­gy in the pub­lic domain. It’s part of a strat­e­gy to improve the secu­ri­ty of the infor­ma­tion infra­struc­ture in ways that don’t endan­ger gov­ern­men­t’s abil­i­ty to enforce the law.

MYTH NUMBER FOUR: Key escrow will nev­er work. Crooks won’t use it if it’s vol­un­tary. There must be a secret plan to make key escrow encryp­tion manda­to­ry.

This is prob­a­bly the most com­mon and frus­trat­ing of all the myths that abound about key escrow. The admin­is­tra­tion has said time and again that it will not force key escrow on man­u­fac­tur­ers and com­pa­nies in the pri­vate sec­tor. In a Catch-22 response, crit­ics then insist that if key escrow isn’t man­dat­ed it won’t work.

That mis­un­der­stands the nature of the prob­lem we are try­ing to solve. Encryp­tion is avail­able today. But it isn’t easy for crim­i­nals to use; espe­cial­ly in telecom­mu­ni­ca­tions. Why? Because as long as encryp­tion is not stan­dard­ized and ubiq­ui­tous, using encryp­tion means buy­ing and dis­trib­ut­ing expen­sive gear to all the key mem­bers of the con­spir­a­cy. Up to now only a few crim­i­nals have had the resources, sophis­ti­ca­tion, and dis­ci­pline to use spe­cial­ized encryp­tion sys­tems.

What wor­ries law enforce­ment agen­cies –what should wor­ry them — is a world where encryp­tion is stan­dard­ized and ubiq­ui­tous: a world where any­one who buys an US$80 phone gets an “encrypt” but­ton that inter­op­er­ates with every­one else’s; a world where every fax machine and every modem auto­mat­i­cal­ly encodes its trans­mis­sions with­out ask­ing whether that is nec­es­sary. In such a world, every crim­i­nal will gain a guar­an­teed refuge from the police with­out lift­ing a fin­ger.

The pur­pose of the key escrow ini­tia­tive is to pro­vide an alter­na­tive form of encryp­tion that can meet legit­i­mate secu­ri­ty con­cerns with­out build­ing a web of stan­dard­ized encryp­tion that shuts law enforce­ment agen­cies out. If banks and cor­po­ra­tions and gov­ern­ment agen­cies buy key escrow encryp­tion, crim­i­nals won’t get a free ride. They’ll have to build their own sys­tems — as they do now. And their devices won’t inter­act with the devices that much of the rest of soci­ety uses. As one of my friends in the FBI puts it, “Nobody will build secure phones just to sell to the Gam­bi­no fam­i­ly.”

In short, as long as legit­i­mate busi­ness­es use key escrow, we can stave off a future in which acts of ter­ror and orga­nized crime are planned with impuni­ty on the pub­lic telecom­mu­ni­ca­tions sys­tem. Of course, when­ev­er we say that, the crit­ics of key escrow trot out their fifth myth:

MYTH NUMBER FIVE: The gov­ern­ment is inter­fer­ing with the free mar­ket by forc­ing key escrow on the pri­vate sec­tor. Indus­try should be left alone to devel­op and sell what­ev­er form of encryp­tion suc­ceeds in the mar­ket.

In fact, oppo­nents of key escrow fear that busi­ness­es may actu­al­ly pre­fer key escrow encryp­tion. Why? Because the brave new world that unread­able encryp­tion buffs want to cre­ate isn’t just a world with com­mu­ni­ca­tions immu­ni­ty for crooks. It’s a world of unchart­ed lia­bil­i­ty. What if a com­pa­ny sup­plies unread­able encryp­tion to all its employ­ees, and a cou­ple of them use it to steal from cus­tomers or to encrypt cus­tomer data and hold it hostage? As a lawyer, I can say it’s almost cer­tain that the cus­tomers will sue the com­pa­ny that sup­plied the encryp­tion to its employ­ees. And that com­pa­ny in turn will sue the soft­ware and hard­ware firms that built a “secu­ri­ty” sys­tem with­out safe­guards against such an obvi­ous abuse. The only encryp­tion sys­tem that does­n’t con­jure up images of a lawyers’ feed­ing fren­zy is key escrow.


As encryp­tion tech­nol­o­gy gets cheap­er and more com­mon, though, we face the real prospect that the fed­er­al gov­ern­men­t’s own research, its own stan­dards, its own pur­chas­es will help cre­ate the future I described ear­li­er — one in which crim­i­nals use ubiq­ui­tous encryp­tion to hide their activ­i­ties. How can any­one expect the stan­dard-set­ting arms of gov­ern­ment to use their pow­er to destroy the capa­bil­i­ties of law enforce­ment — espe­cial­ly at a time when the threat of crime and ter­ror seems to be ris­ing dra­mat­i­cal­ly?

By adopt­ing key escrow encryp­tion instead, the fed­er­al gov­ern­ment has sim­ply made the rea­son­able judg­ment that its own pur­chas­es will reflect all of soci­ety’s val­ues, not just the sin­gle-mind­ed pur­suit of total pri­va­cy.

So where does this leave indus­try, espe­cial­ly those com­pa­nies that don’t like either the 1970s-vin­tage DES or key escrow? It leaves them where they ought to be — stand­ing on their own two feet. Com­pa­nies that want to devel­op and sell new forms of une­scrowed encryp­tion won’t be able to sell prod­ucts that bear the fed­er­al seal of approval. They won’t be able to ride pig­gy­back on fed­er­al research efforts. And they won’t be able to sell a sin­gle unread­able encryp­tion prod­uct to both pri­vate and gov­ern­ment cus­tomers.

Well, so what? If com­pa­nies want to devel­op and sell com­pet­ing, une­scrowed sys­tems to oth­er Amer­i­cans, if they insist on has­ten­ing a brave new world of crim­i­nal immu­ni­ty, they can still do so — as long as they’re will­ing to use their own mon­ey. That’s what the free mar­ket is all about.

Of course, a free mar­ket in the US does­n’t mean free­dom to export encryp­tion that may dam­age US nation­al secu­ri­ty. As our expe­ri­ence in World War II shows, encryp­tion is the kind of tech­nol­o­gy that wins and los­es wars. With that in mind, we must be care­ful about exports of encryp­tion. This isn’t the place for a detailed dis­cus­sion of con­trols, but one thing should be clear: They don’t lim­it the encryp­tion that Amer­i­cans can buy or use. The gov­ern­ment allows Amer­i­cans to take even the most sophis­ti­cat­ed encryp­tion abroad for their own pro­tec­tion. Nor do con­trols require that soft­ware or hard­ware com­pa­nies “dumb down” their US prod­ucts. Soft­ware firms have com­plained that it’s incon­ve­nient to devel­op a sec­ond encryp­tion scheme for export, but they already have to make changes from one coun­try to the next — in lan­guage, alpha­bet, date sys­tems, and hand­writ­ing recog­ni­tion, to take just a few exam­ples. And they’d still have to devel­op mul­ti­ple encryp­tion pro­grams even if the US abol­ished export con­trols, because a wide vari­ety of nation­al restric­tions on encryp­tion are already in place in coun­tries from Europe to Asia.


Times sure have changed! Except they haven’t. Until the the ear­ly 90’s, when dig­i­tal com­mu­ni­ca­tions and the inter­net to the main­stream for the first time in his­to­ry, we nev­er real­ly had to ask our­selves “should we cre­ate the infra­struc­ture that makes unbreak­able encryp­tion rou­tine for every­one” before. And we still haven’t real­ly answered the ques­tion. Sure, the pub­lic pret­ty resound­ing­ly reject­ed the Clip­per Chip solu­tion, with the pro­pos­al dead by 1997 [100], but the pub­lic has also nev­er accept­ed the idea that there should be dig­i­tal con­tent that is out­side of the reach of a law enforce­ment. And that’s not real­ly changed, even after all of the Snow­den rev­e­la­tion. If you look at the gen­er­al state of the debate over pri­va­cy and secu­ri­ty these days, there’s seem con­sen­sus that peo­ple don’t like the gov­ern­ment even hav­ing the capac­i­ty to spy on them­selves [101] but they don’t real­ly like the idea of a gov­ern­ment that can’t spy on, say, the mafia either.

That’s sort of the default view point that most peo­ple would prob­a­bly have on these kinds of top­ics, but it’s not a viable one because there real­ly is a choice that has to be made: if you don’t want gov­ern­ments to have the capac­i­ty to engage in mass-sur­veil­lance in an age when every­one’s con­nect­ing up their com­put­ers togeth­er in giant glob­al net­works and send­ing gobs of infor­ma­tion back and forth you need unbreak­able per­son­al encryp­tion to some­how become stan­dard­ized and that means unbreak­able encryp­tion for the mafia too. As Jacob Appel­baum puts it in the Cypher­punks dis­cus­sion [84], the Four Horse­men of the Infopoca­lypse [9] (ter­ror­ists, pedophiles, drug deal­ers, and orga­nized crime) are prefer­able to state-sanc­tioned spy­ing but it’s not at all clear that the pub­lic at large shares those pri­or­i­ties.

How about we all get chipped and break the inter­net too!
Then again, the ques­tion over what kind of solu­tions the pub­lic would pre­fer are some­what moot because the dri­ving force in how the inter­net and dig­i­tal secu­ri­ty norms evolve going for­ward is clear­ly com­ing from the gov­ern­ments of Ger­many and Brazil and there are absolute­ly no indi­ca­tions that either gov­ern­ment has any plans at all of fos­ter­ing the devel­op­ing of stan­dard­ized unbreak­able dig­i­tal com­mu­ni­ca­tions. Instead, the only plans are to make an anti-NSA infra­struc­ture that fix­es NSA-exploits. And one way to do that while still main­tain­ing the abil­i­ties of Brazil­lian and Ger­man gov­ern­ments to con­tin­ue spy­ing on all the traf­fic flow­ing through their net­works is to break the inter­net [9]:

The Verge
Will the glob­al NSA back­lash break the inter­net?

Brazil and Ger­many make moves to pro­tect online pri­va­cy, but experts see a trou­bling trend toward Balka­niza­tion

By Amar Toor on Novem­ber 8, 2013 10:30 am

The NSA’s ongo­ing sur­veil­lance has spurred many gov­ern­ments to pur­sue stronger data-pro­tec­tion laws, but there are grow­ing con­cerns that this back­lash could divide the inter­net along nation­al bor­ders, threat­en­ing the prin­ci­ples of open­ness and flu­id­i­ty that it was found­ed upon.

In Sep­tem­ber, Brazil announced [102] plans to build a fiber-optic cable that would route inter­net traf­fic away from US servers, the­o­ret­i­cal­ly keep­ing its cit­i­zens’ data away from the NSA. The pol­i­cy has yet to be imple­ment­ed, and many ques­tion whether it will actu­al­ly be effec­tive, but oth­ers appear to be fol­low­ing Brazil’s lead.

In Ger­many, telecom­mu­ni­ca­tions com­pa­nies are work­ing to cre­ate encrypt­ed email and inter­net ser­vices [103] that would keep user data with­in the coun­try’s bor­ders, and Switzer­land’s Swiss­com has begun build­ing [104] a domes­tic cloud-ser­vice to attract com­pa­nies that may have grown leery of Amer­i­can spy­ing.

The idea is that such coun­try-based net­works will keep user data with­in nation­al bor­ders and away from the NSA, which would be forced to com­ply with gov­ern­ments’ pri­va­cy laws. But experts fear that they may lead to greater “Balka­niza­tion” — a term derived from the divi­sion of the Balkan Penin­su­la in the 19th cen­tu­ry — trans­form­ing the uni­fied web into a frag­ment­ed col­lec­tion of nation­al inter­nets.


Note that the promis­es by the Ger­man gov­ern­ment and their new “email mad in Ger­many” sys­tem will keep the traf­fic in Ger­many should not be con­fused with the claim that the new­ly pro­posed Ger­man inter­net (and now EU inter­net) won’t get spied on by the Ger­man gov­ern­ment [105]. We’ll take a clos­er look at that below.



“The US has done a dis­ser­vice to neti­zens every­where — forc­ing peo­ple to choose between inter­con­nec­tiv­i­ty and pri­va­cy,” Sascha Mein­rath, direc­tor of the Open Tech­nol­o­gy Insti­tute at the New Amer­i­ca Foun­da­tion, said in an email to The Verge. In an edi­to­r­i­al [106] pub­lished last month, Mein­rath likened inter­net Balka­niza­tion to the Euro­pean rail­way sys­tem, where an array of dif­fer­ent sig­nal­ing tech­nolo­gies leads to “delays, inef­fi­cien­cies, and high­er costs” as trains cross bor­ders.

The con­cept of a nation­al inter­net is hard­ly new, though it has tra­di­tion­al­ly been asso­ci­at­ed with more repres­sive regimes. Chi­na’s so-called “Great Fire­wall” has effec­tive­ly cen­sored the inter­net for years, and Iran began lay­ing the ground­work [107] for its own state-con­trolled web ear­li­er this year. But the NSA con­tro­ver­sy appears to have reignit­ed and legit­imized debates over nation­al web sov­er­eign­ty, rais­ing the specter of an inter­net divid­ed by fire­walls and bor­der con­trols.

“A Balka­nized inter­net will look like the online world through the lens of the Chi­nese fire­wall or Iran’s Halal Inter­net,” Mein­rath says. “It will be func­tion­al­ly stunt­ed, less inter­op­er­a­ble, more expen­sive to build and main­tain, and full of unex­pect­ed pit­falls.”


But there have been lin­ger­ing ten­sions over America’s web hege­mo­ny.Sev­er­al coun­tries called for a more glob­al­ly rep­re­sen­ta­tive [108] gov­er­nance sys­tem at a sum­mit last year in Dubai, and the NSA scan­dal that ignit­ed sev­en months lat­er only ampli­fied calls for change.

“What the NSA has shown is that coun­tries can still exert a great amount of force over the inter­net,” says Fried­man, who authored a paper [109] last month on how gov­ern­ments can use web reg­u­la­tions to erect trade bar­ri­ers. “It’s also shown that there are very dif­fer­ent types of pow­er, and it’s not dis­trib­uted equal­ly.”

Not sur­pris­ing­ly, the two coun­tries to react most strong­ly to the NSA scan­dal — Brazil and Ger­many — are also the two spear­head­ing calls for reg­u­la­to­ry change. This week, the two coun­tries for­mal­ly pro­posed a UN res­o­lu­tion [110] call­ing for stronger inter­net pri­va­cy pro­tec­tion, echo­ing an impas­sioned speech that Brazil­ian pres­i­dent Dil­ma Rouss­eff deliv­ered to the orga­ni­za­tion in Sep­tem­ber, after it was report­ed that the NSA had been con­duct­ing sur­veil­lance on her office.


“The con­cen­tra­tion of pow­er in the hands of a very few large com­pa­nies — Face­book, Google — that’s what’s dri­ving Balka­niza­tion,” says Geert Lovink, found­ing direc­tor of the Insti­tute of Net­work Cul­tures research cen­ter in Ams­ter­dam. “That actu­al­ly is Balka­niza­tion.”

“Balka­niza­tion is seen as an atavism — some­thing of the past that returns,” he con­tin­ues. “But that is real­ly not the case.”

Lovink acknowl­edges that Amer­i­can hege­mo­ny may have made the web more flu­id and inter­op­er­a­ble, though he says the NSA scan­dal has proven that “usabil­i­ty” isn’t the only thing cit­i­zens val­ue. He wel­comes the con­flict that Brazil and Ger­many have intro­duced because it sig­nals a shift away from a web dom­i­nat­ed by the US “engi­neer­ing class.”

What this new inter­net would look like remains uncer­tain. Some say fur­ther frag­men­ta­tion may only make it eas­i­er for gov­ern­ments to flex their online mus­cles, lead­ing to more of the sur­veil­lance and espi­onage that Brazil and Ger­many are look­ing to com­bat. In the absence of a gov­er­nance struc­ture based on con­sen­sus and open­ness, they say, regimes could lord over their domes­tic net­works with impuni­ty.

“The prob­lem with inter­net gov­er­nance is that the Ameri­cen­tric mod­el is the worst one, except for all the oth­ers,” says Mein­rath, chan­nel­ing Win­ston Churchill. “I would like to see legal clar­i­ty — domes­ti­cal­ly and inter­na­tion­al­ly — that re-estab­lish­es rule of law over sur­veil­lance and mon­i­tor­ing.”

“Oth­er­wise, we cre­ate a new inter­na­tion­al norm where­by accept­able behav­ior includes wide­spread spy­ing and hack­ing that detri­men­tal­ly impacts us all.”

What’s going to fol­low the Ameri­cen­tric mod­el and a web dom­i­natd by the US “engi­neer­ing class”? That’s the ques­tion of the day for the dig­i­tal age. Brazil and Ger­many, in par­tic­u­lar, pre­sum­ably have some­thing pret­ty spe­cif­ic in mind after call­ing for that upcom­ing con­fer­ence on the future of the inter­net and we know its going to involve pre­vent­ing NSA spy­ing (or at least that will be the pub­lic spin). But it’s also obvi­ous­ly going to allow coun­tries to con­tin­ue spy­ing on their own cit­i­zens as much as they want. And we know it Pres­i­dent Rous­eff is very inter­est­ed in keep­ing as much of the inter­net traf­fic and data stor­age with­in Brazil as much data. But is that it? We’re going to poten­tial­ly frag­ment the inter­net just to make it some­what hard­er for coun­tries to get their hands on the raw data flows? Noth­ing else much will change? Won’t gov­ern­ments just set up secret data-shar­ing agree­ments and/or find new ways to tap those cables [111]?

Could there be some­thing else in mind? Could that some­thing else pos­si­bly be a glob­al balka­nized Clip­per Chip/key escrow sys­tem for a glob­al balka­nized inter­net? Might gov­ern­ments per­haps try to ensure that the hard­ware and soft­ware run inside their coun­try have keys they only they have access to but no oth­er gov­ern­ment or enti­ty has access to? Might a nation­al hard­ware and soft­ware key escrow sys­tem at least be get­ting its foot in the door in Brazil [5]?

Al Jazeera Amer­i­ca
On Inter­net, Brazil is beat­ing US at its own game
by Bill Wood­cock Sep­tem­ber 20, 2013 2:45PM ET
Analy­sis: Brazil’s offi­cial response to NSA spy­ing obscures its mas­sive Web growth chal­leng­ing US dom­i­nance

U.S. Nation­al Secu­ri­ty Agency doc­u­ments from 2012 revealed this month by Glenn Green­wald show [112] that the intel­li­gence agency record­ed email and tele­phone calls of Brazil­ian and Mex­i­can heads of state as well as the Brazil­ian state oil pro­duc­er Petro­bras and oth­er ener­gy, finan­cial and diplo­mat­ic tar­gets. It is unsur­pris­ing that a nation­al intel­li­gence agency would attempt to gath­er such infor­ma­tion, and it can be argued that it was, how­ev­er overzeal­ous­ly, doing the job Amer­i­can tax­pay­ers are pay­ing for. But it is also a dis­ap­point­ing, though illu­mi­nat­ing, com­men­tary on the state of the Inter­net that it was suc­cess­ful.

In response to the rev­e­la­tions, on Tues­day Brazil­ian Pres­i­dent Dil­ma Rouss­eff announced mea­sures to pro­tect the pri­va­cy of Brazil’s cit­i­zens from NSA spy­ing:

* Increase domes­tic Inter­net band­width pro­duc­tion

* Increase inter­na­tion­al Inter­net con­nec­tiv­i­ty

* Encour­age domes­tic con­tent pro­duc­tion

* Encour­age use of domes­ti­cal­ly pro­duced net­work equip­ment

Rouss­eff could make these sig­nif­i­cant announce­ments not because of any gov­ern­ment res­o­lu­tion or invest­ment but because they are, by and large, suc­cess­ful exist­ing Brazil­ian pri­vate-sec­tor ini­tia­tives that have been under way for many years. Only those who haven’t been pay­ing atten­tion to Brazil’s phe­nom­e­nal Inter­net devel­op­ment mis­took the announce­ment for news; it was oppor­tunis­tic spin on what Brazil has already been suc­cess­ful­ly doing for most of the past decade.

Nor is Brazil’s plan a repu­di­a­tion of the Unit­ed States. Brazil is fol­low­ing the path of Inter­net devel­op­ment that has been proven in the U.S. and is advo­cat­ed [113] by the U.S. State Depart­ment. What’s inter­est­ing about Brazil is not that it’s defy­ing the Unit­ed States’ under-the-table agen­da but that it’s doing so by exe­cut­ing moves from the U.S.‘s above-the-table play­book so mas­ter­ful­ly.


Encour­ag­ing domes­tic con­tent

Regard­less of where the cables run, users’ Inter­net traf­fic and stored data are not pri­vate if users select ser­vices that are pro­vid­ed from juris­dic­tions that do not respect their pri­va­cy. For instance, if a Brazil­ian user has a Hot­mail email address and uses the Google-owned Orkut social-net­work­ing site, her email and social-net­work data are stored on servers in the Unit­ed States and are there­by acces­si­ble to the NSA. Encour­ag­ing the for­ma­tion and use of domes­tic alter­na­tives allows Brazil­ian users’ com­mu­ni­ca­tions to remain on Brazil­ian domes­tic infra­struc­ture and their data to reside on hard disks in data cen­ters in Sao Paulo and Rio de Janeiro rather than Red­mond, Wash., and Port­land, Ore.

Users fol­low the fick­le winds of fad, how­ev­er, and it is noto­ri­ous­ly dif­fi­cult for unhip gov­ern­ments to attract the atten­tion of youth. So it may be dif­fi­cult for the Brazil­ian gov­ern­ment to pick a win­ner in the domes­tic social-net­work­ing space and pro­mote its suc­cess. More like­ly, con­tin­u­ing to decrease the cost of domes­tic Inter­net traf­fic rout­ing through infra­struc­tur­al ini­tia­tives like IXPs and fiber-optic cable sys­tems will cre­ate a strong eco­nom­ic incen­tive for all con­tent providers, for­eign and domes­tic, to host Brazil­ian users’ data with­in Brazil and thus with­in Brazil­ian reg­u­la­to­ry juris­dic­tion. This appears to be where the Brazil­ian gov­ern­ment is head­ing: toward a com­mon under­stand­ing with the Euro­pean Union on data pri­va­cy, har­mo­niz­ing with its stan­dards of pro­tec­tion for users’ per­son­al­ly iden­ti­fi­able infor­ma­tion, or PII. Brazil hopes to com­pel com­pa­nies that pro­vide ser­vices to Brazil­ians to do so from servers in Brazil — which would sub­ject them to Brazil­ian pri­va­cy reg­u­la­tion.

The pres­i­den­t’s office has asked Cor­reios, the Brazil­ian pub­lic postal ser­vice, to pro­vide an encrypt­ed email sys­tem to the pub­lic at no cost by next year. This comes less than a year after the postal ser­vice shut­tered Cor­reios­Net, its pri­or host­ed email offer­ing. Coin­ci­den­tal­ly, the U.S. Postal Ser­vice oper­at­ed the first such pub­licly host­ed email sys­tem, E‑COM [114], from 1982 to 1985, though with lit­tle suc­cess. Gov­ern­ment-oper­at­ed email sys­tems can, how­ev­er, suc­ceed; the French Mini­tel sys­tem was wild­ly pop­u­lar, serv­ing 25 mil­lion peo­ple for 34 years. The pro­posed Brazil­ian sys­tem has the dis­tinct advan­tage of being free, so it may suc­ceed. If exe­cut­ed well, it could employ strong encryp­tion, poten­tial­ly with Brazil­ian gov­ern­men­tal key-escrow [115], which would allow Brazil­ian law enforce­ment access but effec­tive­ly deny access to for­eign intel­li­gence agen­cies.

Domes­tic net­work equip­ment

Per­haps the most con­tro­ver­sial por­tion of the Brazil­ian plan is to encour­age pri­vate-sec­tor net­work oper­a­tors in Brazil, whether for­eign or domes­tic, to use only Brazil­ian-designed and ‑pro­duced telecom­mu­ni­ca­tion equip­ment in their net­works. This is intend­ed to address the fear that “back doors” will come installed in equip­ment sourced inter­na­tion­al­ly, mak­ing it vul­ner­a­ble to wire­tap­ping by for­eign intel­li­gence agen­cies. This same pre­cau­tion has led some coun­tries to ban [116] the use of Chi­nese-pro­duced Huawei and ZTE gear from sen­si­tive net­works, but it also seems to penal­ize prod­ucts [117] from Cis­co and Juniper that have not shown sim­i­lar vul­ner­a­bil­i­ties.

The near-term win­ners from any such pol­i­cy are like­ly to be Dat­a­com and Padtec (based in Rio Grande do Sul and Sao Paulo, respec­tive­ly), which are the cur­rent sup­pli­ers of net­work­ing equip­ment for Brazil­ian gov­ern­ment net­works. This is like­ly to back­fire in the long term, how­ev­er, when those man­u­fac­tur­ers try to grow beyond the Brazil­ian domes­tic mar­ket.

Like the satel­lite-devel­op­ment deal, this pol­i­cy fol­lows Brazil’s well-estab­lished pat­tern [118] of using high tar­iffs to dis­place for­eign imports with domes­tic prod­ucts. This strat­e­gy has worked bril­liant­ly for Brazil in the past in the auto­mo­tive and aero­space sec­tors and has been notably suc­cess­ful for many Asian economies. Nev­er­the­less, stratos­pher­ic import tar­iffs on high-tech elec­tron­ics have failed to jump-start a Brazil­ian elec­tron­ics indus­try and have cre­at­ed sub­stan­tial fric­tion [119] with inter­na­tion­al com­put­er and net­work­ing-equip­ment pro­duc­ers.

Unlike the auto­mo­tive and aero­space indus­tries, com­put­er-net­work­ing and infor­ma­tion tech­nolo­gies scale with the net­work effect: Their val­ue is part­ly deter­mined by their rela­tion­ship with oth­er tech­nol­o­gy prod­ucts and their users. Such prod­ucts are entire­ly depen­dent on seam­less inter­op­er­abil­i­ty between them and equip­ment made by dif­fer­ent com­pa­nies. So if Dat­a­com and Padtec prof­it from Brazil­ian gov­ern­men­tal pro­tec­tion­ism in the near term, they will pay the price in the long term when they try to expand into inter­na­tion­al mar­kets, since they will face the sus­pi­cion of oth­er gov­ern­ments that the rea­son the Brazil­ian gov­ern­ment favors them is that they incor­po­rate unique Brazil­ian back doors. In oth­er words, this form of pro­tec­tion­ism leads to the prob­lems that Huawei and ZTE face today.


A free state-spon­sored email sys­tem using strong encryp­tion run out of the post office that could use gov­ern­ment key escrows? Encour­ag­ing pri­vate-sec­tor net­work oper­a­tors to use Brazil­ian-designed and-pro­duced telecom­mu­ni­ca­tion equip­ment in their net­works? That sure sounds a lot like the “hey, we think you all should use this new Clip­per Chip!”-approach that the US gov­ern­ment was try­ing 20 years ago. Only instead of the inter­net being this fun new toy in 1994 that only seemed like it could be scary, it’s now 2014 and we know the inter­net is scary kind of scary with all sort of real life boo­gie men. And now that the NSA is the offi­cial glob­al boo­gie-man-in-chief, the sell­ing points of a Brazil­ian-Clip­per Chip-like sys­tem that’s pur­port­ed­ly NSA-proof are more com­pelling than ever. These days, as long as it’s anti-NSA it sort of takes the the sting off of know­ing the gov­ern­ment has all those keys in escrow.

Wor­ried about Brazil? Don’t be. They’re going to be pro­tect­ing their pri­va­cy, Euro­pean-style.
So could we be see­ing the start of a Brazil­ian cam­paign on sell­ing the idea of state-spon­sored encryp­tion ser­vices to the pub­lic? It’s start­ing to look like that sure look­ing like that. And it won’t be too sur­pris­ing if the idea catch­es on, because who likes the idea of the NSA root­ing around through their stuff. But it still be kind of sur­pris­ing that there isn’t more con­cernt from pri­va­cy advo­cates over these plans with poten­tial­ly glob­al ram­i­fi­ca­tions because Brazil isn’t just plan­ning on offer­ing vol­un­tary state-spon­sored excryp­tion in response to the NSA scan­dal. As the above arti­cle points out, Brazil is also about to pass a law that man­dates the local stor­age of per­son­al data by inter­net firms [120] like Google and Face­book and the Brazil­ian par­lia­ment just passed an amend­ment to the upcom­ing Brazil­ian ‘Bill of Rights’ law that man­dates inter­net ser­vice providers store per­son­al data for 6 months no mat­ter what [121].

So why aren’t there grow­ing con­cerns that that the new Brizil­ian Bill of Rights will lead to wide­spread pri­va­cy abus­es against Brazil­ians by the Brazil­ian gov­ern­ment? Oh, right, Brazil’s new ‘Inter­net Bill of Rights’ and new Euro­pean-style data pro­tec­tion frame­work. That’s why no one is con­cerned [4]:


Will the New Year Bring New Pri­va­cy Laws to Brazil?
By The Hogan Lovells Pri­va­cy Team

The World Cup is not the only event to look out for in Brazil this year. Brazil has been devel­op­ing two sig­nif­i­cant pieces of pri­va­cy leg­is­la­tion since the late 2000s, and it looks like they may be vot­ed on soon. The Mar­co Civ­il da Inter­net (“Civ­il Inter­net Bill”) would estab­lish what some have called an “Inter­net Bill of Rights” that includes data pro­tec­tion require­ments and the preser­va­tion of net neu­tral­i­ty. The Data Pro­tec­tion Bill would estab­lish a com­pre­hen­sive, Euro­pean-style data pro­tec­tion frame­work gov­ern­ing the pro­cess­ing of all per­son­al data. The pro­posed laws would replace Brazil’s cur­rent sec­tor-spe­cif­ic pri­va­cy frame­work. Brazil is the fifth largest coun­try in the world, and the num­ber of Brazil­ian Inter­net and smart­phone users is grow­ing rapid­ly. The new laws would there­fore have a sig­nif­i­cant impact on orga­ni­za­tions offer­ing dig­i­tal prod­ucts or ser­vices to Brazil­ian con­sumers. We here pro­vide back­ground on the pro­posed laws and insights as to their poten­tial impacts.


Brazil’s Civ­il Inter­net Bill would do more than just estab­lish online pri­va­cy pro­tec­tions. The draft leg­is­la­tion effec­tive­ly estab­lish­es an Inter­net Bill of Rights for Brazil­ians. These rights include pri­va­cy pro­tec­tions along with a fun­da­men­tal right to access the Inter­net and a man­date for net neu­tral­i­ty. The law also reg­u­lates the enforce­ment of dig­i­tal copy­right issues and the online col­lec­tion of evi­dence in crim­i­nal and civ­il inves­ti­ga­tions. In recent months, Pres­i­dent Rouss­eff and mem­bers of the Worker’s Par­ty have added new pro­vi­sions to the Civ­il Inter­net Bill. The most con­tro­ver­sial of these is a data local­iza­tion rule, which would give Brazil’s exec­u­tive branch the right to force oper­a­tors of online ser­vices to store Brazil­ian data only in Brazil­ian data cen­ters. Oth­er amend­ments to the Civ­il Inter­net Bill include requir­ing ser­vice providers to obtain express con­sent from users pri­or to pro­cess­ing per­son­al data online and pro­vid­ing that com­pa­nies vio­lat­ing the Bill would be sub­ject to sus­pen­sion of Brazil­ian data col­lec­tion activ­i­ties or fines of up to 10% of the orga­ni­za­tion­al rev­enues.

Crit­ics have argued that the Civ­il Inter­net Bill, espe­cial­ly with its local­iza­tion require­ments, would raise oper­at­ing costs sig­nif­i­cant­ly for com­pa­nies doing busi­ness in Brazil. Sev­er­al indus­try groups have not­ed that the local­iza­tion require­ments would under­mine the decen­tral­ized nature of the Inter­net, which has facil­i­tat­ed the growth of glob­al dig­i­tal trade.

Brazil’s Data Pro­tec­tion Bill is mod­eled pri­mar­i­ly on the Euro­pean Data Pro­tec­tion Direc­tive and would reg­u­late the online and offline pro­cess­ing of per­son­al data. The bill would give Brazil­ians the rights to access, cor­rect, and delete per­son­al data and require that orga­ni­za­tions gen­er­al­ly obtain express, informed con­sent pri­or to pro­cess­ing a Brazilian’s per­son­al data. The Data Pro­tec­tion Bill would cre­ate a data pro­tec­tion author­i­ty, the Nation­al Data Pro­tec­tion Coun­cil. In the event of a data breach, com­pa­nies would be required to noti­fy the Coun­cil and some­times the media. Like the EU data pro­tec­tion frame­work, the Data Pro­tec­tion bill would gen­er­al­ly pro­hib­it orga­ni­za­tions from trans­fer­ring per­son­al data to coun­tries not pro­vid­ing ade­quate pro­tec­tions for per­son­al data. Although the Data Pro­tec­tion Bill does not spec­i­fy which coun­tries do pro­vide ade­quate pro­tec­tions, it is like­ly that the Data Pro­tec­tion Coun­cil would not deem the Unit­ed States to be one of those coun­tries. Orga­ni­za­tions vio­lat­ing the Data Pro­tec­tion Bill would face penal­ties of up to 20% of orga­ni­za­tion­al rev­enue.

If one or both of these bills are passed into law, com­pa­nies with Brazil­ian oper­a­tions would like­ly have to imple­ment sig­nif­i­cant changes to their pri­va­cy and secu­ri­ty prac­tices. Data local­iza­tion require­ments and cross-bor­der trans­fer restric­tions would have a sub­stan­tial effect on busi­ness oper­a­tions with ques­tion­able pri­va­cy and secu­ri­ty ben­e­fits. For exam­ple, cyber­at­tacks can occur no mat­ter where data is stored.

In spite of the argu­ments being raised against the bills, how­ev­er, the desire to estab­lish Brazil as a lead­ing play­er in the Glob­al Mul­ti­stake­hold­er Meet­ing on the Future of Inter­net Gov­er­nance [122] to be held in São Paulo on April 23–24 may well prompt the Brazil­ian leg­is­la­ture to pass one or both laws in the next few months. Some reports indi­cate that the Civ­il Inter­net Bill will be vot­ed on in Feb­ru­ary. A vote on the Data Pro­tec­tion Bill is like­ly to hap­pen soon after. We will be watch­ing the devel­op­ments close­ly and eval­u­at­ing how the changes may effect Brazil­ian com­pa­nies as well as Latin Amer­i­can and glob­al trade.

Euro­pean-syle data-pro­tec­tion laws are com­ing to Brazil! That should be quite an excit­ing set of new rules for Brazil­ian inter­net users to antic­i­pate once the EU final­ly decides ( via a secret tri­logue [123]) what those laws are going to look like [124]. And it sounds like those new rules will also cut off data trans­mis­sion to the Unit­ed States over con­cerns over US spy­ing, although, pre­sum­ably Google, Face­book and oth­er US firms that set up oper­a­tions on Brazil­ian soil will con­tin­ue to be able to offer ser­vices. It rais­es the ques­tion of what oth­er coun­tries will be cut off from Brazil over data-pri­va­cy con­cerns. Chi­na and Rus­sia must cer­tain­ly be on the no-go list and the rest of the Five Eyes would almost have be exclud­ed. EU com­pa­nies may not need to open branch­es in Brazil because they will pre­sumbly already be com­pli­ant with Brazil’s new data-pri­va­cy laws (since those laws are sup­posed to be based on the “Euro­pean-style” data pri­va­cy). But will any oth­er nations on the plan­et be com­pli­ant? Micro-nations with­out intel­li­gence agen­cies might be, but any­one else? What if Ice­land turns itself into Kim Dot­com’s The Pirate Bay [7]? How about Swe­den [125]?

And why is there so lit­tle out­cry over the over the fact that Brazil is try­ing to get all this per­son­al data stored local­ly using Brazil­ian-gov­ern­ment spon­sored hard­ware and soft­ware? The pre­vi­ous arti­cle [5] men­tions con­cerns that this plan for encour­ag­ing Brazil­ian hard­ware and soft­ware could end up hurt­ing the inter­na­tion­al brand for those Brazil­ian prod­ucts specif­i­cal­ly out of fears of Brazil­ian gov­ern­ment back­doors. Why would­n’t those fears exist? Is Brazil’s gov­ern­ment plan­ning on cut­ting itself off from ever access­ing its own cit­i­zen’s dig­i­tal data by build­ing gov­ern­ment-imple­ment­ed strong-encryp­tion that it can’t even decrypt itself? The recent amend­ment to Brazil’s Inter­net Bill of Rights call­ing for 6 months of data reten­tion [121] cer­tain­ly does­n’t sug­gest Brazil sud­den­ly decid­ed to turn itself into The Pirate Bay (not that some aren’t try­ing [126]). Does­n’t local data reten­tion put Brazil­ians at greater risk of pri­va­cy abus­es sim­ply due to the pos­si­bil­i­ty that the gov­ern­ment will vio­late the new Bill of Rights after forc­ing its relo­ca­tion to Brazil­ian servers? Did Brazil’s gov­ern­ment sud­den­ly obtain non-cor­rupt­ibil­i­ty cred­i­bil­i­ty? It’s often argued that we should assume that if the NSA can vio­late your pri­va­cy it def­i­nite­ly will, regard­less of the rules. That’s a core belief of the Cypher­punks (they are most­ly anar­chists, after all).

Oh, you thought Euro­pean-style data-pri­va­cy includ­ed strong encryp­tion? Uhhh...
Should­n’t that skep­ti­cism apply to all intel­li­gence orga­ni­za­tions? For instance, when Ger­many set up its own “Email made in Ger­many” as an “anti-NSA” alter­na­tive to US email ser­vices, should­n’t we be assum­ing the BND is spy­ing on the new ‘anti-NSA’ “Email made in Ger­many” sys­tem since that ‘secure’ email ser­vice leaves the email com­plete­ly unen­crypt­ed on Ger­many servers? Maybe? Maybe per­haps? [2]

Art Tech­ni­ca
Cryp­to experts blast Ger­man e‑mail providers’ “secure data stor­age” claim
GPG devel­op­er calls move a “great mar­ket­ing stunt at exact­ly the right time.”

by Cyrus Fari­var — Aug 10 2013, 7:08am CDT

In the wake of the shut­down [127] of two secure e‑mail providers in the Unit­ed States, three major Ger­man e‑mail providers have band­ed togeth­er [128] to say that they’re step­ping for­ward to fill the gap. There’s just one prob­lem: the three com­pa­nies only pro­vide secu­ri­ty for e‑mail in tran­sit (in the form of SMTP TLS) and not actu­al secure data stor­age.

GMX, T‑Online (a divi­sion of Deutsche Telekom), and Web.de—which serve two-thirds of Ger­man e‑mail users—announced [129] on Fri­day that data would be stored in Ger­many and the ini­tia­tive would “auto­mat­i­cal­ly encrypt data over all trans­mis­sion paths and offer peace of mind that data are han­dled in com­pli­ance with Ger­man data pri­va­cy laws.” Start­ing imme­di­ate­ly, users who use these e‑mail ser­vices in-brows­er will have SMTP TLS enabled, and start­ing next year, these three e‑mail providers will refuse to send all e‑mails that do not have it enabled.

“Ger­mans are deeply unset­tled by the lat­est reports on the poten­tial inter­cep­tion of com­mu­ni­ca­tion data,” said René Ober­mann, CEO of Deutsche Telekom, in a state­ment [129]. “Our ini­tia­tive is designed to coun­ter­act this con­cern and make e‑mail com­mu­ni­ca­tion through­out Ger­many more secure in gen­er­al. Pro­tec­tion of the pri­vate sphere is a valu­able com­mod­i­ty.”

These com­pa­nies have dubbed this effort “E‑mail made in Ger­many [130],” and tout “secure data stor­age in Ger­many as a rep­utable loca­tion.” In prac­tice, that appears (Google Trans­late) [131] to sim­ply mean that start­ing in 2014, these providers will “only trans­port SSL-encrypt­ed e‑mails to ensure that data traf­fic over all of their trans­mis­sion paths is secure.”

Ger­many has noto­ri­ous­ly strong data pro­tec­tion laws—likely the strongest in the world. But those laws do have law enforce­ment excep­tions for secu­ri­ty agen­cies, like the BND, Germany’s equiv­a­lent to the Nation­al Secu­ri­ty Agency. The BND like­ly can eas­i­ly access e‑mails stored unen­crypt­ed on Ger­man servers with lit­tle legal or tech­ni­cal inter­fer­ence. Clear­ly, forc­ing users (par­tic­u­lar­ly less tech-savvy ones) to use SMTP TLS pro­vides a mod­icum of bet­ter pro­tec­tion for data in tran­sit, but it’s hard­ly any­where close to improved secu­ri­ty for stored data.

Law enforce­ment can still get stored e‑mail

Ger­man tech media and the well-respect­ed Chaos Com­put­er Club have lam­bast­ed this approach, dis­miss­ing it as “pure mar­ket­ing.”

“The basic prob­lem with e‑mail is that it’s a post­card read­able by all—[this] changes noth­ing,” wrote Andre Meis­ter on the not­ed Netzpolitik.org blog [132] (Ger­man).

Lukas Pitschl of GPG­Tools [133] told Ars this was mere­ly a “mar­ket­ing stunt,” which would “not add real val­ue to the secu­ri­ty of e‑mail com­mu­ni­ca­tion.”

“If you real­ly want to pro­tect your e‑mails from pry­ing eyes, use OpenPGP or S/MIME on your own desk­top and don’t let a third-par­ty provider have your data,” he told Ars. “No one of the ‘E‑Mail made in Ger­many’ ini­tia­tive would say if they encrypt the data on their servers so they don’t have access to it, which they prob­a­bly don’t and thus the gov­ern­ment could force them to let them access it.”

The Chaos Com­put­er Club prac­ti­cal­ly laughed [134] (Google Trans­late) at this new announce­ment:

“What com­peti­tors [have had] for years as standard—a forced encryp­tion when access­ing a per­son­al e‑mail account—is now sold pro­mo­tion­al­ly as a new, effec­tive tech­no­log­i­cal advance­ment,” the group wrote. “The NSA scan­dal has shown that cen­tral­ized ser­vices are to be regard­ed as not trust­wor­thy when it comes to access by secret [agen­cies].”

Oh wow, does this mean Ger­many isn’t turn­ing its gov­ern­ment-built email ser­vice into The Pirate Bay either? Well that’s sure unex­pect­ed.

Still, it could be argued that one should feel safer hav­ing the BND con­trol­ling thi­er per­son­al data vs the NSA if one was giv­en the choice. But it’s unclear why the BND would be deemed more accept­able since, as the Snow­den Doc­u­ments demon­strate, the BND has already been caught hand­ing off “mas­sive amounts” of phone data to the NSA [42] and Ger­many is clear­ly very inter­est­ed in dra­mat­i­cal­ly expand­ing its sur­veil­lance capa­bil­i­ties [34]. And, per­haps more impor­tant­ly, the moves by Brazil and now the EU to wall off and balka­nize inter­net traf­fic and poten­tial­ly man­date local data stor­age are actu­al­ly remov­ing the choice where your data is held. This is cur­rent­ly being hailed as a nec­es­sary mea­sure to pro­tect cit­i­zen’s pri­va­cy but, again, it’s real­ly unclear why that’s the case [6]:

Don’t ger­ry­man­der the inter­net

By Leslie Har­ris / 4 Novem­ber, 2013

We can par­tial­ly blame ger­ry­man­der­ing for the cur­rent grid­lock in the U.S. Con­gress. By shap­ing the elec­toral map to cre­ate polit­i­cal­ly safe spaces, we have gen­er­at­ed a frac­tious body that often clash­es rather than col­lab­o­rates, lim­it­ing our chances of resolv­ing the country’s tough­est chal­lenges. Unfor­tu­nate­ly, rev­e­la­tions about the glob­al reach of Amer­i­can secu­ri­ty sur­veil­lance pro­grams under the Nation­al Secu­ri­ty Agency (NSA) are lead­ing some to pro­pose what amounts to ger­ry­man­der­ing for the inter­net in order to route around NSA spy­ing. This will shack­le the inter­net, inher­ent­ly change its tech­ni­cal infra­struc­ture, throt­tle inno­va­tion, and like­ly lead to far more dan­ger­ous pri­va­cy vio­la­tions around the globe.

Nations are right­ly upset that the com­mu­ni­ca­tions of their cit­i­zens are swept up in the Nation­al Secu­ri­ty Agency’s per­va­sive sur­veil­lance drag­net. There is no ques­tion the Unit­ed States has over­reached and vio­lat­ed human rights in its col­lec­tion of com­mu­ni­ca­tions infor­ma­tion on inno­cent peo­ple around the globe; how­ev­er, the solu­tion to this prob­lem should not, and tru­ly can­not, be data local­iza­tion man­dates that restrict data stor­age and flow.

The calls for greater local­iza­tion of data are not new, but the recent efforts of Brazil’s Pres­i­dent, Dil­ma Rous­eff, to pro­tect Brazil­ians from NSA spy­ing [135] reflect­ed the view of many coun­tries sud­den­ly faced with a new threat to the pri­va­cy of the com­mu­ni­ca­tions of their cit­i­zens. Rous­eff has been an advo­cate for inter­net free­dom, so undoubt­ed­ly her pro­pos­al is well inten­tioned, though the poten­tial unin­tend­ed reper­cus­sions are alarm­ing.

First, it’s impor­tant to con­sid­er the tech­ni­cal rea­sons why data loca­tion require­ments are a real­ly bad idea. The Inter­net devel­oped in a wide­ly organ­ic man­ner, cre­at­ing a net­work that allowed data to flow from all cor­ners of the world – regard­less of polit­i­cal bound­aries, resid­ing every­where and nowhere at the same time. This has helped increase the resilience of the inter­net and it has pro­mot­ed sig­nif­i­cant effi­cien­cies in data flow. As is, the net­work routes around dam­age, and data can be wher­ev­er it best makes sense and take an opti­mal route for deliv­ery.

Data local­iza­tion man­dates would turn the inter­net on its head. Instead of a uni­fied inter­net, we would have a frac­tured inter­net that may or may not work seam­less­ly. We would instead see dis­tricts of com­mu­ni­ca­tions that cater to spe­cif­ic needs and inter­ests – essen­tial­ly we would see Inter­net ger­ry­man­der­ing at its finest. Coun­tries and regions would devel­op local­ized reg­u­la­tions and rules for the inter­net to ben­e­fit them in the­o­ry, and would cer­tain­ly aim to dis­ad­van­tage com­peti­tors. The poten­tial for seri­ous win­ners and losers is huge. Cer­tain­ly the hope for an inter­net that pro­motes glob­al equal­i­ty would be lost.

Data local­iza­tion may only be a first step. Coun­tries seek­ing to keep data out of the Unit­ed States or that want to exert more con­trol over the inter­net may also man­date restric­tions on how data flows and how it is rout­ed. This is not far-fetched. Coun­tries such as Rus­sia, the Unit­ed Arab Emi­rates, and Chi­na have already pro­posed this [136] at last year’s World Con­fer­ence on Inter­na­tion­al Telecom­mu­ni­ca­tions.


Most impor­tant though, is the poten­tial for fun­da­men­tal harm to human rights due to data local­iza­tion man­dates. We rec­og­nize that this is a dif­fi­cult argu­ment to accept in the wake of the rev­e­la­tions about NSA sur­veil­lance, but data local­iza­tion require­ments are a dou­ble-edged sword. It is impor­tant to remem­ber that human rights and civ­il lib­er­ties groups have long been opposed to data local­iza­tion require­ments because if used inap­pro­pri­ate­ly, such require­ments can become pow­er­ful tools of con­trol, intim­i­da­tion and oppres­sion.

When com­pa­nies were under intense crit­i­cism for turn­ing over the data of Chi­nese activists to Chi­na, inter­net free­dom activists were unit­ed in theirs calls to keep user data out of the coun­try. When Yahoo! entered the Viet­namese mar­ket, it placed its servers out of the coun­try in order to bet­ter pro­tect the rights of its Viet­namese users. And the dust up between the gov­ern­ments of the Unit­ed Arab Emi­rates, Sau­di Ara­bia, India, and Indone­sia, among oth­ers, demand­ing local servers for stor­age of Black­Ber­ry mes­sages [137] in order to ensure legal account­abil­i­ty and meet nation­al secu­ri­ty con­cerns, was met with wide­spread con­dem­na­tion. Now with demo­c­ra­t­ic gov­ern­ments such as Brazil and some in Europe tout­ing data local­iza­tion as a response to Amer­i­can sur­veil­lance rev­e­la­tions, these oppres­sive regimes have new, albeit inad­ver­tent, allies. While some coun­tries will in fact store, use and pro­tect data respon­si­bly, the val­i­da­tion of data local­iza­tion will unques­tion­ably lead to many regimes abus­ing it to silence crit­ics and spy on cit­i­zens [138]. Beyond this, data serv­er local­iza­tion require­ments are unlike­ly to pre­vent the NSA from access­ing the data. U.S. com­pa­nies and those with a U.S. pres­ence will be com­pelled to meet NSA orders, and there appear to be NSA access points around the world.

Data local­iza­tion is a pro­posed solu­tion that is dis­tract­ing from the impor­tant work need­ed to improve the Internet’s core infra­struc­tur­al ele­ments to make it more secure, resilient and acces­si­ble to all. This work includes expand­ing the num­ber of routes, such as more under­sea cables and fiber runs, and exchange points, so that much more of the world has con­ve­nient and fast Inter­net access. If less data is rout­ed through the U.S., let it be for the right rea­son: that it makes the Inter­net stronger and more acces­si­ble for peo­ple world­wide. We also need to work to devel­op bet­ter Inter­net stan­dards that pro­vide usable pri­va­cy and secu­ri­ty by default, and encour­age broad adop­tion.

Pro­tect­ing pri­va­cy rights in an era of trans­bor­der sur­veil­lance won’t be solved by ring fenc­ing the Inter­net. It requires coun­tries, includ­ing the U.S., to com­mit to the exceed­ing­ly tough work of com­ing to the nego­ti­at­ing table to work out agree­ments that set stan­dards on sur­veil­lance prac­tices and pro­vide pro­tec­tions for the rights of pri­va­cy and free expres­sion for peo­ple. Ger­many and France [139] have just called for just such an agree­ment with the U.S. This is the right way for­ward.

In the U.S., we must reform our sur­veil­lance laws, adopt a war­rant require­ment for stored email and oth­er dig­i­tal data, and imple­ment a con­sumer pri­va­cy law. The stan­dards for gov­ern­ment access to online data in all coun­tries must like­wise be raised. These mea­sures are of course much more dif­fi­cult in the short run that than data local­iza­tion require­ments, but they are for­ward-look­ing, long-term solu­tions that can advance a free and open inter­net that ben­e­fits us all.

So, at least in the­o­ry, some coun­tries might store, use, and pro­tect data respon­si­bly once we tran­si­tion to a local stor­age par­a­digm. But also, in the­o­ry, these same coun­tries could man­date local data stor­age, set up fan­cy pri­va­cy laws, and then pro­ceed to vio­late them. Clear­ly we should all hope that the for­mer sce­nario is what will actu­al­ly take place, but which sce­nario should we actu­al­ly expect? Is Brazil going to abide by its new Inter­net Bill of Rights [140]? Will Ger­many actu­al­ly abide [141] by its noto­ri­ous­ly strict pri­va­cy laws [142]? How about the rest of the EU [143]? How about the rest of the world?

Now, here’s twist­ed pos­si­bil­i­ty: Could it be that Ger­many and Brazil are cur­rent­ly try­ing to gain access to data on their own cit­i­zens that only NSA and/or US tech firms have access to and isn’t shar­ing? After all, we keep hear­ing about how Angela Merkel wants to estab­lish a ‘no spy’ agree­ment. But, as we’ve [90] seen [91], the Five Eye­’s agree­ment that Angela Merkel wants to join isn’t a no spy agree­ment. It’s a pro-spy agree­ment. So, could it be that the Snow­den affair is being used as an oppor­tu­ni­ty to man­date that cit­i­zens in Brazil, Ger­many, and now the entire EU must leave vir­tu­al­ly all of their online dig­i­tal data on servers that are ful­ly acces­si­ble to those gov­ern­ments? And might the move to devel­op non-US hard­ware and soft­ware in order to thwart the NSA’s actions simul­ta­ne­ous­ly be max­im­ix­ing access to per­son­al data by those exact same gov­ern­ments using their own gov­ern­ment back­doors and key escrows? Could the balka­niza­tion of the inter­net actu­al­ly lead to a con­cen­tra­tion of per­son­al data stor­age in every­one’s home coun­try. Maybe?

And might Ange­la’s pro­pos­al to wall off the EU and begin engag­ing in counter-espi­onage actu­al­ly be an attempt to dri­ve peo­ple away from US-based tech­nol­o­gy and into the arms of EU and Brazil­ian hard­ware man­u­fac­tur­ers that with new, fan­cy, all-exclu­sive back-doors? Are there any indi­ca­tions that these gov­ern­ments are plan­ning on build­ing hard­ware and soft­ware that even their own secu­ri­ty ser­vices can’t hack? Or might the anti-NSA back­lash also be act­ing as a back­door for sell­ing the globe on the new Clip­per Chip 3.0 par­a­digm? We’ve already seen the Clip­per Chip 1.0 get reject­ed by the pub­lic. The seem­ing­ly end­less tech­ni­cal exploits that can attack any sys­tem that the Snow­den Doc­u­ments are expos­ing are basi­cal­ly Clip­per Chip 2.0. It’s like a meta-Clip­per Chip. Could this new wave anti-NSA hard­ware and soft­ware [144] (and the breakup of the inter­net) be the roll­out of Clip­per Chip 3.0? The anti-NSA meta-Clip­per Chip all sorts of new exploits in sup­pos­ed­ly new­ly secured plat­forms?

It’s Back to the Future. Specif­i­cal­ly, it’s Back to 1993–94 and then the Future
These are just a hand­ful of the ques­tions that have been raised about how we’re going to bal­ance pri­va­cy and secu­ri­ty. They’re crit­i­cal ques­tions to ask not only because we actu­al­ly need answers to them to know how to move for­ward but also because the glob­al debate seems to be tak­ing place as if these ques­tions have already been answered and the Cypher­punk solu­tion of stan­dard­iz­ing unbreak­able strong encryp­tion is the glob­al pub­lic’s choice. The CCC laughed off [2] Ger­many’s “Email made in Ger­many” ser­vice because law enforce­ment could still access the con­tent and across the world peo­ple are shocked that the NSA can hack into just about any­thing. And the pub­lic at large nat­u­ral­ly recoils at the idea of some­thing like a Clip­per Chip that makes so easy for gov­ern­ments to hack into you per­son­al data. But was the US’s pub­lic rejec­tion of the Clip­per Chip in the 1990’s, when the inter­net was still in its infan­cy, an open embrace of the Four Hores­men of the Infopocal­yse [2]? Because that’s how the top­ic is gen­er­al­ly treated...if the NSA or any intel­li­gence or law enforce­ment agency is dis­cov­ered to have found or built-in a vul­ner­a­bil­i­ty that is seen, by default, as a hor­ri­ble threat to soci­ety that will sure­ly be abused. At the same time, near­ly every­one seems to agree that there are legit­i­mate rea­sons for spy­ing. Even Snow­den [145].

So how exact­ly do we cre­ate the world where legit­i­mate spy­ing takes place if we also decide to cre­ate a world where strong encryp­tion become rou­tine and stan­dard­ized? Sure, as we saw above, actu­al­ly mak­ing strong encryp­tion rou­tine and stan­dard­ized is cost­ly and time-con­sum­ing, but it’s pos­si­ble. What mod­el, oth­er than the Clip­per Chip/government key-escrow mod­el run by a trust­wor­thy gov­ern­ment, actu­al­ly sat­is­fies those con­di­tions? Are there any oth­er mod­els? The above arti­cle ends with some very good advice:

Pro­tect­ing pri­va­cy rights in an era of trans­bor­der sur­veil­lance won’t be solved by ring fenc­ing the Inter­net. It requires coun­tries, includ­ing the U.S., to com­mit to the exceed­ing­ly tough work of com­ing to the nego­ti­at­ing table to work out agree­ments that set stan­dards on sur­veil­lance prac­tices and pro­vide pro­tec­tions for the rights of pri­va­cy and free expres­sion for peo­ple. Ger­many and France [139] have just called for just such an agree­ment with the U.S. This is the right way for­ward.

In the U.S., we must reform our sur­veil­lance laws, adopt a war­rant require­ment for stored email and oth­er dig­i­tal data, and imple­ment a con­sumer pri­va­cy law. The stan­dards for gov­ern­ment access to online data in all coun­tries must like­wise be raised. These mea­sures are of course much more dif­fi­cult in the short run that than data local­iza­tion require­ments, but they are for­ward-look­ing, long-term solu­tions that can advance a free and open inter­net that ben­e­fits us all.

Now, it was prob­a­bly a mis­char­ac­ti­za­tion to describe what Ger­many and France called for as a com­mon set of stan­dards that will “pro­vide pro­tec­tions for the rights of pri­va­cy and free expres­sion for peo­ple” since they clear­ly want in on the pro-spy­ing Five Eyes club. But the larg­er point is absolute­ly crit­i­cal: There real­ly is no long-term solu­tion to bal­anc­ing pri­va­cy and secu­ri­ty that does­n’t involve gov­ern­ments engag­ing in self-restraint and act­ing for the greater good. In oth­er words, The real chal­lenge is elect­ing the kind of elect­ed offi­cials that appoint the kind of pub­lic offi­cials that appoint the kind of senior offi­cers that hire that kind of pro­fes­sion­als that you would trust to baby sit your kids and just gen­er­al­ly be good and decent. THAT’s the chal­lenge of the sur­veil­lance age. Cre­at­ing gov­ern­ments you can trust. Every­where. Yeah, that’s a real­ly hard soul­tion to imple­ment, but it’s also our only real choice in the long run because it’s the only solu­tion that can help fix all of the oth­er hor­ri­ble prob­lems fac­ing human­i­ty and life on earth over the next cen­tu­ry. Help us, Obi-Wan Keno­bie high-qual­i­ty demo­c­ra­t­ic soci­eties work­ing togeth­er, you’re our only hope.

One of the rea­sons it’s so impor­tant to take a step back and ques­tion some of the under­ly­ing assump­tions on this top­ic is that the Cypher­punk per­spec­tive is basi­cal­ly lead­ing the glob­al dis­cus­sion on these mat­ters and that per­spec­tive assumes that account­able gov­er­ments are sim­ply impos­si­ble. At least, that’s the per­spec­tive that appears to be held by folks like Jacob Appel­baum and Julian Assange (and pre­sum­ably Edward Snow­den, giv­en his polit­i­cal lean­ings [51]). But, at the same time, we keep hear­ing from folks like Snow­den, Appel­baum, and Assange that we’ll need tech­ni­cal and polit­i­cal solu­tions to the chal­lenges of bal­anc­ing pri­va­cy and secu­ri­ty. The tech­ni­cal solu­tion offered by the Cypher­punks is clear: strong encryp­tion that no one can break [146] for the mass­es. The polit­i­cal solu­tion offered by Snow­den seem to revolve around fix­ing the laws on war­rants and pros­e­cut­ing senior US offi­cials involved with set­ting pol­i­cy [52]. Sim­i­lar­ly, Jacob Appel­baum thinks “it’s impor­tant to find out who col­lab­o­rat­ed and who didn’t col­lab­o­rate. In order to have truth and rec­on­cil­i­a­tion, we need to start with a lit­tle truth.” [68] And as we saw above, he also wants the NSA to become the anti-NSA.

Now, that would be pret­ty sweet if we had an actu­al truth and rec­on­cili­tion com­mis­sion on any­thing because, wow, the odds of that hap­pen­ing for any top­ic any­where are so tiny its sad and there are a lot of dif­fer­ent area of real­i­ty that need truth and rec­on­cil­i­a­tion. But is the pros­e­cu­tion of senior US offi­cials and wide­spread imple­men­ta­tion of strong encryp­tion that even the NSA can’t break a real­is­tic set of long-term solu­tions? Has the pub­lic real­ly inter­nal­ized the idea of embrac­ing stan­dard­ized unbreak­able strong excryp­tion and accept­ing the Four Hores­men of the Infopoca­lypse [9] as the price to be paid for dig­i­tal pri­va­cy? Until the glob­al pub­lic actu­al­ly engages in that debate for real in the glob­al inter­net age we’re not real­ly going to be able to come up with solu­tions and that the pub­lic can get behind. And if we can’t get real solu­tions that the pub­lic can get behind that means crap­py solu­tions that enable more spy­ing by even more gov­ern­ments and break the inter­net are more like­ly to suc­ceed. Real pri­va­cy is going to require real sac­ri­fices. Right now, the US’s solu­tion appears to involve shift­ing data stor­age to the pri­vate-sec­tor. Is that an improve­ment? [147] Are you sure? [148]

Maybe we have to begin talk­ing about how we’re going to deal with the Four Horse­men of the Infopoca­lypse [9]: ter­ror­ists, drug-deal­ers, mon­ey-laun­der­ers, and pedophiles. At least one of those Hores­men can be dealt with pret­ty eas­i­ly: End the insane war on drugs and treat it as a med­ical issue. That would sure help with some pri­va­cy con­cerns [149]. It would prob­a­bly help out a lot with the mon­ey-laun­der­ing too [150]. But those last two Horse­men, ter­ror­ists and pedophiles...it’s not at all obvi­ous that the pub­lic is going to ever accept enabling those activ­i­ties regard­less of the cost to their pri­va­cy. Can you blame them?

So how can we come up with solu­tions to the issues of pri­va­cy, secu­ri­ty, and man­ag­ing this glob­al inter­net thing that the glob­al com­mu­ni­ty can actu­al­ly accept when the pre­vail­ing assump­tion is that state-sanc­tioned back­doors are to be abol­ished, strong encryp­tion is to be main­streamed, and the con­se­quence of those two actions are that at least two of the Four Horse­men of the Infopoca­lypse show up (plus the much-feared pedo-ter­ror­ists)? One answer is that we come up with con­fused solu­tions that don’t actu­al­ly address our needs or expec­ta­tions. Solu­tions that seem like they’re pro­tect­ing pri­va­cy, like man­dat­ing local data-stor­age, but actu­al­ly end up shift­ing around who is doing the spy­ing and poten­tial­ly breaks the inter­net in the process. Solu­tions that gov­ern­ments around the world might love right now, but peo­ple around the world may not real­ly appre­ci­ate in the long-run.

Anoth­er part of solu­tion is to the actu­al­ly have that Clip­per Chip debate again because the issue of unbreak­able encryp­tion has been forced again. Brazil and Ger­many have have it pret­ty clear that state-spon­sor­ship of encryp­tion is now a glob­al prod­uct so we might as well start talk­ing about these things again. Do the Chi­nese want a Chi­na-chip? Do Amer­i­cans want a Five-Eyes Chip? Now that Angela Merkel has announced plans for an aggres­sive counter-espi­onage cam­paign against the US (pre­sum­ably using exploits described in the Snow­den Doc­u­ments) might that be used to sell the US pop­u­lace on a Clip­per Chip of its own. It’s a very creepy solu­tion but it would also allow the trans­mis­sion of data across the plan­et with­out the fear of oth­er nations spy­ing on that traf­fic. Just your nation-of-choice that built the chip could spy (and any­one they share the keys with..anyone else that breaks the code). Some­thing like that could avoid break­ing up the inter­net and the top­ic is being forced any­ways so should we talk about it?

And should we also start talk­ing about how to han­dle the main­stream­ing of unbreak­able encryp­tion? Because one of the con­se­quences of the Snow­den Affair is that we might sud­den­ly get a lot clos­er to hav­ing tru­ly unbreak­able encryp­tion go main­stream again. These secret exploits that are being exposed held off the Four Hores­men for two decades but they’re back, knock­ing on the door again. Don’t for­get: the whole point behind all the NSA’s exploits are that it can’t defeat these algo­rithms through brute force if they are imple­ment­ed cor­rect­ly. The NSA needs to cheat. It’s raw math at that lev­el. Depend­ing on how things change, we could build the infra­struc­ture where encryp­tion real­ly is effec­tive­ly unbreak­able and cheat­ing is effec­tive­ly impos­si­ble.

Ok, so what’s the bal­ance? Ever since the Clip­per Chip debate got resolved in the 90’s, the pub­lic has been hav­ing its cake and eat­ing it too on the costs and ben­e­fits of mak­ing near-absolute data pri­va­cy tools read­i­ly avail­able. Or at least it thought it was hav­ing its cake. The blue pill [151] is deli­cious after all. Since the NSA and oth­er spy agen­cies were secret­ly find­ing or cre­at­ing exploits the whole time, the pub­lic was able to main­tain a pre­tense that the bad guys got their data hacked as a rou­tine course because the gov­ern­ment hack­ers are super bad ass. But, curi­ous­ly, we also seemed to assume that our our own per­son­al hard­ware and soft­ware was­n’t, like, a giant rube-gold­berg machine of hard­ware and soft­ware exploits. These weren’t real­ly com­pat­i­ble assump­tions. Remem­ber all the shock when it was dis­cov­ered that *gasp* even Black­Ber­ry is hack­able [152]? Both the iPhone and Black­Ber­ry were con­sid­ered NSA-proof [153] until recent­ly and, omi­nous­ly in ret­ro­spect, the gov­ern­ment was­n’t com­plain­ing.

So we’ve nev­er real­ly had the debate over the costs and ben­e­fit of absolute encryp­tion because we’ve nev­er real­ly had absolute encryp­tion. It was sort of assumed we had strong encyp­tion avail­able except most of us simul­ta­ne­ous­ly assumed the NSA could hack every­thing. It was a weird head­space, those pre-Snow­den days of yore.

Today, it’s a dif­fer­ent kind of weird head­space. We’re hav­ing a glob­al dis­cus­sion over a mael­strom of inter­twined top­ics that almost require a replay of the Clip­per Chip debate and the key fig­ures and assump­tions in this glob­al debate almost all come from the Cypher­punk per­spec­tive. Except for the assump­tion that we need all have secu­ri­ty needs. That same Clip­per Chip debate is back because it nev­er real­ly went away. So it’s Back to the Future [154] time: if we can some­how resolve the Clip­per Chip debate of 1993–94, the present can move for­ward into the future.

Now, will the pub­lic actu­al­ly accept the Clip­per Chip solu­tion? Does every­one want to get chipped? Well, no, the idea of offi­cial back doors is so creepy that the pub­lic prob­a­bly isn’t going to be much more recep­tive today than it was two decades ago but at least we’ll be hav­ing a mean­ing­ful debate about the impli­ca­tion of main­stream­ing unbreak­able encryp­tion. And while we’re hav­ing that debate, let’s not kid our­selves: no mat­ter how this debate over the dig­i­tal pri­va­cy gets resolved, dig­i­tal pri­va­cy is only one ele­ment of pri­va­cy that’s at grow­ing risk these days. It may seem like we’re liv­ing on the inter­net, but we’re aren’t Tron yet [155]. Unless we also start dia­logues on pri­va­cy top­ics that extend well beyond the realm of dig­i­tal pri­va­cy, that annoy­ing fly on the wall is prob­a­bly get­ting an upgrade [156].