Our rights are extended and limited by the tools we use. The Internet has magnified our capability for free speech, but has pared down the reasonable expectation of privacy. And we, of course, have volunteered our data unreservedly at every turn. Even when we got burned, we kept coming back to give more. I suppose we did it because we trusted those to whom we were giving it, though they have almost without exception lost that trust now. And any trust they do regain must always be provisional, apparently, so why bother with it at all?
It seems that if we are to start over again, the founding principle of our tools for communication cannot be the establishment of trust, but the impossibility of trust.
It’s a cynical place to start, but clearly a necessary one. If it is possible at any point for trust to enter the equation, that trust can and likely will be taken advantage of. If there exists, anywhere from your end to the other in the long chain of servers, switches, cables, interpreters, loggers, drivers, protocols, interfaces, and displays, any single place where you are not one hundred percent in control of your data, your data is compromised and the system fails.
The trick is to treat every communication as a potential act of terrorism. After all, isn’t that how the NSA does it? For them, it’s an excuse; For us, it should be a method. Start there, and you can build a system that works. Start there, and you will be told that you are building tools for treason. You are.
Great. If it isn’t illegal, it isn’t strong enough. If the government doesn’t denounce it, it isn’t good enough. Tools for treason are the only tools that will suffice for our protection from now on.
But let’s be clear: They will be used for evil, both petty and monstrous: for trading child pornography, for selling meth, for planning assassinations, for mass murder. You will be told you are arming the enemy. You are. But your tools are neither necessary nor sufficient for such atrocities. Every kitchen knife is sharp enough to cut your fellow man; every hammer is hard enough to split skulls; every car is fast enough to mow down pedestrians. They have to be to fulfill their purposes, and it’s the same here.
And remember, we’re not just talking about Facebook chats and Google searches. What seems like overkill for protecting personal email may be totally insufficient for a guerrilla fighter coordinating across borders. Many people may not care about their privacy when it comes to a spare email address leaked by Facebook or the metadata from their Gmail account. They may come around later or not, but someone’s got to make sure that if they do come around, privacy is even an option.
If your algorithm doesn’t allow a pedophile to irreversibly scramble his drive and avoid prosecution, it can’t be used by freethinkers under ideological oppression to hide state-banned books. If your messaging app won’t let someone safely plan bombing the Super Bowl, it can’t be used by an activist to reveal human rights abuses. If your map doesn’t let poachers stalk rhinos without alerting rangers, it can’t be used by ethnic minorities to escape purges. The strength of the tool enables all of these things, and it is an old, old test we have taken many times before to see which we use it for. The answer, as always, will be “both.”
And how will we make these magical tools? There are really only two major requirements, if we assume (wrongly for the most part, at least at first) that users can operate them properly.
They must completely ignore the law. There is no reason to respect it — even the government doesn’t. Police requests for data, subpoenas, and anything else must be completely powerless, at least without the consent of the user. But it is not enough to disdain the law, unless one is immune to it.
Therefore, they must not be centralized. Web platforms as a service are fine, and will remain fine, for editing photos and sharing restaurant recommendations, but not for personal communications or any kind of confidential data. Nearly every cloud service places compliance with the law above the needs of its users (SpiderOak is an exception to this, and I wrote mistakenly here that they are able to decrypt on command; They are not, as a commenter points out, although the metadata they can disclose could also be critical). Self-hosting, whether on your own or on rented or virtualized hardware, is the only way to be remotely sure that your data is safe.
Put network attached storage and a pop-up web server in every home and watch existing monolithic structures be eroded. With personal gigabit connections, terabytes of our own to serve from, end-to-end encryption, and peer-to-peer implemented at a fundamental level, our communications will cease to be reliant on anything except critical infrastructure — and even that, in time, will be obsoleted. It’ll take time to nail down the right protocols, plug gaps, and expand compatibility, but the important thing is to get it out there. Like Bittorrent, the cat won’t be put back in the bag. It’s taken ten years for torrents to become a household word, but at the rate services and agencies are accidental tipping their cards, it may not be as long a road to get people in touch with their inner cryptographer. Make it as easy to install as BonziBuddy and you’ll start something that won’t be easily stopped.
The simple fact is that the government and powers in whom we’ve confided have shown themselves to be unworthy and unreliable (if not totally reprehensible). Respecting their interests should no longer be a matter of course, and furthering the naturally decentralized nature of the Internet is the logical next step. Creating something that serves the interests of the private (or oppressed) individual instead of, ultimately, those who wish to impose on him or her should be a major imperative for the next decade of software and platform development.
They won’t like it, because freedom is the freedom to do wrong as well as right, and they as arbiters are terrified that they will no longer be able to tell which you’re doing. Well, we’re tired of them knowing — tired of them trying to find out. We have the technology. We can declare our independence. We’ve done it before.