
Statement of Condemnation of U.S. Mass-Surveillance Programs [pdf] - Nogwater
http://www.cs.ucdavis.edu/~rogaway/politics/surveillance.pdf
======
rooshdi
"Both US-persons and non-US-persons have a right to be free of routinized
surveillance. This right does not spring solely from the US Fourth Amendment;
it is a human and natural right as well."

This cannot be overstated. Americans are no better than the rest of the world.
If anything, being the masters of mass surveillance makes us worse. We're
creating the big brother blueprint.

~~~
dalek_cannes
As a non-US citizen, I've been repeatedly asking this about news stories
emphasizing the collection of _domestic_ communications as the bad thing. I
thought your declaration of independence say that _all_ humans are endowed
with inalienable rights...

~~~
ClashTheBunny
One big misunderstanding is that the Declaration of Independence is a legally
binding document today. It was a declaration of war on the British Empire; it
didn't really matter anymore than a statement of values of people who started
the war once it was done with that.

I would look to treaties that we have signed to see what we currently legally
state as human rights Treaties in Force [1]. Specifically this treaty:
International Covenant on Civil and Political Rights [2]. Just make sure to
check if your country is one of the countries that have agreed to the treaty
and that the government who signed it is still in power.

[1]: Treaties in Force -
[http://www.state.gov/s/l/treaty/tif/index.htm](http://www.state.gov/s/l/treaty/tif/index.htm)

[2]: ICCPR -
[http://www.ohchr.org/en/professionalinterest/pages/ccpr.aspx](http://www.ohchr.org/en/professionalinterest/pages/ccpr.aspx)

~~~
dalek_cannes
Thanks for the links, especially ICCPR! I did know that the declaration of
independence isn't legally binding, but it _is_ a statement of principle on
which America is founded, yes? Isn't it through some interpretation of it that
America feels compelled to spread freedom and democracy outside its boarders?
Don't get me wrong, I'm quite pro-American, but it seems weird that the US
government is campaigning for our rights when our own governments are
trampling on them (which I personally appreciate), but tramples on them (right
to privacy in particular) when its own interests at stake.

~~~
rayiner
The Declaration of Independence is rhetoric meant to justify a war. It's
ironically contradictory--people talking about "all men being created equal"
right before founding a country where blacks were enslaved, Indians were
exterminated, women had few rights, and only land-owners could vote. The most
sensible way to read that part of the Declaration of Independence is for the
narrow statement that "white land owning males in the colonies are every bit
as good as white land owning males in Great Britain." That plus Thomas
Jefferson having a flair for the dramatic.

"People not in America are equal to people in America" has never been an
animating principle of American society. The U.S. has a long and storied
history of e.g. intervening in Latin America to keep it a brushfire-free back
yard:
[http://en.wikipedia.org/wiki/Latin_America%E2%80%93United_St...](http://en.wikipedia.org/wiki/Latin_America%E2%80%93United_States_relations#19th_century_to_World_War_I)

~~~
CWuestefeld
All that may be true, but as dalek_cannes says, it gives us perspective on how
to understand the Constitution. In particular, it informs us that the Bill of
Rights is not _granting_ rights to the people, but is instead _taking note_ of
certain rights that all people have inherently.

~~~
rayiner
I don't think it informs us of that at all. Even to the extent that it's
anything more than rhetorical flourish, it's misleading to read the language
in terms of modern understandings or schoolhouse revisionist history. At the
time, there was this idea of the "customary rights of Englishmen" that isn't
coextensive with "natural rights of all human beings" as we might think of it
today. See:
[http://en.wikipedia.org/wiki/Rights_of_Englishmen](http://en.wikipedia.org/wiki/Rights_of_Englishmen).
These are not "natural rights" in the sense of something you might find if you
cut someone open and did an autopsy, but rather rights that arose out of the
long-standing, practice of a people and which are enjoyed by those people.

It's quite clear that the Constitution simply recognized customary rights that
existed, but that shouldn't be taken as a recognition of universal rights
common to all people. Especially in light of all the countervailing evidence
in the form of unequal treatment of nearly everyone who wasn't a white English
male landowner. That evidence is inconsistent with the recognition of
universal natural rights, but entirely consistent with the recognition of
customary rights, which since the magna carta had applied to white English
male landowners.

------
tptacek
Wow does "UC Davis Professor" ever bury the lede here; Phil Rogaway is one of
the most famous working cryptographers. He's also notable for having patented
the best known AEAD scheme and granting a free license for all nomilitary use.

~~~
viraptor
> ... and granting a free license for all nomilitary use.

I never thought about this. Maybe it would be a good idea to add such clause
to applications I release. It wouldn't be compatible with GPL of course, but
then again... not sure which one I care about more.

~~~
taneliv
Uhh, how would you define "military"? I would guess you'd be ok software used
on the DARPA created Internet... What about UN peace-keeping forces, or the
customs, police and other armed forces (in various countries), in which
functions would they be allowed to use such software?

Not to say which one is more important, but GPL (at least v2, haven't really
studied v3 yet) is quite clear in its definitions and limitations. You'd do a
good job defining "military" equally clearly and usefully for use in such
licenses, but that might be quite a lot of work.

Incidentally, "do no evil" is not a very good license exactly for the lack of
a definition of evil.

------
rob05c
I completely agree, about the codes of conduct bit. Any software developer
who's taken part in any of this, who's an ACM member, should be ousted for
gross violations of the ACM Code of Ethics

[http://www.acm.org/about/code-of-ethics](http://www.acm.org/about/code-of-
ethics)

~~~
skwirl
Wait... there are people who still think the ACM has relevance?

~~~
shadowfox
When exactly did ACM lose its relevance?

~~~
skwirl
It was at least before I started college in 2002. There were some remnants of
it, such as a few professors who listed it on their CVs, and we did read the
code of ethics in CS1. But nothing serious and active. Maybe it's different in
different parts of the country.

------
biot

      "It is contrary to corporate responsibility for a company to
       assist in the creation of artifacts, such as server farms,
       routers, or analytic engines, intended for mass surveillance."
    

Is there a list of companies which supply equipment and/or services to the
NSA?

~~~
bengrunfeld
Yes. Look at the slides Snowden released when he blew the whistle.

[http://images.techhive.com/images/article/2013/06/prism_vend...](http://images.techhive.com/images/article/2013/06/prism_vendor_slide_washington_post-100041030-orig.jpg)

~~~
biot
Those are companies likely forced to cooperate. I doubt the NSA issues
National Security Letters forcing hardware manufacturers to sell them
products.

~~~
bengrunfeld
Says who?

------
geertj
"It is contrary to the ethical obligations of cryptographers, computer
scientists, and engineers to participate in the development of technologies
for mass surveillance. It is also a violation of professional codes of
conduct."

I agree. All of us developers have obligations that are higher than achieving
personal wealth, or being a family breadwinner. We are the literate elite of
our times. This status gives us the potential for great monetary benefit doing
something we like, but it also comes with its social responsibilities.

------
marcuspovey
I would love to see everyone in the IT industry take a similar pledge.

If enough of us do we can choke off the oxygen supply to these organisations,
especially if we make it an unattractive career prospect for undergrads.

------
jacquesm
Finally someone who actually gets it that mass surveillance is wrong in
principle even when it does not have US citizens as subjects.

Thank you professor Rogaway.

------
RyanMcGreal
> This right does not spring solely from the US Fourth Amendment; it is a
> human and natural right as well.

As a "non-US-person", I found myself particularly moved by this line.

------
w_t_payne
I used to work for Sophos, the Anti-Virus & computer security company.

It was made very clear to me when I joined that they did not want to employ
anybody who had ever had anything to do with hacking or writing malware, and
that any hint of this would be grounds for immediate dismissal.

It was also made very clear that any such individuals would be black-balled by
the industry as a whole.

I can only presume that this scheme would cover cases of hacking or espionage
by government employees, or other such abuses of trust.

Whilst I acknowledge comments that raise the spectre of McCarthy-esque witch-
hunts, and I share the concerns, I do think that it would be entirely
appropriate for this scheme to extend to other technology companies that bank
on a trustworthy reputation, and who need to prove beyond doubt that they have
not been infiltrated by individuals with a history of abusing privacy and
subverting technology for malicious purposes.

To an extent, this is already covered by the codes of conduct required by
institutions such as the ACM, IEEE, IET, BCS and so on. I wonder if they will
step up to the plate and enforce their codes of conduct (and if necessary,
update them in light of recent developments).

Also, employers do not normally require their programmers to be members of
these institutions, and the level of membership is very low. I wonder if this
should change, or if we should set up a new institution for this specific
purpose?

------
androtheos
I would love to have been a fly on the wall when the director of the NSA is
meeting with the president telling him that the only way to ensure national
security against terrorism is to start these mass surveillance systems.

"Okay", says the president. "I guess if it's the only way then I'm sure the
people will understand it's in their best interest" _slight chuckle escapes
his lips at the end_.

When it should have gone something like this.

"Bullshit! I will not sacrifice the freedoms that are the foundations of
America, simply to make your job easier on you. If you can't do the job
without destroying the very freedoms you should be protecting, I'll damn well
find someone who can!"

Director of NSA: _while stuttering_ "Well actually we could work together with
the CIA and FBI as well as foreign intelligence to garner the necessary intel
that would give us actual probable cause to start monitoring someone by legal
means with a warrant and everything."

------
frob
I am so very proud to be at UCD right now.

~~~
dandrews
I'd be interested in your (and Rogaway's) take on the UCD pepper spray
incident, then.
[https://www.youtube.com/watch?v=yjXcaoEAkq4](https://www.youtube.com/watch?v=yjXcaoEAkq4)

~~~
fnordfnordfnord
US Davis paid a little over $600k to the 21 students and fired John Pike.
According to SFGate the students will receive about $30k each and a written
apology from the chancellor. The ACLU will get 250k for representing the
students. That sounds like a reasonable outcome to me.

[http://www.sfgate.com/bayarea/article/UC-Davis-pepper-
spraye...](http://www.sfgate.com/bayarea/article/UC-Davis-pepper-sprayed-
students-settle-3896116.php)

~~~
pekk
The reasonable outcome would not have included the pepper spraying of unarmed,
seated, peaceful protesters in the eyes. Please don't whitewash this.

~~~
swombat
Shit happens everywhere. How you deal with the shit after it happens is what
separates the scumbags from the good guys.

Would we be so upset with Obama if the response to the NSA revelations was the
firing of the NSA leadership, a solid investigation of wrongdoings, firing of
those found to have been guilty of abusing their powers, and reparations to
those wrongfully convicted under evidence unlawfully gathered by the NSA?

~~~
jacquesm
I'm not going to hold my breath for that but it would be a very welcome change
from the current responses.

------
asgard1024
Where can I sign it? (Would love to, although I am a mere non-US programmer.
He should turn this to a petition.)

------
JonFish85
So presumably the author is OK with whatever surveillance the UC school system
has? Unless the U.C. school system doesn't have network monitoring installed?
Is he OK with with students torrenting terabytes of information of
questionable legal origin? Because I guarantee that the UC IT department has
some sort of network surveillance going on. Scanning emails, possibly.
Monitoring bandwidth usage by specific MAC addresses. And probably much more
than that.

------
aet
Will this department stop taking DoD money?

------
maxk42
Amen.

~~~
pekk
An appropriate response, since the politics of this have taken on such a
dogmatic, black-and-white quality. In the same thread: calls for McCarthy-like
blacklisting of programmers based on ideology. Never any nuance in these
discussions: either say 'Amen' or Burn in Hell.

~~~
etiam
"The hottest places in Hell are reserved for those who remain neutral in time
of great moral crisis." — Dante Alighieri

~~~
porkpiehat
I get that as a quote this is relevant, but if I don't know who Alighieri is
or what he did, this seems like an unsupported moral assertion. Obviously it
struck you as memorable.

But would you really claim that the person who does nothing is _worse_ than
the one who actually perpetrated crime?

~~~
brohee
Avoiding ridicule is just a Wikipedia entry away...

------
bengrunfeld
Like everyone, I've read a lot about the aftermath of Snowden's disclosures.
This is the first time I've read an official condemnation from an industry
leader. Amen.

~~~
chopin
Bruce Schneier is pretty bold as well.

~~~
hannibal5
He joined EFF Board of Directors this year. He has clearly changed his tone
after Snowden leaks.

[https://www.eff.org/press/releases/renowned-security-
expert-...](https://www.eff.org/press/releases/renowned-security-expert-bruce-
schneier-joins-eff-board-directors)

