The same is true here of private messaging. Governments got used to being able to read our messages. They have come to rely on it. And so now they want to make it illegal for us to keep them out.
I guess what i'm saying is: We ought to be extremely careful what we allow our governments to get used to doing. There is an argument to be made that the original sin here was allowing wiretaps at all, even when the medium was un-encrypted.
After WWII, the US imposed a constitution on Japan. Here's Article 21: "Freedom of assembly and association as well as speech, press and all other forms of expression are guaranteed.
No censorship shall be maintained, nor shall the secrecy of any means of communication be violated."
All wiretapping was illegal in Japan until 1999. Even today, it's very rare. 40 wiretaps in 2017.
> All wiretapping was illegal in Japan until 1999.
So, at the end of the day constitution is just some document that holds no real power and can be violated once those in power are no longer interested honoring it.
And this is the primary reason for people to have encryption. It's not to protect from some random wannabe hackers, criminals or corporations (which the government can enforce laws against), it's to protect from the government itself. This is why media conversations sound weak and incoherent about encryption and privacy, they are afraid to talk about the biggest reason, don't want to openly and directly oppose the government and instead choose to entertain and dance around all those manufactured ideas.
The main point often raised around the right to bear arms is that, as currently interpreted in the US, it comes at a steep cost in homicides and suicides.
Encryption doesn't really have comparable collateral damage in society.
There's the whole "but terrorists and pedophiles will hide behind encryption" argument, but even if you granted that and could measure the impact, there's little chance it would be anywhere near equivalent to 30 000 deaths annually.
So: a more nuanced version of this argument would point out that there's little to no harm from allowing widespread strong encryption, whereas there's widespread demonstrable harm from allowing widespread firearms.
To compound this, the reverse harms - lack of privacy / security on one hand, strict monopoly of force on the other - are hard to compare. Both have the potential harm of leading to unchecked tyranny, along with the potential benefit of maintaining national security and civil order; depending on which side of the debate you're on, the tendency is to downplay either the harm or the benefit and exaggerate the other.
Any reasoned comparison here ought to take into account that the tradeoffs are clearly different.
How does that square with Japanese censorship of pornography?
what decides which way their motivation swings, legally?
perhaps they, and others, shouldn't consider the lines between censored topics to be so vividly painted as 'indecent' or 'not'.
it's an issue that some of the most important law-shaping courts in the world have argued back and fourth about for years; the criteria for concluding what is or isn't indecent.
Then they can always find another way to make the same point.
>what decides which way their motivation swings, legally?
Society, courts, etc.
>it's an issue that some of the most important law-shaping courts in the world have argued back and fourth about for years; the criteria for concluding what is or isn't indecent.
Making a political statement in certain way is itself a statement.
"But advocating it is still legal" would be no more valid an excuse than making displaying or depicting police misconduct illegal but nominally allowing advocacy against police misconduct. The point of censorship is enforced ignorance to maintain control.
Now they have to be more careful.
Are you sure you appreciate how many criminals got convicted because their phones have been tapped?
Does your stance against lawful surveillance also mean that law enforcement must never try to look into a suspect's seized phone or computer?
But, ultimately, the security and safety of the American public is served best by actually using software and services that are safe and secure. When the Federal government works against that they are undermining the security of the American public.
It's not very complicated. The interests of the government do not align with the interests of the American public.
And if you really don't think surveillance should be completely outlawed, as it was in Japan for a time, then you don't have any basis for disagreeing with me.
Well, Jakuza could find 50000 ways to bypass the "police listening".
Tapping telephones had not really helped thwart Latin/Central American drug dealers (which got 10x as big and dangerous from when wiretapping was far more difficult).
Heck, in Italy, where the state could quite easily wiretap anybody, has a much bigger "Yakuza" style problem...
Plus, a state can always get warrants and tap when it's needed, e.g. for suspected or known Jakuza members, without having to do it for everybody...
Wait, but this sub-thread started with "all wiretapping was illegal" - so it was not only warrantles wiretapping that was illegal, if I understood it correctly.
Fun Fact: Central American cartels have indeed switched to communication channels that are harder to intercept. And boiling down such a complicated issue as cartel violence to a simple issue as phone surveillance is at best dishonest.
Well, if one can't use basic common sense, and instead believe that just because wiretapping was illegal, criminals the Yakuza casually talked in normal phones and didn't already use burner phones, code words, walkie talkies, etc, I don't know what is left to argue...
Which of these basic facts are you disputing?
Why won't you hand over your passwords if you have nothing to hide?
By all means, try. A warrant authorizes the attempt; it does not guarantee the outcome.
And both surveillance and the seizure of evidence are routinely the key to convicting criminals. Outlawing court-approved surveillance or even seizure of evidence makes basic laws, like against homicide, much less enforceable.
Well, they also liked that other policy, that suspected Yakuza members can't just be shot on sight -- but had to be arrested, go through trial, etc.
Bad guys liking a policy and the policy being generally bad is not the same thing...
I did not imply anything with that statement but the pure and simple fact that the Jakuza has at least one big extra problem to deal with since police are actually allowed to tap their phones.
And you could also be more honest by saying that total privacy is more important to you than a significant portion of criminal convictions. I don't think that's a good tradeoff.
I seriously doubt it is a problem for them, much less "a big one". What kind of amateurs speak openly on their regular phones about covert action, whether it's legal or not to wiretap them? Besides the fact that the police could be listening in (illegally, but still routine in most of the world) to get useful tips (and use them, just without expecting to use the recordings in a trial), rival gangs could also listen in on their plans, and so on...
>And you could also be more honest by saying that total privacy is more important to you than a significant portion of criminal convictions
Considering that Japan is perhaps the safest countries in the world (and was for decades while wiretapping was not allowed), and the US and UK with dead easy access to wiretapping warrants and mass surveillance are of the worst western countries in regards of crime, I don't think there's that much to teach the Japanese with regards to getting more "criminal convictions"...
Sorry, but this is not a fact based argument any more. You are somehow trying to convince me that, despite all evidence and data, wiretaps are useless in prosecution of criminals. I'm not having that, anymore.
I point this out not because I disagree with your baseline position that privacy is valuable. I don't. I point this out because i believe that arguing for it on the basis that government feelings of entitlement are somehow less legitimate than the feeling of entitlement of non-governmental constituencies is not going to be an effective strategy because it's based on a false premise.
The constituency hasn't changed their views. The politician was still elected on the same platform. But they no longer serve the constituency.
I can well-understand the feeling that the government is a separate entity, and behaves differently.
It may be military lobbying; but even then it seems a little strange that absolutely no progress gets made on issues that seem to have a remarkable amount of support from what must be most voters. People voting for humanity or economic reasons would agree that endless overseas wars are a mistake - that catches most voters. Realistically it should even catch the imagination of the foreign policy people; power projection is one thing, but killing foreigners doesn't put America in a great place for the next generation.
It would almost be more helpful for politicians to honestly state why they keep flipping their positions rather than sending another smooth-talking politician in to see if they flip. Surely there must be some equilibrium where less people die but all the insiders are happy.
I would understand to a certain extent if the national intelligence briefing informs the politician of a dozen programs that are reliant on the premise and have prevented x number of attacks and so on.
But I've seen politicians flip completely after a single 20mins meeting. From fiercely against to fiercely for. For those cases, I've held my judgement, because I don't have a non-insane answer for why this happened, but everyone involved is presumably a somewhat-logical human being, and people don't let go of beliefs easily.
 https://i.imgur.com/xhYCQh4.mp4 (from https://www.nytimes.com/interactive/2019/10/06/opinion/incom...)
Lately, I've been thinking about what's happening in HK, and how the protesters were pulling down facial recognition towers. Without that, the social credit system is crippled (a bit). If enough people made it their business to take down a tower, here and there, with enough frequency, the govt would probably find a way around it but, still, that big, powerful government weakens when the right/wrong citizens get together.
And even when the govt says no masks are allowed, there are ways around that, too 
1 - https://www.reddit.com/r/specializedtools/comments/ddu3eh/ho...
I am not arguing that. I was explaining the process by which the feeling of entitlement arose. The argument for the legitimacy of privacy rights is one I assumed I didn't have to make at all in this venue. I suppose we could have that debate if you want, but I was not trying to make that case here.
If we assume as an axiom that privacy is a right, the question then becomes: how do we structure our governments and public institutions to protect those rights? And one answer to that is to be more intentional about which invasions of privacy we allow than perhaps we have been in the past. With the foreknowledge that governments and institutions will come to depend on any access they are given.
But you can't assume that. For everyone who thinks that privacy is a right you can find someone else who thinks that safety and security is a right. Neither of these follows from the laws of physics. Which one ends up being a right (or which one ends up being the more "fundamental" right that ends up trumping the other) is a function of what we as a society decide.
So you can't win this fight simply by standing up on a soap box and proclaiming that privacy is a right. You have to come up with an argument for why losing privacy is a greater evil than letting the bad guys get away.
It’s the governments duty to uphold that right whether they can read communications or not. A right to security absolutely does not mean no right to privacy. That’s a false dichotomy.
You can't strip away people's privacy without violating their safety and security in the process. These positions are not in conflict.
And "society" doesn't get to decide what is or is not a right. Individual people decide that for themselves.
In the end these possibilities are always given by voters, and they can only be taken away by voters.
In the end, decisions are taken by a republic. If this republic doesn't serve its constituency, there isn't much the constituency can do apart from waiting for the next term and then vote for the second most popular party.
This is well examplified by the fact that protests are still a thing in countries thought to be democracies. Historically, protests are a tool against dictatorships. If citizens had proper democratic agency, they would not have to disrupt their own country's economic activity in hopes to bend their leader's arm. It's a very inefficient and fuzzy decision-making mechanism.
That's why the proper term for the current popular government system is "democratic republic", not just "democracy". An actual democracy on the scale of a country would be way more complex than what we have now. It would probably be closer to the economic market in terms of complexity. We might get there one day, but calling our current systems "democracies" is proper newspeak.
In fact, it would be exactly the economic market. The ultimate form of democracy is 100% economic means ("vote with your wallet") and 0% political means (force).
There is not.
How likely is it that an anti-surveillance candidate also happens to satisfy more than 50% of voters on aspects other than surveillance?
Since surveillance is low on the list of priorities of most people, it's a rational choice for them to ignore the candidates' stance on surveillance while choosing their preferred candidate.
As such, the stance of republican leaders on low-interest, non identity-defining aspects like surveillance is mostly unaffected by democracy.
What do you think "constituency" means?
They also exist to serve themselves.
That is not their purpose but that is what ends up happening with most institutions.
For me it feels too easy to say "the government" has no legitimate interest in intercepting communications.
This isn't actually true, though. It may be essential to enforcing the law at the level we have come to expect. But that is sort of my point: whatever governments are given, they will come to depend on. Once a capability has been granted them, it can never be taken away.
For instance, let's say someone builds a mind-reading app, that records everyone's thoughts so we all have cool thought journals. Of course it needs to store these journals in the cloud, because why not? This will immediately be used by law enforcement to prosecute crimes. And why wouldn't it be? Everyone's thoughts are literally right there for the taking, sitting in an AWS datacenter somewhere. Once this becomes the norm, it'll quickly be made illegal not to journal your thoughts, using the exact same reasoning you just elaborated. It will have become essential to the enforcement of law that police have this tool. And the people saying that will be right - the removal of that tool will represent a degradation in law enforcement capability, no question about it.
We just have to decide which kind of society we want to live in. Sometimes the price of freedom is more crime. In a democratic society, it's up to us to choose how much of each.
This is a meme that keeps getting repeated by proponents of dragnet surveillance, but they're all palpably quiet after each terror event. Because it wasn't caught despite perpetrators already usually being persons of interest and subject to said dragnet surveillance.
We are far past the point of diminishing returns in terms of counter terrorism efficacy vs. surveillance cost and impact. 'Think of the children' and 'think of the terrorists' are quantifiable, provably, bullshit arguments.
There is a very real cost to widespread surveillance, including financial. You can't justify that cost with preventing maybe 1-10 deaths per year when the same marginal increase in healthcare resources would save 10k-100k per year.
The number of 1-10 deaths per year is completely ridiculous. And distorting the fact that law enforcement is not just about preventing terrorism. Can you count the number of cases where criminals have been convicted because of surveillance?
I don't think you'd like a world where criminals can evade any surveillance just by outlawing all of it. You don't even need to think about drug traffickers, terrorists or pedophiles. Just think about all the "unorganized"/private murderers that have been convicted partly because of telephone recordings or, yes, text messages.
There could be no verifiable data on how much is that. Maybe many, maybe none.
Yet the facts are: terrorism is not a huge threat. There are few terrorists, even fewer successful ones. It's three times more chances of getting killed by a lightning strike here in Europe, than by a terrorist.
Another fact is: the vast majority of people are good decent people, who behave well and not blowing up planes, shooting jews in synagogues etc.
Hence, the surveillance measures taken to "prevent terrorism" have costs vastly surpassing the benefits, since the majority is suffering for the sake of (allegedly) diminishing of already tiny numbers  .
Not to mention the increase of risk of waking up in a totalitarian state.
On the other hand, we will suffer horribly under an authoritarian panopticon if it is able to come into existence.
Surveillance powers that are introduced to fight terrorism or child exploitation end up in the hands of local authorities for their war against fly-tipping and dog fouling.
Unfortunately historical precedents shows this to be false -at least to an important degree- meaning this power will be abused and misused: FBI controversies abound, from covert operations on political groups (e.g. Martin Luther King) to more recent investigation into misconduct at the DOJ and FBI over its probe of Hillary Clinton's private email server; in the same vein 85.000 law enforcement officers have been investigated in the last decade for misconduct, as noteworthy the time the LAPD (Los Angeles Police) helped fuel the crack epidemic, or when the FBI mistakenly relied on wrongly classified DNA evidence during 25 years (involving 268 cases), historically some of the strongest racism USA has seen was from the police itself when Harry Anslinger as head of the FBN created the war on marihuana specifically to target black people, famous for saying "This marijuana causes white women to seek sexual relations with Negroes, entertainers and any others."
Transgressions about such limits don't somehow make it untrue that many criminal convictions in all sorts of areas are based upon entirely lawful surveillance. I don't think there is any solid argument society would be safer if all such surveillance was deemed illegal.
To allow digital surveillance is to allow the government into your head and our children's heads.
It stops here.
The only benefit to an average user is that no Facebook employee can look at your text messages. Law enforcement agencies don't look at text messages of average users, and even in the collect-everything scenarios, they don't take notice of virtually anyone, on average.
It's really mostly the criminals that benefit disproportionally from default encryption in facebook messages.
From the perspective of US law, you might not want LEAs to read your text messages, but even if they could, they can't do anything about it even up to threatening them. Free speech in the US is pretty limitless, up to the point that such speech infringes on the rights of other people or endangers them.
There is no better way to define "criminal", despite all the shortcomings.
> Free speech in the US is pretty limitless, up to the point that such speech infringes on the rights of other people or endangers them.
The US Constitution explicitly makes calls to violence illegal.
Um, no it most certainly does not.
If an effect can be isolated to being caused by WhatsApp going dark that would help qualify how essential these warrants were to preventing and/or prosecuting crime.
It’s easy to bend statistics, but it would be better than nothing. Right now it feels like we have to take the government at their word when they say this is an important thing they need, with the only evidence for that either being “we used message warrant evidence in court so it must have been critical, right?” or “think of the children!”
The war on drugs and the war on terrorism did no net good. Saying we need to give up our freedom so the government can continue doing those things is naive at best.
The biggest problem (and my understanding is that it's much more widespread than the others we hear about) is the sharing of child abuse imagery.
I think these governments and the EFF are both being willfully blind asses here. Governments don't see that their people don't trust them to have sound morals (because of their shitty morals) and the EFF is so laser-focused on privacy that it wants to wave it's hand about child abuse as the lesser of two evils.
Someone needs to come up with a system that doesn't offer shelter to paedophiles, soon, or their going to lose the argument in the eyes of the public (and then legislatively).
I don't think it's possible to do both of these things, so I think we're ultimately going to lose the argument. Would be nice to be surprised though!
E2E encryption, for all it's many benefits, does allow bad people to do bad things with impunity. Turning a blind eye to that because we want the privacy benefits isn't going to fly forever, and the solution that non-tech-savvy legislators will come up with if nothing is done will invariably be much, much worse than anything we can think of.
I'm not for legislation against end-to-end encryption. But Facebook does have to answer those questions about its policy. They will also have to answer for cases, where predators go free because the texts to their victims can't be recovered...
No easy answers here!
If privacy doesn't exist anymore, then the inheritors will receive a level of power they have never had before. They will be unstoppable. We will reach an end-state of cultural-political development where the inheritors will no longer be challenged. We have had dark periods of time when inheritors have ruled for long periods, ancient Egypt with mass enslavement for example. Without privacy we will reach an event-horizon of wealth inequality, and no political counter-movement will be able to take root to challenge it. We are seeing the beginning of this in Hong Kong, we are seeing it in an uncompetitive pay-to-play patent system, in an increasingly monopolistic corporate environment, in increasingly uncompetitive marketplaces in dark pool trading systems, and in Apple/Microsoft/Facebook/Google/Amazon app stores and tech markets.
The threat to privacy is the greatest threat to progressive civilization we have ever encountered IMO.
“And nine rings were gifted to the race of men, who above all else desire power. […] But they were all of them deceived.”
“Smoothing out the ravages of the business cycle” indeed. What Mr. Ruby ignores, and what the text devotes many verses to emphasizing, is that central planning of the kind undertaken by Joseph and Pharaoh ultimately leads down a Hayekian “road to serfdom.” Here, what starts as a grain shortage brought on by natural cycles in the east wind and the Nile’s ebb and flow is leveraged by a government with authoritarian ambitions to utterly enslave the people – better yet, to have the people beg the government to enslave them! This much is clear: the more the coercive power of the state is deployed in the name of preventing individuals from making bad decisions about how to arrange their own sustenance, the greater will be the eventual loss of individual liberty."
It's a source, whether you deem it credible or not.
What other way does a central authority coordinate a basic income to a large population? Well, if they're on the roster and they have the documents, they get their share of the harvest.
I’m having a hard time understanding your implication here. Wouldn’t the inheritors want more privacy as that would lessen the visibility of their actions and those involved?
For themselves - not necessarily for others. And when privacy is invaded, only the powerful get access to the resulting information.
There's also the matter of who needs privacy - the loss of it hurts those without power to defend themselves more. E.g. Hong Kong protesters are rightly worried of being identified.
There is an assymetry because the procecutions under these laws will not be as effective against of those who have the means to defend themselves against them (basically money and influence).
Also the loss of encryption will probably not affect all means of communication but getting mass-appeal apps like FB and WhatsApp to forego with encryption means most people would then easily become 'surveillable'.
At present, a new item in the news cycle is a 2nd whisteblower coming forward about Trump - Ukranian things.
This person is apparently being represented by the same lawyers as the 1st person.
If (all) encryption becomes subverted, that law firm would have no effective way to store and/or communicate details digitally. Back to pen-and-paper records, only meeting in person in (eg) secluded locations, etc.
The majority definitely couldn't judge merits, since avg Joe knows nothing about surgery or economics.
The institutions couldn't regulate themselves as well, since this leads to corruption, where the most politically active are getting to the top and starting to regulate on the loyalty basis. We need external checks and balances for institutions as well.
We can't have a meritocracy without an external authoritative voice judging, what's the merit. Hence any meritocracy or even technocracy applied is ended up being a authoritarian, ineffective corrupted mess. We had this in soviet union, we had this in china.
The idea that people should be judged by merits and the best scientists, academics, writers should be at the top ended in soviet union with the distortion of the very notion of merits and values: careerists got to the top and ruled out actual smart people, turning institutions into corrupted mess.
Most of the accrual of wealth in the 'meritocratic' system also goes to the inheritance class - in your example, see a shitty sword and think you can do better? Get a world-renowned swordsmithing coach, have the finances to work at it all day for however long it takes, import the best materials, buy the best workshop, then reap the rewards - all while talking about "your hard work and dedication" and claim everyone else could do it too.
It's total, and utter, bullshit.
Meritocracy is a lie, but it's sold as a feel-good truth: you could just come from the ghetto, work hard, and by gosh, be successful! Of course that isn't the way it plays out almost ever - we tell ourselves that the supremely rare few who it does work out for could be everyone else if they just WORKED HARD. It's a LIE.
Meanwhile, we've accepted this disgusting fiction, and we place the blame squarely on REGULAR PEOPLE - any system that requires you to be exceptional to succeed (or even have food security!) is a failure, but one that cloaks the actions of the inheritance class as "merit" (as they are best able to, of course, "compete" - with coaches, perfect nutrition, educational trips, etc) is MORE insidious and evil - and it doesn't actually displace that same inheritance class!
The technically literate, ironically, eat that meritocratic shit up for some reason. The same people who built surveillance capitalism, destroyed the poor with the "gig" economy because it always "seemed to work for them!", built
the methodology of tracking everyone's persuasions and beliefs online to be used for propaganda or ethnic violence, who repackaged sub-prime mortgage suffering as a "data science" problem.
Tech people, especially those who believe in "meritocracy", are so painfully blind, they don't even understand that the wheel will come around for our skill set - we're in a weird period of history where our technical skills are extremely profitable. Rather than making the world better, we've caused the kind of damage that drives a stake in the heart of our very society. Very Promethean.
If we were as wise as we were smart, we wouldn't be here - we're the brightest fuckwits in the whole world.
Just one example is worth having a meritocratic system, IMO. (Btw, meritocracy isn't based on hard work, just on output - whether it's genetic, or a result of effort, or whatever is irrelevant.)
Even with all the trash I listed about it? It's a lie and a shit belief.
Of course it's a roll of the die. Of course you might end up with a cretin or a criminal. Of course it's made worse by inbreeding which comes with inheritance. But it's still the best roll of the die you have.
These can be objective metrics. They can be measuring pretty much anything you want, and you usually find a way to get better at it.
I think finding the right things to measure is the most challenging part, almost because of the fact that you can usually 'game the system'.
But to deny merit completely or find it in contempt is in my unearned opinion, a fear response in denial of the massive amount of skill a small but influential number of people develop in all sorts of endeavors.
It should be as clear as day that an attack on encryption is an attack on the values of America.
This is the tact that should be taken in the conversation - is the attorney general so anti-American as to request this?
You could still route around it with software if these components are indeed compromised. Random number generation has always been a hot topic and a problem for deterministic machines, but I doubt there are usable hardware exploits to crack modern encryption.
It could be viable for industrial espionage where systems are even more uniform and it is imperative to keep an eye on that topic and hold hardware developers accountable.
Plus, flawed implementations can open up side channels; this seems like an endorsement of Facebook’s implementation in that sense.
Correct. AES or something is also not proven secure, we just don't know of an efficient attack on it. Since loads of people tried with significant resources, since there is often parallel discovery (so if the NSA discovers a flaw, it's likely that someone else figures it out as well), and since an algorithm is usually weakened before a complete break is found, the security community is quite sure it's secure. But it's not proven or certain.
Quote "Claude Shannon proved, using information theory considerations, that the one-time pad has a property he termed perfect secrecy"
Unless there is some fundamental hole in our understanding of physics, including thermodynamics and quantum mechanics, HRNG are the best source.
Using cryptographic ciphers for pseudorandom functions can be catastrophic, as seeding them correctly is a problem. (You still need some entropy from outside for seeding)
Of course, using one time pads is not really practical either.
On HN and at EFF we all diagnose the problem correctly, but the solution requires a platform to coordinate everyone. This platform currently does not exist. And it must be open source, permissionless and work across domains. If you want, come join me in making it. (Yes, scuttlebutt, matrix, mastodon etc. exist but they are not mainstream. SAFE network is probably the best design around, but they never even release it.)
I already went ahead and put about half a million $ of our company’s revenues into building this platform. We have to go the other way — get people to use it first, like they do Wordpress! 34% of all websites now. And then attract developers.
We designed a crypto ecosystem for it to incentivize people to participate: https://qbix.com/token
This is not encouraging anyone to buy anything. Just information about what we are working on. I feel like very few people will get what we are doing until it’s ready: liberating people from giant centralized corporations and giving them control and choice. Like Linux and Wordpress and the Web did.
Contact me if you’re interested to contribute to this platform or use it for your own web projects like you use Wordpress/Drupal (greg at-symbol and then qbix.com)
If democratic governments want to force Facebook to keep files on their citizens for law and order purposes, pass a law that says that explicitly.
This whole “nice social media business you have there, would be a shame if something were to happen to it...” is extra-democratic bullying.
If a government wants to limit your free speech it will do that, no matter the technology. In western society, the defense of free speech has to be done in the open, and through the democratic process.
Lack of end-to-end encryption in Facebook does not affect anybody's free speech rights. Not even in authoritarian countries, because those will just block facebook if they can't crack it or haven't already.
Encryption has absolutely nothing to do with free speech as long as you are in a jurisdiction with an actual right to free speech. If you aren't, well, good luck convincing those authorities.
Also, a right to free speech does not entail a protection from all consequences of such speech, only from those consequences a government can dish out.
1. Younger generations develop colloquial terms that the older generations don't understand. This allows the younger generation to communicate more freely.
2. Highly specialised positions develop "jargon" which, although arguably allows more accurate and concise communication, also allows elements of protectionism and in-group gatekeeping.
Both of these examples are more complex than just "To conceal ideas and thoughts from the enemy", but it's definitely a motivating factor in language evolution.
EDIT: An interesting article that may aid in further research: https://www.theguardian.com/media/mind-your-language/2016/ap...
Of course, they don't really care about child exploitation. They are cynically using the issue as a pretext to preserve and normalize a massive expansion of their power.
The DOD budget is $617B. The entire DOJ budget is $6B, with about half of that allocated to law enforcement. I'm not sure precisely how much of that is spent investigating child exploitation, but the DOJ doesn't view it as a high enough high priority to even mention it in the budget. A couple of highlights:
- $295 to fight the opioid crisis. How successful was the drug war with the ability to tap phones again?
- $486M for violence against women programs and $45M for victims of human trafficking. Maybe next they will tell us that reading our messages and snooping our video calls will make women safer.
[Edit: Also interesting, the FBI's nearly $10B budget request. The budget request doesn't break down the spending, but it does include a section on crimes against children almost at the very end. They highlight their recent investigations have led to about 1000 arrests. The FBI's stated top priorities do not include crimes against children.]
I'm not saying that this is a good reason to stop Facebook from implementing this. But there is no question that it is going to make the lifes of a lot of criminals a whole lot easier.
We may imagine criminals, especially the semi-organized ones, to be experts in cryptography or at the very least covert communications. They really aren't. If they can just use their usual facebook accounts, they'd really appreciate that.
I'm not saying E2E and encryption of data at rest doesn't benefit these scumbags. It does, no doubt, and that's exactly why the tech savvy ones use them. I'm saying that inexpensive computers, digital cameras, and broadband internet also benefit them, but these things are also an enormous benefit to us all.
I'm not willing to give these things up because some bad guys use them. It's fair to ask if the trade off is reasonable. Assume those 8000 incidents are all different children and different predators and none of them are iffy/false positives. (not likely) Assume 1 billion people used FB to send a message during that time. (a low estimate) Is it weakening the security of 125,000 people for each one of these bad guys? Why should 999,992,000 people have to go without for the sake of 8000?
To those who think that the many should have to suffer for the few, I ask: Where does it stop? For example, Should all digital cameras be required to upload photos to the police before allowing the user to see them? That would certainly help the police, wouldn't it?
The slippery slope arguments are as stupid here as they are in gun debates. Not making encryption the default for text messaging, thereby leaving a chance of court-ordered disclosure, is not remotely comparable to total surveillance.
But I guess that's not the kind of distinctions the audience here is going to appreciate, is it?
Yes they do. Ambitions tend to grow with opportunities. That is especially true for government, you just have to look at China and other regimes.
Your personal conquest against crime doesn't justify compromising security.
A government needs both the technology and the will to overreach. And you are talking like western democracies, are, well, not democratic. That would be the only reason to fight over the technology, and not try to fight over the will (i.e. legislation) to do harm. And it wouldn't work, in that case, either, because "the government" is always the one with the power. If someone else is more powerful, then that's the government.
You are ignoring the inevitable "mission creep" once a backdoor is allowed. Reasons for granting a warrant will become more numerous and more trivial.
You are also ignoring the fact that backdoors will eventually be used by criminals. All it takes is one corrupt, blackmailed or incompetent employee to grant access to someone who shouldn't have it and the security of everyone's data is gone.
The going dark alarmists claim (excuse me for being a bit off, I'm on mobile and don't want to double check) something like 12 million incident reports from Facebook pertaining to some 40 million images. Sounds big. But then again I could counter with a reasonable guess of 10 messages per user on average for a staggering 10 billion private messages at risk.
What the FBI doesn't like to admit is that our security track record isn't great. We've had a lot of huge breaches and they aren't going to stop any time soon. We do not have and are not going to have 100 million creeps trading kiddie porn, but we have certainly had data breaches of that scale already. We don't have any great techniques to secure databases like Equifax or OPM, but we can effectively mitigate the threat of mass breach of our private communication. The FBI says it has technical experts who assure us backdoors won't put us at risk. Well just last week we see yet another vulnerability in Signal that allowed an attacker to turn this tool for privacy, designed and built by world class experts, reviewed by world class experts, into a remote listening device.
Is having 10 years of private messages made public 1/100th as bad as being raped? 1/1000th? 1/10000th? Multiply by a by 100 million or a billion and we're talking about a lot of hurt. It's uncomfortable to have to compare such things, but we really have to think about these trade offs.
I wasn't trying to make the slippery slope argument, though I see how it could be read that way. I'm raising a question of ethics: Is it justified to require all of us to record all of our in person conversations? If not, then how is it ethical to demand we do the same with the modern electronic equivalent? This isn't theoretical. We're already pretty far down the road of replacing our in person contact with the kind mediated by other people's computers.
Finally, and this is a bit of a tangent, I also point out that even if our communication was perfectly secured end to end, the minute details of our lives are more recorded and accessible to law enforcement than ever before. We carry cell phones that record our locations, pay with credit cards that record what we buy and where, read "newspapers" that keep lists of what we read, and so on. In that respect authorities have vastly more investigative power than ever before. Law enforcement likes to talk about balance, but it sure doesn't like to talk about that and goes the extra mile to keep it quiet with parallel construction.
It already exists. WhatsApp, Signal, OTR, etc. provide robust E2E encryption with a few clicks. Much of it is open source. Making it illegal only prevents law abiding citizens from using it, not criminals.
And you'd be surprised how many criminals don't know the first thing about encrypted messaging...
Other than that, you are making a classic straw man. I never argued against due process, nor do I think getting rid of due process would make children any safer.
Oh yeah. Forbid encryption, good idea.
I have another good idea to you: forbid bombs. If you forbid bombs, terrorists would not be able to use them.
And yes, prohibition and regulation of explosives does make it a lot harder for terrorists and the like to use it. In fact, many are caught in the act of procuring those. That would actually be an argument in favor of outlawing encryption, because then you could equally detect criminal activity by looking for people encrypting their messages.
Which I don't propose, because encryption is more broadly and genuinely useful than explosives or guns are.
These children don't have relatives who can or want to protect them, and that's the whole deal. Either the government enforces their rights, or they don't have any.
This is really not a hill limited-government activists should try to defend....
Human trafficking and the distribution of child pornography is a valid concern and distinct from familiar abuse. Just that you can only fight one of these issues through technological means does not mean you shouldn't.
It's existed at a huge scale for hundreds of years, child porn production soesn't noticeably bump the needle.
It would be nice if people could commit to seperating out the requests by shoolmates for naked pics of 17 year olds and requests by older men for naked pics of 10 year olds when presenting these stats. :/
As it is, information like this (and indeed most stats you see in public discourse) is useless for determining the scale of a problem and sensible public policy approaches.
Encryption, like any tool, can be used to do good things and bad things, stop blaming the tool for the user's behavior. Law enforcement agencies will need to adapt to that reality instead of using a blanket ban or backdoors into everyone's lives under the pretense that there are bad people out there and to think of the children™ excuse that has been used and abused over and over again.
Which other governments would you like to have a backdoor?
I mean, beyond the personal political opinion of Mark and shareholders, why would this company defy those governments?
(asking naively because I feel blinded by my opinion, I can't make a good strategic case for it, only a moral one)
Advertising, market segment/product substitution.
There's a pervasive idea that Facebook must be gobbling up your communication data and it's starting to weird the general public out. It's very common to see people discussing how their phones must be recording for Facebook because they said something near their phone and then they saw a Facebook ad for it. Making a big publish show of fighting the government over whether messages can be intercepted at all provides the kind of advertising that money can't buy.
Also, there will likely always be some subset of people who are more technically savvy and care more about their privacy. These people tend to also set technical trends for the rest of the population. People may leave your platform for being too insecure, but nobody is going to leave your platform for being too secure, so build a secure product and target both market segments. This will give you a larger market, and will also deny your competitors the opportunity to grow by luring away a subset of your users by offering what is to those users a superior product.
So when companies like Apple are offering great security, people are scared Facebook is reading their conversations, continuously tracking their location, and listening to their microphones.
It would also let them avoid inevitable articles such as "Facebook helps Beijing/Erdogan/Putin spy on protesters". I'm sure an executive could argue those drive away some users.
Not big on shadow world gov conspiracy theories but that seems rather...strange
Some governments will eventually try to shut down such services.
I'm sure those predators would appreciate "secret" Facebook messaging. They'll probably tell their victims that nobody can ever see the pictures they send "secretly".
I thought civil liberties was about fine tuning the scope of the government's power from sweeping in innocent citizens. EFF doesn't attempt to suggest a statute to do a better job in these areas. It lumps together a complicated subject.
They appear to believe any reason the government has to want to access E2E communication is illegitimate.
> Facebook and others would face immense pressure to also provide them to authoritarian regimes, who might seek to spy on dissidents in the name of combatting terrorism or civil unrest, for example.
It's blocked in China. Russians use VK.
> Many people—including journalists, human rights activists, and those at risk of abuse by intimate partners—use encryption to stay safe in the physical world as well as the online one.
If someone's safety was at risk, why would they be on Facebook at all though.
They sell their data in bulk. Maybe what you really want is a GDPR-like assurance as a consumer.
> “enable law enforcement to obtain lawful access to content in a readable and usable format.”
It's public information this is already done by large companies.
Why not make this into a conversation about who can access the data, for what reasons, and what threshhold of proof is needed to minimize the sweep?
> law enforcement and national security agencies in these three countries are asking for nothing less than access to every conversation that crosses every digital device.
Law enforcement and national security are not the same thing.
They're exacerbated by places like EFF that blur them together to get donations and keep laypeople running in circles.
EFF is supposed to be staffed with lawyers. The least it could do is help the public understand the intricacies.
Another problem is that correct strong encryption would work equally for nicest law-abiding citizens and for vilest criminals. But there are other numerous efficient means to fight against criminals, even if the encryption is available to them. For the law-abiding citizens, there is no reasonable way to stay safe in many areas, such online financial transactions, if the strong encryption is not available.
Full disclosure: I donate yearly to the EFF, this is just food for thought for those who support the EFF and not the NRA like I do.
But I just want to say it's disappointing that you're being downvoted by people because they disagree with you, rather than because you're not contributing to the conversation.
I think it's ok to use the up and down arrows to express agreement. Obviously the uparrows aren't only for applauding politeness, so it seems reasonable that the downarrows aren't only for booing rudeness.
It only becomes abuse when people resort to karma bombing: downvoting a lot of comments by one user without reading them in order to subtract maximum karma. Fortunately we now have several levels of software to protect against that.
Let's just recognize that they are ill-founded arguments coming from someone who has not grasped the basic points of the article, or the basic issues of what is being discussed.