Hacker News new | past | comments | ask | show | jobs | submit login
Privacy is ok (tbray.org)
306 points by TangerineDream on Dec 29, 2022 | hide | past | favorite | 225 comments



An unaddressed point: These things are usually framed as a change - communications are "going dark", law-enforcement is powerless, radical privacy-first ideology, etc...

But it's not a change - conversations were private-by-default back when they mostly happened offline (yes, a govt. agent could have been eavesdropping, just as they can still plant a bug or an infiltrator today), and encryption is just restoring what we used to have before conversations moved online and became vulnerable to cheap, bulk, covert surveillance.


I agree but I think that one important aspect that did change is the fact that the strain to transfer information privately did become less. Now it’s possible to set up an encrypted channel across the globe in an instant.


An important aspect of mutually authenticated encryption is that while your conversations are private they’re also verifiably yours. When law enforcement gets access to bad guys devices (or good guys and neutral guys, see US customs dragnet cloning of devices at the border) they know for a very high certainty you did in fact have those conversations and can verify cryptographically who you had them with. Layer on pervasive biometric authentication the story of chain of custody for a communication is even tighter. Again as you point out the math doesn’t care if this is good or bad, it just is. It’s a tool that works in your favor, you know with a very high degree of certainty that the other party is in fact who you think it is. But so does everyone who has access to your conversation know for a high degree of certainty you said those things.

I used to work for a company who advised you always apply the Wall Street journal test to what you write down in a communication - as you can never be certain it won’t be on the front page attributed to you. With mutually authenticated E2E encryption that’s doubly true.


According to https://en.wikipedia.org/wiki/Signal_Protocol#Properties, the Signal protocol provides message repudiation, so what you described doesn't apply to Signal, and probably not to WhatsApp either.


Except I specified the original devices are accessed, not that a third party intercepts.


That still only proves your side of the communication. (Which has nothing to do with the encryption scheme, just with posession)

The other side is identified by a phone number. "Don't use your own phone number" is fairly good advice if you engage in interactions that are high-value enough that anybody would both physically obtain a device and deidentify a phone number.

It certainly doesn't make you magically more identifiable than other message exchange mechanisms.


Only if you have both devices? Otherwise a random phone number that someone may or may not have anymore is not much evidence at all.

And if / when signal gets away from phone numbers, it's even less evidence.


Signal provides both deniability and authenticated encryption. This article has some good info on how this is possible:

https://www.praetorian.com/blog/an-opinionated-series-on-why...


Totally agree with this. Yes, with privacy it's hard to 'eavesdrop' on the bad guys, but isn't it allowed to whisper? Why should having privacy be ok in real life, but not when you communicate digitally? So far no one has offered an honest explanation why we must monitor everything online, usually it's about protecting kids or defending against terrorists, but is this really it? It doesn't convince me. I'm happy using apps like Signal and Tutanota, and I believe everyone should do the same.


I'm totally against mandated backdoors, and I am pro-privacy. But we should acknowledge that the communication environment we live in now is materially different than it has been in the past. The past ~15 years is the first time in human history it's been possible for humans to communicate (1) instantly, (2) across any distance, (3) with no possibility of eavesdropping (given the right software), and (4) via devices that are cheap and ordinary (i.e. expected to be owned and carried by just about anyone).

Again, I think the harm of mandating backdoors far outweighs the benefit, but imagine your job is to make sure people aren't organizing mass terror attacks. I think you can take a look at the above environment and get a little worried, in a way you wouldn't be about people just whispering to each other in-person. When we say "no backdoors," we are truly making a tradeoff.


> Again, I think the harm of mandating backdoors far outweighs the benefit, but imagine your job is to make sure people aren't organizing mass terror attacks. I think you can take a look at the above environment and get a little worried, in a way you wouldn't be about people just whispering to each other in-person. When we say "no backdoors," we are truly making a tradeoff.

I don't see the tradeoff, but just a very bad trade. Those who organize mass terror attacks will just find ways to evade the surveillance, while the masses will have lost their privacy.

On top of that, terrorists could also benefit from a general lack of privacy. Recently the CCC found a device on ebay that contains biometric details of Afghans. Conveniently, the Taliban already has compatible devices that the U.S. military left in Afghanistan. The entire population of Afghanistan was biometrically catalogued without ensuring that the data, as well as the devices cannot be abused by Terrorists.

The population has lost their privacy and on top of that, the Taliban now has tools that allow them to terrorize the population more efficiently.

https://news.ycombinator.com/item?id=34146283


He absolutely hits the nail on the head, wrt the reasons we can't have any type of backdoor -ever.

Hate to be the one to tell the global law enforcement community this, but, apparently, they seem to be entirely ignorant of it.

    People have been having untapped correspondence between each other since the dawn of language. That's THOUSANDS OF YEARS. Long before Signal.
All they do, is meet, or drop communications, in any of ten thousand different ways, to each other.

It could be a thumb drive, or it could be two people, idly scratching the dirt (one of the stories behind the Christian "fish").


> "People have been having untapped correspondence between each other since the dawn of language. That's THOUSANDS OF YEARS."

Well, not from Amsterdam to New York with less than a second delay, or to an audience of billions of people.

(I'm not judging about whether the creation of backdoors is good or bad, just saying that's a bad argument.)


Be nice. It’s not a “bad argument,” at all.

Like most of these things, it’s simply a matter of degree and scale.

“Less than a second” is just a fairly “fuzzy” quantitative statement, that can have many meanings, and can be scoped to encompass many datasets.

For example, in the early 1900s, the telegraph system allowed people to send “BLACK COW NOW” across thousands of miles. If the two parties involved, have decided that this means “The President is a Jackass,” then, congratulations, we’ve used cryptographic communication to send subversive, anti-government messages.

The telegraph system may take an hour or so (allowing for morse code translation), which is far less than the several months/weeks than it would take, via Pony Express.

Amsterdam to New York, might actually take a half a second, depending on latency, and whatnot. Amsterdam to the moon, might take an order of magnitude more. If we had quantum communications working, then that might be truly instantaneous.

Where’s the threshold? At what point do we decide that “the rules have changed?” Was Pheidippides an encrypted communication packet, when he delivered the news of the victory at Marathon in a few hours (he was certainly a “read-only” packet, as he dropped dead, after delivering the news)?

What about the Enigma machine? That was combined with radio communications, to allow highly encrypted data exchange.

Even with Turing, et al, what really gave us Enigma, was capturing a functioning unit on a German sub. It was a really tight system.

It should be noted that hundreds of people died, during the war, because we did not want to give away the fact that Enigma was cracked, and allowed several attacks to proceed without interception.

That's because we knew that, if the bad guys were aware that their communication medium was compromised, they would simply use another one, that we had not cracked (like the Navajo Code Talkers, on our side).

Sound familiar?

It’s really all just a numbers game. There's nothing new, here.


It never fails to amaze me how people are currently ok with effectively wiretapping communication, compared to how it was treated back when wiretapping was a thing. That you have the NYT blatantly publishing something this brazen while ignoring completely the repeated surveillance scandals in the last decade is mind boggling. I know I should be charitable but there's no explanation I can find other than they're trying to create a second "x man bad" with elon for the guaranteed traffic now that trump is effectively neutered and irrelevant.

Even during the heyday of the patriot act the mentality didn't seem this bad for americans, granted that could be my memory failing.


The only explanation I can give to all this is that the people just don't care. In fact, they are happy to trade away privacy and freedom for the illusion of safety.


>they're trying to create a second "x man bad" with elon now that trump is effectively neutered and irrelevant.

Where did you get that Elon and Trump here from?


elon is making a big stink(for whatever reason) about privacy and surveillance, going quite against the federal agencies that do it at least publically.

jack dorsey pledging a million per year to signal in the wake of these revelations is the entire reason the piece this is responding to exists.

trump outrage bait(and real things) was probably the single most guaranteed way to get traffic for these outlets

idk like I said there is no conceivable way I can think of why would the outlet publish such a piece otherwise


I’m so tired of this nonsense. Pre-Elon Twitter did an enormous amount to fight back against government data requests [1]. “Did” as in: actually brought suit against the government repeatedly, both to fight requests on behalf of its users and to expose them. Elon talked a big game about speech and privacy and then proceeded to fire the world class privacy team that did this work. That’s the reality of the situation, and it’s a disaster.

[1] https://techcrunch.com/2017/02/14/twitter-fights-for-disclos...


this is not a rationalization over what actually happened, that's a different discussion, but about current public sentiment over it. What drives the clickbait is exactly the inflammatory narratives and connections.


“…dangerous because bad people could use it to plan nefarious activities…”

My interpretation of the spirit of legislation like the U.S. First Amendment is that “bad people” is impossible to objectively define, so the price for freedom of speech is that sometimes there are “bad people,” and you just have to live with it.

I’m not sure I’ve really come to understand what is going through the minds of those who do want to police speech (and communications and association). Are they fools who cannot see where this leads? Do they believe that it will favour their interests? Are they just so easily frightened that they aren’t sold on liberty anymore?


The history of mankind is full of regimes we'd find now oppressive which did reasonably well. Britain ruled the waves and advanced the technology without a lot of free speech protections. Genoa, Florence, and Venice dominated trade, arts, and technology of the time without the idea of free speech.

Even the totalitarian Soviet Union has been a formidable force while having a powerful reality distortion propaganda field and censorship inside, and China rose to be and remains a powerhouse with the Great Firewall and tons of censorship.

Those people who prefer to err on the side of overdoing it while "rooting out evil" and stifling free exchange of opinion just care more about power. They don't mind a bit of oppression, because, you know, it's always against the bad guys, not them; they plan to always follow the party line (or even set it, the bolder of them).


Even if signal puts in a backdoor to allow wiretapping (and criminals) access the next thing that happens is someone makes another application that doesn't have it. Communication applications based on encryption aren't "hard" in the sense the maths is well established and a root of online business and a leaky system is worthless to businesses and many customers. Those that don't care will carry on with signal, everyone else will leave.


I'm in agreement with the conclusion but not sold by this explainer.

How do you sort jurisdiction, and how do you ensure Signal employees can't snoop are problems, but if I was intent on trying to find a solution to allow governmental snooping I would not just throw my hands up at them. It's not actually fundamentally impossible to make compromises here.

First, "how do you sort out jurisdiction?" isn't really a fundamental argument, it just sounds hard. And "Signal employees would necessarily be able to snoop" is plain wrong, a snoopable copy of each message could be encrypted such that it requires cooperation between parties to snoop: Signal itself plus sender's local and/or federal authority.

Sender's rough location or origin is compromised here, but Signal employees can't snoop.

You could also require multiple agencies with potential jurisdiction to cooperate in order to decrypt. If a federal agency claims jurisdiction they would need to convince both Signal and the local authority to unlock a message that the federal authority can then decrypt.

I have lots of concerns with such a scheme and I hate it a lot! But I think it I would not be at all convinced by this explainer if I felt we should strive for snoopabilty.


The problem is that if it is snoopable, someone that should not have access to the messages can get it. There is no perfect security but adding a backdoor on purpose makes it oh so much harder.


I agree with you, but if you're trying to convince someone who strongly feels governments should be able to snoop, you're not going to convince them by imagining the worst version of the backdoor that allows that and arguing against it.


Most people are just learning that their online conversations are not as private as they believed, but the real-life consequences for that lapse is almost zero which is why there is not more demand for secure solutions. What does affect you, however, is the harvesting of your contact info as spam, robocalls, identity theft, and a multitude of scams all begin with the gathering of those details. E2EE is gaining ground with the public and my hope is for all channels between individuals online to eventually be protected.


Privacy is more than ok. Can there be democracy without privacy? Can there be enterprize without privacy (commercial secrecy)

That we have tolerated the "privacy is dead" mantra for so long shows how weakened the reflexes of society, how lacking its immune system.

The bad guys will find ways to evade the rule of law no matter what. Compromising the foundations of digital society with that pretext might be too high a price to pay


Imagine the reach that article has, and the vast majority of those readers won't be searching out counter points - they will now have a mental note made that Signal == Shady.

You have to wonder if it's incompetence or there is an agenda being pushed when things so flagrantly wrong/bad like this get published.


Privacy is a fundamental Human Right. Only as the Law and all practices comply do they obtain our legitimacy. All else is nonsense


> Blackman says “The company’s proposition that if anyone has access to data, then many unauthorized people probably will have access to that data is false.” What on earth makes him think that?!

This is exactly the answer I want, too.


This essay needs to be submitted to the NYT opinion section as well. Nonsense reasoning should not go unchallenged. It was heartening to read the comments were almost universally disagreeing with Blackman’s piece.


For those who haven't read the post, the summary of Tim's Post is:

  Reid Blackman's article in the NYTimes argues that Signal App is dangerous because bad people could use it to plan nefarious activities and the legal authorities wouldn't be able to eavesdrop on them. However, it is impossible to address the downside of the app without completely shattering the upside of protected privacy. Blackman's claims about Signal's ideology are irrelevant because the math doesn't care - people are justified in wanting privacy, and there have been no credible proposals for taking away just the bad people's privacy. Signal is not the only end-to-end encrypted way to communicate, but it is a great piece of software and privacy is good.

I'm really torn on this issue, as I understand both sides of the privacy debate. I am both a strong proponent of privacy, but I'm also an ecommerce business owner.

Unfortunately, the same tools I use personally (VPNs, disposable email addresses, parcel lockers, etc.) are also utilized by fraudsters to make fraudulent orders. At this time, crypto payments appear to be the only viable way I can guarantee my customers' privacy and protect my business; however, the real-world market penetration for crypto is too low, and there are numerous other issues.

This puts me in the sad position where "[complete] Privacy is NOT OK" for my business. I am currently exploring 3D Secure 2, what other options do I have?


How would having a backdoor to Signal help with your fraud issue? Are you sure you're a strong proponent of privacy?


I am attempting (poorly) to emphasize that this conversation requires more nuance. It is possible to be pro-privacy while simultaneously understanding why it is sometimes necessary to reveal private information.


Not sure why your post was downvoted. There is a difference between asking customers voluntarily on your ecommerce site to say pass an AVS check or have an IP address in the same country that their card is from (in my view reasonable) and requiring all communications to go through mediums that the government can read (in my view unfeasible and invasive).


I understand what you're saying, and I also would love a middle-ground.

However, as the article explains better than I could, there's no way to get the upsides of privacy while mitigating the downsides.


We have system for that. Court tells you to do it or else you're punished.


Or a "secret" court does the same...


Something that struck me reading through a collection of Greek myths[1] a couple of years ago is that Hermes (Mercury in Roman mythology) is not only the god of messengers and communication, but of financial gain, commerce, eloquence, communication (including divination), travelers, boundaries, luck, trickery, and thieves.[2]

It's ... as if the ancients over two millennia ago recognised that communications cut multiple ways, and can serve benefit or harm.

From a more recent example, the term "confidence man" comes from Herman Melville's novel of the same title, which takes place on the first great motorised superhighway of the United States: steamboats plying the Mississippi River. Again, travel, and the opportunities afforded by intimacies amongst strangers gives rise to both positive and negative aspects.

The co-evolution of communications, trust indicia and mechanisms, and frauds and trickeries, is constant. James R. Beniger's The Control Revolution addresses this somewhat in its study of business and commercial communications technologies and practices. Trust at a distance, over time, and at scale is particularly challenging.

________________________________

Notes:

1. H.A. Guerber's 1906 anthology The Myths of Ancient Greece and Rome. It's well written and readable, though quite expurgated, with "great care being taken, however, to avoid the more repulsive features of heathen mythology".

2. List taken from Wikipedia's article on Mercury. Guerber's anthology combines the Greek and Roman myths and pantheons.


> I'm really torn on this issue, as I understand both sides of the privacy debate.

There are no two sides. You are one of the customers of security theater. Simple. Nobody who knows what they're talking about in infosec acknowledges email authentication or IP blocking.

> my customers' privacy and protect my business

You aren't protecting anything, just filling checkboxes.


> At this time, crypto payments appear to be the only viable way I can guarantee my customers' privacy and protect my business

How does crypto protect your business?


Like ls15 said, there is no chargeback. This makes it useful for merchants who don't want chargebacks, and customers who want privacy.


There is no chargeback


Well, that's a key feature for many customers; and I'd bet that most people for most purchases would not want to gain privacy at the cost of losing the ability to charge back wrongful payments.


> and I'd bet that most people for most purchases would not want to gain privacy at the cost of losing the ability to charge back wrongful payments.

I'll bet that many customers would appreciate if they could decide if they want one or the other, instead of the shop owner just deciding against their privacy.


For most yes but there is a big use case outside of most. Digital goods/software especially is rampant with friendly fraud, virtual cards with fake balances for trial abuse, etc. Example: https://news.ycombinator.com/item?id=27659172


Whether or not privacy is "OK" according to some random closet authoritarian NYT columnist is completely irrelevant

If X columnist thinks encryption is a problem, they should be willing to live with the consequence that the Texas govt would be able to see the communications of women seeking out of state abortions

There is no way to eliminate privacy for "bad" actors only but preserve it for "good" actors


And there's no way to ensure that only "good" actors will be able to use the backdoor. If there's a backdoor then "bad" actors will find a way to exploit it.


> There is no way to eliminate privacy for "bad" actors only but preserve it for "good" actors

Exactly columnist's point.


Equating privacy in physical world with physical constraints with unconstrained digital world is a massive mistake.

Sadly threads like these attract individuals who believe that government is singular rather than plural and have cult like following for SV bros like Moxie, Jack and Meredith.

Fair Democratically elected governments are the most robust protection we have, sadly it will take another crazy event like Jan 6th spreading like wildfire over signal for people to realize folly of crypto/privacy solutionism.

There have already been public lynching based on false Whatsapp forward rumors about child abductors and groomer but no one is willing to acknowledge that the same situations will be repeated in USA over Signal. Until then we will just be seranaded by meaningless plumbum like this blogpost


I love how you can instantly tell who's European by who is willing to exclude financial privacy from discussions of privacy and/or criticize absolute privacy altogether.


I'd imagine by your lack of geography knowledge and thinking every European country is super similar you're American then ?

But to the point, when you think about it, "financial privacy" in various forms of compelling to not discuss earnings has been by far most often used by corporations to underpay workers.


I’m glad we agree you oppose my privacy.


how exactly does it violate your privacy to be merely allowed (not forced) to discuss your salary?


Because you’re already allowed. Nobody comes knocking for an arrest when you tell your friend how much you make.


But…it seems people have been fired for disclosing how much they're paid? Some places, the employers have language in the contract banning it, and some of those some-places have courts that allow it.


Where are you being banned from discussing your salary? If I stop you from wearing shoes in my house I’m not making it illegal for you to wear shoes.


Switzerland is Europe.


And also:

https://www.tbray.org/ongoing/When/201x/2015/03/30/Maoris

Beautiful art...but i had a 5 minutes giggle about the comment at the end of the page...gosh sometimes i still love the internet's....backflash to the 2000's.


We have far more to fear from those that peddle fear than from those we are told to be fearful of.


[flagged]


You're not allowed to drive at twice the speed limit, nor to smoke in enclosed public spaces, and, in certain pandemic situations, you shouldn't be allowed to breathe unobstructedly on strangers. Where's the privacy dimension?!


What level of risk do you believe allows massive corporations to loot the government?

1 in 100,000? 1 in 10,000?


> To me, it's a binary choice. You are either for privacy or you are not.

This is called black and white thinking and it's generally a intellectual dead end. Applying wanton black and white thinking is a sign of a mind incapable of nuance, and rich, deep thought.


> Applying wanton black and white thinking is a sign of a mind incapable of nuance, and rich, deep thought.

Can't think of one instance where a group was able to politically accomplish something on the basis of "nuance"

If someone is making an appeal to "nuance", they're losing


Right, so what most people do when faced with a lack of knowledge is go out looking for it or maintain weakly held beliefs. To conclude that something isn't possible because one doesn't know of it is thought-limiting.

This is the political version of claiming, "I don't know how to sew and I've never seen someone sew. Therefore sewing is impossible." It's stunningly wrong. I can't seriously believe someone would think this way.


> Right, so what most people do when faced with a lack of knowledge is go out looking for it or maintain weakly held beliefs.

Exactly. This is why I've spent the last ten years of my life trying to find a real unicorn in nature. Weakly held beliefs are never good enough for me!


[flagged]


We've banned this account. You can't post like this here, regardless of how wrong someone else is or you feel they are.

Please don't create accounts to break HN's rules with.

https://news.ycombinator.com/newsguidelines.html


If a technology enables criminals to coordinate without any hope of detection that seems worthy of some fear to me.


This has always been true. The old fashion way of doing it was called "getting together in person someplace private." Yes Signal makes it a bit easier, but also general technology makes it harder too.


Anyone can host an e2e chat solution, trying to take Signal down doesn't change anything for serious organised crime.


They can do that. The cat is out of the bag. Worst case they can just use GPG/PGP, S/MIME or a bunch of other ways. Backdooring a communication medium just means they won't use it in the first place.


That's the price you have to pay if you want to live in a free country.


The point of the original article is that it's not black and white. There is no, and never can be any, entirely free country. I want to be free enough to have good privacy, but not so free as to allow a crime ring to take over my town.


if you are in a position a crime ring can take over your town, no amount of surveillance will help, it will most likely make the crime ring stronger by giving them access to it, there's a joke here about the government being already the crime ring I guess.


Some people say that already has happened, and the crime ring is called "the government".


>Some people

Other people think those first people are complete nutjobs.


You drop this at Discord HQ and the individuals there will catch fire instantly.


privacy is where we should start, if we want to fix this world, leave me alone faith


Ticking time bomb, 2022 Edition?


Global Stored Entered


History has shown us time and time again that when privacy is given away because "bad people can use it", without fail turns out to be detrimental to the law abiding citizens, with little to no impact to criminals. In many cases it further pushed the government into a dictatorial, even totalitarian regimes.

This has happened with speech, journalism, gatherings, associating with people, religion, self defense, and many more.

The very definition of a criminal is someone who ignores some laws, performs illegal (not legal) acts, including the laws that supposed to correct them.

People need to stop voting on purely emotion, and vote more with logic and ethics.

edit: add qualifier of "purely" & "more", as to acknowledge the responses and the nuanced problem around the overall topic.


I don't think blanket statements like this are true, and I don't think they're a healthy way to frame the debate. To take a non-trivial example, requiring cars to bear license plates - something almost everyone accepts, at least in the United States - has a lot of upsides like enforcement of traffic laws. Sure, perhaps traffic cameras aid totalitarian states in tracking the movements of citizens, but I think most people agree that license plates are a good societal tradeoff in terms of privacy.

This is a long way of saying that, even as a strong privacy advocate, it's worth noting that the tradeoff is real and the terms of debate ought to be over whether the tradeoff is a good one or not. In the case of encryption, this is a difficult question for us to answer because we're essentially asking how many crimes might have been prevented or might have gone unpunished had the perpetrators used encrypted communications. That being said, I think the security state would be hitting us over the head with these statistics if they could actually make a coherent case - the fact that Reid Blackman is instead making a fallacious comparison between encryption and the nuclear launch codes suggests that the figures don't add up.


> I don't think blanket statements like this are true, and I don't think they're a healthy way to frame the debate. To take a non-trivial example, requiring cars to bear license plates - something almost everyone accepts, at least in the United States - has a lot of upsides like enforcement of traffic laws. Sure, perhaps traffic cameras aid totalitarian states in tracking the movements of citizens, but I think most people agree that license plates are a good societal tradeoff in terms of privacy.

That's terrible comparison. Cars are in public by default, more than that with cameras you don't even need to have license plates to track someone, they just make it easier.

There is also very little stuff that would be privacy violating, yeah, sure, someone might note that your plates showed up at your lover's house but... they could just record you exiting the car, same with any illegal stuff.

The social contract is also different, you're allowed to drive on public infrastructure funded by everyone, and in return you need to have car that not massive safety hazard and abide by law. Communication has nothing to do with it

> This is a long way of saying that, even as a strong privacy advocate, it's worth noting that the tradeoff is real and the terms of debate ought to be over whether the tradeoff is a good one or not.

I'm sad to inform you that cat is out of the bag for decade or two now, and if criminals chose to have encrypted communication they don't need Signal for it. The cat will not go back into the bag no matter how much legislation tries. The math doesn't care for politician's feelings.

There is no tradeoff here - bad guys can do it already using many other ways, it's just trying to limit it for the normal people

> In the case of encryption, this is a difficult question for us to answer because we're essentially asking how many crimes might have been prevented or might have gone unpunished had the perpetrators used encrypted communications.

The other side is people dying or getting jailed because their tyrannical government didn't like what they chatted about.


> That's terrible comparison.

To be clear, I'm not arguing that encrypted communication is a 1:1 analogue to license plates. I'm arguing that they both reduce privacy to some extent, and therefore it's not right to simply say the tradeoffs are never worth it. (I would also quibble with your application of social contracts, but I don't think the details are actually that relevant given the above.)

> I'm sad to inform you that cat is out of the bag for decade or two now

I didn't intend for this to be an actual policy debate; I understand that you can't legislate away encryption. I was simply making the point these debates (is encrypted communication a social good?) aren't totally tradeoff-free, and pretending they are won't get us anywhere constructive.

> There is no tradeoff here - bad guys can do it already using many other ways, it's just trying to limit it for the normal people.

While you can't legislate away encryption itself, it's naive to think that governments have no control over how popular and widespread encryption becomes. "Bad guys can do it" doesn't mean "bad guys will do it" - the mountain of unencrypted communication used as evidence in the criminal justice system proves that. I'm firmly pro-Signal, but my guess is that if the government banned Signal tomorrow, fewer bad guys would use encrypted communication just because Signal is easy to use and most criminals aren't James Bond-style supervillains. (There are, of course, second-order effects that I wouldn't want to start speculating about.)


> but my guess is that if the government banned Signal tomorrow, fewer bad guys would use encrypted communication just because Signal is easy to use and most criminals aren't James Bond-style supervillains.

I was with you until this part, because I can't create a successful parse tree from it.


My point was that some "bad guys" aren't using encrypted communication at any cost; they're using encrypted communication that's easy enough to use. If you made encryption a bit harder to use (say, by taking away Signal), some percentage of existing "bad guys" would no longer use it. (To be clear, I don't think this is a reasonable argument for banning Signal; I just wanted to make the point that laws do affect the prevalence of encrypted communication even among criminals.)


false and dangerous analogy. knowing your number plate is comparable to knowing your phone number, rather than the real analogy of bugging your converation in the car. the number plate yields metadata about journeys, not the actual conversation.

"i mean people who argue for privacy would never have a problem with barcodes on milk"


> "i mean people who argue for privacy would never have a problem with barcodes on milk"

I mean; unless you pay cash for ~everything your spending habits have generally been wide open since the 50s in the name of convenience.


Vast majority of transactions were still mostly cash beyond some basic "pay my rent and utility bills and buy a car" until maybe starting at the 80s / 90s, and using credit cards back then was done wayyyy less than even the early 2000s.


True. For some perspective, half my work group wasn't yet born in the time periods you're referencing.


> license plates

That's funny, someone noticed it. License plates are a giant privacy problem. Yes, even before Snowden had to tell us, we had totalitarian bullshit like requiring ID (and the prospect of 10*X years of jail if you fake it) for hotels, receiving mail, and driving. You bring up a good point that the one you are replying to is absolutely correct, not just on a blanket statement level. There's almost no exceptions to it.


ALPR systems were controversial when they were first implemented, as it gave governments ways to track people who are not even suspected of committing crimes.

I still oppose them, as do other activist groups, but that infringement upon privacy was lost in battle a decade ago to "who cares, the police say they arrested a kid selling pot to his friends with ALPR and I have nothing to hide".

As it stands now, there are ALPR systems at every intersection in my neighborhood. If some weirdo with access to the system, which might be anyone that the government contracts with, wants to stalk me, their ex, etc, they can now do it with the push of a button and with little to no oversight.


> I still oppose them, as do other activist groups, but that infringement upon privacy was lost in battle a decade ago to "who cares, the police say they arrested a kid selling pot to his friends with ALPR and I have nothing to hide".

I had colleague like that. I then asked "sure, let me install camera in your bedroom, you have nothing to hide, right?" He STFU about it after...


Part of me is convinced that some people like that would be easily persuaded into putting cameras in their bedrooms if they were told it would keep them safe from burglars/murderers/terrorists/pedophiles/bears/tigers[1]/or whatever boogeyman they particularly don't like.

[1] https://www.youtube.com/watch?v=xSVqLHghLpw


Previous poster wasn't talking about automatic scanning of all license plates, but about license plates themselves and (maybe) speed cameras and the like. These are two different things.


This partiuclar method should be deprecated in favor of using AirTags.


> I think most people agree that license plates are a good societal tradeoff in terms of privacy.

I think most people have never even considered the matter in those terms; they just accept that license plates are how we do things and don't bother asking why.

When you actually ask why, your claimed upsides don't, IMO, actually amount to much. Enforcement of traffic laws? Most of those are revenue sources for local jurisdictions, not improvements in safety. If someone does no harm when violating a traffic law, there's nothing actually worth enforcing from a safety perspective; and if someone does do harm, how much help is a license plate in tracking them down? What fraction of people who are in traffic accidents leave the scene in their vehicle before the police get there, but get found later because their license plates were known? A large enough fraction that license plates for everyone are justified taking into account the privacy downsides?

This, btw, is the same logic you apply yourself in the latter part of your post. And your conclusion?

> I think the security state would be hitting us over the head with these statistics if they could actually make a coherent case

Which means that, since they're not, there actually isn't a case. And I agree with that--both for license plates and for encryption backdoors. And for other claims that we need to give up our privacy for some other supposed benefit.


License plates are the primary enforcement mechanism for traffic laws. Traffic laws (red lights, speed limits, etc.) provably save lives, and surveys have shown that people's likelihood of obeying such laws correlates with their perceived likelihood of being caught.

I think your argument about tracking down people who didn't actually do any harm misses the point - you might not intend to cause harm but the behavior you exhibit may simply lead to more harm if everyone did it. Should drinking and driving be legal as long as you don't hurt anyone?

I have made the same point with regard to a tradeoff betweening traffic laws and encryption (intentionally, since that's the point of my post - everything is a tradeoff). But I think license plates enable a system beyond "man in police car" which provably saves many lives. Even if you disagree (and I think you'd almost certainly be in the minority if you conducted a poll), the fact that we're even discussing it proves the GGP wrong - privacy tradeoffs aren't necessarily harmful ipso facto.


> the behavior you exhibit may simply lead to more harm if everyone did it.

This the same justification that is given for all nanny state laws. And I don't find it any more convincing than the justification that is given for encryption backdoors.

The correct way to give people an incentive not to cause harm is to punish them if they cause harm. Not if they do something which you or the government thinks might cause harm if enough people did it. Actual events trump guesses.

> Traffic laws (red lights, speed limits, etc.) provably save lives

Compared to what?

Compared to a society where we didn't punish anyone even when they did actually cause harm, probably yes.

Compared to a society where we did punish people who actually caused harm, but didn't interfere with people who hadn't? I don't think so.

The problem with punishing people who haven't actually caused harm is that they know they didn't actually cause harm but you punished them anyway. That weakens people's respect for the law in general. They start to view the law as a game, where the government tries to catch you breaking an arbitrary rule and you try to avoid being caught. That is how speeding laws, for example, are treated by virtually everyone.

Nobody counts the costs of that when judging laws. But we should. And if we did, I think we would end up just where I am advocating: we would only use the law to punish people who actually caused harm. Sure, put a sign on the road that says "maximum recommended speed 55 mph", as long as it's only a recommendation--if a cop can't randomly pull me over for exceeding the limit just because he happened to spot me, or because it's end of the month quota time and the municipality needs some more income. If I actually cause an accident, and I get penalized more because I exceeded the recommended limit, that's fine; that's what the law is for. But not until I actually cause harm.


> This the same justification that is given for all nanny state laws.

If you don't find compelling the proposition that laws disincentivize behavior, then we won't really be able to come to much agreement on anything.

> The correct way to give people an incentive not to cause harm is to punish them if they cause harm.

This presupposes that causing harm is entirely within your control. If you drive home drunk, you might kill someone simply because they happen to be there, not because you did anything differently - you may not even have seen them! (Thomas Nagel writes about this exact scenario in his 1979 paper, Moral Luck). Similarly, if you're driving 100mph and get into an accident, you're more likely to kill someone than if you were driving at 70mph and got into the exact same accident.

To take a step back, you've advanced a legal framework based on a consequentialist view of morality. Consequentialism can be problematic along a number of axes which is why our legal systems don't work that way.

> The problem with punishing people who haven't actually caused harm is that they know they didn't actually cause harm but you punished them anyway. That weakens people's respect for the law in general. They start to view the law as a game, where the government tries to catch you breaking an arbitrary rule and you try to avoid being caught. That is how speeding laws, for example, are treated by virtually everyone.

Not if they understand that a particular behavior leads to harm and thus ought to be disincentivized, e.g. drink driving.

Your comment on speeding laws is incorrect, because it assumes that speed limits have no bearing on driver behavior. In fact, setting speed limits either too low or too high is problematic. When you set the speed limit too low, you create a potentially dangerous speed differential between those trying to abide by the speed limit, and those ignoring it. Past a certain point, however, most drivers will cluster around the given speed limit which means you're simply artificially increasing the fatality rate of accidents (since they will occur at higher speeds).


No offense, but this is the dumbest idea. This system you’ve proposed allows for absolutely negligent recklessness, until (not unless) someone gets hurt. Teenagers or other irresponsible people would just go batshit until they killed someone, and only then, would we be able to stop the reckless behavior, which could easily have been predicted to have killed someone? No thanks, I don’t want to live anywhere near your society. We can certainly argue about whether the max limit should be 55 or whatever, but not that there are limits in general.


Do you know of an example where speed limits being a non-enforceable recommendation has actually proven anywhere near as effective in reducing road fatalities as legally enforced limits? And how far do you want to push this argument- that if I choose to drive an unroadworthy unregistered vehicle at 200kph on the wrong side of the road while highly intoxicated, I shouldn't be fined unless I provably cause injury/death/property damage to others?


> The correct way to give people an incentive not to cause harm is to punish them if they cause harm. Not if they do something which you or the government thinks might cause harm if enough people did it. Actual events trump guesses.

Sooo let me get it straight, you're saying that someone should be allowed to drive in wrong lane or drive in middle of road and only get punished when they actually crash into someone? Because that's what you're saying.

> If I actually cause an accident, and I get penalized more because I exceeded the recommended limit, that's fine; that's what the law is for. But not until I actually cause harm.

Can't punish a corpse, can't resurrect whoever you killed.


>* you're saying that someone should be allowed to drive in wrong lane or drive in middle of road and only get punished when they actually crash into someone?*

I'm saying that the law should not be able to punish them if they haven't caused actual harm. If they do cause actual harm, I have no problem at all with these things being treated as aggravating factors that increase the punishment.

> Can't punish a corpse, can't resurrect whoever you killed.

That's just as true under our current system as it would be under the kind of system I have been describing. But under our current system, as I have pointed out, people lose respect for the law in general when the law punishes them when they haven't caused actual harm. That doesn't seem to me like a good thing. Nor does it seem like a way to reduce the amount of actual harm people cause. Loss of respect for the law in general means people are less likely to pay attention even to laws that do relate to actual harms.


Your point is well-argued and I mostly agree.

But this: > Should drinking and driving be legal as long as you don't hurt anyone?

to some extent is the case in parts of Europe. In some countries 1-2 beers (or equivalent) are allowed and police cannot proactively control it. Yet if you get into an accident it can be an aggravating condition.

I don't mention the concrete countries and laws to avoid people starting to nitpick and dissect minor details.


And yet people don't like red light cameras. Case in point: many municipalities in US ban them outright, in most cases due to popular demand from their constituents.


A lot of people favor traffic enforcement of, especially, significant violations in general without favoring the automation of every relatively minor traffic violation. Automated systems could of course be setup to mostly just catch gross violators but for lots of reasons they won't be.


Yeah I don't find your argument here compelling at all.

You're right that I hadn't thought about license plates in these terms before, but now that I have, I'm convinced that they are a very good trade-off. So no, I don't think people only accept this because they haven't thought about it. I think enough people thought about it and accepted it long enough ago that we simply don't really need to think about it anymore. It was something that was invented, worked well, and thus faded into the unquestioned background. And that's good!


> I don't think people only accept this because they haven't thought about it. I think enough people thought about it and accepted it long enough ago that we simply don't really need to think about it anymore.

If you have any historical evidence that this is how any of our common traffic laws that punish people who haven't caused harm, I would love to see it.

My understanding is that no such process ever took place: government bureaucrats decided that certain arbitrary rules were appropriate and that anyone who violated them should be punished, based on whatever information they considered relevant, and imposed them by fiat. That is how 55 mph speed limits were imposed throughout the US, for example.

And that doesn't even consider the part about traffic laws being revenue sources for state and local governments. The overall incentive to over-impose laws is huge. Yet somehow the laws we have are exactly right to optimize our safety? I strongly doubt it.


> My understanding is that no such process ever took place: government bureaucrats decided that certain arbitrary rules were appropriate and that anyone who violated them should be punished, based on whatever information they considered relevant, and imposed them by fiat.

... that's the process I was talking about. Bureaucrats making rules and then seeing if voters reject them by electing people to make different rules is how things work in a representative democracy.

You seem to dislike a lot of the rules and incentives in the space, and I'm sure I agree with you on a lot of the details, but none of this is going to lead me (or many other people) to a categorical "license plates are bad" conclusion. I'm very glad we do licensing for cars and drivers, despite the existence of problems on the margins.


> Bureaucrats making rules and then seeing if voters reject them by electing people to make different rules is how things work in a representative democracy.

No, it's not. In an actual representative democracy, the elected representatives write the rules. That's what they're elected to do. And when the US was originally founded, that's what they did.

In what we actually have now, which would be better described as a "bureaucratic oligarchy with a veneer of representative democracy", elected representatives don't even bother to read the umpteen-page laws the bureaucrats write before they vote on them. And no voters have a strong enough incentive to actaully hold the representatives accountable because of the well known problem that doing that requires lots of work and the chance that any particular voter's vote will make a difference is much too small to justify doing all that work. So the only people who actually vote on the substance of issues are those who are driven by ideology or special interests--i.e., those who have other incentives to do all that work and don't care whether their individual vote makes a difference or not.

> I'm very glad we do licensing for cars and drivers

The question is, why? The only argument I've seen made in this thread is "it helps to catch people who violate traffic laws". That's the argument I have been rebutting. Is that the reason you like it?

I ask because there are other arguments for licensing cars and drivers besides that one, but nobody has mentioned them here.


> The question is, why?

Generally speaking, it is a mechanism that helps enforcement of regulations related to owning and operating a vehicle.

One might agree/disagree with whether or not (or the degree to which) there should be any regulation for owning or operating a vehicle.

If one accepts some form of regulation, then the question becomes whether or not license plates are an effective tool to enable enforcement of said regulation.


> Generally speaking, it is a mechanism that helps enforcement of regulations related to owning and operating a vehicle.

Ok, so this is basically the same argument other people have been making. My response is the same as it has been to others.


I see. What are you trying to accomplish with this debate? Is it to prove to others that you're right, to change their minds, to test your own ideas, or what?


We're way down a pretty irrelevant rabbit hole, but no, the designers of representative governments did not envision that all rulemaking be done by legislative bodies, because that would be completely impractical.

> That's the argument I have been rebutting.

You believe you've been rebutting it, but like I said at the beginning of my comment: I am not persuaded.


> What fraction of people who are in traffic accidents leave the scene in their vehicle before the police get there, but get found later because their license plates were known?

As a cyclist who continually sees stories of aggressive car behaviors being reported and acted on because the cyclist had cam footage of the license plate I'd say the fraction is close to 100%.

So yes, it is a trade-off and in this case I agree with the OP that is is worth it.


> As a cyclist who continually sees stories of aggressive car behaviors being reported and acted on because the cyclist had cam footage of the license plate I'd say the fraction is close to 100%.

My anecdotal evidence, for what it's worth (which is not much in either case), is exactly the opposite: in every traffic accident I have been involved in, neither I nor anyone else left the scene.

(Btw, when you say "aggressive car behaviors", are these things that actually caused harm?)

As far as actual data that would be strong enough to justify imposing public policy on everyone, I don't think it's there.


> As far as actual data that would be strong enough to justify imposing public policy on everyone, I don't think it's there.

In 2020, 26.3% [1] of cyclist fatalities were caused by hit-and-runs. That's a bit over 1/4 of cyclist fatalities. What more would you need, 1/2?

[1]: https://www.outsideonline.com/outdoor-adventure/biking/what-...


> In 2020, 26.3% [1] of cyclist fatalities were caused by hit-and-runs.

How many of the hit and run drivers were caught because of the license plates on their vehicles? That's the relevant data for this discussion. I don't see it anywhere in the article you referenced.


In 100% of cases I've seen where camera evidence compelled the police to act after a cyclist had been a victim the fact the licence plate was visible was the factor that made the police act.

> My anecdotal evidence, for what it's worth (which is not much in either case), is exactly the opposite: in every traffic accident I have been involved in, neither I nor anyone else left the scene.

You probably aren't the problem here. To generalise broadly on the cases I've seen the issue was usually caused by drivers who decided their aggressive instincts would be best served by running cyclists off the road.

These people don't stop after doing it because they believe their actions are appropriate.

(The other common case is people running cyclists off the road when they don't realise they are there. Generally these people don't stop either).


Define harm. Threatening behaviour included or excluded? "Likely to cause harm" or "intending to cause harm" included or excluded.

Is running off the road OK if no material harm?

What if they have a heart attack 20min later due to stress?


> Define harm.

Our common law legal system does a pretty good job of that already. For example:

> Threatening behaviour included or excluded?

See the legal definition of assault.

> "Likely to cause harm" or "intending to cause harm" included or excluded.

"Likely" is excluded in common law if that's all you have, because, as I said in response to another post upthread, actual facts trump guesses. "Intending" falls under assault if, roughly, the intent is perceived by the target.

> Is running off the road OK if no material harm?

Again, see the legal definition of assault.

> What if they have a heart attack 20min later due to stress?

How would you prove, in a legally sufficient sense, that the heart attack was due to whatever happened 20 min earlier?

I'm not proposing "caused actual harm" as the standard because I just made it up. I'm proposing it because it is the standard that our common law legal system has used for the vast majority of its history. It's only fairly recently that nanny state legislators started thinking (incorrectly, in my view) that they were smarter than centuries of common law jurisprudence.


If hit and runs were known to be virtually untrackable, I'd guess you'd have a lot more hit and runs.


> If someone does no harm when violating a traffic law, there's nothing actually worth enforcing from a safety perspective; and if someone does do harm, how much help is a license plate in tracking them down?

Laws are often about reducing risk.

If I drive 100 miles/hour (160 km/hour) through a school zone when kids are present but do not actually hit anyone I have not actually done any harm, but I did greatly increase the probability of harm. I just happened to get lucky on that particular trip trough the school zone.


> People need to stop voting on emotion, and vote with logic and ethics.

There is no purely logical reason to vote at all that isn't fundamentally rooted in emotion. This is typically a desire for something to change in one way, a fear that it will change in another, or anger or indignation that it has already changed in some detrimental way.

Indeed, your own argument is based on the fear of dictators, the looming threat freedom being taken away.

Ethics too is rooted in emotion. When we look at something we consider unethical, something unjust perhaps, we feel anger and indignation. If we perceive such an event is about to happen, we feel fear. If we perceive it has been averted, we feel happiness.


Yes, goals re ethics are rooted in emotion. The actual problem, which is definitely occurring on this topic, is when acting on snap emotional judgements compromises the longer term emotional desires that matter more. It's using emotions to work forward from your emotional goals, instead of logic that would actually acheive them. This is definitely still a case of (specific and qualitatively different) emotions triumphing over logic, so I don't think it's crazy to talk about it that way.

I mean, you're right in the big picture, but in a practical sense with the way people usually think about "emotion", it's not a terribly effectual perspective.


> Ethics too is rooted in emotion.

Says who? Can you prove it? This is a pretty big claim to make


One can construct an argument based on the is-ought problem. As a brief recap: Statements about how things ought to be can not be derived solely from statements about how things are.

For example, from "my house is on fire" (what is) alone does logically not follow "I should try to extinguish the fire" (what should be), without a quiet assumption something like "my home and belongings should not go up in flames" (what should be).

Ethics are obviously within the category of how things should to be, and thus it cannot be derived in its entirety from the state of the world as it is.

Thus ethics must be derived from some other notion about how the world should be. If you take account of the sources of our fundamental notions about how the world should be, you'll find they're all some variant of emotions, or possibly something like aesthetics, which unfortunately again cooks down a desire for that which is pleasant to the mind and senses.

All other notions about how the world should be are so-that something else, which if you keep following the reasons so-that, all land in emotions. For example, the reason why we seek things like truth and justice is because we like how they feel, we feel content, as though things are the way we think they should be. We dislike lies and injustice because they make us angry when it happens to others, sad or indignant when they happen to us.

If we did not feel this way, surely we would have no reason to prefer justice to injustice, or truth to lies. It would by definition be all the same to us.

Alternatively, one may argue that God has decided how things should be. But that is just replacing human emotion with the moods of God. God may get angry if you marry your daughter and ransack the temple and will be happy if you offer libations. An ethics based on piety is a system of ethics based on whatever makes God happy.


> Thus ethics must be derived from some other notion about how the world should be.

Yes, but bringing in is-ought only tells us that the ethical realm is self contained. It doesn't tell us that the ethical realm is reducible to emotions

> All other notions about how the world should be are so-that something else, which if you keep following the reasons so-that, all land in emotions.

You're just repeating the same claim that I questioned earlier

> For example, the reason why we seek things like truth and justice is because we like how they feel, we feel content, as though things are the way we think they should be

Can you prove this? Why this specific explanation and not some random other one like "because God wills it"? It's unclear to me why this explanation is any more convincing


> Can you prove this?

Arguments can be constructed for or against such things, they cannot ever be proven. Very few things can be conclusively proven about the world. We could after all be just be brains in vats being fed a simulated reality and we'd never prove the fact. There is always that doubt.

The perhaps most damning argument is to consider a being without desire, fear, content, disgust, anger, and other such things.

What would compel this entity to any action?

Try to rob them with a gun and they will not fear you. "I'll shoot!", you'll say, and if they react at all, they'll say "ok".

Try to bribe them with delicious food, wealth, sex; and you'll get nothing. They do not desire it.

Commit an injustice in front of them and they'll likewise not be angered. Stop a crime and they'll find no reason to praise you.

Even if we permit them to feel pleasure or pain, which is generous and not necessary for the experiment, they will by our definitions not desire the pleasure and seek it out or fear the pain and try to avoid it. Permit them hunger and let them starve, and they will not desire it to end.

This entity has no state of the world that brings them joy since they do not know what it is, and no state of the world that brings them anger or resentment for similar reasons. The pleasure of the beautiful will not be sought out for they have no desire, and the nausea and revulsion of the hideous will not be avoided. As a consequence, the logical and consistent will not be preferred to the illogical and inconsistent.

Their ranking in a social structure will not matter to them, since they will not fear becoming an outcast, have no envy of the success of others, and so on.

Since that is the case, core to this being is that all states of the world are equal in their eyes. Could this entity using their perfectly intact faculty of reason derive a system of ethics? This seems unlikely, since normative statements do in conflict with this prefer certain states of the world to others.


> Try to bribe them with delicious food, wealth, sex; and you'll get nothing. They do not desire it.

Sounds like an enlightened person to me

> Could this entity using their perfectly intact faculty of reason derive a system of ethics?

See Kantian ethics


I generally agree with you; governments have c̶h̶i̶p̶p̶e̶d̶ ̶a̶w̶a̶y̶ taken a sledge hammer to privacy with The Patriot Act, NSA's mass surveillance program, PRISM, and the UK's Investigatory Powers Act etc. It is hard to quantify the chilling effects of losing privacy, similar to being impossible to prove a negative as there is no conclusive way to prove that something does not exist or did not happen.


The argument that privacy is terrible because it can facilitate crime also neglects to consider that many other ways exist to encourage and obstruct crime and that nearly everything facilitates crime to a degree. For example, car ownership enables hit-and-runs, you can't have burglaries without homes, and gun ownership... is a topic for another thread, but you get the point.


If you consider violating people's privacy a crime then... well... it'd be like stealing someone's car so that it can't be stolen.


> History has shown us time and time again that when privacy is given away because "bad people can use it", without fail turns out to be detrimental to the law abiding citizens, with little to no impact to criminals. In many cases it further pushed the government into a dictatorial, even totalitarian regimes.

I agree with the conclusion, but I wonder about the claims and reasoning.

Can you give us examples? I don't recall that many 'bad people can use it' arguments that led to what is described. I doubt it's led a liberal democracy to become authoritarian, and under existing authoritarian regimes, there is little or no privacy to give away.

Finally, the biggest privacy threat in free countries now isn't government but corporations.


As far as privacy goes, the USA Patriot Act is probably one of the better examples of "we have to erode privacy to catch criminals": https://en.wikipedia.org/wiki/Controversial_invocations_of_t...

As for general "bad people can use it" scenarios, US airport security would be my go-to example. Everyone has to take their shoes off at airport security, even though the Deparment of Homeland Security's own tests have shown that that terrorists could still still easily sneak weapons and explosives through security: https://www.latimes.com/nation/nationnow/la-na-tsa-screeners...


Those are alleged examples of privacy eroding, but not of it leading to authoritarian government.


> People need to stop voting on purely emotion, and vote more with logic and ethics.

Ultimately, though emotion–or at least, subjective preference–is the root of ethics; logic can get you from that root (plus, where relevant, observations about the world) to more complex non-root ethical statements, but it gets you nothing without the root preferences, which it cannot generate.


Who's logic and ethics? I think that is the heart of the issue.

Hard for all of us to stand together apart.


History has also shown us time and time again that absolutism isn't orthogonal with reality. Absolute privacy still results in tyranny, you just won't see it coming until it's far too late.


I don't know what to tell you other than the fact that "lawful intercept" only became lawful in the 1970s and that the laws/modern law enforcement techniques you think are saving us from anarchy are relatively new. In the UK wiretap evidence isn't even admissible.


> Absolute privacy still results in tyranny,

what are the examples of this, can't think of any?


I usually just ask for their credit card numbers if privacy is so unimportant.


The feds have been working hard to push the "freedom isn't free" agenda in order to persuade the public that Chinese style is acceptable if we are the ones doing it. You can see the effort on YouTube(through major podcasts and channels), TikTok, now the New York Times, among other places (for example, the ex-CIA guy that trended in YT for a while, who claims the government needs to surveil us to "keep us safe", and the CIA is "good", Snowden is a traitor, and all the deep state talking points, etc...). Straight propaganda, such as the one coming from Tass or XinHua news, is insane.


> [...] now the New York Times [...]

Also this: (Note: This is under the opinion section, however.)

https://news.ycombinator.com/item?id=34176590


I really need to cancel my NY Times subscription

They haven't really had much variation in content since the invasion of Ukraine, and the only variation are these random WTF-who-paid-for-this articles


The 'government' is responsible for a couple orders of magnitude more harm than 'criminals'. We're talking hundreds of millions deaths worldwide over the last century.

I'm much less concerned about the government knowing what the 'criminals' are talking about (there are plenty of other ways to track them) than I am with the government knowing what the citizens are planning on standing up for/against.


What are you comparing with (both for government and for criminals)? In case of criminals it's easier to imagine a similar world where just criminals don't do crime; however, that comparison fails to take into account indirect effects of crimes (which are both negative -- e.g. costs spent on protection against crime -- and positive -- more incentives to influence the society so that crime is less beneficial).

In the case of government, I find it hard to see what do you mean by "same world, but without government". If everyone behaved the same in absence of government, nothing would really change. If we take into account changes in people's behaviour due to lack of government, then how do we stipulate that no government forms in that world? Are we imagining a world where everyone knows that forming any government will end the world and thus no one does that? In that case I'm hard pressed to even guess the sign of the difference in magnitude of harm, let alone its order of magnitude.


I'm not stating that we abolish government, just that 'checks and balances' are good for government.

Unlimited government power has historically been, well, terrorizing for citizens in the same ways as large crime groups - but far more deadly.


In that case it's hard to say which deaths are "caused by government". If a government could have imposed a policy that prevented them, are they caused by government? Should we balance that against side effects of such a policy? What about side effects of a feasible way of arriving at such a policy?

If we want to discount such deaths as caused by the government, we will end up with lots of cases of "would not happen but for policy X, but policy Y would have prevented them". From some POV _every single death_ is somehow caused by some policy that's government-imposed. To have a reasonable way to define "caused by government" we need to have something to compare with.


There in general needs to be more accountability for people in power, instead we got reverse, the richer and more powerful someone is the less punishment they get for fuckups (unless they fuck up with wrong people's money I guess).

Hell, politician can lie their way to power, realize nothing of what they promise and still somehow not lose the "job"


Is there an organization you can think of other than a government that is capable of bringing about a Chinese Great Leap Forward, a Soviet Holodomor, or a German Holocaust?

Money laundering and drug trafficking are rounding errors.


East India Company


… which had an army bigger than Britain’s.


I can't imagine how a society in a world where $DEITY would strike down anyone who tried to create a government would look like; I don't know what they'd use for coordination and whether it would be more or less vulnerable to e.g. creating correlations that defeat the disaster-prevention of the law of large numbers.

If we want to compare two situations, we should not only point out the differences in one direction. Otherwise we'd end up claiming that e.g. a society on a desert will have many fewer deaths on account of drowning being vastly less likely.


Facebook, Amazon, and friends certainly seem on track to give governments a run for their money. Facebook itself has directly led to genocide multiple times. Amazon wouldn't bat an eye at such atrocities if they were socially accepted and good for the bottom line.

Corporations might do it for a different reason — seeking capital above all else — but the end result is the same.

Any organization that gathers enough power would be capable of bringing about a Chinese Great Leap Forward, a Soviet Holodomor, or a German Holocaust.

Some of the worst abuses in history were made possible by the invention of the corporation. Ever hear of the East India Company? They are responsible for 100s of millions of deaths, many genocides, and the eradication of entire cultures.

The difference is that we now regulate corporations to hopefully prevent this level of power and abuse. We seem to be moving towards a new era of East India Companies though, so I'm not sure why you think only a "government" could commit atrocities.

Hell, the Irish famine was caused by the British adhering to free market principles. In that case corporations and the government teamed up together to kill 15% of the Irish population for no particularly good reason.

Governments do not have a monopoly on atrocity.

Edit: Nestlé probably has a bodycount approaching the governments you listed.


> Some of the worst abuses in history were made possible by the invention of the corporation. Ever hear of the East India Company? They are responsible for 100s of millions of deaths, many genocides, and the eradication of entire cultures.

“The corporation” in general is, and the British East India Company in particular was, a tool of government, not an opposing force.


He is right but I hate people talking about the government like it's some random entity. You are able to vote, you can decide who is the government AND here comes to the kicker you can even be IN the government. You just prefer to not be, you prefer to build artificial stuff to circumvent what your elected government does. It's so counterintuitive.


I don't really like this idea that voting will fix all problems and dangers in government. In fact, voting could be a cause of the danger. It is called tyranny of the majority.


And that's why governments are more complex than straight democracy. I love how people bring up the tyranny of the majority as some counter to modern democratic government, all the while providing no viable alternative.

What, do you want the tyranny of the minority? Are you proposing some sort of fascism?


I am proposing that people have certain rights even if you don't want them to.


What about a majority of people agreeing that adults should leave each other alone?


They don't. So what now?


Use signal.


I think it's idealist to think any of these things will help even one bit with the problems Parent is talking about.


And it's not idealist to believe the opposite?


No because that's not ideal. But it is realistic.


agree to disagree.


https://www.breitbart.com/politics/2014/08/12/study-you-have...

> the preferences of the average American appear to have only a minuscule, near-zero, statistically non-significant impact upon public policy

What Signal is doing is infinitely more effective than voting for this year's media-approved career politician.


Counter: https://www.vox.com/2016/5/9/11502464/gilens-page-oligarchy-... (and it isn’t a left vs right thing, Vox is replying to a whole bunch of coverage from all angles; I’ve mostly seen Gilens&Page posted from the left).


If only you hadn't used Breitbart, funded by the very people who seek to ensure most people have a near-zero impact on public policy.


And one simple bug or a bad actor could bring it all down.


The world seems to have a number of governments that don't respond kindly to criticism from their own citizens, so that leaves other governments the job of restraining them.


   > you can decide who is the government 
Not really, not in any meaningful way. We can vote for a handful of people every couple of years, but we get no say in the many thousands of people actually running the government from administration to administration, and with no oversight from the people.


I have the ability to participate in a handful of governments by voting. There are countless government officials around the world who might like access to my signal conversations. I don’t have any say for most of them. That’s why I’m glad I can use a service like Signal offers.


By that logic one shouldn't ever criticise let's say, Google (a separate entity), because in theory one could get a job there, work their way up to be CEO and then change how the company works. In fact, why ever criticise anything or express any opinion when instead you could be 'doing something about it'?

I think it's okay for people to express their opinion on the internet, and it's not a moral failing that they are doing that instead of, as you suggest elsewhere, running for office, getting elected, writing a bill and finding allies.


> AND here comes to the kicker you can even be IN the government

This is (in many cases) a lie. The system is set up in a way that only the political class can realistically run for political office.


proof it. the last election cycle tells a different story.


How do I vote out the FBI/CIA/NSA/ATF? The politicians change and they all stay the same or get more powerful


You don't, because most voters do want FBI and CIA and NSA and ATF to do their jobs and want the government to assign sufficient resources to stay the same or get more powerful. Politicians explicitly argue for such policies, and gain votes because of them, not despite them; this direction isn't one of those where politicians verbally support one thing and act otherwise, they put this stuff in their speeches and ads.

You should convince other voters to agree with your policy first, and if you can't, then you should concede that FBI/CIA/NSA/ATF shouldn't get voted out even if you want them to.


>because most voters do want FBI and CIA and NSA and ATF to do their jobs

The primary means through which said voters learn about these institutions are controlled by said institutions.

The FBI/ATF murdered hundreds of people at Waco, the CIA murdered the elected president of the United States.

These are not passive institutions that serve the people, they are hostile mafias hell bent on our subjugation, and inherently incompatible with the concept of democracy.


This is a classic problem. You have political and institutional elements in every system. (In the old days, the institutional elements were the clerics of various religions.)

A solution is to indoctrinate bureaucratic elements of government to follow political leadership, but this trick only works in authoritarian systems, like USSR, and requires periodic show trials and executions, or in the military (thus: bootcamp).

This is one of the areas where machine intelligence could end up saving the day for humanity. Bureaucracies can potentially be replaced in toto by informational systems at some point. I think only then will we get to try actual democracy democracy.


Your vote is one vote among many. You need to convince everyone else to vote with you too, including the politicians that get elected.

Otherwise, you need to run for yourself.

You won't get what you want done if you don't participate, and voting is the bare minimum of participation you can do


Voting does fuck all and everybody knows it. The only beneficiaries of the ability to vote are the tyrants who get to blame the result of their depravity on the people they oppress: the "voters."


Maybe federally (or even state-wide). Locally you can have a MASSIVE impact, and local politics in many ways trickles up to the national level.

edit: ymmv, hard work & organizational skills still required


How? If I live in a town/city/state/whatever where 70% support party X unquestionably what good is voting in the elections going to be if I support the Y candidate? I’ll always be outvoted unless the local majority absolutely fails to show up.

I met a guy running for congress a couple years back and had some discussion. We didn’t align politically but he seemed like a genuine guy who cared about helping people in his district more than reciting the party line and joining in on culture wars, and ultimately that screwed him out of the election.

The only time I can’t understand voting is in swing places where a small margin can make a difference, but even then I wouldn’t vote given some of the people on both sides running.


Local politics is a sham. My local AT&T fiber node is not being tapped by my local government. Traitorous elements within the NSA conspired to defraud the United States by violating our constitutional rights and tap my local fiber grid.

If you make $150k/year half your paycheck goes towards funding traitors to the United States of America, funding people actively seek to undermine the constitution.


My neighborhood council is not the one doing mass wiretapping. That’s the federal government (and, presumably, the central governments of other countries too).


No one voted for the bay of pigs. No one voted for MKULTRA.

Stop pretending these organizations represent democratic interests, or are beholden to democratic forces.

We pay for them, but they do not serve us.


Well, get elected write a bill and find allies. That's how.


we have a working solution to the problem of the cia snooping on political dissidents and for some reason you want us to abandon it and switch to a solution that won't work

why is that


Using government is an effective solution. It's slow, but it's a dedicated political campaign that overturned roe v wade.

Cryptography isnt a solution to this because wrench attacks will continue to exist


The senate had their computers compromised by the CIA. When caught they apologized and no one went to jail.

Tell me again about how voting is an “effective solution”.


>It's slow, but it's a dedicated political campaign that overturned roe v wade.

A President elected by a minority of voters under a system designed to disenfranchise the majority, who selected a panel of Supreme Court judges for life terms, themselves selected by a right-wing think tank specifically for their willingness to overturn Roe V. Wade, which had the support of the majority of the population and was settled law for nearly half a century.

That demonstrates the solution of government is only effective for a specific demographic... ironically the demographic that's been claiming everything is rigged against them for the last decade. For everyone else participating in the system seems like a fool's errand. One side was willing to risk sedition to get what it wanted, and suffered no real consequences, while the other side seems incapable of opposing the status quo, almost as if it's just there to provide the illusion of a choice between two sides.

I can see why people want to opt out. I vote, and I'm still going to vote on principle, just because I want to go down fighting, but I'm under no illusions that my vote is anything but a farce.


i used to believe that too


I don't think that poster is saying to ban Signal. A minority of people want to ban Signal. As it is Signal is legal and that's good. Democracy is also good. And yes people should participate in democracy rather than simply posting angry internet comments. Participating in democracy is also good.


well, democracy is better than dictatorship or monarchy, but that's damning it with faint praise

democracy didn't save the cherokees or the melians because they weren't voters


No, you believe you have a working solution, but you can't verify it. You know how you could verify it?


a critical press free of official censorship and intimidation which can protect its sources with free software and strong encryption (verified by free academic inquiry into its security) and funded anonymously by strongly anonymous cryptocurrency


and how could one make sure that the press is free?


do you mean to verify that it is free or to cause it to be free


Wow, it's so simple and easy, how has no one thought of that before and tried it?


Nobody said it is easy and that's why you don't do it and prefer to write sarcastic comments on the internet.


Simplistic "but hard" proposals beget sarcastic replies. I could enumerate some reasons why what you said is overly simplistic and ignores some harsh realities but I expect the response to be another variant of "no one said it would be easy". I guess no one is allowed to have an opinion on a topic without being prepared to martyr themselves for it?


So as with the topic at hand you assume a certain outcome even in discussions you try to derail with low effort jibs, got it.


Why aren't you doing it, then?

Oh, right, because it's impossible.


But I am, we fought a lot of battles and won over the last years with the previous German government, got the new one to adopt most of our (CCC) proposals and are now fighting again because of some proposals are again overreaching.


We aren’t talking about Germany, we are talking about the US (the article that sparked the discussion was in the New York Times). The US has an entirely different (and much less fair or representative) political system to Germany.


Who would have thought it could be so simple?


Nobody said it is easy and that's why you don't do it and prefer to write sarcastic comments on the internet.


Your self-righteous indignation is really no better, posting to others that their solution is obviously a task so grand that most who endeavor to attempt it fail (aka every candidate who doesn't get elected.) It reads like a very shallow attempt at pragmatism.


Act and the whole world will move.


Correct in theory but completely wrong in practice


Voting is least worst system. Majority have no clue about who exactly they are voting in and will fall for same lies every election


More so to circumvent the dim-witted will of my neighbors.


The idea that dim-witted neighbors get to have a say in how you live your life is kinda gross.


And he thinks you are the dim-witted neighbor so to get an actual idea if you or he is dim-witted you need outside data.


Why would I want to be in the government unless I wanted to impose my will on someone else? People like that are the people I least want to be governed by.


Your government is torturing and killing people on your behalf.

Are you cool with that? Or is voting ineffective at stopping them?


Ah...yes, the everyone on the internet is American approach. If you live in a country that's fucked up in your own views without doing the bare minimum (ie. vote) against it the one who is fucked up is, YOU.


Which country do you live in where you think they aren’t doing this?


[flagged]


I suppose the following group counts as idiots, but a lot of them are naive rather than actively malicious. You'll see people argue of things like oh who cares about privacy, I post online all the time and nothing happens. Completely oblivious to cases such as people using airtags to stalk people. Or people using location data from dating apps to assault their targets. Or widespread cases of people fearing their medical data could easily be accessed by law enforcement in a post Dobbs vs Jackson United States.

This group is probably the most difficult to reason with because they refuse to empathize with others in these cases. To them, the idea of being targeted is something that happens to other people, and even if they were targeted nothing would happen besides maybe a nude leaking or whatever they consider "sensitive but worthless". It's this combination of lack of empathy mixed with a particular kind of data, not tech, illiteracy.


Not for serving politicians, companies with public money contracts, listed companies CEOs, NGOs and charitable organizations receiving or giving a relevant number of millions in donations

These people are far too corrupt to be left wandering by themselves


I didn't like the original post that much but I tink this one is worse because it's almost entirely emotional. Statements like this:

"When you say “law enforcement”, who exactly do you mean? Employees of the United States? Of Oregon? Of Crow Wing County, MN? Of Italy? Of China? How are you going to sort out the jurisdictional disputes, and how are you going to ensure that only “good” law-enforcement organizations get to snoop?"

are just knee-jerk. You sort it out the same way you do any issue of public authority. Legislation, regulation, courts, etc. Privacy is not binary. Technically it's perfectly possible to design differentiated systems that can be adjusted and provide transparent access when needed. And that's probably what we need the most, not just when it comes to crime but also user choice. Way too often these days you have extreme solutions on one end that result in users opting for unsafe choices just due to usability. There needs to be much more debate about how systems are designed so that they give authority access when needed in a way that has checks built in and protects users as much as possible.

Authority has legitimate interest in preventing crime, this has wide public support in many cases, and individuals have legitimate interest in privacy, but neither is limitless. Any system designed for communication ought to reflect that or else we're just wasting resources on ideological debates.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: