The technologists’ Hippocratic oath

The Guardian asked me for commentary on the letter to the White House and Congress from eight tech giants about NSA spying:

Whose side are you on?

That is the question MP Keith Vaz asked Alan Rusbridger last week when he challenged the Guardian editor’s patriotism over publishing Edward Snowden’s NSA and GCHQ leaks.

And that is the question answered today by eight tech giants in their letter to the White House and Congress, seeking reform of government surveillance practices worldwide. The companies came down at last on the side of citizens over spies.

Of course, they are also acting in their own economic (albeit enlightened) self-interest, for mass spying via the internet is degrading the publics’, clients’, and other nations’ trust in the cloud and its frequently American proprietors. Spying is bad for the internet; what’s bad for the internet is bad for Silicon Valley; and — to reverse the old General Motors saw — what’s bad for Silicon Valley is bad for America.

But in their letter, the companies stand first and firmly on principle. They propose that government limit its own authority, ending bulk collection of our communication. They urge transparency and oversight of surveillance, which has obviously failed thus far. And they argue against the balkanization of the net and the notion that countries may insist that data respect national borders.

Bravo to all that. I have been waiting for Silicon Valley to establish whether it collectively is a victim or a collaborator in the NSA’s web. I have wondered whether government had commandeered these companies to its ends. I have hoped they would use their power to lobby for our rights. And now I hope government — from Silicon Valley’s senator, NSA fan Dianne Feinstein, to President Obama — will listen.

This is a critical step in sparking real debate over surveillance and civil rights. It was nice that technology companies banded together once before to battle against the overreaching copyright regime known as SOPA and for our ability to watch Batman online. Now they must fight for our fundamental — in America, our Constitutional — rights of speech and assembly and against unreasonable search and seizure. ’Tis a pity it takes eight companies with silly names to do that.

Please note who is missing off this list of signators: Google, Facebook, Twitter, Yahoo, Microsoft, Aol, Apple, LinkedIn. I see no telecom company there — Verizon, AT&T, Level 3, the companies allegedly in a position to hand over our communications data and enable governments to tap straight into internet traffic. Where is Amazon, another leader in the cloud whose founder, Jeff Bezos, now owns the Washington Post? Where are Cisco and other companies whose equipment is used to connect the net and by some governments to disconnect it? Where are the finance companies — eBay, Visa, American Express — that also know much about what we do?

Where is the letter to David Cameron, who has threatened prior restraint of the Guardian’s revelations, and to the members of the Parliament committee who last week grilled Rusbridger, some of them painting acts of journalism — informing citizens of their governments’ acts against them — as criminal or disloyal? Since they urge worldwide reform, I wish the tech companies would address the world’s governments, starting with GCHQ’s overseers in London.

And where are technologists as a tribe? I long for them to begin serious discussion about the principles they stand for and the limits of their considerable power. Upon learning that government had tapped into communications lines between their own servers, two Google engineers responded with a hearty “fuck these guys.” But anger is insufficient. It is not a pillar to build on.

Computer and data scientists are the nuclear scientists of our age, proprietors of technology that can be used for good or ill. They must write their own set of principles, governing not the actions of government’s spies but their own use of power when they are asked by those spies and governments — as well as their own employers — to violate our privacy or use our own information against our best interests or hamper and chill our speech. They must decide what goes too far. They must answer that question above — whose side are you on? I suggest a technologists’ Hippocratic oath: First, harm no users.

  • Mike

    Another group missing is the bios makers (AMI etc.). Where better to place an undetectable backdoor.

  • kristin shannon

    Or at least one could invoke Asimov’s 3 rules for robots:

    A robot may not injure a human being or, through inaction, allow a human being to come to harm.

    A robot must obey orders given it by human beings except where such orders would conflict with the First Law.

    A robot must protect its own existence as long as such protection does not conflict with the First or Second Law. (we can apply this to Google & co’s right to continue being credible to their customers)

  • Raymond Chuang

    Jeff, until the Internet backboner providers (e.g., AT&T, Level 3, Sprint and Verizon in the USA and Vodafone in Europe) start doing measures to stop snooping of the backbone itself, that letter published several days ago is USELESS. That’s because we now know that multiple intelligence agencies worldwide directly tap into the Internet backbone to snoop on all Internet activity worldwide.

  • NSA poi

    The fight is already lost; though I admire those who refuse to acknowledge, and keep up the appearance of resistance. The big connectivity providers also have big contacts with the government and are not predisposed to bite that feeding hand. The government is now a tool, not the master, of the too big to fail, and only when their purposes are better served by individual privacy will there be anything more than token efforts at simulating information security for the relatively powerless.