Posts about Internet

The right to remember, damnit

A reporter asked me for reaction to news that Google has put up a form to meet a European court’s insane and dangerous ruling and allow people to demand that links to content they don’t like about themselves be taken down. Here’s what I said:

This is a most troubling event for speech, the web, and Europe.

The court has trampled the free-speech rights not only of Google but of the sites — and speakers — to which it links.

The court has undertaken to control knowledge — to erase what is already known — which in concept is offensive to an open and modern society and in history is a device used by tyrannies; one would have hoped that European jurists of all people would have recognized the danger of that precedent.

The court has undermined the very structure of Sir Tim Berners-Lee’s invention, the link — the underpinning of the web itself — by making now Google (and next perhaps any of us) liable just for linking to information. Will newspapers be forced to erase what they link to or quote? Will libraries be forced to take metaphoric cards out of their catalogs?

The court has, ironically, made Google only more powerful, making it the adjudicator of what information should and should not be found. The court has also given Google ludicrous parameters — e.g., having to decide what is relevant to what; relevant to whom; relevant in what context?

We don’t know how this order will be implemented by the various search engines. One question is what right of notice and appeal a delinked site will have.

If this process is public, as it should be, then doesn’t that have the potential to bring even more attention to the information in dispute? Another question is whether content will be made invisible in Europe but will still be visible — as I hope it will be — in the rest of the world, where the European court has no authority. Will this then allow others to compare search results and make the banned information only more visible? In the end, has the court assured a Streisand effect — or, as the comedian John Oliver said on his HBO show, the one thing that is known about the Spaniard who brought this case is the thing that he does not want known.

Further, what of search engines and sites that have no European offices and thus the court has no authority over them? If they refuse to delink on demand will the court ban these sites for European view?

Finally, I am concerned about the additive effect of this ruling on Europe’s reputation as technophobic or anti-American. Add to this especially various actions in Germany — government officials demanding a “Verpixelungsrecht” (a right to be pixelated) in Google Street View despite the fact that these are images taken of public views in public places; German publishers ganging up on Google to strongarm politicians into passing a law limiting the quoting of snippets of content and now threatening to break up Google — in addition to similarly head-scratching moves in France, Italy, and elsewhere. Is Europe a place where any technology company or investor will choose to work?

You ask about Eric Schmidt and David Drummond cochairing the advisory committee. That is a clear indication of how profound and dangerous this situation is in Google’s view. It so happens I was in Mountain View two weeks ago speaking to the all-hands meeting of Google’s privacy teams and I can tell you they were shocked at the ruling. I also said much of what I’ve said to you there. I am appalled by this ruling. [As a matter of disclosure, Google paid my travel expenses but I have no business relationship with Google.]

Brazil, Snowden & the net at Davos

Here at Davos, I just left a media conversation with Brazilian President Dilma Rousseff at which I asked two questions relevant to the internet.

First, I asked under what circumstances she would consider granting asylum to Edward Snowden. She did not answer that question directly but said that the Brazilian government “has not been addressed” regarding an application for asylum, “therefore since I cannot possibly contemplate such a request you are working under a mistaken premise. The request was never formally submitted.” Interpret the subtleties of that as you may.

I also asked about controversial plans to require technology companies to store Brazilians’ data in Brazil, seeking her reaction to criticism that this will lead to a balkanized internet. She responded strictly in the context of criminal prosecution, saying that in an investigation into money laundering her justice department was denied access “precisely because it ran counter to the legislation of the country where the data was stored.”

“We cannot possibly accept that interference about data,” she continued. “It’s about our sovereignty…. We cannot find ourselves subject to the laws that prevail in third-party countries.” And then she added: “A compromise agreement is always possible.”

A few observations:

First, holding citizens’ data in Brazil makes it easier for the authorities to get data on those citizens for reasons good or bad.

Next, I’m surprised that she did not use this as an opportunity to continue her complaints about U.S. surveillance of Brazilian entities.

Instead, she put this as a matter of Brazilian sovereignty. That’s blunt but troubling. I’ve argued before that no nation should be able to claim sovereignty over the net.

If Brazil succeeds in imposing this data requirement, then it represents the further balkanization of the net. Brazil ends up with its own net, Iran does too, and so does China. The good-guy argument doesn’t wash for the architecture and precedent set by any good guy can be used by any bad guy.

Note also this week that Microsoft said it would honor customers’ requests to hold their data outside of the U.S. and the prying eyes of the NSA. At a practical level, it’s not hard to imagine that working for enterprise data; here at Davos, Salesforce.com’s Marc Benioff said his company can show a client the building and the rack where its data is held. But for consumer services, it is hard to imagine how, say, Bing could store, say, your search history outside the U.S. but mine inside.

And apart from those practical considerations, other tech executives said yesterday at Davos that the U.S. FISA court can still require a technology company to hand over data that is under its control, no matter whether that data is held in the U.S. or abroad.

This is a show of shadow puppets but one that could have serious, injurious impact on the net.

Back to Rousseff: The media conversation was to be off the record but after it was over she said that everything she said could be used on the record.

An odd event, it was. Asked one question about the economy of Brazil, she filibustered for half an hour, sounding — in the observation of another journalist — like a Chinese party official outlining the newest five-year plan.

The war on secrecy

Here is a post I wrote for the Guardian:

It has been said that privacy is dead. Not so. It’s secrecy that is dying. Openness will kill it.

American and British spies undermined the secrecy and security of everyone using the internet with their efforts to foil encryption. Then Edward Snowden foiled them by revealing what is perhaps (though we’ll never know) their greatest secret.

When I worried on Twitter that we could not trust encryption now, technologist Lauren Weinstein responded with assurances that it would be difficult to hide back doors in commonly used PGP encryption — because it is open source.

Openness is the more powerful weapon. Openness is the principle that guides Guardian journalism. Openness is all that can restore trust in government and technology companies. And openness — in standards, governance, and ethics — must be the basis of technologists’ efforts to take back the the net.

Secrecy is under dire threat but don’t confuse that with privacy. “All human beings have three lives: public, private, and secret,” Gabriel Garcí­a Márquez tells his biographer. “Secrecy is what is known, but not to everyone. Privacy is what allows us to keep what we know to ourselves,” Jill Lepore explains in The New Yorker. “Privacy is consensual where secrecy is not,” write Carol Warren and Barbara Laslett in the Journal of Social Issues. Think of it this way: Privacy is what we keep to ourselves. Secrecy is what is kept from us. Privacy is a right claimed by citizens. Secrecy is a privilege claimed by government.

It’s often said that the internet is a threat to privacy, but on the whole I argue it is not much more of a threat than a gossipy friend or a nosy neighbor, a slip of the tongue or of the email “send” button. Privacy is certainly put at risk when we can no longer trust that our communication, even encrypted, are safe from government’s spying eyes. But privacy has many protectors. And we all have one sure vault for privacy: our own thoughts. Even if the government were capable of mind-reading, ProPublica argues in an essay explaining its reason to join the Snowden story, the fact of it “would have to be known.”

The agglomeration of data that makes us fear for our privacy is also what makes it possible for one doubting soul, one weak link — one Manning or Snowden — to learn secrets. The speed of data that makes us fret over the the devaluation of facts is also what makes it possible for journalists’ facts to spread before government can stop them. The essence of the Snowden story, then, isn’t government’s threat to privacy so much as government’s loss of secrecy.

Oh, it will take a great deal for government to learn that lesson. Its first response is to try to match a loss of secrecy with greater secrecy, with a war on the agents of openness: whistleblowers and journalists and news organizations. President Obama had the opportunity to meet Snowden’s revelations — redacted responsibly by the Guardian — with embarrassment, apology, and a vow to make good on his promise of transparency. He failed.

But the agents of openness will continue to wage their war on secrecy.

In a powerful charge to fellow engineers, security expert Bruce Schneier urged them to fix the net that “some of us have helped to subvert.” Individuals must make a moral choice, whether they will side with secrecy or openness.

So must their companies. Google and Microsoft are suing government to be released from their secret restrictions but there is still more they can say. I would like Google to explain what British agents could mean when they talk of “new access opportunities being developed” at the company. Google’s response — “we have no evidence of any such thing ever occurring” — would be more reassuring if it were more specific.

This latest story demonstrates that the Guardian — now in league with The New York Times and ProPublica as well as publications in Germany and Brazil — will continue to report openly in spite of government acts of intimidation.

I am disappointed that more news organizations, especially in London, are not helping support the work of openness by adding reporting of their own and editorializing against government overreach. I am also saddened that my American colleagues in news industry organizations as well as journalism education groups are not protesting loudly.

But even without them, what this story teaches is that it takes only one technologist, one reporter, one news organization to defeat secrecy. At the length openness will out.

What are you thinking, Mr. President?

I wrote this for the Guardian, where the discussion is quite lively, approaching 1,500 comments. I’m posting it here a few days later for the purposes of my own archive.

What are you thinking, Mr. President?

Is this really the legacy you want for yourself: the chief executive who trampled rights, destroyed privacy, heightened secrecy, ruined trust, and worst of all did not defend but instead detoured around so many of the fundamental principles on which this country is founded?

And I voted for you. I’ll confess you were a second choice. I supported Hillary Clinton first. I said at the time that your rhetoric about change was empty and that I feared you would be another Jimmy Carter: aggressively ineffectual.

Never did I imagine that you would instead become another Richard Nixon: imperial, secretive, vindictive, untrustworthy, inexplicable.

I do care about security. I survived the attack on the World Trade Center and I believe 9/11 was allowed to occur through a failure of intelligence. I thank TSA agents for searching me: applause for security theater. I defend government’s necessary secrets. By the way, I also defend Obamacare. I should be an easy ally. But your exercise of power appalls me. When I wrote about your credibility deficit in the Guardian, I was shocked that among the commenters at that great international voice of liberalism, next to no one defended you. Even on our side of the political divide, I am far from alone in urgently wondering what you are doing.

As a journalist, I am frightened by your vengeful attacks on whistleblowers — Manning, Assange, Snowden, and the rest — and the impact in turn on journalism and its tasks of keeping a watchful eye on you and helping to assure an informed citizenry.

As a citizen, I am disgusted by the systematic evasion of oversight you have supported through the FISA courts; by the use of ports as lawless zones where your agents can harass anyone; by your failure on your promise to close Guantanamo, and this list could go on.

As an American often abroad, I am embarrassed by the damage you have caused to our reputation and to others’ trust in us. I find myself apologizing for what you are doing to citizens of other nations, dismissing the idea that they have rights to privacy because they are “foreign.”

As an internet user, I am most fearful of the impact of your wanton destruction of privacy and the resulting collapse of trust in the net and what that will do to the freedom we have enjoyed in it as well as the business and jobs that are being built atop it.

And as a Democrat, I worry that you are losing us the next election, handing an issue to the Republicans that should have been ours: protecting the rights of citizens against the overreach of the security state.

Surely you can see this. But you keep doubling down, becoming only more dogged in your defense of secrecy and your guardians of it. I don’t understand.

The only way I could possibly grant you the benefit of doubt is to think that there is some ominous fact about our security that only you and your circle know and can’t breath or the jig will be up. But I don’t believe that anymore than I believe a James Bond movie or an Oliver Stone conspiracy theory. You can’t argue that Armageddon is on the way and that al Qaeda is on the run at the same time.

No, I think it is this: Secrecy corrupts. Absolute secrecy corrupts absolutely. You have been seduced by the idea that your authority rests in your secrets and your power to hold them. Every attack on that power, every questioning of it only makes you draw in tighter, receding into your vault with the key you think your office grants you. You are descending into a dark hole of your own digging.

But you know better, don’t you? In a democracy, secrecy is not the foundation of authority; that is the basis of dictatorships. Principles and their defense is what underpins your office.

First among those principles is the defense of our freedom. Security is only a subset of that, for if we are not secure we are not free. Freedom demands the confidence that we are not under attack, yes, but also that we are not being surveilled without our knowledge and consent. The balance, which we are supposedly debating, must go to freedom.

Transparency is another principle you promised to uphold but have trammeled instead. The only way to assure trust in your actions is if they are overseen by open courts, by informed legislators, by an uninhibited press, and most importantly by an informed citizenry.

As political and media attention turn away from you, you have an opportunity to rise again to the level of principles, to prove that your rhetoric about change was not empty after all, to rebuild your already ill-fated legacy, to do what is expected of you and your office.

You could decide to operate on the principle that our privacy is protected in any medium — not just in our first-class letters but in our emails and chats and calls — unless under specific and due warrant.

You could decide to end what will be known as the Obama Collect it All doctrine and make the art of intelligence focus rather than reach.

You could decide to respect the efforts of whistleblowers as courageous practitioners of civil disobedience who are sacrificing much in their efforts to protect lives and democracy. If they are the Martin Luther Kings of our age, then call off Bull Connor‘s digital dogs and fire hoses, will you?

You could decide to impress us with the transparency you still can bring to government, so that the institution you run becomes open by default rather than by force, as it is now, under you.

You could decide to support a free press and stop efforts — here and, using your influence, with our friends in the UK — to restrain their work.

You could decide that whether they are visiting our land or talking with our citizens by email or phone, foreigners are not to be distrusted by default.

You could try to reverse the damage you have done to the internet and its potential by upholding its principles of openness and freedom.

You could. Will you?

Give up on the net?

Die Zeit asked a handful of people to answer their question, in essence: Have big companies and the NSA ruined the internet? Or to quote the email to me: “Have all the hopes concerning the internet been destroyed?” Here’s my answer in English; the German translation is here.

The battle for control — and the soul — of the internet has only just begun.

I doubt the net’s creators realized how subversive it was to connect anyone to anyone, bypassing the institutions that mediated those connections: from media to government, universities to retailers. These institutions are now circling wagons to protect their prerogatives: copyright for media, secrecy for government.

But as much as they want to take charge of it, the internet is less about institutions than individuals. Now anyone who’s connected can speak to, find, join, and act with a public. Anyone can find information, learn, sell, and create.

Yes, large new institutions are born to serve these needs and opportunities: Google to connect us with information, Facebook with each other, Twitter with everyone. They and we are negotiating norms and ethics regarding privacy, transparency, and control, a process that’s progressing.

Then enter government. It may portray itself as the protector of privacy but it is instead the greatest threat to privacy, for it can gather information and use it against us as no one else can. It abuses the net.

The problem Edward Snowden uncovered in the NSA is not technology. The issue is transparency. The NSA demonstrates that secrecy corrupts and absolute secrecy corrupts absolutely.

We must engage in the discussion Snowden finally sparked about the principles of a free and open society, which we must protect in the face of the new opportunities technology presents to, in the words of NSA chief Keith Alexander, “collect it all.”

Those principles, which I proposed in my book Public Parts, include:
* An ethic of privacy, compelling governments and companies not to steal our data without our knowledge.
* The ideal that government must be open by default and secret by necessity; today, it is the opposite.
* The right to connect, speak, assemble and act online as off.
* The understanding that if any bit on the net is stopped, detoured, or spied upon by any institution then no bit — or the net itself — can be presumed to be free.
* And agreement that the net must remain open and distributed, controlled or corrupted by no government.