Building Privacy into the Infrastructure: Towards a New Identity Management Architecture comes to what I fear some of my friends in the privacy community will find to be an unacceptable conclusion.
I’ll be presenting it at the Privacy Law Scholars Conference in Washington next week. Hopefully, since many attendees are in fact friends, they won’t bring brickbats.
In a Wall Street Journal debate today I argue that drones should not be allowed to overfly private property without the inhabitant’s consent due to the privacy risks, the consequent erosion of the 4th Amendment, and other dangers. This echoes some of the arguments in Self-Defense Against Robots and Drones, the recent Connecticut Law Review article I wrote with Zak Colangelo.
Ryan Calo gives the other side, arguing that overflights should be allowed in order to spur innovation. I think the WSJ sees him as the Bolshevik here, as they sum up the debate like this:
A. Michael Froomkin, the Laurie Silvers and Mitchell Rubenstein distinguished professor of law at the University of Miami School of Law, says that drones pose a huge threat to security and privacy, and that property owners should be able to keep them from flying over their land. Ryan Calo, an assistant professor of law at the University of Washington, says decisions about where and when drones can fly should be made collectively, not by individual landowners.
Who would have imagined I’d be the right-winger in a debate on the pages of the Wall Street Journal? I suspect that my former boss, Judge Stephen F. Williams, would be quite amused, although he’d probably describe it as vindication.
A brief history of the surveillance debate:
2012: "Mass surveillance is fine — if it wasn’t, you’d see major corporations trying to court new business by building in crypto tools that kept out the surveillance agencies. The fact that they’re not doing this tells you that surveillance opponents are an out-of-touch, paranoid minority."
2016: "Mass surveillance is necessary — when companies use crypto tools as ‘marketing ploys,’ they’re getting in the way of something we all agree is proportionate and legitimate!"
The inaugural issue of the Journal of Self-Regulation and Regulation is out, and it includes an article of mine, From Anonymity to Identification. The article is adapted from a talk I gave in Heidelberg last December. I’m in good company: other authors in this issue are Markus Beckedahl, Jeanette Hofmann, Marianne Kneuer, Milton L. Mueller, Ekkehart Reimer, William Binney, Kai Cornelius, Myriam Dunn Cavelt, Sebastian Harnisch and Wolf J. Schünemann.
The full text of this open-access journal is available online, including a .pdf of From Anonymity to Identification. As Larry Solum likes to say, download it while it’s hot.
Here’s the abstract for “From Anonymity to Identification”:
This article examines whether anonymity online has a future. In the early days of the Internet, strong cryptography, anonymous remailers, and a relative lack of surveillance created an environment conducive to anonymous communication. Today, the outlook for online anonymity is poor. Several forces combine against it: ideologies that hold that anonymity is dangerous, or that identifying evil-doers is more important than ensuring a safe mechanism for unpopular speech; the profitability of identification in commerce; government surveillance; the influence of intellectual property interests and in requiring hardware and other tools that enforce identification; and the law at both national and supranational levels. As a result of these forces, online anonymity is now much more difficult than previously, and looks to become less and less possible. Nevertheless, the ability to speak truly freely remains an important ‘safety valve’ technology for the oppressed, for dissidents, and for whistle-blowers. The article argues that as data collection online merges with data collection offline, the ability to speak anonymously online will only become more valuable. Technical changes will be required if online anonymity is to remain possible. Whether these changes are possible depends on whether the public comes to appreciate and value the option of anonymous speech while it is still possible to engineer mechanisms to permit it.
John Oliver interviews Edward Snowden.
Warning: Not utterly safe for all workspaces….
EFF and other fine groups announce DETEKT, a spyware detection tool. It’s a joint project with Amnesty International, Digitale Gesellschaft, and Privacy International. Read the disclaimers and instructions carefully.
Note also that they seem to be on a very short release cycle: I downloaded version 1.1 at work yesterday (nothing detected), and just downloaded version 1.3 at home today.
Disclosure: I’m a proud member of the Electronic Frontier Foundation Advisory Board.
Looks like the IAB is being all Habermasian again:
IAB Statement on Internet Confidentiality
In 1996, the IAB and IESG recognized that the growth of the Internet depended on users having confidence that the network would protect their private information. RFC 1984 documented this need. Since that time, we have seen evidence that the capabilities and activities of attackers are greater and more pervasive than previously known. The IAB now believes it is important for protocol designers, developers, and operators to make encryption the norm for Internet traffic. Encryption should be authenticated where possible, but even protocols providing confidentiality without authentication are useful in the face of pervasive surveillance as described in RFC 7258.
Newly designed protocols should prefer encryption to cleartext operation. There may be exceptions to this default, but it is important to recognize that protocols do not operate in isolation. Information leaked by one protocol can be made part of a more substantial body of information by cross-correlation of traffic observation. There are protocols which may as a result require encryption on the Internet even when it would not be a requirement for that protocol operating in isolation.
We recommend that encryption be deployed throughout the protocol stack since there is not a single place within the stack where all kinds of communication can be protected.
The IAB urges protocol designers to design for confidential operation by default. We strongly encourage developers to include encryption in their implementations, and to make them encrypted by default. We similarly encourage network and service operators to deploy encryption where it is not yet deployed, and we urge firewall policy administrators to permit encrypted traffic.
We believe that each of these changes will help restore the trust users must have in the Internet. We acknowledge that this will take time and trouble, though we believe recent successes in content delivery networks, messaging, and Internet application deployments demonstrate the feasibility of this migration. We also acknowledge that many network operations activities today, from traffic management and intrusion detection to spam prevention and policy enforcement, assume access to cleartext payload. For many of these activities there are no solutions yet, but the IAB will work with those affected to foster development of new approaches for these activities which allow us to move to an Internet where traffic is confidential by default.