You are currently viewing SemiWiki as a guest which gives you limited access to the site. To view blog comments and experience other SemiWiki features you must be a registered member. Registration is fast, simple, and absolutely free so please, join our community today!
A thoughtful article in the April issue of the Communications of the ACM with bearing on Apple and the FBI, end-to-end encryption and more. A synopsis of the key point (for me) is that privacy has never been absolute, even before the digital age. For Americans, the Fourth Amendment states that:
"[t]he right of the people to be secure in their persons, houses, papers and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
Blanket searches and searches without warrant are certainly unconstitutional but an absolute right to privacy is not guaranteed. Invalidating a key component of the Constitution simply on the emergence of a digital age seems to me a step too far.
If a machine searches my stuff, and upon discovery of truly suspicious markers , says "this person is suspicious, get a warrant, this is the probable cause" while sharing the minimum or zero about me to a person - this isn't exactly breaking of privacy. That's something new that isn't mentioned in the constitution(how could it be?).
Fair point ippisl - we could and should refine law to reflect modern needs, but getting it into the Constitution? That will take longer. There is intentional hysteresis in that system to prevent reflexive response to issues of the day. We require a 2/3 majority vote to pass an amendment which in current times seems virtually impossible. I don't think Congress could pass a 2/3 vote on the time of day. But fundamental principles should be slow to change so not such a bad thing.
>> We require a 2/3 majority vote to pass an amendment which in current times seems virtually impossible.
After 9/11 do you think congress could have passed an amendment ? and a privacy amendment ?
Also i think there's the general question - in the end, more technology enables small groups to do a lot of harm and tech keep advancing. If this continues , won't it necessitate some form of blanket surveillance, because prevention seems like the only solution ?
Here's a funny one from the San Jose Mercury News:
Apple attorneys, speaking on condition of anonymity, said Friday they will resist any order forcing the company to help the FBI in the case, arguing that the government is trying to set a broad precedent that would require tech firms such as Apple to crack their own security.
For a company that is fighting for privacy you would think the lawyers would not be speaking on condition of anonymity, right?
>> We require a 2/3 majority vote to pass an amendment which in current times seems virtually impossible.
After 9/11 do you think congress could have passed an amendment ? and a privacy amendment ?
Also i think there's the general question - in the end, more technology enables small groups to do a lot of harm and tech keep advancing. If this continues , won't it necessitate some form of blanket surveillance, because prevention seems like the only solution ?
ippisil - you speak with great wisdom. For all the absolutist claims, privacy and security are flexible expectations. If the US were under immediate threat, we would be significantly less concerned about these issues than we would be about survival. It is only because many have forgotten or never known that kind of threat that the issue arises. In Maslow's hierarchy of needs we have gone from the bottom of the pyramid to top and forgotten there is a bottom.
As for whether we need some form of blanket surveillance - that will always be a tug of war between fear of external threats and fear of dictatorship I think.
During the Apple/FBI hearings, Susan Landau kept hammering the point home we're using 18th Century law and 20th Century investigation techniques to 21st Century problems. The framers were melting wax seals on letters and breaking down wooden doors to get information. Now, we start by reading Facebook posts and Tweets - and many times the evildoers put those there intentionally hoping to be noticed.
My working definition is this:
Privacy = who is allowed to see data
Security = protecting data from harm
Trust = emotions and implications
I'll go so far as to say that privacy, in a digital sense, is long gone. Nobody reads those privacy agreements or policies. As soon as anything is shared online in social media, it's out there forever. As soon as one agrees to use a cell phone or the Internet, their activity - at least at a metadata level - is tracked.
For me, the real issue is trust. It's like the kids used to say on the basketball court: "No harm, no foul." Trust is a measurement of how much perceived harm there is, and does it cross a threshold of concern.
The sticky part for vendors and lawmakers: one can completely keep privacy and security intact and still mess up trust.
I was just listening to an NPR radio show on Friday and they mentioned how our FBI is operating a fleet of surveillance aircraft flying over US cities. It doesn't sound like they are looking at just one criminal's cell phone, rather everyone's cell phone, which is a huge breach of privacy.
Daniel - There may be some truth in this but the Guardian is a famously lefty newspaper in the UK, eager to jump on anything which reinforces their view of the world and definitely not famous for presenting balanced viewpoints. Doesn't mean that most of what they publish is wrong, but for me they are sufficiently tainted that they are not my first or second go-to source for reliable reporting.
FYI, these days I am finding Reuters.com a pretty balanced source. I also read economist.com - they lean right of course but they are sufficiently old-fashioned that they avoid click-bait material and do substantive reporting on many topics. Curious to hear who others turn to?
This is going to be like the whole copyright thing we went through when the fundamental behavior of information changed. The internet raises jurisdictional issues and a host of other issues. Our technology allows hiding much more easily with effective encryption, but also allows much more listening with NSA class spying technology. It might be a wash in a way. Society is still catching up with technology and there is no end in sight really.
I bet that when there is good reason the government can get at whatever they want, and I know that widespread indiscriminate monitoring is a bad idea. I loath to think that we would go through another McCarthy Era. For my money I'd rather have less monitoring. I think terrorism is often the driver for these pushes for back doors. But we often are more afraid of sensational threats than the things that actually kill greater numbers of people. Cars and guns kill way more Americans than terrorists each year. Maybe we should worry about them first.
Bernard - thank you. And like you say there probably will always be tension between surveillance for risk prevention and dictatorship. Unless we can find some idea to break this trade-off. Maybe we'll be lucky.
Heck i'm curious what today's crypto math guys think about the possibilities to do so. Maybe later i'll have a look.
Blanket searches and searches without warrant are certainly unconstitutional but an absolute right to privacy is not guaranteed. Invalidating a key component of the Constitution simply on the emergence of a digital age seems to me a step too far.
There are no absolute rights so also not for privacy. In a digital age you need security in order to be able to have privacy. The problem is that for backdoors it is almost impossible to only have them used by the guys with the warrants. The use of backdoors then corresponds with reducing the general security and privacy.
In the end it should then also be forbidden to use it's own encryption without the government approved backdoors. Do you think such a requirement is still compatible with the US Amendments?
You have me on the spot Staf. I suspect the answer in some form is yes. The challenge is whose backdoors? All very well for the NSA to require their approach but what about the British, the Israelis, the Russians, the Iranians, etc, etc, etc? One suggestion I posted on recently from a crypto-expert was a common system that required approval, per case, from representatives of 9 (named) nations to unlock. That sounds like it would be challenging in practice - not so much technically as in getting the approvals.
Perhaps we will need to come to terms with some kind of backdoor, but one that would only allow the NSA to spy on people carrying phones purchased in America, and so on. Then conventional political/diplomatic methods are required to get access to data from phones in other countries and each country can debate how far rights extend to spying over its own populace. We shall see..
Perhaps we will need to come to terms with some kind of backdoor, but one that would only allow the NSA to spy on people carrying phones purchased in America, and so on.
As security experts say, once you put 'a backdoor that can only be used by...' in a sentence, you are dilluding yourself.
Personally I reserve the right to use the encryption I want and I don't feel myself a criminal for doing that.
