Computers, Privacy & the Constitution

Privacy: A Torrid Affair

In the face of a crisis, privacy is sacrificed on the alter of public safety. People were too busy marveling at how the government was quickly able to identify the suspects of the Boston marathon bombings to notice how odd it is that we are all being recorded everywhere we go. Tragedies such as Boston act to legitimize the current system, a trump card for anyone who argues that the status quo is a deeply unsettling invasion of privacy that is virtually unregulated by the current law. The problematic friction between privacy and law enforcement becomes apparent however when the latter attempts to usurp technology that, rather than violating the former, actually affords it.

Once Upon an Onion Router

Tor (“The Onion Router”) is a software program that prevents third parties from monitoring your traffic. Originally sponsored by the U.S. Naval Research Laboratory as an experiment in anonymous communications between governments, Tor protects communications by randomly bouncing traffic through at least three different servers, each with a separate layer of encryption and each run by Tor Project volunteers. Provided the applications do not leak your activities or your identity, the only information that can be gleaned from your browsing is “This IP address is using Tor.”

The Tor Project sees itself as a champion of a more democratic internet. Spokesperson Jacob Appelbaum conceives of Tor as “part of an ecosystem of software that helps people regain and reclaim their autonomy. It helps to enable people to have agency of all kinds; it helps others to help each other and it helps you to help yourself. It runs, it is open and it is supported by a large community spread across all walks of life.” Like the internet itself, Tor is used for a variety of things, both legal and illegal. The Silk Road, an online black market run by the Dread Pirate Roberts, is one of the more notorious uses of Tor. When much of the press surrounding Tor is about using Bitcoin to buy pure crystal meth or features headlines such as “Tor Network at the Heart Northern Kentucky Child Porn Case,” it is easy to forget that Tor is among one of the few bastions of freedom in conflict zones where unencrypted data and physical network location revelations mean much more than data mining dollars. When Egypt began blocking access to the internet in January 2011, thousands of users relied on Tor to connect and share with the outside world. Even in less extreme cases of censorship or observation, hundreds of thousands of people use Tor to research sensitive topics, to connect to news sites that are blocked by their local providers, and to write powerful indictments of current regimes and advocate for social change. The ability to engage in any of these activities without fear of bodily harm or ending up on a watch list is fundamental to democracy. Being informed and informing others in ways which we control act as powerful checks on institutions that far too often have the upper hand in force and/or information asymmetry.

Privacy Panic Case Study: A Japanese Game of Cat and Mouse

Beginning in the summer of 2012, hacker Yusuke Katayama spread a Trojan horse virus via online message boards that would allow him to remotely control host computers from which he could post death threats. Because of his use of Tor, he could only be identified on his terms, in this case under the pseudonym of “Demon Killer.” He taunted investigators for months, sending puzzles and cryptic messages (“Thank you for playing with me”) to the media and even the police directly. In January, he orchestrated a bizarre scavenger hunt that tasked investigators with finding a cat on Enoshima Island, a popular tourist attraction. The correct cat had a memory device containing the source code of the virus and other clues. Once the investigators located the cat, they were able to identify Katayama through, what else, closed circuit television.

As a result of a fumbled investigation, which featured four false arrests and two false confessions, Japan’s National Police Agency (NPA) launched a war on anonymity. An April 18 NPA panel cited the obligatory parade of horribles that anonymous browsing abets (child pornography, financial fraud, confidential information leaks, etc.) and advised ISPs and site administrators to work in concert to block users if there is any reason to suspect that they are abusing Tor's anonymizing features. As one report points out, “that can can be read as a presumption of guilt on anyone who anonymizes their Web activity.”

The Right to be Anonymous

At this point, the global population should be immediately skeptical of a policy that prohibits a neutral tool based on the ability to use it for illicit and unsavory purposes. Pointing to child predators seems especially emotionally manipulative.

Suddenly anonymity has become inextricably associated with criminality. It seems that, if anything, quite the opposite should be true: Anonymity should be the assumption, the baseline allocation. Our privacy rights are founded on the malleable concept of “expectations of privacy,” and the truly horrifying implication of Japan’s cat-astrophe and the tragedy in Boston is that this sphere of space is shrinking beyond recognition. Not only should you not expect privacy, but actively seeking it is presumed criminal. It seems odd that anonymous browsing is not the standard, and even odder that most people do not demand it. As Tor Executive Director Andrew Leman states, “Everyone has a right to be left alone by default—you should be in control of your data. The first rule of privacy is you decide what's private. That goes for anonymity, too.” Of course, there’s always regulators' favorite question, the impossible “What do you have to hide?” This is such an obvious straw man; it completely changes the debate by shifting the burden. The only possible answer is to shift it right back: “What gives you the right to know?”

-- StacyAdelman - 04 May 2013



Webs Webs

r2 - 14 Jan 2015 - 22:44:50 - IanSullivan
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM