Whatever else last year will be remembered for, it will be known as the year in which a courageous whistle-blower brought home to us the extent to which the most liberating communications technology since printing has been captured.
Although former US National Security Agency (NSA) analyst Edward Snowden’s revelations initially seemed only to document the extent to which the state had exploited Internet technology to create a surveillance system of unimaginable comprehensiveness, as the leaks flowed, it gradually dawned on us that our naive lust for “free” stuff online has also enabled commercial interests effectively to capture the Web for their own purposes.
As if that realization was not traumatic enough, Snowden’s revelations demonstrated the extent to which the corporate sector — the Googles, Facebooks, Yahoos and Microsofts of this world — have been knowingly or unknowingly complicit in spying on us.
What it boils down to is this: We now know for sure that nothing that you do online is immune to surveillance and the only people who retain any hope of secure communications are geeks who understand cryptography and use open-source software.
This is a big deal by any standards and we are all in Snowden’s debt, for he has sacrificed his prospects of freedom and a normal life so that the rest of us would know what has happened to the technologies on we now depend. We can no longer plead ignorance as an excuse for alarm or inaction.
The scale and intrusiveness of the snooping have been shocking, even to technical experts who understood — in principle — what could be done. From there it is but a short step to demonizing the NSA, the UK’s Government Communications Headquarters (GCHQ, the secret agency responsible for signals intelligence) and their partners in surveillance, but to do so is to miss the point.
Security services are military agencies and they do what military forces do, which is to try to accomplish the missions they have been assigned given the resources they have been allocated. Questions about whether the missions are wise, or if the collateral damage is too high, are above the pay-grade of even the most senior officers.
Since politicians on both sides of the Atlantic insist that everything the NSA and GCHQ are doing and have done is or was done under legal authority and democratic — that is, political — control, it follows that the excesses unveiled by Snowden are the consequences of political judgements and misjudgements. Which means that the only way back to more sensible regimes is also a political one. In other words, this is ultimately about politics, not technology.
Secrecy impales democracies on the horns of an existential dilemma: On the one hand, democracy abhors secrecy because it makes accountability impossible as citizens cannot consent to what is done in their name if they do not know about it. On the other hand, secrecy is sometimes essential because some things have to be covert, such as activities necessary to ensure the safety of citizens. Societies face a choice between sacrificing accountability or sacrificing secrecy.
In practice, democracies have fudged the issue by lifting the veil of secrecy just enough to provide a semblance of accountability. In the US, this takes the form of a secret court, with secret hearings and judgements, and a congressional committee that is pathologically deferential to the intelligence services.
In the UK, there is an “oversight” system comprising a deferential House of Commons committee, together with a couple of retired judges who examine warranted or authorized operations and monitor GCHQ’s compliance with the law. This is the country’s semblance of accountability and one of the most important services rendered by Snowden is his exposure of how threadbare it now looks.
To put this point of view to senior British politicians, as some people have done in the past few months, is to provoke furiously indignant responses. They insist that of course they are on top of things. They may not understand the technological details, but they understand perfectly the issues involved and the difficult balances that need to be struck. The boffins and the spooks are on tap, not on top. These ministers and former ministers are infuriated by the ignorant questioning of journalists who — unlike those inside the magic circle — do not know what is “really going on.” What is more important in explaining the inadequacy of oversight is that most senior politicians in Britain seem remarkably ignorant about information technology.
A good illustration of this comes from their fond belief that the public would be reassured by the news that GCHQ and the NSA are “only” doing bulk collection of metadata. This was the argument used by British Secretary for Foreign Affairs William Hague when the Snowden revelations broke and it suggests that Britain’s ministers come to the task of regulating digital technology with analogue mindsets.
Metadata are, literally, “data about data.” In the case of a mobile phone, they are the numbers called by the handset, the duration of calls, the geographical location of the phone during the call and so on. In the case of e-mail, the metadata include the e-mail addresses of sender, addressee, others cc’d, the date and time of dispatch, and more. In Web browsing, metadata include a user’s clickstream — a list of the URLs visited — and the IP address of the computer running the browser.
Hague, Sir Malcolm Rifkind — who is chairman of the UK’s Intelligence and Security Committee, which oversees the work of the country’s intelligence machinery — et al maintain that collecting metadata is innocuous because it does not involve reading the content of communications for which a warrant — with the usual supposedly legal procedures and safeguards — is required. So everything is hunky-dory.
This complacency reveals an alarming ignorance of digital technology. In our world of pervasive communications, metadata are incredibly informative. For example, they reveal everything one has read online and everywhere a mobile phone user has been. In one famous case study, a German politician successfully sued a phone company for his metadata and from the data reconstructed an alarmingly accurate, detailed picture of his activities, communications and movements over a period of six months. Hoovering up metadata amounts to invasive, near-comprehensive surveillance.
What is more, it is done without a warrant because of a legal precedent that goes back to the era of analogue telephony, specifically, a US Supreme Court judgement in 1979 which decided that metadata are the property of the telephone company, not of the individual whose calls the metadata are gleaned from. This might have been a reasonable proposition when telephone calls were routed along copper wires, but it is completely inappropriate today and it is one of the factors that has provided the intelligence agencies with legal immunity.
Yet the biggest misjudgement of all — the one that legitimized most of the excesses that Snowden has unveiled — was also a political one. It was the decision of former US president George W. Bush’s administration to declare a “war on terror” in the aftermath of the Sept. 11, 2001, terrorist attacks on the US and the eager adoption by the UK and other Washington allies of the same stance.
As professor Eben Moglen of Columbia University puts it: the intelligence agencies “presented with a mission by an extraordinarily imprudent national government in the United States, which, having failed to prevent a very serious attack on American civilians at home largely by ignoring warnings, decreed that they were never again to be put in a position where they should have known. This resulted in a military response, which is to get as close to everything as possible. Because if you don’t get as close to everything as possible, how can you say that you knew everything that you should have known?”
In a real war — one in which the very survival of a state is threatened by a foreign adversary — almost anything is permissible, including the suspension of civil liberties, the right to privacy and all the other things liberals hold dear. Between 1939 and 1945, Britain was governed by what was effectively a dictatorship wielding unimaginable powers, including comprehensive censorship and the power to requisition private property on demand. Citizens might not have liked this regime, but they consented to because they understood the need for it.
The “war on terror” is not a war in this sense. It is a rhetorical device aimed at engineering consent for a particular political strategy. Yet it was enough to provide legislative cover for the acquisition by the US intelligence-gathering agencies of war-like powers, which included the means of surveilling every citizen on earth who had an Internet connection, as well as every owner of a cellphone in most countries of the world.
The war on terror may have succeeded in turbocharging the surveillance capabilities of the US and its allies, but it has also inflicted significant collateral damage on Washington’s foreign policy, threatened its dominance of cloud computing and other markets, undermined its major technology companies, infuriated some of its most important allies and superimposed a huge question mark on the future of the Internet as a global system. The war on terror may have made tactical sense in the traumatic months after Sept. 11, but as a political decision, it has had a catastrophic long-term impact.
Several years ago, while writing a book on understanding the Internet, I said that our networked future was bracketed by the dystopian nightmares of two old-Etonian novelists: George Orwell and Aldous Huxley. Orwell thought we would be destroyed by the things we fear, while Huxley thought that we would be controlled by the things that delight us. What Snowden has taught us is that the two extremes have converged: the NSA and its franchises are doing the Orwellian bit, while Google, Facebook and co are attending to the Huxleyan side of things.
In The Master Switch: The Rise and Fall of Information Empires — a magisterial history of the main communications technologies of the 20th century: telephone, radio, movies and television — legal academic Timothy Wu (吳修銘) discerned a pattern.
Each technology started out as magnificently open, chaotic, collaborative, creative, exuberant and experimental, but in the end, all were “captured” by charismatic entrepreneurs who went on to build huge industrial empires on the back of this capture. This is what has become known as the Wu cycle: “A typical progression of information technologies: from somebody’s hobby to somebody’s industry; from jury-rigged contraption to slick production marvel; from a freely accessible channel to one strictly controlled by a single corporation or cartel — from open to closed system.”
The big question Wu asked is whether the Internet would be any different. Ten years ago, I would have answered: “Yes.” Having digested Snowden’s revelations, I am less sure, because one of the things he has demonstrated is the extent to which the NSA has suborned the internet companies which have captured the online activities of billions of Web users. It has done this via demands authorized by the US’ Foreign Intelligence Surveillance Court — set up under the country’s Foreign Intelligence Surveillance Act — but kept secret from the companies’ users, and by tapping into the communications that flow between the companies’ server farms across the world.
The reason this made sense is because so much of our communications and data are now entrusted to these Web giants. Tapping into them must have seemed a no-brainer to the NSA. After all, Google and Facebook are essentially in the same business as the agency. Its mission of comprehensive surveillance also happens to be their business model. The only difference is that whereas the spooks have to jump through some modest legal hoops to inspect our content, the companies get to read it neat and the great irony is that this has been made possible because of our gullibility.
The Internet companies offered us shiny new “free” services in return for our acceptance of click-wrap “agreements” which allow them to do anything they damn well please with our data and content — and we fell for it. We built the padded cells in which we now gambol and which the NSA bugs at its leisure.
In our rush for “free” services, we failed to notice how we were being conned. The deal, as presented to us in the End User Licence Agreement, was this: you exchange some of your privacy (in the form of personal information) for the wonderful free services that we (Google, Facebook, Yahoo, Skype, among others) provide in return.
The implication is that privacy is a transactional good, something that you own and that can be traded. Yet, in these contexts, privacy is an environmental good, not a transactional one. Why? Because when I use, say, Gmail, I am not only surrendering my privacy to Google, but the privacy of everyone who writes to me at my Gmail address. They may not have consented to this deal, but their e-mail is being read by Google nonetheless, and before any lawyer pops up to object that having machines read one’s communications is not the same thing as having a human being do it, let me gently inquire if they are up to speed on machine-learning algorithms?
That Facebook founder and CEO Mark Zuckerberg is not sitting there sucking his pencil and reading your status updates does not mean that his algorithms are not making pretty astute inferences from those same updates, which is why Facebook probably knows that two people are going to have an affair before they do, or why one can make interesting inferences about the nature of a couple’s marriage from inspection of their network graphs.
This is where the interests of the NSA and the big Web companies converge. For what they have both managed to do is to abolish the practice of anonymous reading which, in the good old analogue days, we regarded as an essential condition for an open, democratic society. In a networked world, the spooks and the companies know everything you read and the latter even know how long you spent on a particular page — and if you do not think that that is creepy, then you have not been paying attention.
So what is to be done?
All of this we now know — or have belatedly realized — because of Snowden’s courage. In less than three decades, we have turned a liberating technology into a controlling one. The question now is whether we can extricate ourselves from this mess, or whether we have to resign ourselves to a comprehensively surveilled future?
The answer depends partly on whether we treat the Snowden revelations as evidence of a scandal or a crisis. As political philosopher David Runciman said, scandals happen all the time in democracies, but they generate little real change — they pass and business-as-usual resumes.
In contrast, crises do provoke structural change. Our best hope is therefore that the Snowden revelations signal a crisis. If they do, then there are some obvious things to be done.
For example, on the technology front, the Internet engineering task force needs to reconfigure the network so that every communication on it is encrypted, end-to-end. Yet, since this crisis has been caused by politics, ultimately only politics can fix it. So we need to radically beef up parliamentary oversight regimes of intelligence services. This requires parliamentarians who are: not awed by spooks or cowed by cant about “national security,” skeptical about the need for surveillance and advised by truly independent experts. While some surveillance activities will always need to be covert, activities that are kept secret simply because they would be deemed unacceptable if the public knew about them should be scrapped.
We also need some legislative changes. In particular, the law relating to metadata should be changed. Our metadata belong to us, not to communications providers, and any state monitoring of them should require a warrant. Bulk collection of metadata must end, not only because it threatens democratic values and infringes human rights, but also because it is a wasteful and ineffective way of countering the threats from which it supposedly protects us.
On the regulatory front, Internet companies should be made legally liable for securing any data that we entrust to them, but finally, and most importantly, US President Barack Obama must declare an end to the “war on terror” so that we can get back to the legitimate and important police work that needs to be done.
On April 19, former president Chen Shui-bian (陳水扁) gave a public speech, his first in about 17 years. During the address at the Ketagalan Institute in Taipei, Chen’s words were vague and his tone was sour. He said that democracy should not be used as an echo chamber for a single politician, that people must be tolerant of other views, that the president should not act as a dictator and that the judiciary should not get involved in politics. He then went on to say that others with different opinions should not be criticized as “XX fellow travelers,” in reference to
Chinese President and Chinese Communist Party (CCP) Chairman Xi Jinping (習近平) said in a politburo speech late last month that his party must protect the “bottom line” to prevent systemic threats. The tone of his address was grave, revealing deep anxieties about China’s current state of affairs. Essentially, what he worries most about is systemic threats to China’s normal development as a country. The US-China trade war has turned white hot: China’s export orders have plummeted, Chinese firms and enterprises are shutting up shop, and local debt risks are mounting daily, causing China’s economy to flag externally and hemorrhage internally. China’s
During the “426 rally” organized by the Chinese Nationalist Party (KMT) and the Taiwan People’s Party under the slogan “fight green communism, resist dictatorship,” leaders from the two opposition parties framed it as a battle against an allegedly authoritarian administration led by President William Lai (賴清德). While criticism of the government can be a healthy expression of a vibrant, pluralistic society, and protests are quite common in Taiwan, the discourse of the 426 rally nonetheless betrayed troubling signs of collective amnesia. Specifically, the KMT, which imposed 38 years of martial law in Taiwan from 1949 to 1987, has never fully faced its
Taiwan People’s Party Legislator-at-large Liu Shu-pin (劉書彬) asked Premier Cho Jung-tai (卓榮泰) a question on Tuesday last week about President William Lai’s (賴清德) decision in March to officially define the People’s Republic of China (PRC), as governed by the Chinese Communist Party (CCP), as a foreign hostile force. Liu objected to Lai’s decision on two grounds. First, procedurally, suggesting that Lai did not have the right to unilaterally make that decision, and that Cho should have consulted with the Executive Yuan before he endorsed it. Second, Liu objected over national security concerns, saying that the CCP and Chinese President Xi
RSS