Privacy and Encryption

If I were to propose a law that would authorize the Post Office to open your letters and packages, observe and record the contents, sell the resulting information to anyone who will pay them for it, and insert their own materials inside (without informing either you nor the recipient) before delivering them, you would rightly think me crazy. Why would we give such power to any organization? Yet this is exactly the situation with the companies that handle our email and other internet activities. They are free to do all of this and more, and they are making truly staggering amounts of money in the process. One of the hallmarks of civilized countries has always been their postal systems, and privacy has always been a feature of such systems. Just because we have invented a faster and more efficient means to send materials to one another does not change the fundamental nature of those messages. They are still private communications and we should have the right to expect that privacy to be respected.

The argument that the nature of the technology makes it impossible to prevent the owners of the wires and routers from being able to do these things is not correct, and even if it were would still not provide a justification for allowing it. There are countless human behaviors that we have collectively decided for various reasons cannot be permitted in a workable society, and many of them rely on harsh penalties to deter people even when it would be impossible to physically restrain them from breaking the law. One might as well say that since people in the privacy of their homes are free to abuse their spouses and we really have no way to change that, it is useless to pass laws against it.

We could relatively easily prevent much of this abuse, by the use of strong encryption. It is true that advances in computing power make it very difficult to devise unbreakable encryption, but this is not needed. What we need is strong enough encryption to make it not worth the time and trouble of trying. It could be made completely transparent to the users. 

The problem is that strong encryption methods are considered items of national security, and their use by ordinary citizens is against the law. This is justified by the perceived need for the government to be able to monitor all communications so as to be able to effectively counter terrorist groups. If strong encryption were generally available these groups could communicate freely unmolested. In truth, though, if they cared enough terrorists could in fact use very effective encryption. In spite of the law, strong encryption is out there, but there is no evidence that terrorists make any effort at all to use it. However national security makes a powerful case in peoples’ minds for keeping the status quo.

Another factor that comes into play is the commonly heard “If you have nothing to hide, why do you care about privacy?” The question that springs to my mind when I hear this is “Do you lock the bathroom door when you are on the toilet?” An activity does not have to be shameful or harmful to the community for me to want to keep it private. In addition it all hinges on what kinds of communications or behavior the authorities are interested in curtailing. Points of view that are quite acceptable, even admirable, today have a way of suddenly becoming  unacceptable with a change in the political scene. In England during the time of the Tudors, the social and legal position of Catholics and Protestants switched places several times with the death of a monarch and the accession of a new one.

It is also argued that this (and many other abuses) are simply a matter of contract law. If you read the fine print, they tell you everything they are going to do, and you agreed to it when you clicked “I have read and agree to the terms of business,” probably by now the most told lie in all of history. However it cannot truthfully be said that users enter willingly into these agreements; they have no reasonable choice. All of the useful services on the internet are for all intents and purposes monopolies. Sure, you can buy a computer that runs on Linux, and use secure browsers and virtual private networks, but then none of the social networks will work properly. This is not by chance; they deliberately make their products compatible only with the mainstream platforms. Also with such a setup you will spend a significant portion of your time just keeping it running, and have to deal with all kinds of difficult installers and drivers. 

We should require the use of strong end to end encryption for all of our dealings on the internet, and establish the clear principle that the function of Internet Service Providers is solely to see that everything is delivered to its proper destination, and looking at the content of the messages should carry harsh penalties.  If this means that Google would only make million rather than billions, the so be it. There is no inherent unfettered right to make money.