If the global Internet is going to be warped to suit governments’ interests, we must ensure that it isn’t broken up into cantonized national networks with less privacy, less efficiency, less commerce and less speech. That means making it easier for foreign governments to get data when that access is justified and harder when it is not.
International agreements are one solution, and America and Britain are rumored to be negotiating such a deal. In the meantime, American technology companies should be free to comply directly with foreign government requests for data, as long as that access is warranted and meets international standards of due process and human rights. If America fails to allow such access, it will happen anyway in a brute and extralegal manner – and the result will be a less secure, less efficient Internet.
Hand over data, with all the privacy risks that involves, or the internet breaks up. Really? That’s the best we can? Those are the outcomes we have to settle for?
What a deception.
Sorry for the swearing but Bloody Hell I wish people would stop trying to control other people! (especially their freedoms – or their freedoms for communicate fully privately)
It’s childish and a mark of complete insecurity. It’s childish when religions do it, it’s childish when pseudo-religious movements do it – yes Daesh, that’ll be you) and it’s equally childish when governments of any and all persuasions do it.
Adult, mature, and confident people (or democratic Governing organisations) should have no need and especially, no desire, to implement or inflict such.
History has proven that when a government calls itself ‘democratic’, it is all but…
So I’m in the EU. Let’s say my data is in the US. With a company like Google.
When the US-government wants my data, they can just take it. Supposedly they don’t even need to talk to a judge: https://media.ccc.de/v/31c3_-_6195_-_en_-_saal_g_-_201412272145_-_th…
They can even collect my data in bulk. Why ? Because the US is one of a few countries which has a lot of exceptions for foreigners.
Now, supposedly that last bit hasn’t happened yet. Because we have no proof.
But the US companies would need to comply because it’s the law and we know how much the US loves to get data.
So let’s say I’m not happy about this situation. So the EU says: we don’t like the US practices, let’s make sure the data is stored in the EU.
At first you’d applaud that. But…
What usually happens is that when law enforcement in my country wants my data they’ll have to go through a US judge, which can take 10 months.
If that data is in the EU, this will go a lot faster.
So if I put it in the US, the US-government has easy access.
The safe harbour agreement was declared dead by the EU-court (but they’ll probably create new rules and they already have a sort of loophole).
Should I be happy about that the dead ?
Maybe not, if it’s in the US only one government can get it. But they can get it really easily, even as part of a bulk data collection system.
When the data is in the EU, multiple governments can get my data ?
By law the US companies can’t block US-government requests. So in that case you depend on the balls of the US companies. Which have gotten bigger, because US companies value their sovereignty of course.
Best policy: don’t store data with someone else. There is no cloud. It’s just someone else’s computer
Keep your data to yourself.
That’s an apt title for your post ( Just kidding
)
Well, I used to think technology would come to the point where everyone would have a very small cheap box in their house to hold all their data. The only requirement to store data elsewhere would be redundancy/backups and that could be encrypted and distributed to services and/or other users. So essentially your data would always be in your possession. Rich application frameworks could be built to collaborate on top of federated protocols for data interchange.
And while technology has evolved sufficiently to make this all realistic and practical, the companies pushing the technology have driven us away from federated protocols where we’d be in control and towards a centralized model where they are in control. It’s easy to see why, control equates to profit, and federated protocols equates to them loosing control over us.
The privacy issues we’re now seeing are a direct consequence of corporate business models pushing our data into their central silos. None of this is surprising except perhaps how willing users have been to forgo their own privacy. Collectively, it seems that we are very willing to give up our rights for very little in exchange, which is something I would have mispredicted in the past. Whether we like it or not, the public apathy in general makes it difficult to achieve critical mass around technologies promoting data independence.
Edited 2015-12-03 11:35 UTC
Like global warming and any other gradual disasters, people don’t want to act until it’s too late and already suffering the consequences. You can always predict that.
You see, there are always so much hidden interests on “big” questions that displaying some prudence and reserve seems to be the wise path.
Specifically on the subject you raised, I am all for actions to be taken, after all, we don’t know any other habitable planet and even if we knew it would be catastrophically far away to any practical purposes. As so, any possible plan B is non-existent. There is also the grisly consequences of pollution on biological species, us just one of them. Yes, we need to do something, but what and how much are precisely the points of disagreement.
If we really knew how much the “greenhouses gases” affect the environment and what healing capacity and resilience it encompass an agreement between all parts would be far easier (at least, I hope). Unluckily, the existent models didn’t anticipated very well the current situation and, besides, correlation does not equates to causation. I’m aware that the subject of the modeling is astonishingly complex.
Anyway, may you be curious about my instance, reread the 1st and 2nd paragraph.
You are right with one exception; there’s no global warming.
Yup, you are right, it’s called climate change.
There is change, but I assume you’re opinion is humans are not the cause.
There is no human-caused climate change either. Look it up. It’s not just his opinion.
Some people I respect are climate change deniers.
But most of what I’ve seen from the science seems to indicate the opposite.
Obviously scientists also disagree to make things easier. 😉
I’m certain in due time someone will be proven right.
If we listen to the deniers and they are wrong, we’ll be very sorry.
Edited 2015-12-03 21:33 UTC
I say to hell with them if they don’t understand science. The earth is warming in the scientific sense of more energy being trapped and we shouldn’t have to use the politically correct name of climate change.
The only reason I call it climate change is because of technical reasons.
Because it isn’t going to get warmer everywhere.
It will mostly lead to more extreme weather everywhere.
Some deniers say: look at all this snow ! How do you mean global warming ?
What scientific proof are you referring to? Link please. What is this science you claim to understand?
Climate change is a political movement and is not based on science. For example see : http://www.infowars.com/youtube-blocks-polar-bear-explosion/
Lots of us have been advocating for this even when remote leased storage was not yet called “cloud” (more or less, of course). Problems are, as you pointed out, the “cloud” companies and politicians recognized the extra value associated to the “data”, besides the lease collection, and most people and companies don’t immediately foresee the danger associated to human interactions, i.e., power almost fatally end being abused, and trade prudence by convenience.
Spot on Alfman
A number of projects come to mind when you talk about these things:
– freedombox – for building such a small device
– duplicity – encrypted backup using rsync algorithm and library
– docker/containers for deploying applications and making them more managable/upgradable through open source collaboration
I really want to see federated protocols, all the building blocks already exist.
Do cryptocurrencies or the block-chain technologies belong in these categories ?
Edited 2015-12-03 18:02 UTC
I should add something:
Bruce Schneier calls this situation: feudalism
BRAVO!
So far most people seem to not even care about things like data breaches:
http://thenextweb.com/opinion/2015/12/04/when-are-we-going-to-get-r…
Decades ago, felt a nude in the guts that first time, when on turning a corner, encountered face to face with that ‘angelical’ name: Cloud.
Marketing is full of evil.
Makes you wonder what kind of intelligence bonanza a company like Intuit has been for India.
Do people think that governments should never have access to data stored on third party services also think that governments shouldn’t ever under any circumstances have the ability to search one’s home as well?
Maybe we’d disagree on how easy or difficult it should be for governments to look at what we have in the physical or virtual realm, but can we all agree that they should be able to in certain circumstances?
I don’t think most people will disagree that if there is probable cause and they can obtain a warrant, they can investigate. That system has worked well to balance state power and liberties.
Bill Shooter of Bul,
That’s a fair point, but it comes on the back of revelations that our governments are conducting warrantless wiretapping. Even to the point of placing wiretaps on service providers like yahoo and google without them knowing.
Quoting google’s engineers “Fuck these guys.” They are the ones breaking public trust by breaking the laws. Wiretapping diplomats for political reasons rather than criminal reasons, that’s a serious abuse. Those culpable should have gone to prison. Yet even now government officials are more concerned about maintaining the facade rather than facing it’s crimes. Despite the scale and duration of these crimes, has a single person gone to prison for committing them? They are above the law.
A government that feels the need to hide it’s own actions and refuses to be subjected to public oversight is not a democracy. It bothers me a great deal that the US government does not value true democracy, only some hypocritical form of it that allows them to do what they want in the shadows away from public scrutiny. The purpose of government is supposed to be to serve the people.
Not to avoid your point though, I agree it is sometimes necessary to override one’s right to privacy, and that’s what warrants are for. Even though a warrant can override one’s right to privacy, at least there is a due process in place and needs to be authorized by a 3rd party who does not represent one side. Having secret FISA courts whose own judges can’t trust the NSA makes a mockery of our entire justice system and even the constitution.
Would like to mod your comment up at least a hundred times.
The worrying reality, though, is that despite all the centuries with repeated violations of trust by those inside the circle of power, our societies fall for even barely assembled snares and hand over citizens rights and freedom over and over again until the situation become unsustainable or collapse.
That adage about refusing to learn the history lessons .. I dream it will be unwarranted some day.
This goes much deeper.
I would even go so far to say it’s very likely the actions by the CIA (I’m sure they wanted to do good things) are a large part to blame for the terrorist attacks in Paris and 9/11.
Why does the US need to mess with other countries ?
To summarize your position:
Yes, that is what everyone agrees with. However, we don’t think its currently working correctly.
That’s an opinion I can agree with as well.
Only if they let us look at their secrets too.
Edited 2015-12-03 19:41 UTC
I think the internal and external “spy” agencies MI5,MI6,GCHQ,NSA,CIA,DHS(and those of all the other equally important countries – that’s all of them) will, and almost can, do whatever the hell they feel like really!
Doesn’t mean we the populace (supposedly the owners, ultimately, of the State infrastructure and all it’s Institutations –in Democratic Republics and Federations thereof at least; Monarchies and constitutional monarchies hmmm..) – should willingly sign away any and all ownership(legally) of our individual privacy and personal information just because we communicate over wires now rather than paper
by which I mean:
– yes GCHQ, I know you will be collecting all my and everyone elses communication.
– NO I don’t give you my permission. Not officially, tacitly, implied – nothing, no.
– I also don’t extend this permission to the UK Goverment, nor for them to pass on to you on their and my behalf
– Yes, I understand you need to try and catch terrorists and other bad people – but monitor, bug, deencrypt the communications thereof.. for all your KNOWN bad actors – and when monitoring or studying them and their networks and actions, you will discover NEW bad actors. This is the only (LEGALLY justifyable) way of behaving, the only way which should be codified into any legislation. All of course with proper oversight, transparency within the proper channels etc.
Agreeing to anything else, and well, you’re accepting Neo’s blue pill and all that.. we become electric sheep and little more. Maybe that’s over the top
– But even if the majority of other voters agree and make themselves heard by their representatives – will changes be made to either the status quo or coming plans? I have big doubts.
But all that said – people with power and control want to stay power and keep in control – the percentage in power achieving zen like enlightenment is as low as everywhere else. The only way to really break away from technological monitoring is technical solutions.
If super duper easy-to-use fully secure communications apps, web technologies and point-to-point strong encryption implementations were made no more difficult than two step logins to your bank or similar – it would be good, would help in the medium term. But time-wise, ridiculously powerful quantum level cracking computers will only be round the corner – so if the giant data silos are the present and the near future – the real technological task to achieve digital space not flowing through that swamp isn’t going to be in the realm of a new Whatsapp or a new Tor – it has to be in create large local city wide extranets. Local adhoc distributed networks.
If you don’t want “horrendous, unknown traffic” going through your own personal or your corporate network: ….then, ooh, I don’t know – take a wifi chip, little battery, solar panel, cpu, motor, pair of digital dragon fly wings, and a little programme to create a mesh network and buzz around and land on tops of buildings until you’re between 10% and 20% signal strength(no more no less) of your nearest digifly neighbour – and you have to fly at least once a fortnight – we can call them dragonfree’s or hoverbit’s. Your welcome. A million per city should be enough to start
the big problem with keywords and metadata is a fluffing ridonculous amount of false positives, not to mention the general wrongness of it. I know, sadly, people who have been abused as children, also people who have been involved in various guises with conflict resolution and on the fringes of high level geopolitics – if I assume the freedom to have (even in digital-private; let alone in digital-public, say on a help forum) real in-depth conversations across the open web (encrypted or otherwise) you run the risk of hitting all sorts of paedo or terror related keyword monitors. Or at the lower-risk level, getting picked later on a mass pattern match scour of their dustbin later… it’s just not clever.
informal off-grid mesh network, distributed name servers, tor or tor-like onion routers for hopping on and off the Big-boy web – some kind of mixture is needed. or big brother world is just round the corner – and the factual hardback version won’t be nearly a fun a read as 1984
Edited 2015-12-04 17:32 UTC
https://www.demonsaw.com is a off to a great start. It’s a decentralized privacy layer that aims to make good encryption available to normal people. It’s free and cross platform.
The coming version 3 will have streaming and the community is helpful, and feel free to ask any questions at our subreddit at https://www.reddit.com/r/demonsaw
The problem is it is difficult for governments respect the privacy of each others citizens. The incentive to cheat is too great. Information is power, as they say! and there is no way the US government, or any government for that matter, will say no to more power. All the European companies I deal with now, are adamant they don’t want their data stored in the US. In light of the Snowden revelations, its hard to see this position changing in the near future.
There are a lot of obstacles to overcome, especially related to UX, but a fully decentralized future is the most direct route to securing our data and our privacy.