December 2, 2020

Guns vs. Random Bits

Last week Tim Wu gave an interesting lecture here at Princeton – the first in our infotech policy lecture series – entitled “Who Controls the Internet?”, based on his recent book of the same title, co-authored with Jack Goldsmith. In the talk, Tim argued that national governments will have a larger role than most people think, for good or ill, in the development and use of digital technologies.

Governments have always derived power from their ability to use force against their citizens. Despite claims that digital technologies would disempower government, Tim argued that it is now becoming clear that governments have the same sort of power they have always had. He argued that technology doesn’t open borders as widely as you might think.

An illustrative example is the Great Firewall of China. The Chinese government has put in place technologies to block their citizens’ access to certain information and to monitor their citizens’ communications. There are privacy-enhancing technologies that could give Chinese citizens access to the open Web and allow them to communicate privately. For example, they could encrypt all of their Internet traffic and pass it through a chain of intermediaries, so that all the government monitors saw was a stream of encrypted bits.

Such technologies work as a technical matter, but they don’t provide much comfort in practice, because people know that using such technologies – conspicuously trafficking in encrypted data – could lead to a visit from the police. Guns trump ciphers.

At the end of the lecture, Tim Lee (who happened to be in town) asked an important question: how much do civil liberties change this equation? If government can arbitrarily punish citizens, then it can deter the use of privacy-enhancing technologies. But are limits on government power, such as the presumption of innocence and limits on search and seizure, enough to turn the tables in practice?

From a technology standpoint, the key issue is whether citizens have the right to send and receive random (or random-looking) bits, without being compelled to explain what they are really doing. Any kind of private or anonymous communication can be packaged, via encryption, to look like random bits, so the right to communicate random bits (plus the right to use a programmable computer to pre- and post-process messages) gives people the ability to communicate out of the view of government.

My sense is that civil liberties, including the right to communicate random bits, go a long way in empowering citizens to communicate out of the view of government. It stands to reason that people who are more free offline will be tend to be more free online as well.

Which raises another question that Tim Wu didn’t have time to address at any length: can a repressive country walk the tightrope by retaining control over its citizens’ access to political information and debate, while giving them enough autonomy online to reap the economic benefits of the Net? Tim hinted that he thought the answer might be yes. I’m looking forward to reading “Who Controls the Internet?” to see more discussion of this point.

Comments

  1. With respect to: “My sense is that civil liberties, including the right to communicate random bits, go a long way in empowering citizens to communicate out of the view of government.”

    I dissent most strongly, in terms of the essence of issue (it’s only true in a mild sort of question-begging way).

    Now, I have been having this sort of argument for 10 YEARS. It is also of more than purely academic interest to me. I know how the discussion goes.

    What you have re-invented above was/is called “Crypto-anarchy”. It was/is an exceedingly popular point of view. And you may get many echoes praising you for having voiced an appealing opinion.

    It is, however, false as far as has been tested under stress. The fallacy is that it relies on what I call the “Demon” model of government. That is, government is some sort of demon apart from “us”. And with certain magic spells (civil liberties) or holy objects (crypto), we defeat the demon. In fact, the demon is “us”, in many senses.

    In my experience: THE NUMBER-ONE THREAT TO DISSIDENTS IS BETRAYAL.

    Who are you communicating with? Does that person have an incentive to turn you in, out of rivalry, pressure, money, pique … a whole host of reasons.

    People have spun elaborate fantasies over how secret revolutions would be made through “cypherpunk technology”.

    After having seen a few of those people go to jail, with the assist of former fellow-travelers, I find the concept literally laughable.

  2. From a technology standpoint, the key issue is whether citizens have the right to send and receive random (or random-looking) bits, without being compelled to explain what they are really doing.

    What about steganography? As long as you’re assuming the citizens are sophisticated enough to use strong crypto, why not also assume they know how to exploit the entropy in innocuous-looking messages?

    Indeed, such an approach seems to have been regularly used by real-life dissidents. In “Fear No Evil,” Natan Sharansky describes how his family could communicate with him in Soviet prison through things like the itemized lists on food packages.

  3. Seth is of course right: Government is not Other, it is merely a different Us. The right to communicate unmonitored is the right to spam, defraud, harass, organise terror and distribute child porn.

    It used to be the case that it was possible to monitor communications, but only with an expensive overseen procedure involving warrants. That meant that it was only used on the important cases not for mass surveillance or fishing expeditions. That was a good compromise.

    Worse, no amount of crypto communications technology will save you from the apathy or consensus of your fellow citizens. Maybe they like living in a police state. They are certainly happy to vote in pro-torture western governments so long as it’s outsourced and out of mind.

  4. Steve R. says:

    Seth makes very good points. I did a quick search on “encryption law license”. I am not familiar with this website, but it has a good FAQ page.
    http://www.t-b.com/22.html#faq1

    Based on a brief review of the website, it would appear that the US Governments view of encryption is evolving towards greater control. See quote below from the Thomsen & Burke, LLP webpage.

    “Can’t I Simply Place My Encryption Software in the Public Domain, and Avoid Export Controls? The U.S. Government threatened to indict Philip Zimmermann on criminal charges when his encryption program, Pretty Good Privacy, was posted on the Internet without precautions. Daniel Bernstein, Philip Karn and Peter Junger are challenging the constitutionality of export controls on encryption software.

    For more information on these three legal cases, follow these links: Bernstein v. U.S. Dept of State, Karn v. U.S. Dept. of State, and Junger v. U.S. Dept. of State.”

  5. Steve R. says:

    I found a summary article, which updated me on the fact that when Clinton was President export restrictions on encryption software where abolished. Please see http://www.iplegal.com/lib/encrypti.html. (The law ofice of Green & Green) The artcle is titled “How Cryptography is Free Speech”.

    The Government position had been that encryption software could not be exported without a license because it had been considered trading in arms.

  6. Govt Skeptic says:

    In the case of China, I think maybe we’re getting our critical assessment a little backwards. In the hands of a severely authoritarian power, the Internet is just another tool for enforcement. In the hands of a “freedom-loving” society, the Internet is another avenue for the free flow of ideas, some of which may be critical of the established power. Obviously, there are other uses for encrypted exchange, both good and bad (business secrets, terrorist plans, etc) but that is the double-edged sword of free exchange.
    To say it another way, any government that would let its people exchange “random bits” would probably already let them freely exchange the ideas contained in those messages, and vice versa. China is obviously not this government.
    As for the “Government is not Other” notion, there are plenty of people who would disagree with that statement, including but not limited to the Founding Fathers and Phil Zimbardo. There seems to be more potential for “Demon” in central governmental authority than in a chunk of cheese, that’s what I say. That said, I agree that the way to keep the Demon in check is not by hiding behind crypto, but with laws protecting the free exchange of any kind of ideas, even encrypted ones.

  7. enigma_foundry says:

    Well, perhaps everyone who is concerned about civil liberties being eroded, should as a form of protest start sending highly encrypt data through the internet more or less continuously. This would create such a ocean of encrypted data that it would be very difficult to pick out the meaningful data.

    I am going to start today.

  8. We at EFF have been involved with fighting to establish and preserve the right to encrypt communications for more than 10 years now.

    While Seth is certainly correct that crypto will not solve the problem of betrayal, it is critical to solving a number of other problems facing citizens interested in living in a free society (such as impeding ubiquitous automated wiretapping).

    What Ed’s post (and Tim’s book) point out is that many obvious methods of government control over communications are stymied by widespread use of strong encryption. Which is another way of saying that many civil liberties ultimately depend on the widespread use of strong encryption.

    This means that, as calls for government regulation over internet technologies mount, hostility to the right to speak privately (i.e., use strong crypto) will also likely mount. We at EFF have spent decade preparing for the inevitable legal battles that will come as a result.

    In the meantime, those interested in exercising their right to speak privately may want to investigate Tor, a tool that combines encryption and anonymous proxying in ways that are good for civil liberties, and potentially bad for government efforts to regulate internet communications.

  9. Another, simpler way to put it is with this analogy: which do you trust to keep your stuff safe more? The law against stealing, or the lock on your door?

  10. Peter Clay says:

    And which do you trust to protect you from arbitary search and seizure more: the law, or the lock on your door?

  11. Obviously it’s best to have both.

    Another adage to keep in mind, though, is “the pen is mightier than the sword”. I don’t think it’s coincidence that widespread outbreaks of democracy and (nominally, at least) accountable governance followed swiftly on the heels of a certain invention of a certain Mr. Gutenberg…

  12. I think today it’s not enough to simply add some civil liberties into the mix. What must be done to create a more permanent freedom is to defang the government and make it rely on the people for its power. That’s why Switzerland is the oldest liberal republic in the west and has survived with its traditions intact for so long. The only societies in human history that have respected rights like the right to communicate (even in encrypted means) have been ones where the people had enough civic virtue to provide for their national defense without the aid of a powerful standing army.

    Call me a right-wing nut if you want, but the only free socities in human have had one thing in common: their standing army was at most a skeleton for a citizen army and their people were armed and ready to defend their communities. The moment that a society comes to rely on its government is the moment the government becomes the master.

  13. So — right to bear arms and right to bear crypto should go hand in hand?

  14. elkay elkay