Someone just asked me for an explanation of "BlackNet," as he hadn't heard of it before. There are several places to look: --a Web search on the term, along with "cypherpunks" or "cryptography" or my name so as to narrow down the search somewhat (apparently some persons of color decided to use BlackNet as their group's name, thus leading to some collisions_ --archives of the list, partially available at http://infinity.nus.sg/cypherpunks/ --my Cyphernomicon, available at http://www.oberlin.edu/~brchkind/cyphernomicon/ --another article, available at http://www.powergrid.com/1.01/cryptoanarchy.html --or, the item below, part of a chapter called "True Nyms and Crypto Anarchy," which may or may not appear in the forthcoming edition of Vernor Vinge's "True Names." This section discusses data havens, and the BlackNet experiment in 1993: DATA HAVENS AND INFORMATION MARKETS Another science fiction writer, Bruce Sterling, popularized "data havens" in his 1988 novel, "Islands in the Net." He focussed on _physical_ data havens, but cyberspace data havens are more interesting, and to likely to be more important. That they are distributed in many legal jurisdictions, and may not even be traceable to any particular jurisdiction, is crucial. A data haven is a place, physical or virtual, where information may be stored or accessed. The usual connotation is that the data are illegal in some jurisdictions, but not in the haven. Data havens and information markets are already springing up, using the methods described to make information retrievable anonymously and untraceably. Using networks of remailers and, of course, encryption, messages may be posted in public forums like the Usenet, and read by anyone in the world with access, sort of like a cyberspatial "Democracy Wall" where controversial messages may be posted. These "message pools" are the main way cyberspatial data havens are implemented. Offers may be in plaintext, so as to be readable to humans, with instructions on how to reply (and with a public key to be used). This allows fully-untraceable markets to develop. It is likely that services will soon arise which archive articles for fees, to ensure that a URL (Uniform Resource Locator) is "persistent" over a period of many years. Ross Anderson's "Eternity Service" provides a means of distributing the publication of something so that even later attempts to withdraw all copies are thwarted...this has obvious value in fighting censorship, but will also have implications when other types of publication occur (for example, a pirated work would not be withdrawable from the system, leaving it permanently liberated) Examples of likely data haven markets are: credit data bases, doctor and lawyer data bases, and other heavily-regulated (or even unallowed) data bases. Information on explosives, drug cultivation and processing, methods for suicide, and other such contraband info. Data havens may also carry copyrighted material, sans payment to holders, and various national and trade secrets. As one example, the "Fair Credit Reporting Act" in the U.S. limits the length of time credit records may be kept (to 7 or 8 years) and places various restrictions on what may be collected or reported. What if Alice "remembers" that Bob, applying for credit from her, declared bankruptcy ten years earlier, and ran out on various debts? Should she be banned from taking this into account? What if she accesses a data base which is _not_ bound by the FCRA, perhaps one in a data haven accessible over the Net? Can Alice "sell" her remembrances to others? (Apparently not, unless she agrees to the various terms of the FCRA. So much for her First Amendment rights.) This is the kind of data haven application I expect will develop over the next several years. It could be in a jurisdiction which ignores such things as the FCRA, such as a Caribbean island nation, or it could be in cyberspace, using various cryptographic protocols, Web proxies, and remailers for access. Imagine the market for access to data bases on "bad doctors" and "rip-off lawyers." There are many interesting issues involved in such data bases: inaccurate information, responses by those charges, the basis for making judgements, etc. Some will make malicious, false charges. (This is ostensibly why such data bases are banned, or heavily regulated. Governments reserve the rights to make such data available. Of course, these are the same governments which falsify credit records for government agents, which give the professional guilds like the American Medical Association and the American Bar Association the power to stop competitors from entering their markets, so what else can be expected?) Information markets match potential buyers and sellers of information. One experimental "information market" is BlackNet, a system I devised in 1993 as an example of what could be done, as an exercise in guerilla ontology. It allowed fully-anonymous, two-way exchanges of information of all sorts. The basic idea was to use a "message pool," a publicly readable place for messages. By using chains of remailers, messages could be untraceably and anonymously deposited in such pools, and then read anonymously by others (because the message pool was broadcast widely, a la Usenet). By including public keys for later communications, two-way unreadable (to others) communication could be established, all within the message pool. Such an information market also acts as a distributed data haven. As Paul Leyland succinctly described the experiment: "Tim May showed how mutually anonymous secure information trading could be implemented with a public forum such as Usenet and with public key cryptography. Each information purchaser wishing to take part posts a sales pitch and a public key to Usenet. Information to be traded would then have a public key appended so that a reply can be posted and the whole encrypted in the public key of the other party. For anonymity, the keys should contain no information that links it to an identifiable person. May posted a 1024-bit PGP key supposedly belonging to "Blacknet". As May's purpose was only educational, he soon admitted authorship." An example of an item offered for sale early on, in plaintext, was proof that African diplomats were being blackmailed by the CIA in Washington and New York. A public key for later communications was included. This is just one example. There are reports that U.S. authorities have investigated this market because of its presence on networks at Defense Department research labs. Not much they can do about it, of course, and more such entities are expected. The implications for espionage are profound, and largely unstoppable. Anyone with a home computer and access to the Net or Web, in various forms, can use these methods to communicate securely, anonymously or pseudonymously, and with little fear of detection. "Digital dead drops" can be used to post information obtained, far more securely than the old physical dead drops...no more messages left in Coke cans at the bases of trees on remote roads. Payments can also be made untraceably; this of course opens up the possibility that anyone in any government agency may act as a part-time spy. Matching buyers and sellers of organs is another example of such a market, although one that clearly involves some real-world transfers (and so it cannot be as untraceable as purely cyberspatial transactions can be). A huge demand (life and death), but there are various laws tightly controlling such markets, thus forcing them into Third World nations. Fortunately, strong cryptography allows market needs to be met without interference by governments. (Those who are repelled by such markets are of course free not to patronize them.) Whistleblowing is another growing use of anonymous remailers, with those fearing retaliation using remailers to publicly post their incriminating information. The Usenet newsgroups "alt.whistleblowing" and "alt.anonymous.messages" are places where anonymously remailed messages blowing the whistle have appeared. Of course, there's a fine line between whistleblowing, revenge, and espionage. Ditto for "leaks" from highly-placed sources. "Digital Deep Throats" will multiply, and anyone in Washington, or Paris, or wherever, can make his case safely and anonymously by digitally leaking material to the press. Gibson foresaw a similar situation in "Count Zero," where employees of high tech corporations agree to be ensconced in remote labs, disconnected from the Nets and other leakage paths. We may see a time when those with security clearances are explicitly forbidden from using the Net except through firewalled machines, with monitoring programs running. Information selling by employees may even take whimsical forms, such as the selling of topless images of women who flashed for the video cameras on "Splash Mountain" at Disneyland (now called "Flash Mountain" by some). Employees of the ride swiped copies of the digital images and uploaded them anonymously to various Web sites. Ditto for medical records of famous persons. DMV records have also been stolen by state employees with access, and sold to information broker, private investigators, and even curious fans (the DMV records of notoriously reclusive author Thomas Pynchon showed up on the Net). Rumors are that information brokers are prepared to pay handsomely for a CD-ROM containing the U.S. government's "key escrow" data base. The larger issue is that mere laws are not adequate to deal with these kinds of sales of personal information, corporate information, etc. The bottom line is this: if one wants something kept secret, it must be kept secret. In a free society, few personal secrets are compelled. Unfortunately, we have for too long been in a situation where governments insist that people give out their true names, their various government identification numbers, their medical situations, and so on.
"And who shall guard the guardians?" The technology of privacy protection can change this balance of power. Cryptography provides for "personal empowerment," to use the current phrasing.