Folks: I thank some of you for posting your comments on the e-privacy bulletin board that the CBC has set-up. I'm not sure how long the discussion group will last, so please feel free to continue to share your thoughts on the crypto-canada mailing list <http://crypto-canada.greatvideo.com> Regards Robert Here's a message I really like... http://interact.cbc.ca/cgi-bin/WebX?14@119.UM22aQsobAM^4@.ee768e0 (see e-prvacy discussion section) I think that it should be written into Canada's constitution that ANY information about any Candadian citizen belongs to that citizen. That any agency who wants to store, retrieve, review, transfer or in any way duplicate that information must obtain formal consent from the citizen involved. That every citizen has the right to know what information an agency is storing about them, and who they have shared this information with. I think treating personal information with the same rules as private property would solve our privacy fears. The really scary scenario is that with the proliferation of public video cameras and wireless technologies, our every move may someday be recorded in a database somewhere. Even cars are now being equipped with technologies that track where we are and how we are driving at all times. That is really Orwellian, in my opinion. Cell phones do the same thing by continuously traingulating your position, in fact, if cell nodes didn't do this, cell phones wouldn't work. The next big wave that is coming, with the convergence of television, telephony, broadband internet and wireless networked home electronics is that everything - even your box of Cheerios will have an IP address. I attended a recent lecture at UBC that was given by Dr. William J. Raduchel, the Chief Strategy Officer of Sun Microsystems, and he said that Sun and many other companies are hard at work putting the finishing touches on the technology that will make it possible for your fridge to recognize that you are running out of milk, and automatically add it to your shopping list, and automatically shop for it if you want - but here is the really freaky part: In the near future, Dr. Raduchel said that all advertising will be targeted based on your 'electronic behavior'. Picture this: You come home from work and your house sees you coming and the door opens and the net-enabled television in your livingroom comes on, and there is a commercial for Cheerios that says, "Did you know that the box of Cheerios in your cupboard is almost empty?" - and a coupon for Cheerios will print out of your net-enabled refrigerator, and the General Foods corporation will be able to run a report that tells them exactly how many boxes of Cheerios there are sitting in cupboards in wired homes across Canada, and how full each one is. This is not science fiction - this is reality, and it is coming to a net-enabled home near you. If you think your privacy is an issue now, just wait until your TV set knows what you had for breakfast, and your toilet knows the blood-sugar levels in your urine, which is automatically appended to your medical records. Big brother is here, and he is about to become far more powerful that Orwell could have ever imagined. I encourage you to look this up for yourself, look at the Sun Microsystems website and review the white papers on Jini technology and how companies like Whirlpool are building it into new appliances. Sun is just one example, of course, there are hundreds of companies who enthusiastically embrace these new technologies. Ken MacAllister Vancouver, BC -- "...as we transfer our whole being to the data bank, privacy will become a ghost or echo of its former self and what remains of community will disappear"...Marshal McLuhan -- Robert Guerra <rguerra@yahoo.com>, Fax: +1(303) 484-0302 WWW Page <http://pgp.greatvideo.com>, ICQ # 10266626 PGPKeys <http://pgp.greatvideo.com/keys/rguerra/>
At 7:13 PM -0400 10/6/00, Robert Guerra wrote:
Here's a message I really like...
Again you show yourself to be uncritical of these claims. You don't "get it."
http://interact.cbc.ca/cgi-bin/WebX?14@119.UM22aQsobAM^4@.ee768e0
I attended a recent lecture at UBC that was given by Dr. William J. Raduchel, the Chief Strategy Officer of Sun Microsystems, and he said that Sun and many other companies are hard at work putting the finishing touches on the technology that will make it possible for your fridge to recognize that you are running out of milk, and automatically add it to your shopping list, and automatically shop for it if you want - but here is the really freaky part: In the near future, Dr. Raduchel said that all advertising will be targeted based on your 'electronic behavior'. Picture this: You come home from work and your house sees you coming and the door opens and the net-enabled television in your livingroom comes on, and there is a commercial for Cheerios that says, "Did you know that the box of Cheerios in your cupboard is almost empty?" - and a coupon for Cheerios will print out of your net-enabled refrigerator, and the General Foods corporation will be able to run a report that tells them exactly how many boxes of Cheerios there are sitting in cupboards in wired homes across Canada, and how full each one is.
The solution is not a regimen of data privacy laws but tecnologies to enable consumers to remain private. Those who "give permission" for their refrigerator to contact some outside party have made their choice. (They can block in many ways: don't buy the refrigerator, don't hook it up to phone lines or the Internet, insert a firewall product which others are likely to provide, hack the system to not provide this information, and so on.) Anyone who complains about this net-enabled fridge has only themself to blame. What we don't need are "data privacy laws.' There are deeper principles here, discussed many times. If Alice observes something Bill has said, or done, or whatever, it is not _Bill_ who owns these observations. --Tim May -- ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, "Cyphernomicon" | black markets, collapse of governments.
At 16:38 10/6/2000 -0700, Tim May wrote, in response to Robert Guerra:
Again you show yourself to be uncritical of these claims. You don't "get it." [...] The solution is not a regimen of data privacy laws but tecnologies to enable consumers to remain private. Those who "give permission" for their refrigerator to contact some outside party have made their choice.
Right. There are solid principled reasons to oppose government regulations on what people can and can't do with information. Let them make up their own minds instead. There are also economic arguments, as Richard Epstein recently spoke about (http://www.wired.com/news/politics/0,1283,38893,00.html). But there are even better, IMHO, technological reasons to oppose such government rules. As technology advances and more data become available for sale or exchange, it will be very difficult for a Canadian/European regulatory framework to reasonably exist. Cypherpunkish technology will create underground markets, anonymous distribution methods, and so on, and the only way to enforce such regulations will be for the Feds/Mounties to take drastic steps. (For instance, strong anonymity is an emergent property of a distributed network combined with strong encryption. Restricting strong anonymity means key escrow.) I do hope Robert thinks through this. Or maybe this is another example of cypherpunk thinking not meshing well with Canada. Austin of ZKS spoke Wednesday here in DC, and his comments are relayed to me from another speaker who is sympathetic to his position:
Austin H. made an interesting point this morning at the WSJ Tech Summit. He pointed out that for all the grumbling about government rules, no hi-tech CEO would seriously recommend abolishing the SEC.
Perhaps. But some cypherpunks might argue for it, in the stronger case, or in the weaker, simply argue that the SEC will become less and less relevant. -Declan
At 1:55 AM -0400 10/8/00, Declan McCullagh wrote:
I do hope Robert thinks through this. Or maybe this is another example of cypherpunk thinking not meshing well with Canada. Austin of ZKS spoke Wednesday here in DC, and his comments are relayed to me from another speaker who is sympathetic to his position:
Austin H. made an interesting point this morning at the WSJ Tech Summit. He pointed out that for all the grumbling about government rules, no hi-tech CEO would seriously recommend abolishing the SEC.
Perhaps. But some cypherpunks might argue for it, in the stronger case, or in the weaker, simply argue that the SEC will become less and less relevant.
"O'Brien pointed out that for all the grumbling about the rules for writers imposed by the Ministry of Truth, not one of the accredited writers and publishers would seriously recommend abolishing MiniTru." He went on to say, "To do so would be to bring on "literary anarchy," with no control over top-down reputations, no recourse for incorrect thoughts, and the spread of peer-to-peer, aka prole-to-prole, communications." Back to our reality... The SEC has valid _contractual enforcement_ roles. I haven't worked out all the details, but I'm sure a free market rating/credentially agency could handle most of the chores, with various forms of private law (polymorphic law, a la Benson's "The Enterprise of Law, circa 1990-91). Caveat emptor...it's not as though we're not flooded with plenty of information on which to base decisions. Most of what the SEC does is not too terribly unlibertarian, though some of the recent moves to make "financial advisors" more "accountable" is disturbing. Even opinions expressed on bulletin boards and chat rooms and newsgroups may soon come under their control...so much for the First Amendment. "("It's for the investors!") However, I don't get the thrust of Austin's comments. Perhaps he'll read this and add some detail. Certainly the practical effect of a _real_ 2-way anonymous communication system will be to basically _gut_ the core of the SEC. Proles will be able to talk up stocks, spread rumors, all the usual stuff expected in a free society. (The recent case of the LA-based young man who shorted Emulex and then faked a press release has been discussed many times. In a free society, his communications could better be protected against traceability. On the other hand, digital signatures from a company would be expected. Trust the laws of mathematics, not the laws of men.) If Austin is drawing conclusions that we _need_ an SEC, then perhaps the flaws and delays people are reporting for ZKS are indicative of a deeper issue. Maybe ZKS plans to make their system "meet the legitimate needs of law enforcement." The Thought Police will be thrilled. --Tim May -- ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, "Cyphernomicon" | black markets, collapse of governments.
On Sat, Oct 07, 2000 at 11:48:40PM -0700, Tim May wrote: | If Austin is drawing conclusions that we _need_ an SEC, then perhaps | the flaws and delays people are reporting for ZKS are indicative of a | deeper issue. Maybe ZKS plans to make their system "meet the | legitimate needs of law enforcement." I think the Freedom system meets the "legitimate needs of law enforcement" today. They disagree, and would like some back doors added, which isn't going to happen. We've met with, and reported on, our meetings with Canadian law enforcement here. They understand our position that what we're doing is protecting the privacy of a great many people, and that adding back doors reduces the security and privacy to a degree we don't consider acceptable. Under current Canadian law, they can't compel us to change the system, and, to the best of my knowledge, haven't gone beyond asking us politely to change. Adam PS for the sarcasm impared: This is a disagreement over what are the "legitimate needs of law enforcement." We don't have any backdoors in the system. Like any system of the magnitude of Freedom, there are security flaws, which are covered in the "security issues" paper which Ian and I wrote. We aren't aware of any flaws worse than the ones enumerated, and a newer paper will be coming out soonish to add the results of our research into how to attack the system over the last year. (Mostly variations on the first-last system, plus some improvements in v2, which as Bob mentioned, will be entering beta soon.) -- "It is seldom that liberty of any kind is lost all at once." -Hume
----- Original Message ----- From: Declan McCullagh <declan@well.com> To: Tim May <tcmay@got.net>; Canadian Cryptography Mailing List <crypto-canada@greatvideo.com> Cc: Cypherpunks Mailing List <cypherpunks@cyberpass.net> Sent: Saturday, October 07, 2000 22:55 PM Subject: Re: Comments on and about e-privacy in Canada
At 16:38 10/6/2000 -0700, Tim May wrote, in response to Robert Guerra:
Again you show yourself to be uncritical of these claims. You don't "get it." [...] The solution is not a regimen of data privacy laws but tecnologies to enable consumers to remain private. Those who "give permission" for their refrigerator to contact some outside party have made their choice.
Right. There are solid principled reasons to oppose government regulations on what people can and can't do with information. Let them make up their own minds instead. There are also economic arguments, as Richard Epstein recently spoke about (http://www.wired.com/news/politics/0,1283,38893,00.html).
And there's the fact that laws against such things usually either explicitly except government ("legitimate law-enforcement needs", <ptooey!>) actions, or are basically ignored when a cop (term used generically) violates them. Such laws lead to a false sense of security among the sheeple who aren't aware that the biggest fox around has a gate-key. It also deters manufacturers of secure hardware and software because their target audience is falsely placated. Why, for example, do secure, encrypted telephones not yet exist in an EASILY useable form? ("Go to Radio Snack, buy the box, take it home, plug it in.") Technically, it's quite possible: 1 Gigaflop DSP's are available and should be far more than necessary, 28K bidirectional modems are dirt-cheap, etc. Jim Bell
participants (6)
-
Adam Shostack -
Declan McCullagh -
jim bell -
Marcel Popescu -
Robert Guerra -
Tim May