pro-privacy legislation or intel reform? was Re: chaffing and winnowing

Mon Apr 16 11:10:25 PDT 2001

First: thanks for the links, david molnar! Great stuff. 

Quoting Bill Stewart <bill.stewart at pobox.com>:

> 
> At 07:40 PM 04/15/2001 -0400, Faustine wrote:
> >Does anyone know of any serious work being done on developing the
> concepts of
> >winnowing and chaffing, as outlined in Ronald L. Rivest's 1998
> >paper 'Confidentiality without Encryption'?
> 
> Other than the initial flurry of activity around the announcement,
> there isn't much in chaffing and winnowing that's
> really useful in most real-world environments
> that would encourage development of new variations.

Too bad, it certainly seems like an interesting approach.

> The fundamental point was that if *any* kind of digital signature
> system is permitted, it can be used to implement encryption,
> so bans on encryption technology are inherently bogus.
> That doesn't mean that various governments won't try it,
> or won't make laws requiring users of digital signature systems
> to give up their signature keys when ordered by a court
> or sometimes by police, but it doesn't really affect the
> forced disclosure of encryption keys problem.

Yep, I suppose so. Though it may be true that there would be greater public 
outcry over handing over authentication keys used for encryption, the argument 
rests on the idea that governments actually take anything the public says into 
consideration.

And aside from the national policy question, there's always the spectre of 
black bag operations and the like. Unfortunately there are plenty of reasons to 
think this is the way things are headed: it stands to reason that everything we 
know about Echelon and Carnivore is just the tip of the iceberg, STOA reports 
notwithstanding. 

Do you really think your average Joe Schmoe has the proverbial snowball's 
chance of keeping his private keys private, all things considered? It sure 
doesn't look like it's shaping up to be a winning proposition, does it.

So maybe rather than making pro-privacy legislation a priority, calling for 
oversight, accountability, and reform of the intelligence community ought to 
come first.

That is, unless you see private companies and data merchants as a bigger threat 
to individual privacy than the various federal agencies. As a libertarian the 
idea galls me-- but practically speaking, I'm not so sure anymore. 

And what does it say about free market capitalism itself, when the government 
has redefined 'national interest' to include economic espionage on behalf of  
individual corporations? Any thoughts on what Hayek or Mises might have had to 
say about that?

Troubling questions, no easy answers.

~Faustine.

****

'We live in a century in which obscurity protects better than the law--and 
reassures more than innocence can.' Antoine Rivarol (1753-1801). 