Larry Lessig on ending anonymity through "identity escrow"

Fri Dec 5 16:45:51 PST 2003

On Dec 5, 2003, at 3:53 PM, Tim May wrote:
> Back to the cost issue. Prof. Lessig argues that voluntary identity 
> escrow systems should be "encouraged." How/ Through nattering to 
> people about how they ought to use a more expensive, less flexible 
> system which exposes them to possible danger and which costs them more 
> to use than the stronger alternative?
>
> Ha!
>
> Or "encouraged" in the sense of using state power to make stronger 
> systems illegal or artificially taxed at higher rates?
>
> Why doesn't the U.S.G. just set up a "Big Brother Remailer" with the 
> kind of identity escrow proposed?
>
> Let's then see how many freedom fighters working for the overthrow of 
> the U.S. government use it. Let's see how many critics of the Church 
> of Scientology, threatened with lawsuits and "legal warrants," use it. 
> Let's see how much child porn gets traded on it.
>

And there are so many other points, long discussed here (1992-present), 
which Lessig's proposal would run into:

* what if someone, like me, forwards items sent untraceably to me? (The 
Lessig Escrow remailer does not even know it is from me, or forwarded 
by me, unless and until he gets a "legal warrant" to open the 
contents...too late, then.)

(If passing on a comment from another is illegal, on what basis? A 
remailer is just as easily seen as an "editor" or "re-commenter.")

* if government controls remailers, what of those plotting against 
government? Is Jefferson supposed to use the King's remailers?

* if the systems Lessig thinks should be "encouraged" are in fact set 
up--and no doubt some such systems already exist--how can they know 
that they are not themselves being used as part of a chain which 
includes traditionally-untraceable (CP, Mix remailers) upstream? 
Without looking, using their ostensible "legal warrants," a Big Brother 
Remailer has no way of knowing that the messages sent through from 
"Tim" were not just the messages of others.

BTW, an argument I heard years ago from a proponent of an identity 
escrow system, long before Lessig, was that this approach would be 
blocked by making "Tim" responsible for all words or messages flowing 
into an IE remailer, even those he could not read (because they had 
been encrypted). The idea is to stop this chaining attack by making 
each user responsible for checking all the way back. In other words, 
for an IE system to work, competitors must be banned. Which is the same 
conclusion reached via other paths.

(And, though IANAL, even I know that making "Tim" legally responsible 
even for messages he has no way of knowing fails the "scienter" test. 
Absent a ban on encryption, what "Tim " has done in passing along to 
"Larry's Remailer" a message which actually arrived from a non-IE 
remailer is nothing more than passing along something he was given. He 
has no knowledge of the contents (scienter requirement) and is not 
breaking any laws, absent a ban on competitors to IE remailers.)

Anyway, this was hashed out many times in the early 90s and shortly 
after the very similar proposal for Clipper and other similar forms of 
key escrow.

I have nothing against Lessig, but it bugs me that he's considered by 
some to be one of the Great Cyberspace Thinkers when his ideas are so 
easily dismissed...and were argued on both sides so many years ago.

Larry Lessig ought to read, and think deeply about, the first ten years 
of traffic on the Cypherpunks list. Especially the first five years.

--Tim May