legally required forgetting

John Kelsey kelsey.j at ix.netcom.com
Tue Apr 13 19:47:01 PDT 2004 

At 07:20 PM 4/10/04 -0400, An Metet wrote:
...
>BlackNet thwarts such limitations on the reporting of consumer credit.
>Clearly, providing access to this data harms individual privacy.
>Yet Cypherpunks traditionally have supported this concept.  A privacy
>advocacy group promotes technology which would aid the compilation of
>individual dossiers and allow access to personally identifying data
>about past financial transactions.

All that's needed is for a creditor to publish the names and addresses of 
his 180-day overdue accounts in some public forum, or to file lawsuits that 
become public record.  Web-accessible archives will do the rest.  It's not 
like the credit reporting rules would necessarily keep a private 
investigator now from finding out that you declared bankruptcy twenty years 
ago.
...

>Today, the Cypherpunks list is but a shadow of its former glory, with
>anarcho-capitalism all but forgotten in favor of fashionable nihilism,
>libertarians replaced by liberals.  Perhaps it is not too late to
>resurrect the ideals of the past, but it will require hard work and open
>mindedness on the part of all.

Well, some of the ideals, or at least assumptions, haven't survived 
encounters with the facts too well.  Moore's law has continued apace, 
strong crypto is widely available, but would anyone claim we have more 
privacy now than in 1990?  Nor is this only because of 9/11 (asymmetric 
warfare apparently *does* work pretty well, though it's hard to see how 
that's done anything for the cause of freedom in the US); surveilance 
cameras, OCR, biometric readers and data mining techniques are all getting 
cheaper.  The split seems to be that most people lose privacy, while those 
who really care a lot gain a little privacy, albeit by standing out as 
obvious people-with-something-to-hide, activists, or cryptographers.  The 
math behind anonymous payment schemes is well-understood, and processors 
are fast enough to do signatures and blinding and all the rest pretty 
painlessly, now.  But e-commerce is still all about credit cards over SSL 
(on a browser that is manifestly *not* a piece of security software!), if 
that.

It's ironic.  All the things that seemed like barriers to serious privacy 
for the masses--Clipper, export controls, the RSA patent, processors barely 
powerful enough to do serious public key operation before the user lost 
patience--are either gone or much-diminished.  But we still don't have 
serious privacy for the masses, or even widespread use of crypto in a way 
that protects communications privacy.  It's not like I expected my mom to 
be making her money trading gold-denominated Burmese opium futures[1] by 
now.  But I at least expected my phone calls and e-mails to her not to be 
trivially tapable!

[1] Classical reference

--John Kelsey, kelsey.j at ix.netcom.com
PGP: FA48 3237 9AD5 30AC EEDD  BBC8 2A80 6948 4CAA F259

More information about the cypherpunks-legacy mailing list