Last October I participated in Net for Change, an event on the Internet and net activism as related to democratic movements. It was organised by SIDA and Julia Gruppen (especially Marcin De Kaminski, @dekaminski) and gave participants a much appreciated opportunity to discuss experiences, challenges and opportunities, with a special focus on the developments in the Middle East and North Africa. It was an intense day, and what follows is one of two long posts on the discussions and reflections that took place during the event…
The accounts of Salma Said (@salmasaid), Sultan Al Qassemi (@sultanAlQassemi), Maryam Al Khawaja (@MARYAMALKHAWAJA), Dima Khatib (@dima_khatib), Sarrah Abdelrahman (@sarrahsworld) and Hamza Fakhr, Jacob Appelbaum (@ioerror) and many others are a reminder to appreciate how fortunate I am to be able to work on affecting change without having to put life or limbs on the line, and that this exception is a delicate and fragile one worth fighting to keep and afford to others. Because the “others” could be you or me, good people just trying to get on with our lives and fix what’s broken in our world. It is increasingly clear how intimately our ability, or inability, to do so is linked to technology.
“Well we have a dictator and we need him away, we need your help” – Phonecall to Telecomix- Stephan Urbach,From Jacob Appelbaum I learned that “Security” and “privacy” are simplifications of complex interactions between people and technologies- and the underlying expectations are seldom expressed more than in abstract. If the underlying expectations are unrealistic or based on false information, it follows that we end up with bad laws. Like Jacob and many others, I am concerned that the laws and policies regarding surveillance are undermining not only the integrity of the decisions we make online as consumers; they are undermining our ability to be active and engaged citizens without fear of threats and harassment as individuals. Jacob states that a lot of people tend to associate the discussion about surveillance with censorship in dictatorships, and engage in othering it; falsely assuming that unlike in dictatorships elsewhere in the world, in our (western) democracies we have nothing to fear from surveillance ;
Because of the ways our communications infrastructure is built, it is not feasible to expect technology users to have knowledge in order to be able to do the right and safe thing. The Internet is a massive surveillance system, as are mobile phones- the more we use them the more they surveil us- and often without our knowledge or permission . The Web browser is no longer just a tool to access the web, it is now a means by which our online behavior is packeted and sold as a product to entities that collect massive amounts of data about what we do on the web. This allows things like shops selling you a product at a higher price than your neighbor because they think they know you earn more, or a bank refusing to lend you money to buy a house because you visited online poker sites – without you being aware it is happening or being able to control it. Copyriot reasons that this also applies to Browsers built with open source software, since they too adapt to current web standards and are riddled with scripts that compromise security.“For example, Sweden is trying right now to jail Peter Sunde . He’s a friend of mine and it’s funny because I feel sort of aligned with him. He’s kind of a dissident in Sweden in kind of the same way that I have become accidentally in the United States. The united States says hey everybody, we care about democracy and freedom. We care about activists having an emergency button to destroy the contents of their cell phone. And then we get met by military people at the airports. Or they try to jail us for speaking. Or for helping people in these other countries.
So it’s important to remember that while we want to help people abroad, we should look to the local communities and contexts that we have and figure that jailing Peter maybe, is exactly the wrong thing. And its wrong for exactly the same reasons as it’s wrong when someone tries to jail Sarah in Egypt.”
“Do you know why vendors don’t make good privacy decisions for users? It’s because you are their product.”- Jacob AppelbaumThrough methods such as Backdoors and DNS filtering, a variety of stakeholders can change the contents of our actions online and attribute things we have not done or said to us or at least skew them out of context with potentially devastating consequences for us: remember a little white lie you might have told to avoid hurting someone’s feelings or to avoid causing trouble for them- what if that were presented as proof of your dishonesty say by an insurance company trying to get out of compensating you ten years down the line? Or an an ironic remark sent in a private message to a friend who understood the context then and there, being revealed to others in an entirely different context by someone wanting to write you off as a bigot? Entities that maintain and build our infrastructures, especially private actors that sell surveillance, cannot be trusted to protect our privacy because the information we would like to keep to ourselves is their most valuable product.
“If we don’t want to do everything, we need to transfer technological knowledge & tools to non-geeks.” Stephan Urbach, TelecomixOur institutions and laws are too slow to adopt and evolve to protect us against unscrupulous behavior by actors that put profits or political agendas before people; any attempts at regulation that require us to trust some or another entity to voluntarily sacrifice potential profits in order to protect our privacy are bound to fail. By extension any policy that is based on the premises that a user is knowledgeable of, and can be held accountable for what goes on in the networks she uses, is one that puts the individual at risk from those who might wish to silence her from exercising her democratic rights. Both in Europe and beyond.
SO, What can we you or I do about it ?
Jacob suggests a combination of changes in policy and in how we behave online. On the policy side he suggests that our policymakers demand data from vendors on how how network monitoring/CALEA systems are compromised and to reject lawful interception. His advice to users is to contextualise our security arrangements [how? got links?] our OTR, Privacy by design (as opposed to Privacy enhancing technologies) and widespread adoption of TOR.
Stephan Urbach (@herrurbach) stresses the need for disseminating knowledge about technology to non-geeks. Know of any initatives, maybe your own maybe someone you know, that are active in this?
