Security vs. Privacy

As usual, Bruce Schneier puts it more eloquently than I can:

…it’s precisely why, when people in their business are in charge of government, it becomes a police state. If privacy and security really were a zero-sum game, we would have seen mass immigration into the former East Germany and modern-day China. While it’s true that police states like those have less street crime, no one argues that their citizens are fundamentally more secure.

That is spot on. And it’s something that I’ve been trying to get more people to understand. In this post-9/11 world, everyone is telling us to be afraid of this, that, and the other thing, and we are then being told that in order to make ourselves “safe” we need to let people into our homes, our businesses, and our private lives, and that it’s OK, they’re trustworthy, just trust us on this one, folks, we won’t screw anything up for you. Just be good little sheep and get in line.

And by and large, we’ve been good little sheep, and we’ve gotten in line. And believe it or not, we’re headed for the slaughter.

But it’s not even a this vs. that debate here – being secure doesn’t mean we have to let government into our homes and personal lives. Once again, let me quote Bruce:

The debate isn’t security versus privacy. It’s liberty versus control.

You can see it in comments by government officials: “Privacy no longer can mean anonymity,” says Donald Kerr, principal deputy director of national intelligence. “Instead, it should mean that government and businesses properly safeguard people’s private communications and financial information.” Did you catch that? You’re expected to give up control of your privacy to others, who — presumably — get to decide how much of it you deserve. That’s what loss of liberty looks like.

What we really aught to be scared of is not each other, or vague “terrorist threats,” but instead this creeping encroachment into our personal liberties. If anything, that should be what keeps us awake at night.

It’s what keeps me awake at night, anyway.

“Stranger Safety” and “Public Solitude”

Today I saw an ad for a video called “Stranger Safety.” It’s supposed to teach your children how to be safe around strangers.

Thinking about it afterward, I realized that there is this mentality – driven into our collective mindset over many years – that ALL strangers are not to be trusted; that ALL strangers are bad and will hurt us. And I’m not sure it’s a good mentality to have.

It certainly explains the current trend of “public solitude” that I see in increasing amounts in our society today. I used to think that maybe it was just there were too many people these days – cities and towns were too crowded, and you just couldn’t know everyone, so you kept to yourself. But I think it goes beyond that – we’ve been indoctrinated with the belief that if we don’t know someone, they are bad.

This has some wide-ranging implications, and I don’t just mean keeping to yourself on the subway or something like that. When we are taught to not trust strangers, the implication is that we must implicitly trust people we know. This fragments our society – suddenly, the people we know are “right” and everyone else is “wrong.” Instead of being one big group of people, united as a culture, a nation, or whatever, we become segmented into cliques – and our opposition to those we see as “wrong” becomes more and more violent. Just look at the fighting between our two dominant political parties – the Democrats and the Republicans. Despite all that, they really are quite alike – more alike than they are different, anyway. So why do they fight?

Because the opposition is always made up of “strangers.” And strangers are “bad.” And in an atmosphere of fear (such as the one we currently live in), it’s easy to get riled up and defensive of one’s own “group.”

Don’t believe me? Go watch some political coverage. Watch both sides. Read some stuff on the Internet or in your paper from people who disagree with you, and see if the rhetoric isn’t tinged with a certain “get off my lawn” madness.

The point is, not all strangers are bad – and in a good society, the odds are that most strangers will in fact be quite good and helpful. Even given the bad things that one bad egg could do to you as a stranger, the odds are still very, very low that it will happen to you – and the potential trade-offs in terms of enrichment of your life, or even just feeling better about things, and feeling accepted by your community – could make it worth the risk.

So think about it. And the next time you pass a stranger, resist the impulse to keep your head down and avoid eye contact and instead say “hi!” Chances are, nothing bad will happen to you. And once that kind of thinking beings to spread, I think we’ll all be a lot happier.

Our Paranoid Society

This is what happens when everyone is afraid of everyone else:

His mission was to photograph each of the nation’s 50 state capitol buildings and dispatch a postcard from each city, using postage stamps from a childhood collection. Each postcard would be mailed to the next state on his journey, where he would pick it up, continuing until he had gone full circle back to Indiana.

But there was a problem. On a flight from Sacramento, Calif., to Honolulu, Mr. Fazel described his project to a fellow passenger. He later discovered that she had reported him as suspicious — perhaps to the pilot or the Transportation Security Administration — and taken a picture of him as he slept.

How paranoid must we be for a passenger on an airplane to go to the trouble of taking a picture of someone while they sleep so as to make it easier to report him to the authorities?! Would you do this? Could you ever see yourself doing this? I know I couldn’t.

Once we start reporting one another for “suspicious activity,” we’re doomed. Neighbors who don’t get along will be reporting each other for fictions and imagined crimes, and the system will be abused for personal gain. After all, if you can just call a number and say “so-and-so acted weird, I suspect he’s a terrorist” and have that person arrested - I mean, c’mon people! We’re one step away from a loud knock in the middle of the night and lots of scary looking men in black jackets land here!

And if I hear one person say “we need to be like this, people are out to kill us, it’s a strange new world after 9/11,” I will say BULL. There is a fine line between healthy suspicion and rampant paranoia, and I am telling you – this is the latter, not the former.

Now that this gentleman has been (wrongly) accused, how does he clear his good name? How does he get himself off the “extra screening” list? How can he stop the harassment? He was not charged of anything, he turned out to be completely harmless. So where is his recourse?

Unlike being arrested for a “normal” crime, he has no recourse. There is no court that can seal his records (or remove them completely). He has no one to appeal to. The system is secret and allows for no questioning of its inner workings. It is a system designed to quash any opposition. If you don’t like it, be careful about saying so – you’ll end up on the list and endlessly harassed every time you exercise your right to travel. The system is designed to “bully” people into submission. You dare not speak up for fear of the inconvenience it’ll cause you.

Which, coincidentally, brings to mind the story of a bunch of people who got fed up with the same sort of thing – a system designed to “bully” them into submission. Every time they complained, the system just squeezed them harder, hoping that they’d just roll over and accept domination.

Fortunately for us, those people didn’t roll over. They were the founding fathers of the United States of America, and they stood up to this sort of harassment, bullying, and removal of their inalienable rights.

We could all do well to learn – or re-learn – from their example in these troubling times.

Applying Old Laws to New Technology

You’ve probably heard of the RIAA and the MPAA (the Recording Industry Association of America and the Motion Picture Association of America, respectively) before. They’ve been in the news a lot lately – suing old people who don’t have a computer for sharing mp3 files on the Internet and so forth.

A recent Slashdot story tells the tale of just how twisted this story has become.

The basic problem here is one of scale.

Before the Internet and P2P, the average person simply did not have the means to undertake large-scale copyright violation. Sure, you could copy a tape, or even a VHS casette, but you still had to:

  1. Pay for the tapes
  2. Pay to distribute them (postage, gas for driving to your friends house, etc.)
  3. Take the time to make each copy individually

So by and large, individual copyright violations remained decidedly small scale. The effects of such violations were not statistically significant1 to the copyright holders (as far as their profit was concerned), so they were not pursued.

Fast-forward to the current day. Now we have the Internet, P2P software, and music is now digital. This is a huge difference – the cost of making copies is now basically $0 (it’s all just bits & bytes), and the cost of distributing it is basically $0 as well (or, rather, the cost started low and is approaching zero, as bandwidth gets cheaper and cheaper).

Now the average person has the means to distribute copyrighted material to a huge audience. Suddenly, this sort of copyright violation is most definitely statistically significant to the copyright holder. (Or, at least they would have you think so – I still maintain that while significant, it is still very, very small.)

And therein lies the problem. Copyright law (as currently written, and, more importantly, as traditionally enforced) does not scale well. It worked fine when there were only a (relatively) few major copyright violators. It doesn’t work well when everyone & their brother can share an entire music store’s worth of copyrighted materials (music, movies, etc.) to the entire world from their bedroom while they sleep!

So what to do?

One way to deal with this is the draconian, heavy-handed legal way. Strictly speaking, any copyright violation is illegal – no matter how large or small. You could crack down on all of it – sue everyone into oblivion. Pass laws to make the possession of devices used to violate copyright illegal. (This has already been done, by the way. Look up the DMCA.) No excuses!

Of course, it’s easy to see that if you did this, we’d end up back in the stone ages, since all sorts of modern technology can be used to violate copyright – this is nothing new. And the courts have already ruled on this, to a certain extent – back when VHS was new, there were lawsuits about it being used to copy movies at home. The courts ruled that this was covered under “fair use,” and that just because a device might be used to violate copyright does not mean that the device itself should be illegal (especially if the devices’ primary purpose is not copyright violation – devices that are specifically engineered to violate copyright fall into a more uncertain gray area, legally speaking).

Unfortunately, this is the method that the RIAA and MPAA have decided to use in enforcing their “rights.” They want to maintain the “status-quo.” They don’t care what new technology comes out – they want the ability of people to copy their stuff (i.e. music and movies) to remain just as difficult as it was before computers & the Internet. As a direct result of this line of thinking, we have things like DRM and rootkits that hijack our computers (without permission) on our music CDs.

The other way to handle this – the way that should be used (in my opinion), is to make an economic incentive for people not to indulge in wide-scale copyright infringement. After all, that’s what kept it under control in the first place!

To a small extent, this is already underway – though not spearheaded by the RIAA or MPAA, by any means. I’m talking, of course, about things like iTunes. Basically, if you make the music cheap enough, and trust to the general “goodness” in people, they will opt to buy music, rather than steal it. Especially if the purchased music includes “perks,” such as higher quality file formats, or maybe on-line access to additional content (movies, websites, interviews, stuff like that – like what you’d find on a DVD’s “extras” section).

At the same time, you have to remove the barriers to “fair use.” Don’t encode these purchased files so that they can only be played on one computer. People expect to be able to play “their” music on whatever device they choose – and they don’t like it when they can’t. And if they can’t, they’ll go get their music somewhere else – that is to say, from copyright violators on the Internet.

The trick, of course, is balance – something that corporate America is notoriously bad at. But if that balance can be struck, I truly do believe that copyright violations (in the form of normal-person file sharing, anyway) will go way down. It’s not “the status-quo,” and it’s certainly not “the way things used to be,” but hey, markets evolve, and companies (and laws) must evolve with them or perish.


1 In commonly heard arguments, you’ll hear people throw around qualifiers such as “large,” “measurable,” or “increasingly significant” in relation to how much of an effect file sharing (as a form of copyright violation) is having on their industries. This is just a trick of rhetoric – these qualifiers have no measurable or defined quantity. Just one person sharing a Britney Spears track with one other person is technically “measurable,” after all. I’ve used the more accurate statistically significant because statistics is math and can be quantified. I could even come up with the formula necessary to determine it, if I wasn’t lazy.