Cory Doctorow: It’s Time to Short Surveillance and Go Long on Freedom
Let’s say for the sake of argument that you voted for Donald Trump and you’re ecstatic that he’s taking the White House. You might even be rubbing your hands in glee at the thought that Obama was dumb enough to operationalize George W. Bush’s surveillance apparatus – rather than living up to his election promise to dismantle it – because now there’s a technological means by which President Trump can track the 11 million people he’s vowed to deport, and there’s the secret interpretations of Reagan’s Executive Order 12333 and Section 702 of the FISA Amendments Act, which Obama’s DoJ fought so hard to keep under wraps, and which formed the legal basis for ramping up mass domestic surveillance from 2008-2016.
(You might also be heartily disappointed that Trump won the election and terrified of what he’ll do with Obama’s shiny mass-surveillance system. For the sake of this exercise, it doesn’t really matter.)
(Though I’ll stipulate that for the sake of the next four years of your life it matters a lot.)
Fast forward to November 3, 2020, when President Anthony Weiner takes the White House for the Democrats, and vows to track down everyone who committed anything that could be construed as a ‘‘hate crime’’ during the Trump years and ‘‘keep an eye on them.’’ Assuming you trust Trump to competently administer his security service from 2016-2020, and to use it as the basis for his mass deportations, you can assume that President Weiner is inheriting something much more sophisticated, well-funded, and entrenched than the machine Obama handed over to Trump in 2016.
Trump railed against Apple when they refused to put ‘‘back doors’’ in their phones that would let governments secretly take them over, read their files, control their cameras and phones, and track their owners’ location. He’s promised to require companies to let government into devices that can be used to fight crime, and, good news, there are a lot of those: smart lightbulbs, smart thermostats, self-driving cars; networked baby-monitor cams and security CCTV cameras; smart insulin pumps and heart monitors and implanted AEDs; there’s even a smart rectal thermometer that one company showed off at 2016’s Consumer Electronics Show. You thought 2016 was weird before you realized that it heralded the advent of potential surveillance devices literally up your literal ass.
Every one of these has law-enforcement potential and some slice of them will get Trump’s attention over the years to come, and will come under whatever rule his administration crafts to force Apple to write defective security software that intentionally fails when presented with some kind of law-enforcement credential (lucky for Trump, he’ll be able to appoint a Supreme Court justice who’ll say that forcing companies to write code isn’t a violation of their First Amendment rights).
President Trump will hand President-Elect Weiner a huge, beautiful surveillance apparatus that can watch us from every angle, all the time, in fine-grained detail.
Now, tech companies make tools to comply with the regulations in their biggest markets. When Texas mandates something for their textbooks, the whole country gets it. When America mandated back-doors in communications switches under Bill Clinton with 1994’s Communications Assistance for Law Enforcement Act, those back doors went into the switches used throughout the world.
That means that it’s not just Trump supporters who have cause to fear President Weiner’s witch-hunts – it’s Syrians who’ll have to contend with President Assad’s new surveillance powers, too. It’s French citizens living under Marine Le Pen’s white supremacist regime; Hungarians living with dictator Viktor Orban; Turks living under the murderous, vengeful, thin-skinned Recep Tayyip Erdogan, and Ethiopians cowering in Mulatu Teshome’s ‘‘turnkey surveillance state.’’
Even before President Trump, I was calling 2016 the year of ‘‘peak indifference to surveillance.’’ I realized that we were living in that year when I went to a multi-stakeholder cybersecurity wargame held by the Rand Corporation, and noticed that all the spooks, cops, and prosecutors in the room got antsy whenever someone proposed a privacy-invading ‘‘solution’’ to the hypothetical technology apocalypse we were gaming out.
I couldn’t figure it out until one of them mentioned three initials: O.P.M.
If you’re one of the 22 million Americans who applied for security clearance in order to work on sensitive government or military projects, you had to apply to the Office of Personnel Management (OPM) and tell them every sensitive detail about your life, anything that could be used to blackmail you: your mom’s heroin habit, your brother’s suicide attempt, that time you experimented with gay sex in college. The OPM stored all that data, along with your fingerprints, on insecure servers, which the Chinese People’s Liberation Army raided in 2015, sucking up all 22 million records for their own political use (2015 was also the year that Ashley Madison, a dating service for men looking to cheat on their wives, was breached by hackers, creating the tantalizing possibility that the two databases could be cross-referenced. In theory, Ashley Madison also catered to cheating wives, but it turns out all the women on the service were chatbots created to string the men along and get them to keep paying for their subscriptions).
Those spooks and cops are pioneers. Long before most of us have had our lives potentially destroyed by privacy breaches, these early adopters blazed the trail. They will never be indifferent to surveillance again.
Don’t feel left out. We’ll all get there eventually. Too much data has been siloed in too many places; too much insecurity has been engineered in, or allowed to fester, for us to be safe from our computers for much longer.
Long before President Weiner takes office, the market for privacy tools will be booming. In the first week after the 2016 elections, signups for Protonmail (a privacy-oriented e-mail provider) doubled. It’s raining privacy soup – grab your boots!
How can you short the surveillance economy and go long on technological freedom? Personally, you can peruse the easy-to-follow ‘‘Surveillance Self Defense’’ documentation maintained (in 11 languages!) by the Electronic Frontier Foundation (https://ssd.eff.org), and get your friends to do the same (remember, privacy is a team sport – it doesn’t matter if you keep your messages secure if your correspondents leave them in plain sight).
But if you’re minded to think about new businesses and business models, get thinking about how you might offer services to protect people from the backdoored, hyper-invasive Internet of Things. What about a Facebook login tool that scrapes all your feeds by clicking everything and downloading it all, then letting you choose what you see without letting Facebook know, depriving Facebook of information about the choices you make and the places you are when you make them? That’ll get you sued by Facebook under the Computer Fraud and Abuse Act, but who knows, maybe a peak-indifference judge will find in your favor. Facebook has a lot of users who like the utility of hanging out with their friends and will increasingly be terrified of the consequences of hemorrhaging their data directly into Mark Zuckerberg’s remorseless, gaping maw.
Think of how you could jailbreak Philips lightbulbs and HP printers and ‘‘smart’’ TVs and games consoles and cable boxes and load them with software that treats your personal data as if it was precious lifeblood, not the consequence-free exhalations of your digital metabolism. That’ll get you sued under Section 1201 of the Digital Millennium Copyright Act, and again, we’ll have to see whether a peak-indifference judge will decide that’s what Congress meant when they passed the DMCA in 1998. But that’s what limited liability companies are for, right?
Most importantly, you short the surveillance economy by investing in the activist groups that are fighting to make it legally safe to command your devices to stop stabbing you in the back and start guarding your back. That’s groups like the Electronic Frontier Foundation (eff.org; disclosure, I consult to, but don’t earn money from, the EFF), the American Civil Liberties Union (ACLU), and many, many others.
We’ve got a rough four years ahead of us, and it’s going to get a lot worse before it gets better. But the only thing that could make the privacy catastrophes of the coming years even worse is if we let them go to waste.
Cory Doctorow is the author of Walkaway, Little Brother, and Information Doesn’t Want to Be Free (among many others); he is the co-owner of Boing Boing, a special consultant to the Electronic Frontier Foundation, a visiting professor of Computer Science at the Open University and an MIT Media Lab Research Affiliate.
From the January 2017 issue of Locus Magazine