Friday, July 19, 2013

Transparency - is it so hard to understand?

OLYMPUS DIGITAL CAMERAVariety, the news-zine of the entertainment biz, just ran a pair of articles on the pro vs con aspects of Google Glass.  Space was limited, but I conveyed the "pro" side -- or rather "No law or regulation  could possibly put this genie back into the bottle. It's inevitable so let's embrace the good aspects and use them to limit the bad."  Sarah Downey wrote about the potential dangers to privacy.  Alas, without offering any solutions.

 As nearly always happens, she addresses the thing in front of her -- Google Glass -- and makes no effort to look farther ahead, to when this hulking, borg-like contraption will shrink invisibly into the frame of a regular pair of sunglasses. Can anyone doubt this will happen?  Heck, I know folks who are already compressing many of these features into contact lenses. In such a world, laws banning Augmented Reality (AR) gear, like Google Glass, will only prevent average citizens from getting them. Luddism only ensures  a world where elites of government, wealth, criminality etc can survey us like gods, and we are powerless to look back.

IndinationWhat hand-wringers never do is consider how technology can help us, rather than threaten us. For example, what if your own AR glasses can be programmed with an app to detect when other specs are staring at - or photographing - you?  To detect the voyeurs and peeping toms, empowering you to catch those who stare and thus deter them.  Is that so hard to imagine?  Isn't that exactly what you do today, to deter those who might stare or eavesdrop in a restaurant?

People who use tech to bemoan the rise of tech that they will soon consider a regular feature of life... and who offer no alternatives, only hand-wringing ... jehosephat.

Read the essays pro and con... and weigh in on it!

== Cogency on Transparency ==

TransparentSocietyTransparent Society Revisited, Arnold Kling's July 1 (2013) featured article on the Library of Economics and Liberty site referred cogently to my book The Transparent Society , which he evidently both read and understood. Kling's paraphrasings and interrogations of the concept -- universal reciprocal accountability -- were on-target. 

 Alas, I have found this to be rare, with most pundits skimming for a strawman caricature, such as "Brin opposes privacy." Nothing could be more false.

Kling captures the notion of the Positive Sum Game… that not everything must be either-or.  Smithian enlightenment nations have benefited from so many win-win arrangements -- in science, markets, democracy and so on -- that the concept should be second nature.  Instead, it appears to be very hard to grasp.

Going back to our roots, Adam Smith did not demand zero government.  Indeed, he saw civil servants as one  counterbalancing force to set in opposition vs. the clade that truly repressed freedom and markets in 99% of human cultures: inheritance-based owner-oligarchy. Yes, civil servants can become oppressive too! Especially when captured by an owner-oligarchy.  Hence, the logic should be extended.  Keep erecting new, diverse, dispersed, opposing centers of perception, knowledge and power, so that we benefit from positive-sum, creative competition and do not fall for the failure mode of 6000 years -- leadership delusion.

LibertyFlourishes Getting back to The Transparent Society, my emphasis has been upon "sousveillance" or empowering citizens to look back at every sort of power or elite, from government and commercial to criminal, foreign, technological or oligarchic.  This has been, in fact, the very reflex that brought us to this festival of freedom and creativity-generated wealth.  Yet, it seems difficult to get people to parse HOW this is best achieved.  The reflex to seek power parity by blinding others -- by limiting what elites can see or by cowering or encrypting or hiding from them -- is so profoundly wrong-headed, yet it fills the punditsphere as handwringing commentators demand that government powers of surveillance be curbed… without ever explaining how this can be done, let alone showing one example from history when elites actually let themselves be blinded.

Recall "Total Information Awareness"?  The endeavor of John Poindexter at DARPA to scan all the internet, all the time for signs of danger?  Public opposition shut it down right?  Only we find its parts simply found new shadows to root, and grow within.  

The opposite approach is what can, has and will work. Last year, in a civil liberties event vastly more important than PRISM and all that, federal courts and the Obama Administration declared it to be "settled law" that citizens have a universal right to record police activity on public streets.  Sousveillance triumphed… and hardly anyone commented. (Indeed, it will be a battle all our lives to prevent local cops from smashing our cameras "by accident.")

== And on to the the Ridiculous ==

Internet "security expert" Bruce Schneier is at it again, creating fabulous dichotomies that have almost no bearing upon the true dilemmas the lie before us.  He starts by laying out a genuine concern, that the FBI and other state agencies are striving to win maximal legal and technical access to the Internet - including all decrypted traffic - in order to do their jobs with maximal efficiency.  Bruce does some good work at the beginning, covering several hypocrisies and inconsistencies. Alas, then he goes on to say:  "The FBI believes it can have it both ways: that it can open systems to its eavesdropping, but keep them secure from anyone else's eavesdropping. That's just not possible. It's impossible to build a communications system that allows the FBI surreptitious access but doesn't allow similar access by others. When it comes to security, we have two options: We can build our systems to be as secure as possible from eavesdropping, or we can deliberately weaken their security. We have to choose one or the other."

losersWhere to begin? The government and other powerful elites are NOT intrinsically as transparent as we are. They can create intranets and keep them secure from the methods that let them spy on regular internet traffic.  Lots of agencies already do this.  Yes, their adversaries can also set up secure intranets -- but if those loci are within US borders, the FBI can then legally (with warrants) break down doors.  Meanwhile, in any race for security and privacy through shrouds, we -- you and me -- are automatically destined to be the losers.  That is not a race we can win.  But we can change the race.

The dichotomy is not between technologically secure and un-secure.  It is between letting elites exercise surveillance unsupervised or … supervised. It is whether we wise up and start demanding a price every time public agencies claim they need to see better, in order to protect us.  I see no point in investing all our strivings into blinding them, when the next major trauma will result in the next Patriot Act, giving them all the powers they claim would have prevented catastrophe. It is the ratchet effect and it dooms all such measures.

inspectors-GeneralAnyway, I'm not sure I want our watchdogs blinded.  I care much more about retaining control over the dog… a choke chain of close supervision… to remind the dog that it's a dog, and not a wolf.  There are measures we could demand, such as more powerful inspectors general.  Citizen inspectors (based on the old Grand Jury concept) vetted and cleared to enter any room (especially the surveillance control rooms) and ask any questions. There are many such measures that, instead of trying futilely to restrict what elites can see and know, instead fiercely clamp down on what they can DO with that information.

Ponder... information is slippery and infinitely copy-able.  But the actions of physical agents of authority -- arresting you, slandering me, firing that dissident across the street... THOSE things we have a chance of detecting, deterring, controlling.  If we make the real world the thing that we care most about.

That distinction - between what agencies and other elites can SEE and what they can DO -- seems to utterly escape Schneier and most of today's hand-wringers.  If we give in to their notion of a tradeoff between safety and freedom, then we all will inevitably lose, since we will have sacrificed the very notion of a positive-sum, win-win game.

All of our radicalism should be aimed at forcing new, innovative and better forms of supervision and sousveillance upon powerful elites, instead of hopelessly trying to blind them.

== To the creepy ==

The NSA is quietly writing code for Google’s open source Android OS. Google says anyone has the right to do so. Read the aricle carefully because while nothing illegal was done, some care should be taken to parse consequences.

I am less upset than you'd expect.  If the NSA experts are offering "Security Enhanced" systems for Android... and they are open source inspected by thousands of bright private individuals, then we can presume two things:1) Hackers and others will find it harder to break Android security. 2) If the NSA has inserted some kind of back door, it's one that it considers so safe from discovery that it is not worried about the open source community.

Number 1 sounds okay.  Number two is frightening, at first. But if they are that clever, they could have introduced it using one of their thousands of fronts and false identities in the hacker, open source or anonymous communities.

In fact, what matters is not what the NSA sees.  That has never been the point.  What matters is not letting them look at us without being supervised by a diversity of adversarially skeptical watchdogs!  Again, that distinction between what they might see/know and what they might do is crucial, though, alas, too few make it.

Obsession with limiting the vision of elites is not only historically unprecedented and futile, it stymies clear thinking and perpetually stops us from talking about how to supervise them better.


Anonymous said...

I think you misunderstood what Bruce Schneier was talking about. Schneier is an expert on encryption. He knows that it is possible to encrypt communications so that there is no feasible way to decrypt them without access to the encryption key. His comment is about the fact that the FBI would like to put in place legal restrictions on encryption so that they have access to the keys. The obvious fact is that if they have access to the keys, so will others.

He's not talking about government intranets and so on, he's talking about the ability of individuals to carry on private conversations. If the FBI has legal powers to eavesdrop on every conversation, then it won't be possible to keep the conversations private from anyone.

This isn't "silly", it's simply how encryption works. Encryption can be secure, but it can't be secure against some people but not others.

tWB said...

Right. Schneier's point is that when there's a technical circumvention of a security protocol (whether blatant, such as Clipper, or more subtle, such as the possibility that it deliberately seeded a weakness in a NIST-recommended PRNG) it's impossible for only "good" people to exploit it. Once you weaken security, the race isn't between "oversight" and "lack of oversight," it's between "NSA" and "Belorussian hacker."

Beyond that, there's the practical question of how well oversight of a complex, technically-oriented intelligence bureaucracy can work. After all, SSCI and HPSCI had years of oversight of the NSA programs under question, but it wasn't until the DOJ OIG got a new head that anyone even looked into whether the programs were legal, let alone wise.

Now, I do believe that, pre-9/11, NSA was very conscious of the bounds of the law, and worked hard to stay well within them. Once OVP decided to let them off the leash, however, they began banging at the edges of their legislative authority, and then shattered them entirely. Today, they do operate within FISC bounds, but because private citizens are effectively enjoined from suing over intelligence matters such as NSA surveillance, it's virtually impossible to get an adversarial legal review of their activities.

Alex Tolley said...

citizens have a universal right to record police activity on public streets

While that may be true, how will it be enforced? Simply threatening arrest will be a deterrent - especially if that means that you will be inconvenienced, your effects searched and etc, etc.

There are measures we could demand, such as more powerful inspectors general.

Perhaps you could give an historical example of when that worked? Right now we are seeing that (as usual) the so called checks and balances are subject to capture. What likely action do you forsee that will change the course? The free press was one form of protected souveillance, but you can already see where that is headed in the US.

What I don't see from your arguments is solutions for protection of privacy. As technology allows ever more intrusion intpo our lives, the ability to retain privacy is lost. I do not personally see that as desirable. I think we do have a right to privacy, but I don't see how that is being protected.

Anonymous said...

The government isn't the only bad actor out there, as Anonymous above points out. Not only Belorussian hackers, but say the Chinese government, or Chase Manhattan, or the Republican Party for that matter. Just because security is not (and cannot be) absolute, you do not throw it away, otherwise none of us would have locks on the doors to our houses or cars.

You also want to have alert neighbours and effective police, and keep an eye on things yourself and use some common sense, but all the sousveillance in the world ain't gonna help you if the Mafia or Crips (or the NSA or the local PD for that matter) REALLY want to get in.

I have my doubts about encryption too, mind you. I strongly suspect that using it is probably waving a great big red flag in the NSA's direction, as someone that they WANT to pay attention to, one way or another. Far better, I think, to be an anonymous face in the crowd, as much as possible. As Monty Python put it so memorably, "how not to be noticed" is a commonsensical part of the mix too.

All in all, yes, sousveillance is a big part of the mix, but so is security, anonymity, common sense, and probably most importantly, community (you can sousveill all you want, but without friends it won't do you much good if you catch the bastards at it).

Stephen Peterson said...

I think Schneier is still making a decent point when he says that any backdoor can't open for just one peeper. But then he falls into the same old "strong privacy vs. blind the watchers" dichotomy. Privacy for me, but not for thee. That's the real silliness... especially since he's posted more reasonable reflections in the past. Maybe the NSA thing just rustled his jimmies.

Alfred Differ said...

The way we defend our right to record the police is to get to a point where the data is streamed out of our cameras. Breaking or taking them does no good at that point and may actually harm the argument used by police for the arrest in the first place. It would be a bit like someone running away from police the moment they see them. You know they are up to no good, right? 8)

The follow-up to that, though, is that there must be real consequences for police who break the rules. Right now we tend to sue their employer, but there must be real criminal consequences that stick to the individuals involved.

Part of transparency is the ability to identify one another. On a few libertarian friends of mine I've used an argument that we should be supporting a universal requirement for ID's that cannot be controlled by a monopoly entity like government. The benefits all derive from a defense against false identity claims like "I did not enter into this financial transaction with you... someone else did." My friends look at me like I'm from another planet, though. I'm fairly sure they can't imagine a world where liberty is well defended and the government is still strong.

Robert said...

Off on a brief tangent (as is my wont), I just got back from Pacific Rim. Outside of a few stutters from the start of the movie (information dumps in movies? Mmmm... I can't help but think it could have been done through the flashbacks of the pilots "synching") it was a most enjoyable movie. And I say this despite the fact I was NOT able to turn off the inner scientist. Thus while I was quite amused by various touches, I did go "WTF?" with giant flying monsters dragging multi-ton robots into the edge of space, or the fact these "mecha" could even walk at all. And yet... despite that? I absolutely enjoyed the movie.

That says something... when even though you don't turn off your brain to watch it, you can still have a damn fun time.

Rob H.

Stephen Peterson said...

I actually thought back to David's post about civilization-positive versus civilization-negative storylines in science fiction. Pacific Rim fudges a lot of science (I mean, giant mecha and Godzilla-monsters from a parallel universe, what do you expect?) but as a story... quite civ-positive. Even though the protagonists are good at what they do, they need a whole team to support them. Del Toro was explicit in wanting to convey the "everyone work together" message.

Tony Fisk said...

Direct video streaming can already be had via such services as Bambuser.

Since the issue of recording police performing their duties has been settled as legal, I would suggest that 'wasting police time'* could be used as a deterrent to any officer tempted to act as if such recordings are not legal.

* A serious offence under British law, at least (according to 'The Bill', which was a stickler for getting the procedures right).

Hank Roberts said...

As David Brin points out relentlessly, no matter -what- the political scientists or their predecessors in spin management call the system, it’s been oligarchs all the way down in human history.

Science challenges oligarchy with education.

It’s damned dangerous, to the few who benefit by externalizing costs and capturing profits and power.

No matter what you call the political system, it’s the outcome that matters.

matthew said...

All props to Republican Justin Amash for fighting his own House leadership, and the White House on this one. Lines are being drawn, and they do not break down on the liberal / conservative axis.

Jonathan S. said...

Meanwhile, transparency marches onward, oblivious to this entire argument.

Google Glass (and its relation to TruView glasses) has already been mentioned. This morning, however, my son and I were watching The Price Is Right (he perseverates on numbers, and likes to cheer for the players). One of the prizes offered was an iPad with a paired remote-control, camera-equipped electric helicopter. Total cost, including the iPad: about $850 US.

Yes, that's right, for about the price of a middling computer, you too can have the surveillance capability many people in the US want to deny their police forces because it's "too intrusive". Go to the park, with fully-charged tablet and 'copter; sit on a nice bench somewhere, and watch everything going on in the park.

To quote Heinlein, "you can't put the mushroom cloud back in the shiny uranium sphere." It's already happening - the oligarchs had best adjust, or they might well get adjusted...

David Brin said...

Matthew - amazing.

Jonathan... I will quote you, next blog.

agimarc said...

I would like to propose a third avenue to approach the problem of massive federal databases. That is the old IT GIGO (Garbage In, Garbage Out) routine.

A massive relational database takes a lot of care and feeding. So do the queries run against it. They take some very high powered DataBase Administrators (DBAs) to run them. They need to be backed up, refreshed, re-indexed, and updated on a regular basis. This means this is a regular dataflow into and out of them.

Perhaps it is time to think about introducing something into the databases, their hosting servers, query engines, and wet-ware support to garbage the data, break the indices, trash the backups, etc.

In this, a Stuxnet variant is our friend. Cheers -

Knute said...

I am sure you've seen this...