BLOG PAGES

Friday, May 6, 2016

Infosec and the Totalitarian Principle


The Intercept: "New Study Shows Mass Surveillance Breeds Meekness, Fear and Self-Censorship" (28 April 2016). Image Source: The Intercept (Hat tip: Edward Snowden).

On 26 April 2016, the political commentator Fareed Zakaria, host of CNN's main foreign affairs programme, GPS, debated ex-NSA contractor Edward Snowden for NYU Wagner's Debates of the Century, on whether the American government should have access to privately-held technology and private data. Debates of the Century:
"Some people believe the recent dispute between the FBI and Apple over a locked iPhone marks the return of what privacy advocates called the 'crypto wars' of the 1990s, when federal authorities tried and failed to mandate government access to most forms of electronic communication. Although the FBI managed to decrypt the iPhone at issue without the company’s help, Apple and others are racing to build devices and messaging services that no one but their owners can unlock. The legal question remains unresolved in Congress, where competing bills have been introduced, and in dozens of cases pending in state and federal courts.

Law enforcement agencies believe their vital mission requires compulsory access, under valid court order, to any device or communications stream. Leading technology companies (backed by some other U.S. government voices) say they cannot meet law enforcement demands without undermining customer security and privacy against hackers and foreign adversaries. Edward Snowden and Fareed Zakaria disagree on which course better serves society at large. Should companies be required to break into their own encrypted products, and should they be allowed to sell encryption that no one can break?" 

Debates of the Century (26 April 2016) between Zakaria and Snowden, hosted by NYU Wagner Graduate School of Public Service and sponsored by The Century Foundation. Video Source: NYU Wagner via The Century Foundation via Youtube.

Zakaria argued that the government is not an oppressive body, but an agent of the constitution and upholder of the rule of law; and it must have powers to override encryption; yet he pondered where the line should be drawn:
"Not even the iPhone is above the law. ... There is now ample evidence that the perpetrators of the Brussels terrorists' attacks were initially or at some point planning to try to explode or to cause an explosion at a ... Belgian nuclear power plant. If they had done that, you would have had an absolutely catastrophic fallout, both in terms of the radiation, of course, [with] thousands upon thousands of lives lost [and] tens of thousands of people displaced, but also politically. There would have been a dramatic shift in the attitude of publics in the western world, everywhere, toward this whole debate that we're having. ... We do face real threats out there. ... It is much better that we figure out what the government is allowed to do; what it is not allowed to do; what information it can have access to; what information it cannot have access to - before you face one of these terrible events. Because once they happen, the public will react with fury, the government will be given carte blanche, and they will be able to do many, many more things than Mr. Snowden or I would want governments to do. 
If you imagine the world we are talking about, without any kind of framework of law, we are talking about a world in which there is a huge zone of privacy, safety, immunity for terrorists, drug dealers, bank launderers, criminals of all kinds to operate. And then you have these furtive attempts by law enforcement authorities, by the NSA, by the FBI to play in that dark zone. All of this [is] taking place in a kind of law of the digital jungle. Is that really the kind of world we want to end up in? What I'm suggesting is a more reasoned path, which is we try to figure out, what are the laws that we can agree on democratically; what are the systems that we think courts should enforce so that ... we balance security and liberty, in the way frankly, that the United States and western democracies have had to do since their founding. Technology always sounds new and shiny and it changes everything. But it doesn't change this age old debate between security and liberty."
Snowden defended encryption in an all-or-nothing argument, maintaining that citizens' private data must supersede government authority. He commented:
"Tonight is not about politics. Nor is it really about the law. It's about science. ... It doesn't really matter whether you're for or against surveillance. ... [T]he proposition is not really a choice between privacy and security. It's rather about more security or less security. ... [W]e're in the midst of the greatest crisis in computer security in history. ... Our intelligence agencies say that computer security is a bigger problem than terrorism, than crime, than anything else. The backbone of computer security today is encryption. ... [M]y opponent hopes that somebody could perhaps find a way to make encryption work only for the good guys. But encryption is a field of mathematics. ... Math is math. It works the same for Mother Theresa as it does for Osama bin Laden. And the scientific consensus on this next point is absolute. Lawful access to any device or communication cannot be provided to anybody without fatally compromising the security of everybody. ... America is safer with unbreakable end-to-end encryption."
For Zakaria, public order trumps the freedom of the private citizen. That is, the private citizen is ultimately public property. For Snowden, it is the other way around, and public order depends on preserving the freedom of the private citizen. This tension between the public and private derives from two competing western legal systems.

2005 map of Worldwide Governance Indicators, which attempts to measure the extent to which agents have confidence in and abide by the rules of society.

  90-100th percentile*
  75-90th percentile
  50-75th percentile
  25-50th percentile
  10-25th percentile
  0-10th percentile
The green areas show strongest rule of law (2005). Image Source: Wiki.

Zakaria tempered his support of state security by defending the rule of law, which places the law above all other actors in a society, including those who make, interpret and enforce the law. Wiki:
"The rule of law is the legal principle that law should govern a nation, as opposed to being governed by arbitrary decisions of individual government officials. It primarily refers to the influence and authority of law within society, particularly as a constraint upon behaviour, including behaviour of government officials. ... The concept, if not the phrase, was familiar to ancient philosophers such as Aristotle, who wrote 'Law should govern.' Rule of law implies that every citizen is subject to the law, including law makers themselves. In this sense, it stands in contrast to an autocracy, dictatorship, or oligarchy where the rulers are held above the law. Lack of the rule of law can be found in both democracies and dictatorships, for example because of neglect or ignorance of the law, and the rule of law is more apt to decay if a government has insufficient corrective mechanisms for restoring it."
Zakaria trusts in a prescriptive formula with a permissive outcome. He would relinquish private freedom and allow the government to read private cell phone contents in order to adhere to higher, broader, public, universal principles: open cultures, open societies, open markets. Give the constitution (and the government, as the constitution's agent) precedent over all other freedoms to enable a free social contract. The catch is where private limits are defined, and by whom. In the name of state security, agents of the higher authority may redraw the boundaries of private freedom. A glance at the rule of law and corruption charts from Wiki shows why Zakaria believes in this system. He lives in the United States, where the rule of law actually functions. During the debate, he acknowledged that public officials, if granted the right to decrypt private data, could violate the rule of law, depending on how and why they decided to exercise decryption and private data access rights.

2008 World Map of the Control of Corruption Index, which measures the degree to which corruption is perceived to exist among businesses, public officials and politicians.

  90-100th percentile*
  75-90th percentile
  50-75th percentile
  25-50th percentile
  10-25th percentile
  0-10th percentile
The green areas, contrary to the confusing legend above, show strongest control of official corruption. Image Source: Wiki.

Zakaria's argument implicitly combines permissive British Common Law in the private sphere with prescriptive Roman (European) Civil Law principles in the public sphere. Under Britain's system of the Common Law, everything which is not forbidden is allowed; in Anglo-American countries, this permissive idea constitutes the core freedom of every private citizen. By contrast, European systems' law derives from the legal texts of the Roman Empire, especially the Corpus Juris Civilis codified under Justinian I (482-565 CE); this latter system upholds the public interest, understood roughly in terms of the opposite idea: everything which is not allowed is forbidden. Public order in constitutional, administrative and criminal matters, is prescriptively defined by statute, rather than custom or court precedent.

Image Source: U.S. Global Investors.

In matters relating to private citizens, European civil law systems have incorporated customary laws to adapt universal Roman formulas to local conditions; they have other sets of checks and balances, emphasizing the need to limit the power of the 'legal state' and its officials. Nevertheless, the European system remains the source of the 'nanny state' so disliked by American libertarians, who see the continental model as one which puts the public realm first over the private individual, leaving little room for interpretation. New World Encyclopedia:
"According to legal origins theory, a controversial idea promoted by economists such as Andrei Shleifer and Robert W. Vishny, civil law countries tend to emphasize social stability, while common law countries focus on the rights of an individual. The basic thrust of the theory is that common law, as opposed to French civil law, and to a lesser degree to German and Scandinavian civil law, is associated with more orientation towards institutions of the market (instead of state interventionism), which is why common law countries tend to be economically more developed."
One commenter on Free Republic joked, echoing a colloquial comparison of European legal systems:
"There are four Government Models in Europe:

The English Model - All is permitted, except that which is forbidden.

The German Model - All is forbidden, except that which is permitted.

The Russian Model - All is forbidden, including that which is permitted.

The French Model - All is permitted, including that which is forbidden."

In the UK, Magna Carta drew the line between public and private powers in 1215: "Many contemporary writers believed that monarchs should rule in accordance with the custom and the law, with the counsel of the leading members of the realm, but [until Magna Carta] there was no model for what should happen if a king refused to do so." Duncan Fairgrieve, Judicial Review in International Perspective vol. II (The Hague: Kluwer Law International, 2000), p. 256.

Image Source: The Century Foundation.

Both speakers in this debate feared that high technology will trigger the establishment of totalitarian police states. Yet Zakaria and Snowden did not discuss the distinct legal philosophical principles which draw the line between public and private in different societies. The distinction is important if one wants to consider how totalitarianism might arise. The legal formula for the totalitarian principle is: everything which is not forbidden is compulsory. This rule of thumb was taken from T. H. White's The Once and Future King (1958) and is now used in quantum physics. We cannot be sure which perspective - Zakaria's or Snowden's - would lead to the totalitarian outcome and force compulsory conditions at the intersection of public and private.

The worst case scenario arising from Zakaria's position would make public officials totalitarians. Their surveillance of private data could lead them to enforce compulsory obligations on private citizens. This is the Orwellian possibility feared by online libertarians and crypto-anarchists. Snowden's worst case would involve private individuals becoming the oppressive agents in the public sphere, through inverted totalitarianism, self-appointed online intimidation, or hacktivist vigilantism. Future posts will discuss the legal and psychological preconditions for these possible outcomes. On 31 March 2016, Digital Guardian posted a list of the Top 50 Infosec blogs you should be reading, here.


The Snowden Effect. Barton Gellman inforgraphic (24 September 2015). Image Source: Purdue University via Dawn or Doom Conference: The New Technology Explosion.

Image Source: Flickr via Law Street Media.



No comments:

Post a Comment