Digital utopia digital dystopia (DRAFT)
The 20th century view of privacy is no longer valid for the 21st century world. The digital transition has ushered in a world of complete surveillance – the questions now are more about who watches who – who is empowered to watch you, not 'should you be watched'.
Let's briefly look at where we are at. Who are we hiding from?
Do you carry a mobile phone?
- Your service provider will have a record of your movements to within 500m or better every minute or so that your phone is on.
- All the texts and phone conversations can easily be recorded by a 3rd party.
- If you have a smart phone it will be broadcasting a unique wifi and blue-tooth signal to all receivers as you carry it around.
- If you “lose” your phone, it will give details of all calls in and out, all texts, all web pages visited by web history and cache. It will give access to all your social networks, both open and secure, by apps and via the 'save password' option in the web phone browser. Thus someone has access to all your friends' social networks as well as your own, all the documents saved and, of course, your contacts book.
Do you surf the web?
- Every website you visit will have via your IP address a record of your location within a few km's.
- They can uniquely identify you through the browser configuration collected every time you visit a site.
- If you use a social network, then your life is an open book for both the corporations and any police government agency they provide the data too. They will know you and your social circles better than you do.
Do you go out in public in a city or town?
- Your image will be recorded on CCTV meany time's on each trip
- Do you use public buildings? All on CCTV
- They can use face recognition to identify you and track you
- Number plate recognition will track your car
- Everyone has a camera in their pockets – you are in the background of some of these millions of shots and many of them are on Facebook and Twitter.
Do you use a store card, credit or debit card?
- Every transaction creates data that tracks your movements and habits.
Do you go to political meeting or demonstrations?
- The police Fit team have many images of you from unflattering angles
- The police spy in your group has video/stills and audio from your meetings
- As does the corporate spy: any group that is worth anything will have one or more of them.
Do you use encrypted communication and secure activist websites?
- The keylogger has already captured your passwords for your encrypted/secure e-mail communication so that it is open to those you don’t want to read it.
- The nice site admin who helpfully builds all your secure activist websites is employed by MI5 or Special Branch, just like the helpful man with a van who drives you to the demonstrations.
- And if you think you can hide by obscuring your online life, the pattern matching algorithms will connect the dots – to reveal who you talk to, who they talk to and what you/they do.
For a comedy look at all this, the Onion is a good sources of news: http://www.theonion.com/articles/google-responds-to-privacy-concerns-with-unsettlin,16891/
As you can see all the “bad people” already watch your every move. When you try to hide in the modern world you are hiding from your friends, not your enemy. There are some cases where you can have a have a “semblance of privacy” - such as a teacher hiding their Facebook updates from the children they teach. Such limited privacy is mediated by the whim of the corporate owners – and in Facebook's and Google's case this is constantly changing.
I think it is too early to have a solution to this privacy debate, but it is high time to bring it into the wider public view. We hope this post is a vaccine that will make you a little “ill” so you can have the antibodies to fight off the worse social disease that is growing all around you.
Hard or Soft is the question
The are two types of security in activism (DRAFT)
The is the outline of what am talking about here http://en.wikipedia.org/wiki/Soft_security
"hard security for traditional mechanisms like authentication and access control, and soft security for social control mechanisms."
Encryption and anonymity, hiding communication so that people can trust that there interaction is with the people they think it is with and nobody eales. in activist cercals this has a strong tendency to centralise activist infrastructure and activity around a small "shadowy" group. And history tells us this is the easiest place for state, and corporate spy’s to live in these encrypted/secret shadows. Examples dailymail and Guardian
"Soft security attempts to discourage harm and mitigate any damage, while quality control attempts to improve a product and weed out non-conforming output. The social controls on the production of Wikipedia documents demonstrate both principles, using discussion pages, accessible edit histories, policies and guidelines, in contrast to traditional document control mechanisms such as workflow and authorization, to achieve both soft security and quality control.
In commercial security, soft security is often achieved through training of staff to manage the environment (1) to make disruptions more noticeable, (2) to make disruptions less socially acceptable, and (3) to create a perceived vested interest in the public."
Openness, activity streams, bring communication into the open to building trust. Using open tools so that you have a very direct and continues inside into what’s going on so you can actual see and trust the popule you are working because you can see them. This builds a secure working relationship and dynamic and effective community of action. Pleapole who have something to hide stand out and are easey to see.
The is a case for hard security in activism and we have tradition to facilitate this - phone, meetups, affinity groups etc. the problem am highlighting here is the online infrastructure that we use to implement so called hard security in activism are almost all based on clinet server infrastructure which in hand with the geek obsession with hard security makes the admin of these centralised services into a fatel weakness - if I was a modern police spy i would be an activist syes admin running the group website and e-mail list and it is very easy to take on these responsibility and stay int he shadows.
For hard security in activism the is a much better model of peer to peer model were the is no centre, it is horizontal web of trust. this is not popular amuncest geek activism for a number of resions probably the most important (unspoken) resign is one of control. An example of a workable open source tool that activist could use is http://en.wikipedia.org/wiki/Retroshare would be good if a group of activist tried to work with this.
The ideas behind soft security is that the open web is simply not an appropriate tool for "spiky" organising and that most of the client server "secure" tools are pseudonymous at best and blatantly open at worst, this would be fine if people understood this but they don’t and these tools are pushed on less techy people as the right this to do. This is both dangerous in a very practical sense and damaging as it makes activism much less dynamic and flexible. The tech tools activist use dampen there effectiveness and lead to a continuation of top-down working practices.
Activist hard security is currently both damaging to the movements from its dysfunctionally and from it pseudonymous. So if soft security is a much better model for MOST activist organising and is actually what the HUGE majority of activist are doing when they use facebook for organising - the question of facebook opens up a hole other connected can of worms.
Very good DRAFT wright up of these issues here http://meatballwiki.org/wiki/SoftSecurity