this post was submitted on 20 Oct 2021
16 points (94.4% liked)
Asklemmy
43851 readers
1418 users here now
A loosely moderated place to ask open-ended questions
Search asklemmy ๐
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- !lemmy411@lemmy.ca: a community for finding communities
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
This is a great question. I also find it hard to navigate.
Here's a take based on Bruce Schneier's Click Here to Kill Everybody.
To start off, data should be considered toxic, and incentives should be set up so that data collection is minimized. This should happen both at the level of companies, so that surveillance capitalism cannot work with its massive data-collection approach, and at the level of State agencies, so that the NSA cannot surveil the world as it does now.
Beyond that, we should recognize that, tactically, it doesn't make sense to defend one's internet-related practices and infrastructure while attacking theirs (whoever this 'other' is). The reason is technical: the internet and mass consumer goods make it practically impossible to assure this previously tenable tactic (protect my stuff while destroying theirs); we all use the same stuff. The result is a decision where its either security for everyone or insecurity for everyone. Schneier clearly thinks security for everyone is better.
But this doesn't mean spying and targeted law-enforcement stops doing its job. Spying, apprehensions, or (as was the case with Bin Laden) State-sponsored assassinations are still possible in an internet-safer world. The way this works is to think of an internet-safer world as raising the costs of surveillance. Rather than surveil the world, law enforcement becomes selective as to who to go after.
This last point sounds as if I was justifying these actions. I dislike the idea of State-sponsored spying and assassinations. But the concrete problem that we're dealing with (widespread surveillance) can be dealt with in the same way that slavery, death penalty, women's rights, and the achievements of the labor movement (8-hour working day, insurance, safety regulations): citizens demand changes in institutions. I am aware that this is a proposal to improve our life conditions within liberalism, rather than propose a broader change. But the historical changes we've had in our lives regarding these non-trivial issues show that even within a system full of gross inequalities and suffering, there are ways in which we, as a whole, can improve our human experience.
And this doesn't mean that liberalism works as a stand-alone system. As I said before, it is through citizen mobilization that these improvements in the human experience have appeared. A State responds to its citizens. And law enforcement is no exception. Institutions should be set up in such a way that if we, as citizens, decide it's okay to break encryption to catch criminals, it is done in such a way that there's accountability. Public officials and workers are no exception to accountability.
Personally, I'd want a State that not only deals with criminals, but prevents it. For example, we know that economic inequality is tied to crime. We know that childhood trauma is linked to crime. We know that lack of life-path opportunities (e.g. "Do you want to run your own farm? Do you want to become a Human Rights lawyer? Do you want to program? Do you want to write?") is linked to crime. That should be dealt with now so that tomorrow breaking encryption is not necessary.
So, to summarize, we should treat data as toxic and regulate/mitigate its recollection and usage. We should make the the internet, the devices, the services, and everything related to its usage as safe as possible. This is where your encryption comes in. This merely increases the cost of surveilling, making law enforcement have to make thoughtful choices regarding its activities. Finally, law enforcement should be accountable to its citizens; public officials and workers are not immune to justice.
Edit: To be clear, "breaking encryption" here cannot practically refer to actually brute-forcing or phishing encryption keys. This is not how it generally goes, as @poVoq@lemmy.ml points out. Rather, "breaking encryption" refers to getting data that was otherwise meant to be private, generally involving encryption.
To somewhat give my opinion on this...