Fwd: GNU hackers discover HACIENDA government surveillance and give us a way to fight back

Mark Rousell markr at signal100.com
Fri Aug 29 10:32:37 CEST 2014

On 27/08/2014 17:15, Robert J. Hansen wrote:
> Figure out what
> *precisely* you're concerned with, and start talking about that -- but
> "privacy" as a word has become so vague it's almost useless.  If we
> can't describe precisely what we're afraid of losing, we're going to
> lose it and we won't even be able to accurately tell people what we've lost.

This is a key point. The words "privacy" and "liberty" are too vague to
be useful for this purpose. The big problem is that what we are losing
is not easily amenable to rational explanation. It exists, it is real,
it matters, and yet it is difficult to explain in intellectually precise
terms. This lack of precision plays into the hands of those who desire
to remove such liberties.

Can anyone describe in clear, intellectually persuasive terms, why
liberty (and privacy is a subsection of liberty) matters? No one should
have to explain such things and yet that is what is now required.

> The second is a more general observation: authority tends to behave best
> when it's forced to submit to oversight.  Corporations behave best when
> they're forced to answer to public shareholder meetings where anyone
> with a single share to their name can demand answers -- and if they
> don't get them, there's hell to pay.  Politicians behave best when
> there's a free press following them around and asking them rude
> questions.  Terrorists wear masks not to hide from the authorities, but
> to hide from their own communities -- social oversight would make their
> job impossible.  Unfortunately, oversight only works when those in
> charge take it seriously.  We as a society would rather watch reality
> television than television about reality: we'd rather watch _Big
> Brother_ than C-SPAN hearings about whether government has become Big
> Brother.

Well observed.

> The third is that those who *do* care, tend to care in deeply broken
> ways.  I can't tell you how many times I've run into self-styled privacy
> advocates here in the U.S. who are furious over how the U.S. has been
> reading their email.  The only problem is there's very little evidence
> of that occurring.  Reading email metadata, maybe, but not email
> content.  When I try to explain that to them I usually find myself
> wondering inside of two minutes why I ever bothered trying to bring fact
> and reason to what is fundamentally an argument from passion and
> emotion.  I have had people literally yell in my face over the
> metadata-versus-content distinction.  When the front line of advocacy
> appears to be detached from reality in one way, and the body politic is
> detached from reality in another (reality television), well... how does
> one fix this?

Surely the metadata versus data argument is something of a red herring.
Whilst there are clear technical differences between metadata and
data/content, the fact is that when the powers that be read my
communications metadata without warrant and at will (something that I
never gave them permission to look at), it is no less an invasion of my
privacy than if they read the data/contents. The nature of
communications metadata is that it can tell people who look at it a
great deal about a person, information that may well be private in
nature. Warrantless snooping in metadata is too much.

I am also aware that there are longstanding legal definitions that treat
metadata differently to content. Well, legal niceties be damned.

Technical (and legal) differences between metadata and data/content
notwithstanding, the reality is that when my communications metadata is
snooped on without warrant and without my permission then it is an
invasion of privacy, one that is indistinguishable in seriousness (both
morally and practically, in terms of what can be inferred from metadata)
from snooping on data/content itself.

(For those who are about to point out that we willingly share
communications metadata with service providers to allow for routing our
communications to the right place, this is done intentionally and for
the purposes of routing only. It does not follow that such metadata
should be available to anyone and everything; it is still private
information that we should have every right to expect is shared only for
the purposes of communications routing).

> My reading of what Dan's said (I apologize, Dan, if I'm getting you
> wrong) is that he sees no way to stop the technological assault.  I
> don't think that's quite true, though.  If we were as a society to
> suddenly say, "stop this, right now, let's establish some laws to
> protect the essential core of privacy," we'd do it.

It seems to me that a great many people believe that there is nothing
that can be done. They truly seem to think that the only thing to do is
to give in and throw away all aspects of personal
information/travel/communications privacy (whatever precise meanings
"privacy" has in this context). It's a defeatist attitude and I think
it's playing into the enemy's hands.

> Now I'm waving my arms and screaming at the other Eloi that they
> aren't going to like what happens when the Morlocks come, but nobody's
> listening to me.  I'm getting in the way of the latest special about the
> Kardashians, you see...

I know what you mean. I have faith in the longer run but I'm not going
to like the process that we end up going through to get there because
people are not taking the threat seriously now, whilst there is still
time to prevent the worst.

Mark Rousell

PGP public key: http://www.signal100.com/markr/pgp
Key ID: C9C5C162

More information about the Gnupg-users mailing list