[linux-elitists] Political solutions to mass surveillance?

Don Marti dmarti at zgp.org
Sat Jul 26 05:57:36 PDT 2014


begin Jeremy Hankins quotation of Fri, Jul 25, 2014 at 01:53:43PM -0500:

> If this is true (and I'm not saying it isn't) doesn't that suggest that
> any kind of effort to limit government prerogative is doomed?  So we
> should just throw up our hands in despair and bow to our
> "democratically" "elected" overlords?

No, there are plenty of other places that need _more_
political action.  One example is secretly negotiated
"trade" deals that are likely to come before Congress
for a vote.  Few people have enough time or political
power to deal with all the issues they would like to.

On one hand, there are some people who would do
"ban the NSA" activism or nothing, so better that
they do something.

> As for the first two points, there's the whole soft-power angle of
> trying to use moral suasion to influence the behavior of foreign
> countries.  That works much better if we don't seem totally
> hypocritical.

More likely that they'll believe we're hypocrites who
went through the motions of passing a toothless law.

I can't see how there's a way to say both (1) we have
a secret intelligence program and (2) we have public
policy that meaningfully restricts that program.

> And even in a worst-case scenario where any kind of government action is
> doomed to failure and/or toothlessness, a symbolic stand still counts
> for something.  Hypocrisy is the respect vice pays virtue, etc., and
> cynical as it may seem I suspect we're better off at least pretending to
> do something rather than just accepting it -- we may be hypocrites, but
> at least we haven't lost sight of what we *ought* to be doing.  Maybe
> our grandchildren will be made of sterner stuff.

There are symbolic stands that carry more weight,
though. The State Department's support for
freedom-enabling technologies is a good one.

Maybe what we need is action that can be taken in
public and verified in public.

Example: a law against government stockpiling
of zero-day vulnerabilities would be pretty
meaningless. A "black program" can always redirect
money to some contractor that maintains the actual
archive.  But a law that appropriates money for
buying and disclosing zero-day vunlerabilities can
have observable effects.

> Frankly, I don't see purely technical solutions as being any more likely
> to solve the problem.  It's great to use encryption and good security
> practices, but those aren't going to end surveillance.  Ask yourself,
> who wins in an arms race?

Arms dealers, of course.  But this one could have
positive externalities in the form of increased
software quality and maintainability.  If Alice finds
a bug in her company's product, it's worth little to
just fix it, but potentially a lot if she can secretly
tell Bob and he can sell it.  A lot of software
development today is set up to facilitate "insider
bug trading" and all the solutions I can think of
involve more programmer respect, compensation, and
emphasis on quality.

> (Nor are technical measures going to do much for improving trust and
> transparency in government, which in my personal view are more important
> issues than the surveillance itself.)

I have to agree with you on that.  But I'm having
trouble seeing how much transparency there is in
public law whose consequences are invisible to
the public.

-- 
Don Marti                    
http://zgp.org/~dmarti/
dmarti at zgp.org


More information about the linux-elitists mailing list