www/philosophy surveillance-vs-democracy.html

[Pavel Kharitonov]

CVSROOT:        /web/www
Module name:    www
Changes by:     Pavel Kharitonov <ineiev>       13/10/19 09:00:58

Added files:
        philosophy     : surveillance-vs-democracy.html 

Log message:
        New article RT #864318.

CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/philosophy/surveillance-vs-democracy.html?cvsroot=www&rev=1.1

Patches:
Index: surveillance-vs-democracy.html
===================================================================
RCS file: surveillance-vs-democracy.html
diff -N surveillance-vs-democracy.html
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ surveillance-vs-democracy.html      19 Oct 2013 09:00:57 -0000      1.1
@@ -0,0 +1,416 @@
+<!--#include virtual="/server/header.html" -->
+<!-- Parent-Version: 1.75 -->
+<title>How Much Surveillance Can Democracy Withstand?
+- GNU Project - Free Software Foundation</title>
+<!--#include virtual="/server/gnun/initial-translations-list.html" -->
+<!--#include virtual="/server/banner.html" -->
+<h2>How Much Surveillance Can Democracy Withstand?</h2>
+
+<p>by <a href="http://www.stallman.org/";>Richard Stallman</a></p>
+
+<p>The current level of general surveillance in society is
+incompatible with human rights.  To recover our freedom and restore
+democracy, we must reduce surveillance to the point where it is
+possible for whistleblowers of all kinds to talk with journalists
+without being spotted.  To do this reliably, we must reduce the
+surveillance capacity of the systems we use.</p>
+
+<p>Using free/libre software, <a
+href="http://www.wired.com/opinion/2013/09/why-free-software-is-more-important-now-than-ever-before/";>
+as I've advocated for 30 years</a>, is the first step in taking
+control of our digital lives.  We can't trust nonfree software; the <a
+href="http://blogs.computerworlduk.com/open-enterprise/2013/06/how-can-any-company-ever-trust-microsoft-again/index.htm";>
+NSA uses and even creates security weaknesses</a> in nonfree software
+so as to <a
+href="http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security";>
+invade our own computers</a> and routers.  Free software gives us
+control of our own computers, but <a
+href="http://www.wired.com/opinion/2013/10/149481/";> that won't
+protect our privacy once we set foot on the Internet</a>.</p>
+
+<p><a
+href="http://www.theguardian.com/world/2013/oct/10/nsa-surveillance-patriot-act-author-bill";>Bipartisan
+legislation to &ldquo;curtail the domestic surveillance
+powers&rdquo;</a> in the U.S. is being drawn up, but it relies on
+limiting the government's use of our virtual dossiers.  That won't
+suffice to protect whistleblowers if &ldquo;catching the
+whistleblower&rdquo; is grounds for access sufficient to identify him
+or her.  We need to go further.</p>
+
+<p>Thanks to Edward Snowden's disclosures, we know that the current
+level of general surveillance in society is incompatible with human
+rights.  The repeated harassment and prosecution of dissidents,
+sources, and journalists provides confirmation.  We need to reduce the
+level of general surveillance, but how far?  Where exactly is the
+<em>maximum tolerable level of surveillance</em>, beyond which it
+becomes oppressive?  That happens when surveillance interferes with
+the functioning of democracy: when whistleblowers (such as Snowden)
+are likely to be caught.</p>
+
+<h3>Don't Agree We Need to Reduce Surveillance?  Then Read This
+Section First</h3>
+
+<p>If whistleblowers don't dare reveal crimes and lies, we lose the
+last shred of effective control over our government and institutions.
+That's why surveillance that enables the state to find out who has
+talked with a reporter is too much surveillance&mdash;too much for
+democracy to endure.</p>
+
+<p>An unnamed U.S. government official ominously told journalists in
+2011 that the <a
+href="http://www.rcfp.org/browse-media-law-resources/news-media-law/news-media-and-law-summer-2011/lessons-wye-river";>
+U.S. would not subpoena reporters because &ldquo;We know who you're
+talking to.&rdquo;</a> Sometimes <a
+href="http://www.theguardian.com/media/2013/sep/24/yemen-leak-sachtleben-guilty-associated-press";>
+journalists' phone call records are subpoenaed</a> to find this out,
+but Snowden has shown us that in effect <a
+href="https://www.commondreams.org/view/2013/05/14";> they subpoena all
+the phone call records</a> of everyone in the U.S., all the time.</p>
+
+<p>Opposition and dissident activities need to keep secrets from
+states that are willing to play dirty tricks on them.  The ACLU has
+demonstrated the U.S. government's <a
+href="http://www.aclu.org/files/assets/Spyfiles_2_0.pdf";> systematic
+practice of infiltrating peaceful dissident groups</a> on the pretext
+that there might be terrorists among them.  The point at which
+surveillance is too much is the point at which the state can find who
+spoke to a known journalist or a known dissident.</p>
+
+<h4>Information, Once Collected, Will Be Misused</h4>
+
+<p>When people recognize that the level of general surveillance is too
+high, the first response is to propose limits on access to the
+accumulated data.  That sounds nice, but it won't fix the problem, not
+even slightly, even supposing that the government obeys the rules.
+(The NSA has misled the FISA court, which said it was <a
+href="http://www.wired.com/threatlevel/2013/09/nsa-violations/";>
+unable to effectively hold the NSA accountable</a>.) Suspicion of a
+crime will be grounds for access, so once a whistleblower is accused
+of &ldquo;espionage,&rdquo; finding the &ldquo;spy&rdquo; will provide
+an excuse to access the accumulated material.</p>
+
+<p>The state's surveillance staff will misuse the data for personal
+reasons too.  Some NSA agents <a
+href="http://www.theguardian.com/world/2013/aug/24/nsa-analysts-abused-surveillance-systems";>
+used U.S. surveillance systems to track their lovers</a>&mdash;past,
+present, or wished-for&mdash;in a practice called
+&ldquo;LoveINT.&rdquo; The NSA says it has caught and punished this a
+few times; we don't know how many other times it wasn't caught.  But
+these events shouldn't surprise us, because police have long <a
+href="http://www.sweetliberty.org/issues/privacy/lein1.htm";>used their
+access to driver's license records to track down someone
+attractive</a>, a practice known as &ldquo;running a plate for a
+date.&rdquo;</p>
+
+<p>Surveillance data will always be used for other purposes, even if
+this is prohibited.  Once the data has been accumulated and the state
+has the possibility of access to it, it may misuse that data in
+dreadful ways.</p>
+
+<p>Total surveillance plus vague law provides an opening for a massive
+fishing expedition against any desired target.  To make journalism and
+democracy safe, we must limit the accumulation of data that is easily
+accessible to the state.</p>
+
+<h4>Robust Protection for Privacy Must Be Technical</h4>
+
+<p>The Electronic Frontier Foundation and other organizations propose
+a set of legal principles designed to <a
+href="https://en.necessaryandproportionate.org/text";> prevent the
+abuses of massive surveillance</a>.  These principles include,
+crucially, explicit legal protection for whistleblowers; as a
+consequence, they would be adequate for protecting democratic
+freedoms&mdash;if adopted completely and enforced without exception
+forever.</p>
+
+<p>However, such legal protections are precarious: as recent history
+shows, they can be repealed (as in the FISA Amendments Act),
+suspended, or <a
+href="http://www.nytimes.com/2009/04/16/us/16nsa.html";>
+ignored</a>.</p>
+
+<p>Meanwhile, demagogues will cite the usual excuses as grounds for
+total surveillance; any terrorist attack, even one that kills just a
+handful of people, will give them an opportunity.</p>
+
+<p>If limits on access to the data are set aside, it will be as if
+they had never existed: years worth of dossiers would suddenly become
+available for misuse by the state and its agents and, if collected by
+companies, for their private misuse as well.  If, however, we stop the
+collection of dossiers on everyone, those dossiers won't exist, and
+there will be no way to compile them retroactively.  A new illiberal
+regime would have to implement surveillance afresh, and it would only
+collect data starting at that date.  As for suspending or momentarily
+ignoring this law, the idea would hardly make sense.</p>
+
+<h3>We Must Design Every System for Privacy</h3>
+
+<p>If we don't want a total surveillance society, we must consider
+surveillance a kind of social pollution, and limit the surveillance
+impact of each new digital system just as we limit the environmental
+impact of physical construction.</p>
+
+<p>For example: &ldquo;Smart&rdquo; meters for electricity are touted
+for sending the power company moment-by-moment data about each
+customer's electric usage, including how usage compares with users in
+general.  This is implemented based on general surveillance, but does
+not require any surveillance.  It would be easy for the power company
+to calculate the average usage in a residential neighborhood by
+dividing the total usage by the number of subscribers, and send that
+to the meters.  Each customer's meter could compare her usage, over
+any desired period of time, with the average usage pattern for that
+period.  The same benefit, with no surveillance!</p>
+
+<p>We need to design such privacy into all our digital systems.</p>
+
+<h4>Remedy for Collecting Data: Leaving It Dispersed</h4>
+
+<p>One way to make monitoring safe for privacy is to keep the data
+dispersed and inconvenient to access.  Old-fashioned security cameras
+were no threat to privacy.  The recording was stored on the premises,
+and kept for a few weeks at most.  Because of the inconvenience of
+accessing these recordings, it was never done massively; they were
+accessed only in the places where someone reported a crime.  It would
+not be feasible to physically collect millions of tapes every day and
+watch them or copy them.</p>
+
+<p>Nowadays, security cameras have become surveillance cameras: they
+are connected to the Internet so recordings can be collected in a data
+center and saved forever.  This is already dangerous, but it is going
+to get worse.  Advances in face recognition may bring the day when
+suspected journalists can be tracked on the street all the time to see
+who they talk with.</p>
+
+<p>Internet-connected cameras often have lousy digital security
+themselves, so <a
+href="http://www.networkworld.com/community/blog/cia-wants-spy-you-through-your-appliances";>
+anyone could watch what the camera sees</a>.  To restore privacy, we
+should ban the use of Internet-connected cameras aimed where and when
+the public is admitted, except when carried by people.  Everyone must
+be free to post photos and video recordings occasionally, but the
+systematic accumulation of such data on the Internet must be
+limited.</p>
+
+<h4>Remedy for Internet Commerce Surveillance</h4>
+
+<p>Most data collection comes from people's own digital activities.
+Usually the data is collected first by companies.  But when it comes
+to the threat to privacy and democracy, it makes no difference whether
+surveillance is done directly by the state or farmed out to a
+business, because the data that the companies collect is
+systematically available to the state.</p>
+
+<p>The NSA, through PRISM, has <a
+href="https://www.commondreams.org/headline/2013/08/23-2";> gotten into
+the databases of many large Internet corporations</a>.  AT&amp;T has
+saved all its phone call records since 1987 and <a
+href="http://www.nytimes.com/2013/09/02/us/drug-agents-use-vast-phone-trove-eclipsing-nsas.html?_r=0";>
+makes them available to the DEA</a> to search on request.  Strictly
+speaking, the U.S.  government does not possess that data, but in
+practical terms it may as well possess it.</p>
+
+<p>The goal of making journalism and democracy safe therefore requires
+that we reduce the data collected about people by any organization,
+not just by the state.  We must redesign digital systems so that they
+do not accumulate data about their users.  If they need digital data
+about our transactions, they should not be allowed to keep them more
+than a short time beyond what is inherently necessary for their
+dealings with us.</p>
+
+<p>One of the motives for the current level of surveillance of the
+Internet is that sites are financed through advertising based on
+tracking users' activities and propensities.  This converts a mere
+annoyance&mdash;advertising that we can learn to ignore&mdash;into a
+surveillance system that harms us whether we know it or not.
+Purchases over the Internet also track their users.  And we are all
+aware that &ldquo;privacy policies&rdquo; are more excuses to violate
+privacy than commitments to uphold it.</p>
+
+<p>We could correct both problems by adopting a system of anonymous
+payments&mdash;anonymous for the payer, that is.  (We don't want the
+payee to dodge taxes.)  <a
+href="http://www.wired.com/opinion/2013/05/lets-cut-through-the-bitcoin-hype/";>
+Bitcoin is not anonymous</a>, but technology for <a
+href="http://www.wired.com/wired/archive/2.12/emoney_pr.html";> digital
+cash was first developed 25 years ago</a>; we need only suitable
+business arrangements, and for the state not to obstruct them.</p>
+
+<p>A further threat from sites' collection of personal data is that
+security breakers might get in, take it, and misuse it.  This includes
+customers' credit card details.  An anonymous payment system would end
+this danger: a security hole in the site can't hurt you if the site
+knows nothing about you.</p>
+
+<h4>Remedy for Travel Surveillance</h4>
+
+<p>We must convert digital toll collection to anonymous payment (using
+digital cash, for instance).  License-plate recognition systems
+recognize all license plates, and the <a
+href="http://news.bbc.co.uk/2/hi/programmes/whos_watching_you/8064333.stm";>
+data can be kept indefinitely</a>; they should be required by law to
+notice and record only those license numbers that are on a list of
+cars sought by court orders.  A less secure alternative would record
+all cars locally but only for a few days, and not make the full data
+available over the Internet; access to the data should be limited to
+searching for a list of court-ordered license-numbers.</p>
+
+<p>The U.S. &ldquo;no-fly&rdquo; list must be abolished because it is
+<a
+href="https://www.aclu.org/blog/national-security-technology-and-liberty-racial-justice/victory-federal-court-recognizes";>
+punishment without trial</a>.</p>
+
+<p>It is acceptable to have a list of people whose person and luggage
+will be searched with extra care, and anonymous passengers on domestic
+flights could be treated as if they were on this list.  It is also
+acceptable to bar non-citizens, if they are not permitted to enter the
+country at all, from boarding flights to the country.  This ought to
+be enough for all legitimate purposes.</p>
+
+<p>Many mass transit systems use some kind of smart cards or RFIDs for
+payment.  These systems accumulate personal data: if you once make the
+mistake of paying with anything but cash, they associate the card
+permanently with your name.  Furthermore, they record all travel
+associated with each card.  Together they amount to massive
+surveillance.  This data collection must be reduced.</p>
+
+<p>Navigation services do surveillance: the user's computer tells the
+map service the user's location and where the user wants to go; then
+the server determines the route and sends it back to the user's
+computer, which displays it.  Nowadays, the server probably records
+the user's locations, since there is nothing to prevent it.  This
+surveillance is not inherently necessary, and redesign could avoid it:
+free/libre software in the user's computer could download map data for
+the pertinent regions (if not downloaded previously), compute the
+route, and display it, without ever telling anyone where the user is
+or wants to go.</p>
+
+<p>Systems for borrowing bicycles, etc., can be designed so that the
+borrower's identity is known only inside the station where the item
+was borrowed.  Borrowing would inform all stations that the item is
+&ldquo;out,&rdquo; so when the user returns it at any station (in
+general, a different one), that station will know where and when that
+item was borrowed.  It will inform the other station that the item is
+no longer &ldquo;out.&rdquo; It will also calculate the user's bill,
+and send it (after waiting some random number of minutes) to
+headquarters along a ring of stations, so that headquarters would not
+find out which station the bill came from.  Once this is done, the
+return station would forget all about the transaction.  If an item
+remains &ldquo;out&rdquo; for too long, the station where it was
+borrowed can inform headquarters; in that case, it could send the
+borrower's identity immediately.</p>
+
+<h4>Remedy for Communications Dossiers</h4>
+
+<p>Internet service providers and telephone companies keep extensive
+data on their users' contacts (browsing, phone calls, etc).  With
+mobile phones, they also <a
+href="http://www.zeit.de/digital/datenschutz/2011-03/data-protection-malte-spitz";>
+record the user's physical location</a>.  They keep these dossiers for
+a long time: over 30 years, in the case of AT&amp;T.  Soon they will
+even <a
+href="http://www.wired.com/opinion/2013/10/the-trojan-horse-of-the-latest-iphone-with-the-m7-coprocessor-we-all-become-qs-activity-trackers/";>
+record the user's body activities</a>.  It appears that the <a
+href="https://www.aclu.org/blog/national-security-technology-and-liberty/it-sure-sounds-nsa-tracking-your-location";>
+NSA collects cell phone location data</a> in bulk.</p>
+
+<p>Unmonitored communication is impossible where systems create such
+dossiers.  So it should be illegal to create or keep them.  ISPs and
+phone companies must not be allowed to keep this information for very
+long, in the absence of a court order to surveil a certain party.</p>
+
+<p>This solution is not entirely satisfactory, because it won't
+physically stop the government from collecting all the information
+immediately as it is generated&mdash;which is what the <a
+href="http://www.guardian.co.uk/world/2013/jun/06/nsa-phone-records-verizon-court-order";>
+U.S. does with some or all phone companies</a>.  We would have to rely
+on prohibiting that by law.  However, that would be better than the
+current situation, where the relevant law (the PATRIOT Act) does not
+clearly prohibit the practice.  In addition, if the government did
+resume this sort of surveillance, it would not get data about
+everyone's phone calls made prior to that time.</p>
+
+<h3>But Some Surveillance Is Necessary</h3>
+
+<p>For the state to find criminals, it needs to be able to investigate
+specific crimes, or specific suspected planned crimes, under a court
+order.  With the Internet, the power to tap phone conversations would
+naturally extend to the power to tap Internet connections.  This power
+is easy to abuse for political reasons, but it is also necessary.
+Fortunately, this won't make it possible to find whistleblowers after
+the fact.</p>
+
+<p>Individuals with special state-granted power, such as police,
+forfeit their right to privacy and must be monitored.  (In fact,
+police have their own <a
+href="https://en.wikipedia.org/w/index.php?title=Police_perjury&amp;oldid=552608302";>
+jargon term for perjury</a>, &ldquo;testilying,&rdquo; since they do
+it so frequently, particularly about protesters and <a
+href="http://photographyisnotacrime.com/";> photographers</a>.)  One
+city in California that required police to wear video cameras all the
+time found <a
+href="http://www.motherjones.com/kevin-drum/2013/08/ubiquitous-surveillance-police-edition";>
+their use of force fell by 60%</a>.  The ACLU is in favor of this.</p>
+
+<p><a
+href="http://action.citizen.org/p/dia/action3/common/public/?action_KEY=12266";>Corporations
+are not people, and not entitled to human rights</a>.  It is
+legitimate to require businesses to publish the details of processes
+that might cause chemical, biological, nuclear, fiscal, computational
+(e.g., <a href="http://DefectiveByDesign.org";>DRM</a>) or political
+(e.g., lobbying) hazards to society, to whatever level is needed for
+public well-being.  The danger of these operations (consider the BP
+oil spill, the Fukushima meltdowns, and the 2008 fiscal crisis) dwarfs
+that of terrorism.</p>
+
+<p>However, journalism must be protected from surveillance even when
+it is carried out as part of a business.</p>
+
+<hr />
+
+<p>Digital technology has brought about a tremendous increase in the
+level of surveillance of our movements, actions, and communications.
+It is far more than we experienced in the 1990s, and <a
+href="http://blogs.hbr.org/cs/2013/06/your_iphone_works_for_the_secret_police.html";>
+far more than people behind the Iron Curtain experienced</a> in the
+1980s, and would still be far more even with additional legal limits
+on state use of the accumulated data.</p>
+
+<p>Unless we believe that our free countries previously suffered from
+a grave surveillance deficit, and ought to be surveilled more than the
+Soviet Union and East Germany were, we must reverse this increase.
+That requires stopping the accumulation of big data about people.</p>
+
+</div><!-- for id="content", starts in the include above --> <!--#include
+virtual="/server/footer.html" --> <div id="footer">
+
+<p>Please send general FSF &amp; GNU inquiries to <a
+href="mailto:address@hidden";>&lt;address@hidden&gt;</a>.  There are also <a
+href="/contact/">other ways to contact</a> the FSF.  Broken links and other
+corrections or suggestions can be sent to <a
+href="mailto:address@hidden";>&lt;address@hidden&gt;</a>.</p>
+
+<p><!-- TRANSLATORS: Ignore the original text in this paragraph, replace it
+with the translation of these two:
+
+       We work hard and do our best to provide accurate, good quality
+translations.  However, we are not exempt from imperfection.  Please send your
+comments and general suggestions in this regard to <a
+href="mailto:address@hidden";> &lt;address@hidden&gt;</a>.</p>
+
+       <p>For information on coordinating and submitting translations of our
+web pages, see <a
+href="/server/standards/README.translations.html">Translations README</a>. -->
+Please see the <a
+href="/server/standards/README.translations.html">Translations README</a> for
+information on coordinating and submitting translations of this article.</p>
+
+<p>Copyright &copy; 2013 Free Software Foundation, Inc.</p>
+  
+<p>This page is licensed under a <a rel="license"
+href="http://creativecommons.org/licenses/by-nd/3.0/us/";>Creative Commons
+Attribution-NoDerivs 3.0 United States License</a>.</p>
+
+<!--#include virtual="/server/bottom-notes.html" -->
+
+<p>Updated: <!-- timestamp start --> $Date: 2013/10/19 09:00:57 $ <!--
+timestamp end --> </p> </div> </div> </body> </html>