News

net.wars: Not another 14-year-old basement Tweeter

by Wendy M Grossman | posted on 20 April 2013


It is, as they say, a free country. Which means that as a grown-up I understand that on occasion Congress (or Parliament) is going to pass laws that I seriously disagree with. What I don't appreciate is insults from the people who pass these laws.

Wendy M Grossman

In the mid-1990s, in a famous incident at the Computers, Freedom, and Privacy conference, which at the time was a hotbed of opponents to key escrow and defenders of the wide deployment of strong cryptography (privacy, security, authentication), the lawyer Stewart Baker told those assembled that the only opposition to key escrow was coming from "people who couldn't go to Woodstock because they had to stay home and finish their math homework". (To be fair to Baker, despite the insult, he's ever since been a very good sport about coming to CFP and being insulted right back by people who violently disagree with him. So, wash.)

In 2001, when Britain began the process of passing what became the Anti-Terrorism, Crime, and Security Act, the then Home Secretary, Jack Straw, called those who opposed key escrow in the mid-1990s "naïve", and suggested that the 9/11 attacks ought to be making us think better of said opposition. Now I'm told that the bill's sponsor, Mike Rogers (R-MI) stood up in Congress and urged the passage of the Cyber Intelligence Sharing and Protection Act (CISPA) and said, “if you’re a 14-year-old tweeter in the basement” you don’t understand why Congress needs to pass CISPA".

For those who've lost track, CISPA is the US bill that seeks to carve out a large exception to privacy law for "cybersecurity". Its provisions would give companies new rights to monitor their users and share the resulting data with government. The government needs no warrant, and the legislation grants the companies immunity from lawsuits. It creates, in other words, the surveillance-industrial complex that people used to think only paranoids thought could happen.

Let's say up front that 14-year-olds aren't what they used to be. Aaron Swartz won the ArsDigita Prize at 13, and at 14 he was part of the group that wrote the first version of the RSS standard. I don't care where kids like that tweet from; they're worth listening to. More to the point, of course, the opposition spans dozens of civil liberties groups, none of which are staffed by 14-year-olds.

I am 59, so, yes, I was too young for Woodstock. I tweet from wherever I happen to be but have no basement. I was opposed to key escrow, and am opposed to CISPA. I recognize – how could I not? – the very real threats we all face from terrorism. But there are much bigger risks – driving cars, going out in public where there are flu viruses – that we all take every day without thought. We are at much lower risk from terrorism, but are more frightened of it because a) it's new and b) it seems more out of our control.

On Wednesday, Bruce Schneier smartly rewrote and posted his "refused to be terrorized" essay (others' related thoughts are linked from that posting). The gist: don't panic and pass bad laws that stick. Refuse to be terrorized by going about life as normal. The ongoing disruption to public life, the raised anxiety, the man-centuries of bag and personal searches, the economic uncertainty, the vast sums spent on surveillance infrastructure - these are the real goals of terrorist activity. When, yesterday, Farhad Manjoo argued in Slate that what we need is more security cameras, he was reacting as intended..

On Thursday, the non-14-year-olds in the House of Representatives passed CISPA. If each incident keeps ratcheting up the fear-driven deployment of surveillance technology, the US may become as different from what we think of as American democratic values as the McCarthy era was. Instead of loyalty oaths and blacklists this would mean pervasive automated control.

It's unfortunately hard to explain to frightened people why hoping that sacrificing core values of liberty and democracy, privacy and personal autonomy will buy safety is wrong, especially with so little public understanding of statistics. Mass surveillance *will certainly* make you less free but it only *may* pay off in increased safety – and that pay-off will be highly unevenly distributed. You are never going to be able to lock down all possible targets.

Last year, when the hated bills du jour were SOPA and PIPA, technology companies and digital rights activists were on the same side. The evil genius of CISPA is that it divides us up: digital rights activists oppose it, particularly the warrantless data sharing. But because the bill relieves these data-driven companies like Facebook and Google of the worry about being sued by angry customers, their motivation to join with activists in opposing CISPA is limited. Privacy policies, contrary to what we'd like to believe, to protect companies' corporate asses, not us. This is likely to be a much tougher fight, even though CISPA's similar passage through the House last year was followed by rejection in the Senate. Worse, the drafters of future legislation know now that Internet companies will abandon digital rights rhetoric in favor of their business interests: they can be bought.

Stories about the border wars between cyberspace and real life are posted occasionally throughout the week at the net.wars Pinboard - or follow on Twitter.


Technorati tags:     

Wendy M. Grossman’s Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, follow on Twitter or send email to netwars(at) skeptic.demon.co.uk (but please turn off HTML).