I was asked on Twitter what I think about SecureDrop. The short answer is that I am thrilled to see it. Just like I was thrilled about the New Yorker’s StrongBox which is based on the same original code by Aaron Swartz. Now I think the reason the question was asked in the first place was because I have written about how more crypto is not the answer and this would seem to be more crypto. So here is the longer answer.
I have long believed that government operates with way too many secrets. Secrets are the fundamental enemy of accountability. If we want more government accountability we need far fewer secrets. Wikileaks was a great force against government secrecy. What is critical bout SecureDrop is not the technology. As an aside, I strongly suspect, that despite an audit by Bruce Schneier these systems will eventually be compromised (most likely through social engineering / backdoors on journalists’ computers).
Instead the critical part of SecureDrop is large media organizations (and I assume Glenn Greenwald’s new venture) are coming to support the importance of whistleblowing at a time when it is under severe direct and indirect attack from the government. So what we are seeing at work is the Internet’s wonderful ability to let new venues spring up whenever an existing one is squashed.
As citizens though we should also be aware that this is and has to be a two way street. The following tweet from David Brin sums it up perfectly:
The fundamental human irony – people want privacy for themselves and accountability for others.
I highly recommend reading the piece that Brin links to as well.
