NOTE: This is part of a series of excerpts from my book World After Capital. Today’s post continues on the idea from last week that privacy is not compatible with technological progress (if you would rather watch a talk, you can find some of the same material in my Blockstack Berlin presentation).

—-

So why do I keep asserting the impossibility of assuring privacy? Don’t we have encryption? Encryption is great for securing information in transit and at rest, but there are problems that encryption doesn’t and can’t solve.

The first problem is that encryption keys are also just digital information themselves, so keeping them secure confronts us with just another instance of the original problem. Transmitting your keys leaves them vulnerable to interception. Even generating a key on your own machine offers limited protection, unless you are willing to have that be the only key with the risk that any data you’re protecting will be lost forever if you lose the device. As a result, most systems include some kind of cloud based backup and a way of retrieving a key, making it possible that someone will access your data either through technical interception or social engineering (tricking a human being to unwittingly participate in a security breach). If you want some sense of how hard this problem is consider the millions of dollars in crypto currency that have been lost both by people who lost their key and also people who had their keys taken over through some form attack. And the few crypto currency companies and exchanges that have a decent track record have invested huge sums in security procedures, screening of personnel and secrecy.

The second problem is so-called “endpoint security.” Consider, for example, the computer of the doctor to whom you are sending your x-ray for a second opinion. That machine may have a program running on it that can access anything that is displayed on the screen. In order to view your x-ray, the doctor of course has to decrypt it and display it, so this screen capture program will have access to the unencrypted image. Avoiding such a scenario would require us to lock down all computing devices. But that means preventing end-users from installing software on them and running all software through a rigorous centralized inspection process. Even a locked down endpoint is still subject to the so-called “analog hole,” in which someone simply takes a picture of what is displayed on a screen. That picture today can of course be taken with a digital camera and instantly shared again.

Locked down computing devices reduce Informational Freedom and constrict innovation; they also pose a huge threat to democracy and the Knowledge Loop. Someone else would control what you can compute, who you can exchange information with, and so on, in what would essentially become a dictatorial system. Already today we are headed in this direction in mobile computation, in no small part due to the assertion of a need to protect privacy. Apple uses this argument as to why the only way to install apps on an iPhone should be through the Apple app store. Now imagine this type of regime extended to all computing devices, including your laptop and servers in the cloud. So here we have the first way in which privacy is incompatible with technological progress. We can either have really strong privacy assurance or we can have open general purpose computing but not both.

Many people contend that there must be some way to preserve privacy and keep innovating. I challenge anyone to create a coherent vision of the future where individuals, not governments or large corporations (such as Apple) control technology and where privacy is meaningfully protected. Any time you leave your house, you are probably being filmed by someone’s camera. Every smartphone has a camera these days, and in the future we’ll see tiny cameras on tiny drones. Your gait identifies you almost as uniquely as your fingerprint. Your face is probably somewhere on the Internet and your car’s license plate is readable by any camera. You leave your DNA almost everywhere you go, and soon individuals will be able to sequence DNA at home for about 100 dollars. Should the government control all of these technologies? Should it level draconian punishments for using these technologies to analyze someone else’s presence or movement? And if so how would those penalties be enforced?

But there is an even deeper and more profound reason why privacy is incompatible with technological progress. Entropy is the enemy of life and it is a fundamental property of the universe. There are many more arrangements of atoms that make absolutely nothing that there are arrangements that make a house or for that matter a human being. That means that it always easier to destroy than it is to create. Anyone who has spent hours building a sand castle on the beach only to see it destroyed by a single wave as the tide comes in has a visceral sense of this asymmetry. What does this have to do with privacy you may ask? As we make technological progress our ability to destroy grows much faster than our ability to create. It still takes 20 years to grow and adult human being. Modern weapons can kill hundreds, thousands, sadly even millions of humans in an instant. So as we make technological progress we must insist on less privacy to protect society. Imagine for a moment a future in which I can create a potent biological weapon in my basement laboratory (a future that is not far off). Ex post police enforcement is meaningless in such a world.

So we can’t really protect privacy without handing control of technology into the hands of a few and conversely decentralized innovation requires reduced privacy. So what should we do? The answer, I think, is to embrace a post-privacy world. We should work to protect people and their freedom, instead of protecting data and privacy. In other words allowing more information to become public but strengthening individual freedom to stand against the potential consequences. Such an embrace does not need to happen overnight. Rather we can take small steps into it starting with individuals who voluntarily disclose more information about themselves.

NOTE: This is part of a series of excerpts from my book World After Capital. Today’s post continues on the idea from last week that privacy is not compatible with technological progress (if you would rather watch a talk, you can find some of the same material in my Blockstack Berlin presentation).

—-

So why do I keep asserting the impossibility of assuring privacy? Don’t we have encryption? Encryption is great for securing information in transit and at rest, but there are problems that encryption doesn’t and can’t solve.

The first problem is that encryption keys are also just digital information themselves, so keeping them secure confronts us with just another instance of the original problem. Transmitting your keys leaves them vulnerable to interception. Even generating a key on your own machine offers limited protection, unless you are willing to have that be the only key with the risk that any data you’re protecting will be lost forever if you lose the device. As a result, most systems include some kind of cloud based backup and a way of retrieving a key, making it possible that someone will access your data either through technical interception or social engineering (tricking a human being to unwittingly participate in a security breach). If you want some sense of how hard this problem is consider the millions of dollars in crypto currency that have been lost both by people who lost their key and also people who had their keys taken over through some form attack. And the few crypto currency companies and exchanges that have a decent track record have invested huge sums in security procedures, screening of personnel and secrecy.

The second problem is so-called “endpoint security.” Consider, for example, the computer of the doctor to whom you are sending your x-ray for a second opinion. That machine may have a program running on it that can access anything that is displayed on the screen. In order to view your x-ray, the doctor of course has to decrypt it and display it, so this screen capture program will have access to the unencrypted image. Avoiding such a scenario would require us to lock down all computing devices. But that means preventing end-users from installing software on them and running all software through a rigorous centralized inspection process. Even a locked down endpoint is still subject to the so-called “analog hole,” in which someone simply takes a picture of what is displayed on a screen. That picture today can of course be taken with a digital camera and instantly shared again.

Locked down computing devices reduce Informational Freedom and constrict innovation; they also pose a huge threat to democracy and the Knowledge Loop. Someone else would control what you can compute, who you can exchange information with, and so on, in what would essentially become a dictatorial system. Already today we are headed in this direction in mobile computation, in no small part due to the assertion of a need to protect privacy. Apple uses this argument as to why the only way to install apps on an iPhone should be through the Apple app store. Now imagine this type of regime extended to all computing devices, including your laptop and servers in the cloud. So here we have the first way in which privacy is incompatible with technological progress. We can either have really strong privacy assurance or we can have open general purpose computing but not both.

Many people contend that there must be some way to preserve privacy and keep innovating. I challenge anyone to create a coherent vision of the future where individuals, not governments or large corporations (such as Apple) control technology and where privacy is meaningfully protected. Any time you leave your house, you are probably being filmed by someone’s camera. Every smartphone has a camera these days, and in the future we’ll see tiny cameras on tiny drones. Your gait identifies you almost as uniquely as your fingerprint. Your face is probably somewhere on the Internet and your car’s license plate is readable by any camera. You leave your DNA almost everywhere you go, and soon individuals will be able to sequence DNA at home for about 100 dollars. Should the government control all of these technologies? Should it level draconian punishments for using these technologies to analyze someone else’s presence or movement? And if so how would those penalties be enforced?

But there is an even deeper and more profound reason why privacy is incompatible with technological progress. Entropy is the enemy of life and it is a fundamental property of the universe. There are many more arrangements of atoms that make absolutely nothing that there are arrangements that make a house or for that matter a human being. That means that it always easier to destroy than it is to create. Anyone who has spent hours building a sand castle on the beach only to see it destroyed by a single wave as the tide comes in has a visceral sense of this asymmetry. What does this have to do with privacy you may ask? As we make technological progress our ability to destroy grows much faster than our ability to create. It still takes 20 years to grow and adult human being. Modern weapons can kill hundreds, thousands, sadly even millions of humans in an instant. So as we make technological progress we must insist on less privacy to protect society. Imagine for a moment a future in which I can create a potent biological weapon in my basement laboratory (a future that is not far off). Ex post police enforcement is meaningless in such a world.

So we can’t really protect privacy without handing control of technology into the hands of a few and conversely decentralized innovation requires reduced privacy. So what should we do? The answer, I think, is to embrace a post-privacy world. We should work to protect people and their freedom, instead of protecting data and privacy. In other words allowing more information to become public but strengthening individual freedom to stand against the potential consequences. Such an embrace does not need to happen overnight. Rather we can take small steps into it starting with individuals who voluntarily disclose more information about themselves.