‘Innate need for privacy’: Rick Falkvinge talks freedom and surveillance
The difference between privacy and anonymity, Internet freedom and NSA surveillance, and the future of the web - at RT’s Google Hangout, Rick Falkvinge answers the most pressing questions that concern all Internet users in their everyday lives.
Stacy Herbert: Can you explain the difference between privacy and anonymity?
Rick Falkvinge: This is a very relevant question. This session for instance is public and so I see a lot of people complaining about us using Google Hangout for a session about NSA spying and privacy because this is a US company, because this is certainly wiretapped.
But then again this is a public session. We’re not trying to hide anything. It might be wiretapped but it does not cause damage, in this particular moment. If we were trying to hold a secret meeting, we would and should not be doing that in an unencrypted forum. So privacy is when you’re trying to hide something and that is closely connected to your individual.
At some point you might want to publish something without tying it to yourself individually. Our freedom of the press is closely, closely connected to people's ability to blow the whistle anonymously on government scandals, on corruption and so on and so forth. So as a source to the press, for instance, you may want to be anonymous and publish something. At that point it is obviously not privacy because you’re trying to publish something but you’re still very much dependent on your anonymity to remain protected.
Tiago Neves: Do you not find that governments like Brazil invest little in people with new ideas and open source?
RF: To be honest, I’m finding the exact opposite. While these economies are small compared to US and Europe, in my experience they invest disproportionately in liberating technologies. This is a strategically wise decision. We’ve seen Microsoft handing over security vulnerabilities to the NSA before they hatched the computers of their customers. This is essentially handing the world to the NSA. So if you want to be free, if you want to have some semblance of privacy, any semblance of private communications, then I think you cannot run software from an American company.
For instance countries in the global north, in Europe, Canada and Asia are talking about national security and at the same time they are running software from Microsoft. Seriously, you are running a country and you’re giving them the switch from entire administration to corporation to a foreign power. What were you thinking?
There is a reason why I’m running the different flavors of new GNU/Linux on my computers. There may be arguable security vulnerabilities in new GNU/Linux as well, the difference is that we can find them and patch them and they are definitely not placed there by an adversary with alternative motives to have a master switch of our system. So I would say that Brazil is wisely investing in an open source and free software as are other parts of the global south.
This was particularly visible when Gilberto Gil was a minister of culture in Brazil, in terms of understanding how technology reshapes society. So overall I’m very optimistic how the global South and the BRICS countries invest in open source and free software and for a very good reason – national security and availability of IT to people who otherwise could not afford it.
Brent Harding: Are the BRICS nations creating their own Internet? I would imagine that they are creating an Internet that would be free from any northern security group, so what you’re saying that we, here in the North would just have to use these encrypted ways of communicating with each other. Is it possible to start a forum like Google or Facebook that is not watched by the security forces?
RF: There are new communities that are still watched by the security agencies but are resilient to wiretapping, resilient to eavesdropping. One of the most important aspect of such systems is that they are what we call federated, meaning that they are not centralized. For instance, right here on my balcony is my mail server. The fact that I’m running my own mail server means that nobody else can walk in and take that data away from me; it is encrypted, people can safely send me mail knowing that there’s a third party that they need to trust. And that is the key we need to solve. That is the one puzzle we need to solve. An Internet system that requires trust in the third party be it Facebook, Google, Microsoft, whatever is broken by design, because that third party can be compromised.
As for the BRICS cable, you can look at bricscable.com, I think, it is less than an entirely new Internet. What it is, is an underwater cable going from Florida to Brazil around South Africa, around the Cape of Good Hope, up to Madagascar, around India, China and up to Russia covering all the BRICS countries. What it gives them is the ability not to send all traffic through the US where it is wiretapped. The Internet is a huge mesh of wires of fibers and traffic simply takes the closest route, the technically cheapest route not necessarily the closest one. As of today, that route more often than not goes through the US and London, giving them the golden opportunity to wiretap everything.
So this BRICS cable is less than an entirely new Internet and more of a way for these countries to send traffic, confidential correspondence on a route that does not go through the United States. I think it is very logical for them to do so.
RT’s Darya Lunina: A lot of my friends are leaving Facebook and Google because of the NSA spying revelations. Where is this all heading? Will people abandon the Internet or look for new ways of communicating? Or chose small social networks where you can keep your identity and privacy?
RF: The activists who are protesting the possibilities of wiretapping, we have been talking about this for years. We have been talking about this for two decades, roughly when Phil Zimmermann launched PGP, which is a really good privacy encrypted mail. At that point the NSA tried to prohibit encryption if they could not break it. Would you believe that? France tried to ban encryption if it was not in the hands of private individuals. But at that point the crypto community won, even though the US Congress tried to classify the encryption software as ammunition that could not be exported.
Unfortunately since then, the technical people who have been understanding the capabilities of these spying agencies have been classified as tin-foiled hats. Mail encryption did not really take off for the masses needed for mass adoption. I’m using PGP, everybody else should be using PGP. What is really striking now that we see what is really happening with Edwards Snowden’s revelations is that we who were privacy advocates and warning about wiretapping, we have been called tin-foiled hats. It turns out that we were severely underestimating what was going on.
Yes, new communities are forming. New communities have been building that have had these goals for a long time. Diaspora is one example. Freenet is one example. You have Facebook's replacement being built with these ideals in mind – anonymity, privacy and at least some resistance to wiretapping and ears dropping. But before the Edward Snowden’s revelations no one was interested in them, because they were being built by tin-foiled hats who could not possibly be right in the extent of government violation, US violation of people’s trust in them.
So we’re starting to see these communities take off still on the smaller scale but I believe that they do have a future. I believe that smaller scale communities that are resilient to wiretapping do have a future and we’re already seeing them grow, much as a result of Edward Snowden's revelations, causing everyone to understand that this stuff is actually happening. And b. that technical people have been preparing for this scale of wiretapping going on. It is right that people are leaving these wire-tapped communications.
I would personally recommend three ways of doing that. When you’re using mail use PGP or GPG, that does not protect the wiretapping who you’re communicating with, so it does not protect you at the source of the press but it does protect the content. It is essentially an envelope. When you’re talking on the phone, it is easy to determine today if your phone has been wiretapped. Did you make a phone call? If the answer is yes then your phone was wiretapped. It is easy to determine if you’re being tracked on the streets in the same way. If you’re carrying this device [smartphone] than you’re being tracked. But there are some ways we can mitigate this. If you’re running Android, than I would suggest moving to text secure, which is an encrypted SMS solution for all your text messaging and red phone which is end to end encrypted phone calls, when you’re making a phone call that needs to be secret. Red phone has end to end encryption, meaning that the phone is encrypted and another phone is decrypted in your phone, so no one can listen in even if they wiretap it midway, they will only see an encrypted conversation. This is in contrast with GSM crypto where it is encrypted to the cell phone tower but then it moves in clear text on telecom wires, so anybody in the telecom network can wiretap your phone call.
Javier Creus: Do you envision citizens organizing personal data cooperatives that maintain their data anonymous and share their benefits of their commercial exploitation?
RF: From what I can see this is already happening. There’re a lot of technical enthusiasts and technical privacy advocates that are creating such cooperatives that enable you more or less to make the data safe from wiretapping. You can look at Freenet, you can look at Tor which is one example, it is anonymizing network but it also helps you hide your data. So this is not a theoretical probability. This is already happening on quite a large scale.
Tiago Neves: But what would you have to hide?
RF: This is a very good question in terms of a saying that “if you have nothing to hide, you have nothing to fear,” and why that is wrong. And second why do you need privacy in the first place?
Let’s take a look at that. What is privacy good for anyway? Why is mass surveillance bad? I’d say there’re four reasons for this. They go from more apparent and less important to more apparent and less important.
The first reason is that once surveillance is in place, the rules may change. A lot of you may agree perfectly with and may be used to justify surveillance. Another is that after next election you might have a government that you might not agree with at all, who might use that surveillance in a way you absolutely do not approve off, but at that point it is much too late to protest the surveillance. First reason- the rules may change.
The second reason is that it leads to self-censorship. Once surveillance is in place you start to think less of whether you’re doing something right and more whether or not you’re setting up red flags in the system because at the end of the day it is not you who determines whether you have something to hide. It is faceless bureaucrats who are looking for things in the system, who are looking for patterns that look suspicious.
The third reason is that laws must be broken for society to progress. A lot of people who are criminals, just two human lifetimes ago turned out actually to be in the moral right and today they are not a criminal anymore. If we had had today’s surveillance level in the 1940’s and 1950’s, the civil rights movement would have never been able to take off. We would still have racial discrimination. Sometimes laws must be broken for society to progress.
And the forth and the most important reason is that we have an innate need for privacy. When I go to the men’s room, I lock the door. Not because there is something happening when I take a dump. I don’t lock the door because I have a need to do criminal activity behind the locked door. I lock the door simply because I feel the need and the right to have some things to myself, as simple as that. And we can easily observe this in any society throughout history when people have been denied this private space. They have created it out of reach from cameras, out of reach from listening ears, out of reach of prying eyes. This need for privacy has been in every society throughout history and denying that is denying human nature. That is not how you create a successful legislature.
The statements, views and opinions expressed in this column are solely those of the author and do not necessarily represent those of RT.