A few days ago I was listening to Build For Tomorrow, a podcast by Jason Feifer which specialises in debunking the myth that the world is in a permanent state of decline, that society is getting worse, etc; it’s a wonderful podcast in a bunch of ways, but it especially appeals to those of us who have to push back upon institutional control cultures.
Aside: I would love for the podcast to delve into the history of encryption and privacy sometime — Hi Jason if you’re reading! — because we’re definitely living in a world framed as getting worse because people are gaining more privacy, when “it used to be that the only thing which was necessary for people to have a private conversation, was to walk into a field and talk”; we actually have less privacy than ever, yet governments in particular are painting any reasonable attempts to redress this as a potentially society-ending problem.
The most recent episode touched upon the history of “sumptuary laws” — think: “sumptuous” and “consumption” — which are the historical practices of banning people from wearing clothes, jewelry, fabrics, or or colors, for oppressive purposes of class-distinction and (I think missed in the podcast?) faith.
In a more modern vein it is notable that some countries restrict access to bulletproof clothing and body armour.
What struck me is that — as we discovered via the recent revelation of Prime Minister Boris Johnson’s mobile phone number — that the Prime Minister himself is a user of both WhatsApp and the “privacy gold standard” Signal app. This confirms rumours from late 2019 that Signal had been adopted by the Conservative party at large, and presumably the other parties have done the same. Yet it’s also clear from the actions of Home Secretary Priti Patel that the UK Government (not to mention the US Government, also) is dead set against the average person having easy access to better security, better communications integrity, better resistance-to-hacking, and better privacy.
The privileged, political class want access to privacy, but nobody else would be permitted. So what would happen if they get that? Answer: cybersumptuary laws, and all the infrastructure that would be necessary to support them.
What would Cybersumptuary law entail?
Anyone who’s seen Heath Ledger in A Knight’s Tale will know that “patents of nobility” are basically licenses for class privilege, and to implement cybersumptuary laws we would need something similar: a list of haves (cybernobles?) and have-nots (cyberpeasants?) — where all people would be in the latter category by default.
This sounds fairly straightforward, but in fact (like the movie) the implementation rapidly gets complicated:
Cybernobility / Access to Privacy Apps, would require proof of identity and need
Clearly if it is dangerous for cyberpeasants to have privacy, you (a non-peasant) will need to make a case for being granted it — perhaps you’re having an affair with a politician? — and of course if your privacy-privilege is revoked at any time then you risk losing access to all the content and communication which you had via it.
But this also means…
No more online anonymity
Access to app stores is already fairly strongly tied to an identity — but in essence the identity is the phone number; in the UK it is still possible to buy a PAYG SIM with cash and no identity checks. You can even purchase a secondhand phone on Ebay or a High Street electronics shop, and factory reset it without any SIM at all, create an app-store account, and start loading software onto it.
All of that would have to stop — you might be a cyberpeasant, and this would bypass the necessary controls for cybersumptuary.
Checks & Re-checks for Cybernobility would be incessant
You think “This site uses cookies…” popups are annoying? Look at the proposals from people arguing in favour of “Age Verification” for access to adult content — even if you prove once that you are over the age of majority in your jurisdiction, making age restrictions work on an app is impossible without continually re-checking because it’s possible that your phone or tablet is being used by someone else, or that you may have lied about your age when you signed up, and they want to shout “GOTCHA!” and block your access at the first opportunity that you can be “found out”… irrespective that the vast majority of people will be legitimately old enough for this not to be an issue.
The same would apply for Cybersumptuary law: no more free and unauthenticated application downloads, no more “sideloading” an app from alternate web stores or directly from the web. Apps which enable communication between users will require vetting, or possibly placing into a separate cybernoble-only app-store, to assure that they do not implement strong privacy in any way.
Application development will be also need to be limited to approved software authors, to prevent unapproved apps being loaded onto phones that way.
Access to software, “foreign” or otherwise, would be limited
The UK will have to take a leaf out of China’s books — literally. People argue back and forth about what it means, but the fact that software can be printed as a book and shipped across borders in that form is indicative that software is a form of “speech”, so in some jurisdictions it will be deeply problematic to suppress or regulate.
Unmediated access to “foreign software” will require criminalisation, and likewise access to “foreign services”, because the easiest way to confound parochial control is to confuse them by apparently being from Liechtenstein or something.
So therefore: no more Tor, no more VPNs even if you only use them to watch American Netflix. Surely British TV is good enough for you?
We will need to create a Digital White Cliffs Of Dover to protect us from foreign influence, and strictly enforce against cybersmuggling of software which might undermine it.
Surely this is all Tongue-in-Cheek?
No, really, it’s not. I am being whimsical, yes, but none of this is farfetched any longer.
Back in 2010 even the most hardened of internet paranoiacs would have been challenged to describe the breadth and extent of surveillance later described by Edward Snowden; not to mention the illiberalities, naivety and pointlessness of it.
Governments of the world are attempting to frame “encryption” as a tangible thing, as a defensive weapon against them. It’s understandable that they could feel a “loss of capability” regarding it, but is it a capability which they should have had in the first place?
The purpose of any kind of “communications security” is to divide the universe into two parts: people who can read a message, and… everyone else who cannot. It does not matter if this division happens by end-to-end encryption, or by any other form of encryption, or even if we achieve it by burying steel-clad network cables in concrete, the goal of communications security is always to separate people who can-or-should read messages, from those who can-or-should-not.
With this in mind, we can understand the encryption debate as a simple refresh of key escrow proposals which failed in the 1990s. There are two “real” questions at hand:
- should two-or-more parties be free to establish private communication in such a way that they prevent oversight by non-participants?
- should a business be free to offer such “strongly private” communication, as part of a value proposition?
I shout “yes” to both of these questions, because I believe that provision of privacy at-scale and without exception is a much greater enabler of innovation and good than it is of potential harm.
On the other hand: the Government propose that privacy should be their privilege — to gift, grant, or strip from people at a whim.
That would be bad for the peasantry.
Leave a Reply