On February 25, 2008, the FCC held a hearing on network management practices in the Ames Courtroom at Harvard Law School, hosted by the Berkman Center. In that hearing David P. Reed, one of the Internet’s founding scientists, used a plain envelope to explain how the Internet worked, and why it is wrong for anybody other than intended recipients to look inside the contents of the virtual envelopes in which communications are sent over the Internet. It was a pivotal moment in the debate, because the metaphor illustrated clearly how the Internet was designed to respect privacy.
Respect, that is. Not protect.
In the early days of postal communications, the flaps of envelopes were sealed with blobs of wax, usually imprinted by the sender with a symbol. These expressed the intent of the sender — that the contents of the letter were for the eyes of the recipient only. Yes, a letter could be opened without breaking the seal, but not without violating the wishes of the sender.
The other day I wrote, “clothing, for example, is a privacy technology. So are walls, doors, windows and shades.” In the physical world we respect the intentions behind those technologies as well, even though it might be easy to pull open the shirts of strangers, or to open closed doors without knocking on them.
The virtual world is far less civilized. Proof of that is in the pudding of privacy rights violations by agencies of the U.S. government, which is clearly acting at variance with the Fourth Amendment of the Constitution, which says,
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
I see three ways to approach these violations.
One is to rely on geeks and whistleblowers to pull the pants down on violators. In Welcome to the end of secrecy, Jeff Jarvis says the very openness that invites privacy violations is our best protection against the secrecy concealing those violations.
Another is through the exercise of law. In The Only Way to Restore Trust in the NSA, security guru Bruce Schneier writes, “The public has no faith left in the intelligence community or what the president says about it. A strong, independent special prosecutor needs to clean up the mess.” And that’s on top of moves already being made by legislators, for example in South Africa. Given the scale of the offenses now coming to light, we’ll see a lot more of that, even if no special prosecutors get appointed. The law of the jungle will give way to a jungle of new laws. Count on it.
The third is through business — specifically, business modeled on postal services. For many generations, postal services have respected the closed envelope as a matter of course. Yes, we knew there were times and places when mail could be inspected for legitimate reasons. And there were also many things it was not legal to do, or to send, through postal systems. But, on the whole, we could trust them to keep our private communications private. And we paid for the service.
The Googles of the world — companies making their money on advertising — aren’t likely to take the lead here, because they have too much invested in surveillance (of the legal sort) already. But others will step forward. The market for privacy is clear and obvious, and will only become more so as the revelations of abuse continue to pour out.
Perhaps the businesses best positioned to offer secure communications are the postal services themselves. They’ve already been disrupted plenty. Maybe now is the time for them to do some positive disruption themselves.