Report On Brooklyn College Teach-In On ‘Web Surveillance And Security’

Yesterday, as part of ‘The Brooklyn College Teach-In & Workshop Series on Resistance to the Trump Agenda,’ I facilitated a teach-in on the topic of ‘web surveillance and security.’ During my session I made note of some of the technical and legal issues that are play in these domains, and how technology and law have conspired to ensure that: a) we live in a regime of constant, pervasive surveillance; b) current legal protections–including the disastrous ‘third-party doctrine‘ and the rubber-stamping of governmental surveillance ‘requests’ by FISA courts–are simply inadequate to safeguard our informational and decisional privacy; c) there is no daylight between the government and large corporations in their use and abuse of our personal information. (I also pointed my audience to James Grimmelmann‘s excellent series of posts on protecting digital privacy, which began the day after Donald Trump was elected and continued right up to inauguration. In that post, Grimmelmann links to ‘self-defense’ resources provided by the Electronic Frontier Foundation and Ars Technica.)

I began my talk by describing how the level of surveillance desired by secret police organizations of the past–like the East German Stasi, for instance–was now available to the NSA, CIA, and FBI, because of social networking systems; our voluntary provision of every detail of our lives to these systems is a spook’s delight. For instance, the photographs we upload to Facebook will, eventually, make their way into the gigantic corpus of learning data used by law enforcement agencies’ facial recognition software.

During the ensuing discussion I remarked that traditional activism directed at increasing privacy protections–or the enacting of ‘self-defense’ measures–should be part of a broader strategy aimed at reversing the so-called ‘asymmetric panopticon‘: citizens need to demand ‘surveillance’ in the other direction, back at government and corporations. For the former, this would mean pushing back against the current classification craze, which sees an increasing number of documents marked ‘Secret’ ‘Top Secret’ or some other risible security level–and which results in absurd sentences being levied on those who, like Chelsea Manning, violate such constraints; for the latter, this entails demanding that corporations offer greater transparency about their data collection, usage, and analysis–and are not able to easily rely on the protection of trade secret law in claiming that these techniques are ‘proprietary.’ This ‘push back,’ of course, relies on changing the nature of the discourse surrounding governmental and corporate secrecy, which is all too often able to offer facile arguments that link secrecy and security or secrecy and business strategy. In many ways, this might be the  most onerous challenge of all; all too many citizens are still persuaded by the ludicrous ‘if you’ve done nothing illegal you’ve got nothing to hide’ and ‘knowing everything about you is essential for us to keep you safe (or sell you goods’ arguments.

Note: After I finished my talk and returned to my office, I received an email from one of the attendees who wrote:

 

The Asymmetric Panopticon

As I’ve noted before on this blog–in unison with many other commentators–the ‘if you’ve got nothing to hide, then you shouldn’t mind the government spying on you’ argument is among the dumbest to be made in defense of the NSA‘s surveillance program. A related argument is the ‘we don’t have privacy anyway, so quit tilting at windmills.’

A composite assumption of sorts that emerges from these is that the citizenry has no privacy, has no reasonable expectation of any in today’s most notable sphere of personal, political and economic interaction – the Internet, and thus, should be prepared and accepting of essentially unlimited scrutiny of its activities by the government and even private corporations.

These assumptions, along with the wholesale swallowing of governmental and corporate rationales for secrecy in the face of shadowy external threats and proprietary imperatives respectively have led to a rather dangerous panopticon: we are visible at all times, under a steady and constant gaze, to these ever-powerful entities, but they, and their internal machinations are not. (As I noted in my post on Bill Keller last year, it has also led to incompetent journalists asserting that those who demand transparency about the government should disclose details about their personal lives.)

There is nothing remotely symmetric about this arrangement.

On the governmental end, more material than ever before is rated ‘Classified’ or ‘Top Secret’ thus ensuring that those who strive to make it available to the public eye face–as may be seen in the case of Julian Assange, Bradley Manning or Edward Snowden–prosecution and public ridicule. It is worth remembering that the government’s classification of material as ‘Top Secret’, which is the basis for legal prosecution of whistleblowers, is never up for contestation. Thus, one strategy to make transparency harder and whistleblowing more dangerous is to simply classify huge amounts of material thus. It helps too, to mount a furious barrage of accusations of treason and worse against the whistleblower. (A related strategy makes it harder to observe and record the work of law enforcement officers: New York’s S.2402 bill, will, if nothing else, make it much more dangerous to videotape police officers in action.)

On the corporate end, opacity is ensured by a bewildering combination of trade secrets, non-disclosure agreements, proprietary recipes, business methods, and the like; these ensure that those who collect data about us are almost always working in the shadows, away from the public eye, their machinations and strategies and imperatives poorly understood.

So, we find ourselves at this pass: we are told that we have no privacy and should not expect any, but those who want our data and use it to control the contours of our lives, have all the privacy they need and want and then some; we are told that if we have nothing to hide, we have nothing to fear, but those who collect our data surreptitiously are allowed to hide what they do.  (Frank Pasquale‘s forthcoming book The Black Box Society: Technologies of Search, Reputation, and Finance will analyze and highlight this alarming state of affairs. As Pasquale points out, transparency should be a two-way street; data disclosure agreements should require the collectors to make themselves and their methods known and visible.)

The tables have been turned and we are pinned beneath them.  We cower, while our data collectors strut and preen.