The keynote was from Ed Snowden. I enjoyed his interview/talk. He spoke on a wide range of things related to privacy and surveillance. I didn’t pick up on an overarching thesis in what he was saying, but he was very engaging, and I came away from it feeling hopeful, and that there was something that could be done (even if I didn’t know exactly what).
He talked about how states have changed in recent years (I guess at least since 2001, but maybe it’s been prior to that too), becoming “mission first” rather than caring for due process or democracy. In the name of homeland security, mass indiscriminate surveillance has become the default, with a half-hearted caveat of “but we won’t actually scrutinize you, unless you’re up to no good.” We’ll just keep your info lying around, in case we need it sometime. Even if you buy that, there has regardless been a shift from what draws scrutiny to a person – it has moved from ‘probable cause’ to ‘reasonable suspicion’ (to possibly worse, e.g. we find you a bit seditious).
Actually I guess the main theme was that laws that were introduced nominally in the name of anti-terrorism, have in actuality been used more against journalists, immigrants, dissidents, minorities, rather than for their intended purpose of public safety. They are used as tools for state security rather than public security.
Is whistleblowing effective?
In Q&A, Snowden was asked if whistleblowing is still effective. It’s interesting to think that while it leads to more visibility, it doesn’t necessarily lead to more accountability. And, when “the worst people in the world” are becoming leaders, despite saying and doing terrible things, you begin to question whether shining a light on terrible things actually effects any change. I can’t remember what the conclusion was to that. I mean, it must have some effect, surely. But it is worrying that it doesn’t seem to cause the uproar and systemic change that you might expect that it would.
Why don’t people care about surveillance?
A young woman asked – how come people make a conscious decision not to care about being surveilled? She was concerned that peers her age seemed either entirely unconcerned at the levels of state and corporate surveillance they are under. Snowden said that to some degree, people shouldn’t have to be actively battling against it, or even aware of it. And as far as the industry goes, it works extremely hard to make it seem like privacy intrusion is just the normal way of things. It shouldn’t really need to be an individual choice, platforms respecting privacy should just be the way things are. Bit of a chicken-and-egg though, because if people don’t express a desire not to be spied upon, then big companies aren’t going to do much about it, unless it’s regulated for.
The final question was about the Ghost Proposal. I’d not heard of it before, but suffice to say Snowden wasn’t a fan. In a nutshell, as far as I understood it, it’s the idea that states could have their own key with which an encrypted copy of all private communications would be sent to them, in addition to their original intended recipients. The purpose being that states can still be privy to communications of individuals on their radar, but without a universal backdoor being built in to encryption. The guy from NCSC who proposed it was actually at a later debate in the day where it was discussed more. I think Snowden caricatured it a bit. From his explanation, I was under the impression that the idea was that absolutely everyone’s communications would be subject to this CC’ing to the state. The dude later on stated that it was intended only for individuals under investigation, and also that the whole idea was meant to just be a conversation starter, not a concrete proposal. But, slippery slopes and all that. I got the vibe from the crowd that most ORGers thought it a bad idea.