Sent: Saturday, July 19, 2014 2:00 AM
Subject: Privacy World's July 2014 Newsletter Issue 3July
> Privacy World - The WORLD'S SHREWDEST PRIVACY
NEWSLETTER
>
> Is What You Do Online Ever Really Safe From Prying
Eyes?
>
> A new messaging service promises to provide
confidential online
> communications. Can we trust it will keep our
information safe?
>
> Every day in our online lives, we share hundreds of
intimate details:
> PIN numbers, political beliefs, photos of
significant others,
> addresses, work history. But can we ever truly trust
any Internet
> service to protect our information? This was the
central question at
> a panel discussion on Internet privacy held last
night at SubCulture,
> a subterranean venue on Manhattan's Bleecker Street.
The panel was
> organized to celebrate the launch of Tunnel X, a
secure messaging
> service meant to ensure that people can have
confidential online
> communications with friends, family and colleagues.
As guests in
> the packed room nibbled on perfectly cut radishes
and sipped on
> complimentary Blue Point ales, the conversation kept
circling back
> to the same question: why should we believe your
service is safer
> than any other?
>
> Tunnel X, a Brooklyn-based startup, is the
brainchild of web designer
> Eric Liftin, who moderated the panel. Joining him on
the blue-lit
> stage were Harvard constitutional law professor
Laurence Tribe,
> attorney Ian Samuel, Salon CEO Cindy Jeffers and
Daniel Menaker, the
> former fiction editor of the New Yorker. Given the
diversity of the
> panelists' backgrounds, the conversation ranged from
the abstract
> (what defines a private conversation) to the
technical (how the
> government uses SSL keys to decode encrypted
communications). The
> one thing all of the participants agreed on,
however, was that
> digital privacy should be considered a basic human
right.
>
> Liftin designed Tunnel X with this exact concern in
mind. After
> Edward Snowden's revelations of mass government
surveillance
> launched digital privacy into the public
consciousness last summer,
> ordinary people became worried about who could
access their online
> communications. Liftin wanted to make it easier for
people-not
> just journalists, whistleblowers or others in
possession of highly
> confidential information-to feel that their conversations
with lovers
> and friends were safe from prying eyes. Though there
are a number of
> existing email encryption services, like Proofpoint
and Hushmail,
> Liftin designed Tunnel X with a user-friendly
interface so that
> those unversed in the language of cryptology could
have an easy,
> reliable way to keep their online exchanges private.
>
> Yet skeptics, including several panelists, argue
that these
> tech services are always only one step ahead of
government
> regulation. Sophisticated encryption algorithms are
all well and
> good, but what happens when the government asks for
the encryption
> keys? As Ian Samuel, the attorney, put it, "If
one wishes to have a
> private conversation, online or in person, there are
no real reliable
> legal guarantees." Given the Supreme Court's
willingness to defer
> to other government branches when it comes to
matters of national
> security (that catchall term), it seems reasonable
to expect that
> Tunnel X may eventually come under the same level of
scrutiny other
> encryption services have.
>
> There is a precedent for this sort of legal
interference. In
> August 2013, Lavabit, an encrypted email service
founded by tech
> entrepreneur Ladar Levison, suspended operations
after a protracted
> legal battle in which the US government ordered
Levison to turn over
> the master encryption keys for the site. The reason
the FBI was
> so interested in gaining access to the service? One
of Lavabit's
> 410,000 users just so happened to be Edward Snowden.
But this
> blanket request meant putting the private
communications of all
> other Lavabit users in the hands of federal
officials. Given the
> centrality of privacy to his company's mission,
Levison opted to
> shut down Lavabit, but still had to comply with the
court's order.
>
> Ian Samuel, who represented Levison in court,
recounted his
> client's last stab at subversion: Levison printed
the encryption
> code-an extraordinarily long string of numbers-in
4-point font on
> 8x11 computer paper, earning himself a $10,000
contempt of court
> fine. Still, Samuel remains in favor of a
technological solution
> to the online privacy issue. Citing his former
client, he said,
> "You can count on algorithms in a way you can't
count on judges."
>
> Other panelists, like Harvard professor Larry Tribe,
had a more
> optimistic take on the protections the law can
offer. Referring to
> the recent Riley v. California ruling, which held
that the police
> cannot search the cell phone of an arrested
individual without a
> warrant, Tribe pointed out that we are in uncharted
legal territory
> and that the Supreme Court is only beginning to
grapple with the
> intersection of technology and legislation.
According to Tribe,
> the 9-0 ruling "inaugurated a new era in the
digitalization of
> constitutional law."
>
> The Snowden disclosures were also a legal watershed.
While the courts
> used to claim that organizations had no standing and
could not prove
> that they were the victims of government
surveillance (this happened
> to the ACLU just six years ago), the revelation of
widespread NSA
> surveillance radically undermined this argument. For
Tribe, the
> distinction between individual cases and dragnet
surveillance is
> critical. "The difference is between looking as
specific individuals
> versus a preventative posture, like Snowden
revealing this huge
> program…once that is made public, the instinct to
be deferential
> to government is much less strong."
>
> Despite these positive developments, it's clear that
Tunnel X is
> entering a murky and rapidly shifting legal
landscape. The audience
> pressed Liftin on this point over and over, asking
how he would
> respond if the feds came knocking and why he expects
his story will
> end any differently than that of Lavabit's founder.
Liftin pointed
> to several features of the site aimed at ensuring
privacy, like
> the fact that Tunnel X will not have the encryption
keys or be able
> to access peoples' messages (users log in and
authenticate using a
> self-selected image rather than alphanumeric
passwords). He promised
> that the code would be audited by an independent
organization. But
> he kept hedging when it came to the specifics.
"It's all in motion
> right now," Liftin said. "The software and
security features are
> constantly improving."
>
> As audience members kept pushing the question, the
atmosphere in the
> room grew tense. Tribe, Samuel and Liftin all
resorted to the easy
> answer: we put our faith in technology in
innumerable ways every
> day without any absolute guarantee of security. As
Liftin said,
> "Ultimately there has to be some degree of
trust if you're using
> something that someone else built. It's your
decision whether
> you trust them or not. We're trying to be as
straightforward as
> possible."
>
> Intentions aside, it remains to be seen if Tunnel X
can live up to
> its slogan of offering online users "secure,
private conversation."
>
> The above by Allegra Kirkland
>
> Until our next issue stay cool and remain low
profile!
>
> Privacy World
>
> PS - Need a highly anonymous cell phone and
anonymous offshore
> sim card (mobile number?) Email and place
"Freedom Phone" in your
> subject heading for details.
>
> YES, we accept BitCoins for payment!
No comments:
Post a Comment