it
en
fr
es
eo
Nl
DEMOCRACY, FREEDOM AND THE INTERNET: HOW DIGITAL TECHNOLOGIES EMPOWER OR UNDERMINE CIVIL LIBERTIES. Statement of Marc Rotenberg
Tweet
Thank you very much, I'd like to particularly thank Marco Cappato and the Transnational Radical Party for the invitation to be here, and also for organising such a wonderful event. My only regret is that I haven't had a cup of coffee, so I may be a little sleepy this morning.
But let me move directly to my remarks. I felt the best way to begin the discussion about the implications of the proposal for data retention is to provide you with a bit of history, to take you back about 10 years to a time when something called “Clipper” was being discussed for the Internet. Clipper was a term to describe a particular technical standard for encryption, a way to enable police access to private communications the technology would otherwise protect as the communication move through the digital network from the sender to the recipient. Police agencies in the US and Europe expressed concern that this powerful new technology, which would simply give people “ too much privacy” and therefore it was necessary to create controls on the technology, to limit its privacy capability, and to enable the state access to personal communication.
At the time the Clipper proposal was first tabled in the US, I suspect there were very few people who were familiar with it, and I actually suspect there were a very few people that could spell “encryption.” But in a short period of time a very large number of people came to understand the significance of Clipper for the future of privacy and the use of Internet at a democratic media.
And even though it was not a legislative proposal as we commonly understand legislation to be, it was a proposal of enormous and profound implications for the design and operation of the Internet.
So a very successful campaign was launched - several people in this room helped organize - to resist the adoption of clipper and over time, with the support also of governments, Clipper was put aside and strong encryption went forward for the Internet. People were able to engage in private communications without State imposed restrictions.
I thought about the story of Clipper as I was on the flight last evening and it occurred to me we reached had a similar point in time with the data retention proposal that shares many characteristics with the original Clipper scheme.
It is an attempt to put in place an architecture that enables the routine surveillance of all people, whether engaged in criminal activity or not, whether innocent or guilty, of all people for all purposes. And for this reason it is an affront to Constitutional democracy and to any government that seeks to protect the rights of the citizens in a democratic society. You simply cannot enable the creation of technology that says whoever you communicate with, whatever information you receive, whatever ideas you pursue, whatever activities you are interested in, these matters of fact should be recorded and retained and analysed and compared and possibly become the basis for subsequent investigations.
Now let us think for a moment what such a proposal would look like in the physical world: imagine if your postal delivery person, at the time he or she brought your letters to your mailbox, wrote on a sheet of paper: “these are the letters that Mr Rotenberg has received today. These are the people who sent the letters. These are their addresses. If I hold the letter up to the light, I think this is what the letter contains.”
Imagine a similar obligation placed on a telephone company to record the calls that you make in the course of the day to various people for various purposes. These will be recorded. These will be stored on a database. These will be transferred to a police authority.
Now take these two concrete examples from the physical world of the postal system and the telephone system, and magnify them by a hundred to the capabilities inherent in digital networks to record all transactions, all websites visited, all articles viewed and to analyse and compare that data and you begin to understand the significance of the proposal for data retention.
Some people have argued that after September 11th we need to take certain measures to protect national security, to protect ourselves from future terrorist threats. And there is certainly a theory of law and of social science that says that in times of war, in times of national concern, the rights of the individual need to be restricted, as the power of the State is expanded. But this view of law imagines a pendulum that swings back and forth, and as threats recede freedoms are re-established. The problem here is that technology does not share this characteristic. Technology does not swing as a pendulum. It follows historical tangents.
When you make decisions about energy policy, about transportation policy, about industrial policy, you choose technologies that bring with them certain defining characteristics, that create one set of opportunities and foreclose others.
That is the problem that lies at the heart of techniques for surveillance. Data retention, like Clipper, like other proposals we will see for national identification, for public surveillance, for biometric identification will put in place systems of control that are opposed, in my view, to the functioning of a democratic society.
So what are we to do?
I think we must understand first of all that many of the proposals that affect the future of the Internet will not simply take the form of legislation. Many of these proposals may be simply technical standards, many of these proposals may be new technologies in their own right.
And so we need to bring to the debates about the choices of technology and the creation of technical standards the same regard for the rights of citizens as we would to the legislative debates, because in many regards technological choices will have longer-term consequences than legislative choices.
The second consideration I would like to suggest is that we must understand the enormous, rapid, global impact of the decision that any major government makes with regard to the Internet: decisions made in China, to block access to information on line, decisions made in Europe for data retention, decisions made in the US for police access to private communication. All of these impact every Internet user who communicates with someone else around the world.
Just by way of example, the US “ Patriot act” - passed in October of last year - significantly expanded police authority to conduct electronic surveillance under the 1978 law called "the Foreign Intelligence Surveillance Act". That law was intended to deal with specific problems that may be posed by foreign agents operating in the US. But it can be equally applied now to two people engaging in private communication over the Internet for political purposes, such as perhaps participating in a Conference like this one here in Brussels on the future of Internet and democracy.
My third and final request to you - because this is perhaps more your battle than ours - is to do what you can to oppose article 15, the data retention provision, at the State level. Now I am not familiar with all the details of the negotiations. I understand there was some effort to compromise between the Council position and the Parliament position on this matter – but nonetheless, the opening made possible in article 15 for the creation of obligatory data retention provisions, is an enormous threat to the future of Internet. It is nothing less that an invitation for the creation of a digital police state. Ten years ago we were able to push back Clipper when it was pursued aggressively by a wide range of police organisations at a time when very few people understood the significance of encryption for the future of Internet communications.
I urge you my friends here today to carry a similar campaign against an effort to establish data retention within Europe.
Thank you for your attention.
But let me move directly to my remarks. I felt the best way to begin the discussion about the implications of the proposal for data retention is to provide you with a bit of history, to take you back about 10 years to a time when something called “Clipper” was being discussed for the Internet. Clipper was a term to describe a particular technical standard for encryption, a way to enable police access to private communications the technology would otherwise protect as the communication move through the digital network from the sender to the recipient. Police agencies in the US and Europe expressed concern that this powerful new technology, which would simply give people “ too much privacy” and therefore it was necessary to create controls on the technology, to limit its privacy capability, and to enable the state access to personal communication.
At the time the Clipper proposal was first tabled in the US, I suspect there were very few people who were familiar with it, and I actually suspect there were a very few people that could spell “encryption.” But in a short period of time a very large number of people came to understand the significance of Clipper for the future of privacy and the use of Internet at a democratic media.
And even though it was not a legislative proposal as we commonly understand legislation to be, it was a proposal of enormous and profound implications for the design and operation of the Internet.
So a very successful campaign was launched - several people in this room helped organize - to resist the adoption of clipper and over time, with the support also of governments, Clipper was put aside and strong encryption went forward for the Internet. People were able to engage in private communications without State imposed restrictions.
I thought about the story of Clipper as I was on the flight last evening and it occurred to me we reached had a similar point in time with the data retention proposal that shares many characteristics with the original Clipper scheme.
It is an attempt to put in place an architecture that enables the routine surveillance of all people, whether engaged in criminal activity or not, whether innocent or guilty, of all people for all purposes. And for this reason it is an affront to Constitutional democracy and to any government that seeks to protect the rights of the citizens in a democratic society. You simply cannot enable the creation of technology that says whoever you communicate with, whatever information you receive, whatever ideas you pursue, whatever activities you are interested in, these matters of fact should be recorded and retained and analysed and compared and possibly become the basis for subsequent investigations.
Now let us think for a moment what such a proposal would look like in the physical world: imagine if your postal delivery person, at the time he or she brought your letters to your mailbox, wrote on a sheet of paper: “these are the letters that Mr Rotenberg has received today. These are the people who sent the letters. These are their addresses. If I hold the letter up to the light, I think this is what the letter contains.”
Imagine a similar obligation placed on a telephone company to record the calls that you make in the course of the day to various people for various purposes. These will be recorded. These will be stored on a database. These will be transferred to a police authority.
Now take these two concrete examples from the physical world of the postal system and the telephone system, and magnify them by a hundred to the capabilities inherent in digital networks to record all transactions, all websites visited, all articles viewed and to analyse and compare that data and you begin to understand the significance of the proposal for data retention.
Some people have argued that after September 11th we need to take certain measures to protect national security, to protect ourselves from future terrorist threats. And there is certainly a theory of law and of social science that says that in times of war, in times of national concern, the rights of the individual need to be restricted, as the power of the State is expanded. But this view of law imagines a pendulum that swings back and forth, and as threats recede freedoms are re-established. The problem here is that technology does not share this characteristic. Technology does not swing as a pendulum. It follows historical tangents.
When you make decisions about energy policy, about transportation policy, about industrial policy, you choose technologies that bring with them certain defining characteristics, that create one set of opportunities and foreclose others.
That is the problem that lies at the heart of techniques for surveillance. Data retention, like Clipper, like other proposals we will see for national identification, for public surveillance, for biometric identification will put in place systems of control that are opposed, in my view, to the functioning of a democratic society.
So what are we to do?
I think we must understand first of all that many of the proposals that affect the future of the Internet will not simply take the form of legislation. Many of these proposals may be simply technical standards, many of these proposals may be new technologies in their own right.
And so we need to bring to the debates about the choices of technology and the creation of technical standards the same regard for the rights of citizens as we would to the legislative debates, because in many regards technological choices will have longer-term consequences than legislative choices.
The second consideration I would like to suggest is that we must understand the enormous, rapid, global impact of the decision that any major government makes with regard to the Internet: decisions made in China, to block access to information on line, decisions made in Europe for data retention, decisions made in the US for police access to private communication. All of these impact every Internet user who communicates with someone else around the world.
Just by way of example, the US “ Patriot act” - passed in October of last year - significantly expanded police authority to conduct electronic surveillance under the 1978 law called "the Foreign Intelligence Surveillance Act". That law was intended to deal with specific problems that may be posed by foreign agents operating in the US. But it can be equally applied now to two people engaging in private communication over the Internet for political purposes, such as perhaps participating in a Conference like this one here in Brussels on the future of Internet and democracy.
My third and final request to you - because this is perhaps more your battle than ours - is to do what you can to oppose article 15, the data retention provision, at the State level. Now I am not familiar with all the details of the negotiations. I understand there was some effort to compromise between the Council position and the Parliament position on this matter – but nonetheless, the opening made possible in article 15 for the creation of obligatory data retention provisions, is an enormous threat to the future of Internet. It is nothing less that an invitation for the creation of a digital police state. Ten years ago we were able to push back Clipper when it was pursued aggressively by a wide range of police organisations at a time when very few people understood the significance of encryption for the future of Internet communications.
I urge you my friends here today to carry a similar campaign against an effort to establish data retention within Europe.
Thank you for your attention.
