Who Will Take The Privacy Seppuku Pledge?
from the after-you dept
When Techdirt wrote recently about yet another secure email provider opting to close down its service rather than acquiesce in some future US government demand to spy on its users, we noted that Cryptocloud has promised something similar for a while -- what it terms "corporate seppuku":
In the context of privacy issues, "corporate seppuku" means shutting down a company rather than agreeing to become an extension of the massive, ever-expanding, secretive global surveillance network organized by the U.S. National Security Agency. It means, in short, saying "no." Sometimes, we hear people say that this or that company "had no choice" in what they did. Bullshit. There's always a choice; it's just that the consequences of certain options might be really severe, and are thus not chosen. But that's a choice. It's always a choice.
It has even formulated what it calls the Privacy Seppuku pledge:
if a company is served with a secret order to become a real-time participant in ongoing, blanket, secret surveillance of its customers... it will say no. Just say no. And it will shut down its operations, rather than have then infiltrated by spies and used surreptitiously to spread the NSA's global spook malware further. You can't force a company to do something if there's no company there to do it.
It's a noble gesture, but would it do much good in the real world of US government spying? Cryptostorm, the company behind Cryptocloud, has provided a fuller analysis of why it thinks such a pledge would work. Here's a key point:
That one that went thru with the seppuku? She'll likely have a new service up and running in a few days or weeks. The customers who got dinged by the shutdown? They'll all get up and running on her new service. This is all 1s and 0s, remember? You don't have to demolish a car manufacturing plant, after all -- you're just wiping some VMs and reincorporating elsewhere. Lease new machines. Call it "lavabutt" on the new corporate docs, in Andorra. Sign on to the Privacy Seppuku pledge, as lavabutt, again. Off you go. Do you think it'll be hard to get customers -- old ones migrated over, and new ones alike? Think on that: a privacy company that shut down rather than be #snitchware... do you trust them, now?
That resilience flows from the service's digital nature, the availability of powerful but free software, and Moore's Law driving down the cost of commodity hardware. Put together, they make it easy to to recreate a business if it is shut down (apart from the lost data, of course.) The NSA will get this salient feature, CryptoStorm believes:
Spooks aren't dumb -- far from it. They do these kinds of analysis -- hell, they hire some of the best game theoretic minds in the world, and always have. Local cops might be power-drunk and unable to see how their actions play out over time; the NSA isn't any of that. They have whole buildings full of very smart people paid good money to think about this stuff. They won't get it wrong.
It's an optimistic vision, but the fact is that at the time of writing, only two services are listed as having made the Privacy Seppuku pledge -- Cryptocloud and Cryptocat. Until more join the club, it remains more a nice idea than a practical way of fighting back against today's mass surveillance.
And the outcome is simple: if the Privacy Seppuku concept spreads, it becomes useless to target companies on the pledge list! You won't get what you want, you'll make some heroes who go out and do bigger stuff next, you'll out yourselves as dangerous thugs, your "secrecy" is shot to hell, and after all the effort involved you end up backwards from where you were before. That's the scenario, it's how it plays out. There's really no alternative scenario.
Follow me @glynmoody on Twitter or identi.ca, and on Google+
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: nsa surveillance, privacy, privacy policies, privacy seppuku
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
ObGodwin
[ link to this | view in chronology ]
And....
[ link to this | view in chronology ]
Re: And....
[ link to this | view in chronology ]
Standard part of Privacy Policies
[ link to this | view in chronology ]
No Other Option?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Riseup.net
https://www.riseup.net/en/riseup-and-government-faq
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Faulty premise
They will and did. If they were so smart they would have realized early on what Ed Snowden had in his possesion and moved heaven and earth to make a deal with him to bring him home and stop the releases. Give him immunity throw a couple administrators on the sacrificial altar and move on.
These people are arrogant and believe themselves above the law and incapable of failure.
See also: Pirate Bay Whack-a-mole.
[ link to this | view in chronology ]
Re: Faulty premise
Add to that the fact that Snowden is no fool, and wouldn't have been tricked by some sacrificial lambs being tossed out to make it look like they had 'changed their ways', and the only way they could get him was the underhanded/political fashion.
Mind, that doesn't change the 'arrogant and above the law' line one bit, that I fully agree with, it suits them perfectly.
[ link to this | view in chronology ]
Re: Faulty premise
they will and did.
The smart people didn't get it wrong - they are probably wringing their hands right now. It is their bosses that got it wrong. What's the phrase?
"lions led by donkeys"
[ link to this | view in chronology ]
Re: Faulty premise
"Spooks Are dumb"
1st there is something called "incompetence" which happens every minute of ever day, - around the globe. Errors and oversight will occur.
2nd is hubris, a byproduct of " Emperialistic" thinking. This hubris can lead to the underestimation of a threat or overconfidence in a mission achievement.
3rd there are some incredibly bright people who choose not to work for the spooks. And lets not underestimate the hacker mentality.
4th, there is a little something called morality. There do exist people who can't be bought and who will not compromise their principles.
This is where we get to Snowden. Listen to his interviews. "The truth is coming and it can't be stopped." There was no deal possible. Remember, he believed like many others, that Obama would bring change. He sat on all this knowledge waiting for those changes to happen.
There will be more I'm sure (whistleblowers) . I'm guessing that it's already too late for the government and the spooks to find them and shut them up.
[ link to this | view in chronology ]
Re: Re: Faulty premise
Oh, he's certainly brought change. Unfortunately, it's been more of the same change we saw during the Bush administration. ;)
[ link to this | view in chronology ]
Maybe they will go Full Gestapo.
We don't know. It'll be interesting to see the Levison fate (and I hope he has an offshore haven somewhere), but I'm sure if they made an example of Levison, later corporations would either bail early or fail to follow through on the pledge.
[ link to this | view in chronology ]
Re: Maybe they will go Full Gestapo.
[ link to this | view in chronology ]
A gut-wrenching decision
- Once you're served with that order, to destroy any data may be a criminal offence (where is that link to the Lavabit guy's defence fund, by the way?)
- Announcing your intent means that anyone wanting to spy on your users will look for back doors.
A third problem being for listed companies - you try doing this, your shareholders will be after your head (as opposed to your guts).
I had to look up seppuku (although I had heard of the more popular term). Wikipedia had a very nice article on it. One very important thing to note is that it is incredibly difficult to intentionally hurt yourself - the human mind is trained to avoid harm, and seppuku intentionally causes enormous pain leading to death. I think Cryptocloud has chosen the right term. For the company owner making such a decision, they would face enormous pain.
[ link to this | view in chronology ]
Full Gestapo
[ link to this | view in chronology ]
They don't call them black sites for nuttin.
Somehow I don't think that's going to get you out of your one-way ticket to the Bradley Manning hotel and resort.
[ link to this | view in chronology ]
Re: Full Gestapo
I find it hard to believe any court order could compel a private entity to continue operating a service at a loss.
Although, IANAL. so *shrug*.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Do you REALLY expect them to shutdown and piss off all their shareholders?
Plus they're WORLDWIDE shutting down operations on that big a scale would have to take a tremendous amount of coordination and cooperation...
Not to mention the costs of restarting under a different company and all new equipment for it...
Not to mention about what to do with the employees in the meantime...
Realistically, I can't see that happening...
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
No, which is another in the lengthy list of reasons you should avoid using them in the first place.
[ link to this | view in chronology ]
you get a court order
[ link to this | view in chronology ]
Re: you get a court order
Rather than shutting the business down, what if the owner simply raised the fees through the roof? Would that also be illegal?
If the government can force a business to continue operations regardless of whether it is profitable, would the inevitable losses then be a write off or a credit?
Is this the new face of slavery?
[ link to this | view in chronology ]
Re: you get a court order
[ link to this | view in chronology ]
Re: you get a court order
The problem is that all these actions are undercover operations out of the law.
[ link to this | view in chronology ]
or on the other hand
[ link to this | view in chronology ]
I wonder
Would he say NO ?? and shut up shop, would he even disclose such an order if the order stated he was not allowed too ?
Would he disclose such an order if it did not have a clause not to talk about it ? Would he comply with the order ?
[ link to this | view in chronology ]
Re: I wonder
How by giving companies an ultimatum ("Allow us to spy or else") is that not quivalent to hostile government takeover, a serious affront to freedom? If they know that companies would rather shut down their services rather than play ball with the NSA, this cause-and-effect scenario would give the latter the ability to get rid of sites they don't like in a roundabout way. To use a real-world analogy, imagine if you opened a business and one day an NSA agent walked in and told you that he was going to secretly set up cameras on your property and that you didn't have a say in the matter. How would you feel?
[ link to this | view in chronology ]
Re: Re: I wonder
[ link to this | view in chronology ]
Re: Re: Re: I wonder
reply: Blank stare followed by
"Do you have any weapons or illegal substances on your person?"
"What brings you to this marathon?"
"STOP RESISTING!!! STOP RESISTING!!!"
[ link to this | view in chronology ]
Re: Re: Re: Re: I wonder
[ link to this | view in chronology ]
Re: Re: I wonder
[ link to this | view in chronology ]
Re: I wonder
Then again, what do I know? I've only been here since the SOPA Blackout.
[ link to this | view in chronology ]
Re: I wonder
[ link to this | view in chronology ]
Not So Easy
Levison said in an interview that he could not just do that, for as a U.S. citizen, he is still subject to the nation's laws, regardless of where the company is inocrporated and it's servers are located.
[ link to this | view in chronology ]
Re: Not So Easy
[ link to this | view in chronology ]
Re: Re: Not So Easy
[ link to this | view in chronology ]
Sadly....
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
You, originating from a country who steals money from George Orwell by having "1984" in your public domain, have no claim to moral superiority.
[ link to this | view in chronology ]
seppuku pledge
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Interesting! 5 minute Google outate
[ link to this | view in chronology ]
[ link to this | view in chronology ]