Pirates, arr!

Analog Equivalent Rights (10/21): Analog journalism was protected; digital journalism isn’t

Rick Falkvinge - 17 januari, 2018 - 19:00

Privacy: In the analog world of our parents, leaks to the press were heavily protected in both ends – both for the leaker and for the reporter receiving the leak. In the digital world of our children, this has been unceremoniously thrown out the window while discussing something unrelated entirely. Why aren’t our digital children afforded the same checks and balances?

Another area where privacy rights have not been carried over from the analog to the digital concerns journalism, an umbrella of different activities we consider to be an important set of checks-and-balances on power in society. When somebody handed over physical documents to a reporter, that was an analog action that was protected by federal and state laws, and sometimes even by constitutions. When somebody is handing over digital access to the same information to the same type of reporter, reflecting the way we work today and the way our children will work in the future, that is instead prosecutable at both ends.

Let us illustrate this with an example from the real world.

In the 2006 election in Sweden, there was an outcry of disastrous information hygiene on behalf of the ruling party at the time (yes, the same ruling party that later administered the worst governmental leak ever). A username and password circulated that gave full access to the innermost file servers of the Social Democratic party administration from anywhere. The username belonged to a Stig-Olof Friberg, who was using his nickname “sigge” as username, and the same “sigge” as password, and who accessed the innermost files over the Social Democratic office’s unencrypted, open, wireless network.

Calling this “bad opsec” doesn’t begin to describe it. Make a careful note to remember that these were, and still are, the institutions and people we rely on to make policy for good safeguarding of sensitive citizen data.

However, in the shadow of this, there was also the more important detail that some political reporters were well aware of the login credentials, such as one of Sweden’s most (in)famous political reporters Niklas Svensson, who had been using the credentials as a journalistic tool to gain insight into the ruling party’s workings.

This is where it gets interesting, because in the analog world, that reporter would have received leaks in the form of copied documents, physically handed over to him, and leaking to the press in this analog manner was (and still is) an extremely protected activity under law and indeed some constitutions — in Sweden, as this concerns, you can even go to prison for casually speculating over coffee at work who might have been behind a leak to the press. It is taken extremely seriously.

However, in this case, the reporter wasn’t leaked the documents, but was leaked a key for access to the digital documents — the ridiculously insecure credentials “sigge/sigge” — and was convicted in criminal court for electronic trespassing as a result, despite doing journalistic work with a clear analog protected equivalent.

It’s interesting to look at history to see how much critically important events would never have been uncovered, if this prosecution of digital journalism had been applied to analog journalism.

For one example, let’s take the COINTELPRO leak, when activists copied files from an FBI office to uncover a covert and highly illegal operation by law enforcement to discredit political organizations based solely on their political opinion. (This is not what law enforcement should be doing, speaking in general terms.) This leak happened when activists put up a note on the FBI office door on March 8, 1971 saying “Please do not lock this door tonight”, came back in the middle of the night when nobody was there, found the door unlocked as requested, and took (stole) about 1,000 classified files that revealed the illegal practices.

These were then mailed to various press outlets. The theft resulted in the exposure of some of the FBI’s most self-incriminating documents, including several documents detailing the FBI’s use of postal workers, switchboard operators, etc., in order to spy on black college students and various non-violent black activist groups, according to Wikipedia. And here’s the kicker in the context: while the people stealing the documents could and would have been indicted for doing so, it was unthinkable to charge the reporters receiving them with anything.

This is no longer the case.

Our digital children have lost the right to leak information to reporters in the way the world works today, an activity that was taken for granted — indeed, seen as crucially important to the balance of power — in the world of our digital parents. Our digital children who work as reporters can no longer safely receive leaks showing abuse of power. It is entirely reasonable that our digital children should have at least the same set of civil liberties in their digital world, as our parents had in their analog world.

Privacy remains your own responsibility.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

Analog Equivalent Rights (9/21): When the government knows what news you read, in what order, and for how long

Rick Falkvinge - 15 januari, 2018 - 19:00

Privacy: Our analog parents had the ability to read news anonymously, however they wanted, wherever they wanted, and whenever they wanted. For our digital children, a government agent might as well be looking over their shoulder: the government knows what news sources they read, what articles, for how long, and in what order.

For our analog parents, reading the news was an affair the government had no part of, or indeed had any business being part of. Our analog parents bought a morning newspaper with a few coins on the street corner, brought it somewhere quiet where they had a few minutes to spare, and started reading without anybody interfering.

When our digital children read the news, the government doesn’t just know what news source they choose to read, but also what specific articles they read from that news source, in what order, and for how long. So do several commercial actors. There are at least three grave issues with this.

The first is that since the government has this data, it will attempt to use this data. More specifically, it will attempt to use the data against the individual concerned, possibly in some sort of pre-crime scheme. We know this that since all data collected by a government will eventually be used against the people concerned, with mathematical certainty.

In an attention economy, data about what we pay attention to, how much, and for how long, are absolutely crucial predictive behaviors. And in the hands of a government which makes the crucial mistake of using it to predict pre-crime, the results can be disastrous for the individual and plain wrong for the government.

Of course, the instant the government uses this data in any way imaginable, positive or negative, it will become Heisenberg Metrics — the act of using the data will shape the data itself. For example, if somebody in government decides that reading about frugality probably is an indicator of poverty, and so makes people more eligible for government handouts, then such a policy will immediately shape people’s behavior to read more about frugality. Heisenberg Metrics is when a metric can’t be measured without making it invalid in the process.

(The phenomenon is named after the Heisenberg Uncertainty Principle, which is traditionally confused with the Observer Effect, which states you can’t measure some things without changing them in the process. The Heisenberg Uncertainty Principle is actually something else entirely; it states that you can’t measure precise momentum and position of a subatomic particle at the same time, and does not apply at all to Heisenberg Metrics.)

The second issue is that not only government, but also other commercial actors, will seek to act on these metrics, Heisenberg Metrics as they may be. Maybe somebody thinks that reading fanzines about motorcycle acrobatics should have an effect on your health and traffic insurance premiums?

The third issue is subtle and devious, but far more grave: the government doesn’t just know what articles you read and in what order, but as a corollary to that, knows what the last article you read was, and what you did right after reading it. In other words, it knows very precisely what piece of information leads you to stop reading and instead take a specific action. This is far more dangerous information than being aware of your general information feed patterns and preferences.

Being able to predict somebody’s actions with a high degree of certainty is a far more dangerous ability than being vaguely aware of somebody’s entertainment preferences.

Our analog parents had the privacy right of choosing their information source anonymously with nobody permitted (or able) to say what articles they read, in what order, or for what reason. It’s not unreasonable that our digital children should have the same privacy right, the analog equivalent privacy right.

Privacy remains your own responsibility.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

Analog Equivalent Rights (8/21): Using Third-Party Services Should Not Void Expectation of Privacy

Rick Falkvinge - 5 januari, 2018 - 19:00

Privacy: Ross Ulbricht handed in his appeal to the U.S. Supreme Court last week, highlighting an important Analog Equivalent Privacy Right in the process: Just because you’re using equipment that makes a third party aware of your circumstances, does that really nullify any expectation of privacy?

In most constitutions, there’s a protection of privacy of some kind. In the European Charter of Human Rights, this is specified as having the right to private and family life, home, and correspondence. In the U.S. Constitution, it’s framed slightly differently, but with the same outcome: it’s a ban for the government to invade privacy without good cause (“unreasonable search and seizure”).

U.S. Courts have long held, that if you have voluntarily given up some part of your digitally-stored privacy to a third party, then you can no longer expect to have privacy in that area. When looking at analog equivalence for privacy rights, this doctrine is atrocious, and in order to understand just how atrocious, we need to go back to the dawn of the manual telephone switchboards.

At the beginning of the telephone age, switchboards were fully manual. When you requested a telephone call, a manual switchboard operator would manually connect the wire from your telephone to the wire of the receiver’s telephone, and crank a mechanism that would make that telephone ring. The operators could hear every call if they wanted and knew who had been talking to whom and when.

Did you give up your privacy to a third party when using this manual telephone service? Yes, arguably, you did. Under the digital doctrine applied now, phonecalls would have no privacy at all, under any circumstance. But as we know, phonecalls are private. In fact, the phonecall operators were oathsworn to never utter the smallest part of what they learned on the job about people’s private dealings — so seriously was privacy considered, even by the companies running the switchboards.

Interestingly enough, this “third-party surrender of privacy” doctrine seems to have appeared the moment the last switchboard operator left their job for today’s automated phone-circuit switches. This was as late as 1983, just at the dawn of digital consumer-level technology such as the Commodore 64.

This false equivalence alone should be sufficient to scuttle the doctrine of “voluntarily” surrendering privacy to a third party in the digital world, and therefore giving up expectation of privacy: the equivalence in the analog world was the direct opposite.

But there’s more to the analog equivalent of third-party-service privacy. Somewhere in this concept is the notion that you’re voluntarily choosing to give up your privacy, as an active informed act — in particular, an act that stands out of the ordinary, since the Constitutions of the world are very clear that the ordinary default case is that you have an expectation of privacy.

In other words, since people’s everyday lives are covered by expectations of privacy, there must be something outside of the ordinary that a government can claim gives it the right to take away somebody’s privacy. And this “outside the ordinary” has been that the people in question were carrying a cellphone, and so “voluntarily” gave up their right to privacy, as the cellphone gives away their location to the network operator by contacting cellphone towers.

But carrying a cellphone is expected behavior today. It is completely within the boundaries of “ordinary”. In terms of expectations, this doesn’t differ much from wearing jeans or a jacket. This leads us to the question; in the thought experiment that yesterday’s jeans manufacturers had been able to pinpoint your location, had it been reasonable for the government to argue that you give up any expectation of privacy when you’re wearing jeans?

No. No, of course it hadn’t.

It’s not like you’re carrying a wilderness tracking device for the express purpose of rescue services to find you during a dangerous hike. In such a circumstance, it could be argued that you’re voluntarily carrying a locator device. But not when carrying something that everybody is expected to carry — indeed, something that everybody must carry in order to even function in today’s society.

When the only alternative to having your Constitutionally-guaranteed privacy is exile from modern society, a government should have a really thin case. Especially when the analog equivalent — analog phone switchboards — was never fair game in any case.

People deserve Analog Equivalent Privacy Rights.

Until a government recognizes this and voluntarily surrenders a power it has taken itself, which isn’t something people should hold their breath over, privacy remains your own responsibility.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

Analog Equivalent Rights (7/21): Analog Libraries Were Private Searches for Information

Rick Falkvinge - 1 januari, 2018 - 19:00

When our analog parents searched for information, that activity took place in libraries, and that was one of the most safeguarded privacies of all. When our digital children search for information, their innermost thoughts are instead harvested wholesale for marketing. How did this happen?

If you’re looking at one particular profession of the analog world that was absolutely obsessed with the privacy of its patrons, it was the librarians. Libraries were where people could search for their darkest secrets, were it literature, science, shopping, or something else. The secrecy of libraries were downright legendary.

As bomb recipes started appearing on the proto-Internet in the 1980s — on so-called BBSes — and some politicians tried to play on moral panics, many of common sense were quick to point out, that these “text files with bomb recipes” were no different than what you would find in the chemistry section of a mediocre-or-better library — and libraries were sacred. There was no moral panic to play on as soon as you pointed out that this was already available in every public library, for the public to access anonymously

So private were libraries, in fact, that librarians were in collective outrage when the FBI started asking libraries for records of who had borrowed what book – and that’s how the infamous warrant canaries were invented. Yup, by a librarian, protecting the patrons of the library. Librarians have always been the profession defending privacy rights the hardest – in the analog as well as the digital.

In the analog world of our parents, their Freedom of Information was sacramount: their innermost thirst for learning, knowledge, and understanding. In the digital world of our children, their corresponding innermost thoughts are instead harvested wholesale and sold off to market trinkets into their faces.

It’s not just what our digital children successfully studied that’s up for grabs. In the terms of our analog parents, it’s what they ever went to the library for. It’s what they ever considered going to the library for. In the world of our digital children, everything they searched for is recorded — and everything they thought of searching for but didn’t.

Think about that for a moment: something that was so sacred for our analog parents that entire classes of professions would go on strike to preserve it, is now casually used for wholesale marketing in the world of our digital children.

Combine this with the previous article about everything you do, say, and think being recorded for later use against you, and we’re going to need a major change in thinking on this very soon.

There is no reason our children should have less Freedom of Information just because they happen to live in a digital environment, as compared to the analog environment of our parents. There is no reason our digital children shouldn’t enjoy Analog Equivalent Privacy Rights.

Of course, it can be argued that the Internet search engines are private services who are free to offer whatever services they like on whatever terms they like. But there were private libraries in the analog world of our parents, too. We’ll be returning to this “it’s private so you don’t have a say” concept a little later in this series.

Privacy remains your own responsibility.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

Analog Equivalent Rights (6/21): Everything you do, say, or think today will be used against you in the future

Rick Falkvinge - 27 december, 2017 - 19:00

Privacy: “Everything you say or do can and will be used against you, at any point in the far future when the context and agreeableness of what you said or did has changed dramatically.” With the analog surveillance of our parents, everything was caught in the context of its time. The digital surveillance of our children saves everything for later use against them.

It’s a reality for our digital children so horrible, that not even Nineteen Eighty-Four managed to think of it. In the analog surveillance world, where people are put under surveillance only after they’ve been identified as suspects of a crime, everything we said and did was transient. If Winston’s telescreen missed him doing something bad, then it had missed the moment and Winston was safe.

The analog surveillance was transient for two reasons: one, it was assumed that all surveillance was people watching other people, and two, that nobody would have the capacity of instantly finding keywords in the past twenty years of somebody’s conversations. In the analog world of our parents, that would mean somebody would need to actually listen to twenty years’ worth of tape recordings, which would in turn take sixty years (as we only work 8 out of 24 hours). In the digital world of our children, surveillance agencies type a few words to get automatic transcripts of the saved-forever surveillance-of-everybody up on screen in realtime as they type the keywords – not just from one person’s conversation, but from everybody’s. (This isn’t even exaggerating; this was reality in or about 2010 with the GCHQ-NSA XKEYSCORE program.)

In the world of our analog parents, surveillance was only a thing at the specific time it was active, which was when you were under individual and concrete suspicion of a specific, already-committed, and serious crime.

In the world of our digital children, surveillance can be retroactively activated for any reason or no reason, with the net effect that everybody is under surveillance for everything they have ever done or said.

We should tell people as it has become instead; “anything you say or do can be used against you, for any reason or no reason, at any point in the future”.

The current generation has utterly failed to preserve the presumption of innocence, as it applies to surveillance, in the shift from our analog parents to our digital children.

This subtle addition – that everything is recorded for later use against you – amplifies the horrors of the previous aspects of surveillance by orders of magnitude.

Consider somebody asking you where you were on the evening of March 13, 1992. You would, at best, have a vague idea of what you did that year. (“Let’s see… I remember my military service started on March 3 of that year… and the first week was a tough boot camp in freezing winter forest… so I was probably… back at barracks after the first week, having the first military theory class of something? Or maybe that date was a Saturday or Sunday, in which case I’d be on weekend leave?” That’s about the maximum precision your memory can produce for twenty-five years past.)

However, when confronted with hard data on what you did, the people confronting you will have an utter and complete upper hand, because you simply can’t refute it. “You were in this room and said these words, according to our data transcript. These other people were also in the same room. We have to assume what you said was communicated with the intention for them to hear. What do you have to say for yourself?”

It doesn’t have to be 25 years ago. A few months back would be sufficient for most memories to be not very detailed anymore.

To illustrate further: consider that the NSA is known to store copies even of all encrypted correspondence today, on the assumption that even if it’s not breakable today, it will probably be so in the future. Consider what you’re communicating encrypted today — in text, voice, or video — can be used against you in twenty years. You probably don’t even know half of it, because the window of acceptable behavior will have shifted in ways we cannot predict, as it always does. In the 1950s, it was completely socially acceptable to drop disparaging remarks about some minorities in society, which would socially ostracize you today. Other minorities are still okay to disparage, but might not be in the future.

When you’re listening to somebody talking from fifty years ago, they were talking in the context of their time, maybe even with the best of intentions by today’s standards. Yet, we could judge them harshly for their words interpreted by today’s context — today’s completely different context.

Our digital children will face exactly this scenario, because everything they do and say can and will be used against them, at any point in the future. It should not be this way. They should have every right to enjoy Analog Equivalent Privacy Rights.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

Analog Equivalent Rights (5/21): Where did Freedom of Assembly go?

Rick Falkvinge - 25 december, 2017 - 19:00

Privacy: Our analog parents had the right to meet whomever they liked, wherever they liked, and discuss whatever they liked, without the government knowing. Our digital children have lost this, just because they use more modern items.

For a lot of our digital children’s activities, there’s no such thing as privacy anymore, as they naturally take place on the net. For people born 1980 and later, it doesn’t make sense to talk of “offline” or “online” activities. What older people see as “people spending time with their phone or computer”, younger see as socializing using their phone or computer.

This is an important distinction that the older generation tends to not understand.

Perhaps this is best illustrated with an anecdote from the previous generation again: The parents of our parents complained that our parents were talking with the phone, and not to another person using the phone. What our parents saw as socializing (using an old analog landline phone), their parents in turn saw as obsession with a device. There’s nothing new under the sun.

(Note: when I say “digital children” here, I am not referring to children as in young people below majority age; I am referring to the next generation of fully capable adult professionals.)

This digital socializing, however, can be limited, it can be… permissioned. As in, requiring somebody’s permission to socialize in the way you and your friends want, or even to socialize at all. The network effects are strong and create centralizing pressure toward a few platforms where everybody hang out, and as these are private services, they get to set any terms and conditions they like for people assembling and socializing – for the billions of people assembling and socializing there.

Just as one example to illustrate this: Facebook is using American values for socializing, not universal values. Being super-against anything even slightly naked while being comparatively accepting of hate speech is not something inherently global; it is strictly American. If Facebook had been developed in France or Germany instead of the US, any and all nudity would be welcomed as art and free-body culture (Freikörperkultur) and a completely legitimate way of socializing, but the slightest genocide questioning would lead to an insta-kickban and reporting to authorities for criminal prosecution.

Therefore, just using the dominant Facebook as an example, any non-American way of socializing is effectively banned worldwide, and it’s likely that people developing and working with Facebook aren’t even aware of this. But the Freedom of Assembly hasn’t just been limited in the online sphere, but also in the classic analog offline world where our analog parents used to hang out (and still do).

Since people’s locations are tracked, as we saw in the previous post, it is possible to match locations between individuals and figure out who was talking to whom, as well as when and where this happened, even if they were only talking face to face. As I’m looking out my window from the office writing this piece, it just so happens that I’m looking at the old Stasi headquarters across from Alexanderplatz in former East Berlin. It was a little bit like Hotel California; people who checked in there tended to never leave. Stasi also tracked who was talking to whom, but required a ton of people to perform this task manually, just in order to walk behind other people and photograph whom they were talking to — and therefore, there was an economic limit to how many people could be tracked like this at any one time before the national economy couldn’t sustain more surveillance. Today, that limit is completely gone, and everybody is tracked all the time.

Do you really have Freedom of Assembly, when the fact that you’ve associated with a person — indeed, maybe just spent time in their physical proximity — can be held against you?

I’m going to illustrate this with an example. In a major leak recently, it doesn’t matter which one, a distant colleague of mine happened to celebrate a big event with a huge party in near physical proximity to where the documents were being copied at the same time, completely unaware and by sheer coincidence. Months later, this colleague was part of journalistically vetting those leaked documents and verifying their veracity, while at this time still unaware of the source and that they had held a big party very close to the origin of the documents.

The government was very aware of the physical proximity of the leak combined with this person’s journalistic access to the documents, though, and issued not one but two arrest-on-sight warrants for this distant colleague based on that coincidence. They are now living in exile outside of Sweden, and don’t expect to be able to return home anytime soon.

Privacy, including Privacy of Location, remains your own responsibility.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

Analog Equivalent Rights (4/21): Our children have lost the Privacy of Location

Rick Falkvinge - 22 december, 2017 - 19:00

Privacy: In the analog world of our parents, as an ordinary citizen and not under surveillance because of being a suspect of a crime, it was taken for granted that you could walk around a city without authorities tracking you at the footstep level. Our children don’t have this right anymore in their digital world.

Not even the dystopias of the 1950s — Nineteen Eighty-Four, Brave New World, Colossus, and so on, managed to dream up the horrors of this element: the fact that every citizen is now carrying a governmental tracking device. They’re not just carrying one, they even bought it themselves. Not even Brave New World could have imagined this horror.

It started out innocently, of course. It always does. With the new “portable phones” — which, at this point, meant something like “not chained to the floor” — authorities discovered that people would still call the Emergency Services number (112, 911, et cetera) from their mobile phones, but not always be capable of giving their location themselves, something that the phone network was now capable of doing. So authorities mandated that the phone networks be technically capable of always giving a subscriber’s location, just in case they would call Emergency Services. In the United States, this was known as the E911 regulation (“Enhanced 9-1-1”).

This was in 2005. Things went bad very quickly from there. Imagine that just 12 years ago, we still had the right to roam around freely without authorities being capable of tracking our every footstep – this was no more than just over a decade ago!

Before this point, governments supplied you with services so that you would be able to know your location, as had been the tradition since the naval lighthouse, but not so that they would be able to know your location. There’s a crucial difference here. And as always, the first breach was one of providing citizen services — in this case, emergency medical services — that only the most prescient dystopians would oppose.

What’s happened since?

Entire cities are using wi-fi passive tracking to track people at the individual, realtime, and sub-footstep level in the entire city center.

Train stations and airports, which used to be safe havens of anonymity in the analog world of our parents, have signs saying they employ realtime passive wi-fi and bluetooth tracking of everybody even coming close, and are connecting their tracking to personal identifying data. Correction: they have signs about it in the best case but do it regardless.

People’s location are tracked in at least three different… not ways, but categories of ways:

Active: You carry a sensor of your location (GPS sensor, Glonass receiver, cell tower triangulator, or even visual identifier through the camera). You use the sensors to find your location, at one point in time or continuously. The government takes itself the right to read the contents of your active sensors.

Passive: You take no action, but are still transmitting your location to the government continuously through a third party. In this category, we find cell tower triangulation as well as passive wi-fi and bluetooth tracking that require no action on behalf of a user’s phone other than being on.

Hybrid: The government finds your location in occasional pings through active dragnets and ongoing technical fishing expeditions. This would not only include cellphone-related techniques, but also face recognition connected to urban CCTV networks.

Privacy of location is one of the Seven Privacies, and we can calmly say that without active countermeasures, it’s been completely lost in the transition from analog to digital. Our parents had privacy of location, especially in busy places like airports and train stations. Our children don’t have privacy of location, not in general, and particularly not in places like airports and train stations that were the safest havens of our analog parents.

How do we reinstate Privacy of Location today? It was taken for granted just 12 years ago.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

Analog Equivalent Rights (3/21): Posting an Anonymous Public Message

Rick Falkvinge - 20 december, 2017 - 20:00

Privacy: The liberties of our parents are not being inherited by our children – they are being lost wholesale in the transition to digital. Today, we’ll look at the importance of posting anonymous public messages.

When I was in my teens, before the Internet (yes, really), there was something called BBSes – Bulletin Board Systems. They were digital equivalents of an analog Bulletin Board, which in turn was a glorified sheet of wood intended for posting messages to the public. In a sense, they were an anonymous equivalent of today’s webforum software, but you connected from your home computer directly to the BBS over a phone line, without connecting to the Internet first.

The analog Bulletin Boards are still in existence, of course, but mostly used for concert promotions and the occasional fringe political or religious announcement.

In the early 1990s, weird laws were coming into effect worldwide as a result of lobbying from the copyright industry: the owners of bulletin board systems could be held liable for what other people posted on them. The only way to avoid liability was to take down the post within seven days. Such liability had no analog equivalent at all; it was an outright ridiculous idea that the owner of a piece of land should be held responsible for a poster put up on a tree on that land, or even that the owner of a public piece of cardboard could be sued for the posters other people had glued up on that board.

Let’s take that again: it is extremely weird from a legal standpoint that an electronic hosting provider is in any way, shape, or form liable for the contents hosted on their platform. It has no analog equivalent whatsoever.

Sure, people could put up illegal analog posters on an analog bulletin board. That would be an illegal act. When that happened, it was the problem of law enforcement, and never of the bulletin board owner. The thought is ridiculous and has no place in the digital landscape either.

The proper digital equivalent isn’t to require logging to hand over upload IPs to law enforcement, either. An analog bulletin board owner is under no obligation whatsoever to somehow identify the people using the bulletin board, or even monitor whether it’s being used at all.

The Analog Equivalent Privacy Right for an electronic post hosting provider is for an uploader to be responsible for everything they upload for the public to see, with no liability at all for the hosting provider under any circumstance, including no requirement to log upload data to help law enforcement find an uploader. Such monitoring is not a requirement in the analog world of our parents, nor is there an analog liability for anything posted, and there is no reason to have it otherwise in the digital world of our children just because somebody doesn’t know how to run a business otherwise.

As a side note, the United States would not exist had today’s hosting liability laws in place when it formed. A lot of writing was being circulated at the time arguing for breaking with the British Crown and forming an Independent Republic; from a criminal standpoint, this was inciting and abetting high treason. This writing was commonly nailed to trees and public posts, for the public to read and make up their own minds. Imagine for a moment if the landowners where such trees happened to stand had been charged with high treason for “hosting content” — the thought is as ridiculous in the analog would, as it really is in the digital too. We just need to pull the illusion aside, that the current laws on digital hosting make any kind of sense. These laws really are as ridiculous in the digital world of our children, as they would have been in the analog world of our parents.

Privacy remains your own responsibility.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

Analog Equivalent Rights (2/21): The analog, anonymous letter and The Pirate Bay

Rick Falkvinge - 18 december, 2017 - 19:00

Privacy: Our parents were taking liberties for granted in their analog world, liberties that are not passed down to our children in the transition to digital — such as the simple right to send an anonymous letter.

Sometimes when speaking, I ask the audience how many would be okay with sites like The Pirate Bay, even if it means that artists are losing money from their operation. (Do note that this assertion is disputed: I’m asking the question on the basis of what-if the assertion is true.) Some people raise their hands, the proportion varying with audience and venue.

The copyright industry asserts that the offline laws don’t apply on the Internet when they want to sue and prosecute people sharing knowledge and culture. They’re right, but not in the way they think. They’re right that copyright law does apply online as well. But privacy laws don’t, and they should.

In the offline world, an analog letter was given a certain level of protection. This was not intended to cover just the physical letter as such, but correspondence in general; it was just that the letter was the only form of such correspondence when these liberties were drafted.

First, the letter was anonymous. It was your prerogative entirely whether you identified yourself as sender of the letter on the outside of the envelope, on the inside of the letter (so not even the postal service knew who sent it, only the recipient), or not at all.

Further, the letter was untracked in transit. The only governments tracking people’s correspondence were those we looked down on with enormous contempt.

Third, the letter was secret. The envelope would never we broken in transit.

Fourth, the carrier was never responsible for the contents, of nothing else for the simple reason they were not allowed to examine the content in the first place. But even if they could, like with a envelopeless postcard, they were never liable for executing their courier duties — this principle, the courier immunity or messenger immunity, is a principle that dates as far back as the Roman Empire.

These principles, the liberties of correspondence, should apply to offline correspondence (the letter) just as it should to online correspondence. But it doesn’t. You don’t have the right to send anything you like to anybody you like online, because it might be a copyright infringement — even though our parents had exactly this right in their offline world.

So the copyright industry is right – sending a copied drawing in a letter is a copyright infringement, and sending a copied piece of music over the net is the same kind of copyright infringement. But offline, there are checks and balances to these laws – even though it’s a copyright infringement, nobody is allowed to open the letter in transit just to see if it violates the law, because the secrecy of private correspondence is considered more important than discovering copyright infringements. This is key. This set of checks and balances has not been carried over into the digital environment.

The only time a letter is opened and prevented is when somebody is under individual and prior suspicion of a serious crime. The words “individual” and “prior” are important here — opening letters just to see if they contain a non-serious crime in progress, like copyright infringement, is simply not permitted in the slightest.

There is no reason for the offline liberties of our parents to not be carried over into the same online liberties for our children, regardless of whether that means somebody doesn’t know how to run a business anymore.

After highlighting these points, I repeat the question whether the audience would be okay with sites like The Pirate Bay, even if it means an artist is losing income. And after making these points, basically everybody raises their hand to say they would be fine with it; they would be fine with our children having the same liberty as our parents, and the checks and balances of the offline world to also apply online.

Next in the series, we’re going to look at a related topic – public anonymous announcements and the important role the city square soapbox filled in shaping liberty.

Privacy remains your own responsibility.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

Analog Equivalent Privacy Rights: Our children should have the same rights as our parents

Rick Falkvinge - 16 december, 2017 - 19:00

Privacy: In a series of 21 posts on this blog, we’ll examine how privacy rights — essential civil liberties — have been completely lost in the transition to digital. The erosion is nothing short of catastrophic.

In a series of posts on this blog, we will take a look at a large amount of different areas, where privacy has simply vanished in the transition to digital, and where it ended up instead. For each of the policy areas, we’ll take a look at where different jurisdictions stand and where the trends are pulling. The key takeaway is clear — it’s not the slightest bit unreasonable that our children should have at least the same set of civil liberties and our parents, and today, they don’t. They don’t at all.

To kick off, we'll be looking at the liberties around the analog letter, and how many liberties around it — such as the taken-for-granted right to send an anonymous letter — has been completely lost. Same thing with anonymous public posters on billboards; who defends your right to make an anonymous political statement today?

We’ll be looking at how you no longer have the right to walk about in private, without somebody tracking you. It used to be a thing that airports and train stations were safe anonymous places for our parents; today, your phone is a realtime tracking beacon as soon as you approach them.

Further, we’ll take a look at how it used to be that authorities would need to catch you in the act doing something they didn’t like, but are now capable of rewinding the records 20 years or so to find something they missed when it happened, and maybe didn’t even care about then, perhaps something you didn’t even pay attention to at the time either, and much less remember 20 years later.

Our parents went to libraries and searched for information. The librarians went to extreme lengths, even inventing the warrant canary, to make sure people could search for whatever information they wanted and read whatever books they wanted without authorities knowing about it. Today, Google goes to the same extreme lengths, but to make note of everything you search for, up until and including what you almost search for but didn’t — and of course, all of it is available to authorities and governments, who only have to tell Google to follow the law they just wrote.

It is not the slightest bit unreasonable to demand that our children should have at least as much civil liberties — privacy rights — in their digital environment, as our parents had in their analog environment. Yet, the privacy rights have been almost abolished in the transition to digital.

Speaking of reading, our parents could buy a newspaper on the corner with some change. They would read a newspaper without anybody neither knowing that they bought or read it. As opposed to our children, where it is carefully logged which newspapers they read, when, what articles, in what order, and for how long – and perhaps worst, what action they took right afterward, and whether it looked caused by reading the last article they read.

Ah yes, cash at the newsstand. Cash anywhere, in fact. Several countries are trying to abolish cash, making all transactions traceable. A card is more convenient? Maybe. But it’s not more safe. Every purchase is logged. Worse, every almost-purchase of our children is also logged, something that would be inconceivable in the world of our parents. Even worse, every purchase is also permissioned, and can be denied by a third party.

Our parents didn’t have videocalls, or TVs looking back at them. But if they had, I’m reasonably sure they would have been horrified at our children having governments look straight into their living room, or watching them have private video calls, including very private video calls.

When our parents had a private conversation on the phone, there was never a stranger’s voice popping into the call and saying “you have mentioned a prohibited subject; please refrain from discussing prohibited subjects in the future”. This happens in private messaging in Facebook in the world of our children. This, of course, ties into the concept of having private conversations in our home, and how our children won’t even understand the concept of having a private conversation at home (but do understand that they can ask the little listening box for cookies and a dollhouse).

We’ll also look at how the copyright industry exploits pretty much all of this to attempt changing the world dramatically, in what can only be described as morally bankrupt.

This and much more in the coming series of 21 articles, of which this is the first.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

Once again: Privacy promises from a company are worth nothing, because companies can’t promise anything

Rick Falkvinge - 9 december, 2017 - 19:00

Global: In the last post, I recalled that the only thing that matter whether data collection is taking place is whether it's technically possible, and that if you carry an electronic sensor, you must assume it to be active. Here's why it doesn't matter one bit if the sensor was made with "good guys" with exemplary and outstanding Terms and Conditions.

If data collection is possible, it is happening, and it will be used against the person it was collected from. That’s a reality which is provable with mathematical precision: the probability for data being collected is nonzero, and the probability for it being used against its owner is also some nonzero probability. Since neither of these probabilities are falling over time, then they will take place, with mathematical certainty. Therefore, the only way to have data not used against you is to make sure it’s not possible to collect it in the first place.

I hear a lot of people looking at “good guy” companies, and how they are standing up for privacy, so you can trust them with certainty. This is good, but it is not enough: a company can not just get a new management, it is also completely at the mercy of the government it is operating under.

In effect, a company does not even have agency to promise to protect any collected data. A few case studies:

In the Terms of Service of Dropbox, it was first stated that the files are encrypted, and that Dropbox employees are incapable of accessing your data. At some point, Dropbox mentioned that they’re doing server-side deduplication to store space. This is a compression technique where similar segments of files are only stored once. When this was mentioned, bright minds immediately realized that deduplication cannot take place unless Dropbox can determine that the files are similar, in which case they cannot be encrypted when this process happens. After an uproar, Dropbox changed its terms of service from employees being “incapable” of accessing client data, to employees being “not permitted” to access client data — which is an enormous difference, because it means the data is accessible to somebody walking into Dropbox offices and, say, flashing a badge. “Not permitted” counts for absolutely nothing.

Another case in point is Amazon Alexa, which is listening into your living room (just like a lot of other devices do). Amazon had promised to never share anything it heard in your home, promising you privacy. This promise was only valid up until a District Attorney wanted those recordings as part of an ongoing investigation, at which point Amazon’s promises were completely null and void.

The only way to make sure that your privacy is kept intact is to not have your data collected in the first place. Companies, even when they promise you privacy, have no legal right to promise you anything — for the very next day, the government can walk into the company’s offices and carry that data out with it. Therefore, reading Privacy Policies or Terms of Service in hopes of finding good promises that your data will be kept safe are pointless, because no company can legally make such promises.

The one exception to governments getting away with this kind of behavior would be the story of Lavabit, where the founder chose to close the entire company overnight rather than comply with a nastygram from the NSA demanding the mail correspondence of Edward Snowden. But this is the exception to the rule. There is no scenario where a company keeps its promise and stays open, when a government says it wants the data in the custody of that company.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

Once again: If you carry a sensor of any kind, you must assume it to be active and collecting data, you can’t trust pinky promises

Rick Falkvinge - 6 december, 2017 - 19:00

Global: As Quartz revealed, Google has been tracking your location since the start of 2017. At this point, the story should not be about why Google did this, but why, with all the experience at hand, anybody expected otherwise. Privacy is your own responsibility today.

When Quartz broke the story that Google is tracking and collecting data about your location even with “location services” turned off, it was kind of a big story last week. But the big problem here isn’t that Google was collecting data hidden somewhere deep inside their Terms of Service, even if you had thought you had turned it off. The problem is that people are carrying around a device they know is fully capable of collecting a lot of data — location, orientation, speed, recorded audio, whatever the camera sees — and expect it to never do that.

“Fool me once, shame on you. Fool me twice, shame on me.”

The attitude that you are carrying around an active connected sensor, and are in full control of everything it does — this expectation is naïve, at best. It’s certainly the way the things should be in an ideal world. But we cannot expect the world to be rainbows and unicorns.

The Snowden documents, more than anything, showed the brutal truth of today: if a type of data collection is technically possible, then it is taking place right now. That’s all that matters. If it is technically doable. Not whether you have given permission, because of course you haven’t, and never would, so various constructs are made to circumvent asking for your permission.

So, once again:

If you carry a sensor, an electronic sensor of any kind, then you must assume it to be active at all times. In particular, you can never trust someone’s promise that it won’t be.

If you’re carrying around a phone, you’re carrying around a ton of sensors. You must assume them all to be active at all times. This particularly includes the microphone — to illustrate, your Android phone’s microphone doesn’t turn on only after you say “Ok, Google”, for if it did, how did it hear you saying “Ok, Google”?

The only way to hold a private conversation today is to leave all electronic devices behind — all electronic devices — and go for a walk outside of your home. When you’re online, a VPN is a good start to protect your privacy, but no replacement for good information hygiene overall.

If it’s technically possible to collect the data, it is already happening.

Your privacy remains your own responsibility.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

Net Neutrality and the United States FCC: Let’s talk about this abusive pattern of releasing controversial policies on major holidays

Rick Falkvinge - 1 december, 2017 - 19:00

Corruption: So the United States FCC has released its plans to eradicate Net Neutrality in the United States, on Thanksgiving, as it said it would. This, on its own, merits more discussion – for it is such a blatant display not just of bad faith, but bad faith that they fully expect to get away with.

I have seen this pattern twice before.

The first was when Sweden created its first mass surveillance program, FRA-lagen, somewhat equivalent to the NSA’s Patriot Act but worse, and the Ministry of Defense sent out the bill for comments over the Christmas and New Year holidays, when they knew full well nobody in the entire government would be at work to even open the mail. (As if by a miracle, the Security Police were awake enough during the holidays to actually read the several-hundred-page document, understand its implications, and then sounded the alarm to the community at large during the holidays.)

The bill was designed to allow wiretapping of any communication that happened to cross a country border of Sweden’s. But a phonecall from A to B isn’t routed that way; it’s routed on the currently cheapest circuit, which may well cross a country border. And as for privacy, there’s this thing called the “certainty principle”, meaning that you need to know when you have expectation of privacy and when you don’t; if a phonecall can be randomly wiretapped, regardless of probability, because of circumstances outside of your control such as routing, then by legal principle, all phonecalls are always considered wiretapped, as in “you don’t have expectation of privacy”. The same goes for any Internet traffic, any and all Internet traffic.

So egregious was the Swedish mass surveillance program, that it switched the legal standard from “you have expectation of privacy in electronic communications” to “you are always wiretapped, no matter where you are, no matter when, no matter what means of communication you use”.

And this bill was released silently on the Christmas holidays, with no press release or attempt to get attention whatsoever, with a public comment period that ended just at the same time as those holidays.

(It was discovered much later, that the strategic purpose of the bill was to serve the United States with all of Russia’s Internet traffic, as 80% of Russia’s traffic went through Finland and Sweden. This purpose made sense, at least in a way which all the decoy justifications had been utterly lacking: whether you agreed with the action or not, it was at least rational, as opposed to the nonsensical “we want to wiretap everybody all the time because we can”.)

The second bill was the IPRED copyright abuse bill of 2009, also in Sweden. It gave the private copyright industry more far-reaching powers to invade ordinary people’s privacy than even the Swedish law enforcement (yes, you read that right). It was a vast over-implementation of a European Union federal directive, which itself was mail-order legislation from Vivendi Universal, and which the Swedish Department of Justice over-implemented in turn, trying to blame the EU for their own decisions.

Specifically, it gave the copyright industry the right to de-anonymize IP addresses on suspicion of infringement of their distribution monopolies, which is so insignificant a crime that the Police wasn’t allowed to break that privacy until a crime becomes significantly more severe.

This bill was released – again without any press release or similar – on the biggest political day of the year in Sweden, the first day of an annual week-long political summer conference where the entire Swedish establishment gathers to convince each other of things. During this particular week, everybody is screaming for attention all the time, and so it was a very deliberate choice to release the bill silently on the first day of this week.

This pattern is abusive. It says so much about the officials trying to push the bill through: it says “we know this would never pass an ordinary review process, so we’re deliberately trying to cheat that ordinary process”. It is an act in deliberate bad faith, and worse, because they’re not only acting in bad faith: they’re also expecting to get away with it, to be above requirements of due process and politically immune to consequences of their abusive behavior.

It should be a minimum requirement of any bill, no matter how controversial, that it must survive the sunlight of an honest public review. If the only way to pass a certain bill is by procedural trickery and bad faith such as this, and officials are choosing that route, then those officials acting in such obvious bad faith against the public should face the political equivalent of a court-martial: a vote of no confidence.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

How did the free sharing of scientific knowledge and culture become the worst crime our justice systems could think of?

Rick Falkvinge - 24 november, 2017 - 19:00

Corruption: Sci-Hub is starting to get judgments and censorship applied against it. It’s noteworthy that not even murder or genocide is considered cause for such Internet censorship as is now being applied to Sci-Hub. How and when did the free sharing of scientific knowledge become the worst conceivable crime?

Science Magazine has a long feature titled “Who’s downloading pirated science papers? Everyone.” — and Science Magazine lays out in detail how everybody uses Sci-Hub; everybody enjoys the free and unfettered sharing of scientific knowledge. It goes further into depth on how sci-hub, “the Pirate Bay of science papers”, has been branded a huge criminal by all the previous cartels who held a lucrative monopoly on such publishing science papers.

This goes for Elsevier in particular, who charged scientists to publish papers and then charged everybody else to read them too. Most people would call them extortionists.

There’s an interesting observation to make here, though, and this is that courts are ordering Internet censorship — an extremely grave reduction in liberty, normally unthinkable outside of wartime — for one “crime”, and one “crime” only: the free sharing of knowledge and culture, which must apparently be stopped at any cost.

This is a measure so extreme, it’s not used for genocide, premeditated murder, or anything else in the crime catalog. There is but one “crime” that is so horrendous, such a grave crime against the whole of humanity, that it merits Internet censorship as ordered by would-be respectable judges:

The free sharing of scientific knowledge or popular culture. This is apparently the worst, and only, conceivable crime that merits this worst of prevention.

I need to ask how in the £$¥€ we arrived at this point. Then again, the answer might be right there in that sentence: Pounds Sterling, US Dollars, Japanese Yen, and Euros, handed under the table to government officials in exchange for lucrative distribution monopolies.

Ironically, this use of the copyright monopoly doesn’t fall far from the original invention of copyright, as devised by Queen Mary I when she created it on May 4, 1557: the purpose was to suppress anything that wasn’t Catholic Approved. Elizabeth I, who succeeded her on the English throne a year later, quickly repurposed copyright to suppressing anything that wasn’t Protestant Approved. The entire construct has never really strayed very far from the original purpose of suppressing freedoms of speech and opinion.

(Surprised at this? Copyright wasn’t created on April 10, 1710, as the copyright lobby likes to claim. It was reinstated on that date, after having lapsed for fifteen years after the Glorious Revolution, when people had had enough of censorship for a while.)

Privacy and the freedom of scientific knowledge remain your own responsibility.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

Paywalls drive mass surveillance and give the NSA the advantage

Rick Falkvinge - 17 november, 2017 - 19:00

Copyright Monopoly: Putting network specifications behind subscription paywalls gives the NSA and other surveillance agencies a decisive advantage against the freedom of the Internet. That is the inescapable conclusion of the recent KRACK vulnerability.

There’s been a lot of debate about paywalls lately – not the least about whether so-called “journalism” of mainstream media is supposed to survive, as it consumes much more resources than the amateurs who are often (but not always) doing a better job at actual journalism. However, paywalls are controversial in more contexts than just mainstream legacy media – they’re also highly controversial with Elsevier’s lockup of research papers (more in piece on this a little later), locking up building codes and similar that laws refer to (do you need to pay to read the law?), and for technical specifications that concern security.

In short, there has never been a better case to be made for the old slogan that “information wants to be free”. That’s free as in flight, as in uncaged, as in unrestricted; not the twisted typical commercial “free” which means something more like “have-our-great-offer-completely-free just-pay-this-small-sum-first some-restrictions-apply not-valid-or-legal-in-all-states”.

In the case of the KRACK vulnerability, which was based on an IEEE standard locked up behind a corporate-level subscription paywall, we can trivially observe two things:

1) Ordinary open source coders did not see the specification, because of the paywall, and therefore did not discover the vulnerability in it.

2) For surveillance agencies like the NSA, who have unlimited budget for all intents and purposes, paywalls do not exist. (In the rare case where they can’t or don’t want to pay, they can walk in and take the documents anyway.)

As a result, the NSA and other surveillance agencies had ready access to the KRACK vulnerability for 13 years, which is how long it had been sitting behind that IEEE paywall in plain-but-commercial sight.

Therefore, from this one clear example and the logic it highlights, we can observe that paywalls drive mass surveillance, as they are tilting the playing field heavily in the favor of the surveillance agencies.

Privacy remains your own responsibility.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

What if new Google management decided that a search should cost $20, take eight hours, and be deliberately unreliable? (Bitcoin.)

Rick Falkvinge - 17 november, 2017 - 08:04

Bitcoin: Toy with the following idea: with people used to Google searches having been free, instant and reliable for years, a new Google management decides that a “price market” should develop for searches, with Google prices suddenly costing upwards of 20 dollars, taking hours to complete, and being notoriously unreliable. Does this sound like a good scenario? Does this sound like a recipe for winning? It’s what has happened to Bitcoin — the old bitcoin — under the new management of Blockstream (who keep insisting, against all evidence to the contrary, that they’re not “in charge” of bitcoin).

Nobody I know shows off bitcoin (Bitcoin Legacy) to their friends anymore. It’s painfully embarrassing. Nobody I know uses bitcoin for anything anymore, for the reason that transactions take hours to complete, cost upward of $20 (my last two transactions cost $30 and $70, respectively), and have been made unreliable by design, through something called RBF.

When I got into bitcoin in 2011, transactions were free, reliable, and instant. Not free as in “very cheap”, but actually free. The vast majority of transactions did not pay a transaction fee, and this was also Satoshi Nakamoto’s original intention, according to email archives. It makes sense: you want to be able to write code that optimizes your money across addresses and databases without paying a lot of transaction fees in the process just for moving your own data around. It was extremely useful, it was amazingly cool to show off

Around 2014, a couple of people hijacked Bitcoin, for all intents and purposes, stripped the original known coder (Gavin Andresen) of his coding access privileges, and set out in a new direction. Bitcoin transactions should cost money, they decided, a lot of money, because the network wasn’t sustainable otherwise (nevermind that it had worked just fine up until that point with subcent optional transactions, and was planned to do so for another 140 years). The company was called Blockstream, and they were met with such fierce opposition from the community, they literally had to start deleting every post off the bitcoin forums (bitcointalk, Reddit’s /r/bitcoin, and the mailing list) that challenged the narrative that it was utterly moronic to deliberately congest the network to make it slow, unreliable, and expensive.

Yes, it just so happened that the people who formed this Blockstream company also were the ones controlling all the discussion platforms. Slowly, over years of influx of new users, people would only see Blockstream’s message of how good it is that transactions are expensive, slow, and unreliable.

It was around this point that new forums, such as bitcoin.com and Reddit’s /r/btc, slowly started to pop up and get attention — become a refuge, of sorts.

But the Blockstream fanboys were undeterred. “Look at how bitcoin rises in value!”, they would say. “Who cares about transaction fees! It’s a store of value, because the price goes up!” (This narrative also completely ignores what a economic store of value is, nota bene: it’s a predictable stable store.)

This, of course, is the equivalent of “Who cares about if Google is the slightest bit useful under the new management! Who cares if anybody uses Google anymore! Look how the stock keeps going up!”

The Blockstream fanboys would further point at bitcoin’s new uselessness as a sign of its success, believe it or not, drawing the analogy “nobody goes to that restaurant anymore, because it’s too crowded”, with the subtext that a crowded restaurant must be successful. But this is not success; this is utter failure to scale exponentially when you’re an Internet startup, and it spells dooooooooooom.

And so here we are in 2017, with a bitcoin that nobody I know uses for anything practical (last time I used it for something was about six weeks ago, when I bought a burger with bitcoin, which cost me about $2.50 in transaction fees, just as much as the burger itself; at least I didn’t have to wait eight to ten hours for the burger). What’s new on the scene in 2017 is something called a US Dollar Tether.

You see, you can’t buy big quantities of bitcoin — which is more or less “Blockstream stock” at this point — directly, not in amounts of millions of US Dollars. So this thing called Tether popped up, where a company named Tether claimed to issue US Dollar Tether, where one Tether was supposed to be good for exactly one US dollar. Today, the bitcoin price (the price of something that is unreliable, slow, and expensive, and which nobody uses anymore for anything remotely practical) isn’t driven up by people buying it for US Dollars anymore, but by institutions buying it for large amounts of Tether, which is “kind-of-dollars-but-not-really-but-we-still-pretend-so”.

The company Tether insists that they have backing; every Tether has a US Dollar backing it. There has been no proof to this. There have just been regular conjurings-up of new batches of ten, twenty, thirty million Tethers — not US Dollars, but Tethers — that are spent pushing up the bitcoin price as though the Tethers were dollars, and this happens basically every time the Blockstream PR machine happens to need a little boost. Maybe the Tethers are backed by dollars on a one-to-one ratio, as is asserted and refused to be proven. Maybe they aren’t. Sure as hell doesn’t look like they are.

This whole story reeks of a lot of people going to a lot of prison in a few years.

As to the people innocently claiming that it’s “cheap” with a $1 or $20 transaction fee to store data in the precious secure blockchain, I have this to say: get the fuck out of business, because you don’t have a clue as to how it works. If you’re deliberately saying that you have “costs that deserve to be met”, when there’s Google who offers people to search the entirety of humanity’s documents in milliseconds for free, you’re so mediocre you should sit down and bow your head in shame. Are your costs higher than the cost of searching the entirety of humanity’s documentation? In milliseconds? No? No they’re not. It’s you who suck at business. You’re so mediocre you’re not just hurting yourself but people around you, too. Get out.

Bitcoin needs to get back to instant, free, and reliable transactions.

Not “cheap”. Most of the transactions need to be free. All other dotcoms can do it, and therefore, bitcoin can too.

I remember the bitcoin I fell in love with in 2011. I remember the very few times a popup showed up when I tried to send money, saying “this particular transaction requires a fee”, as in requires a fee at all. It was a really rare event that this dialog showed up. The suggested fee would always be a sub-cent amount.

This is the promise of Bitcoin Cash, the bitcoin fork of August of this year. It’s about bitcoin being useful again. It’s about unwinding this idiotic bullshit new Google management that says it’s good if searches cost $20, are unreliable, and take eight to ten hours to complete, because it isn’t good, and I’m appalled that I have to write that out in cleartext to all the Blockstream fanboys insisting otherwise.

The promise of Bitcoin Cash is to bring transactions back to being instant, almost free, and reliable. To really succeed, it has to rewind a little further still — it needs the vast majority of transactions to be actually free, like the vast majority of Google searches are. But I have hope we’ll get there, too.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

A suggested definition for “Bitcoin to the Moon”

Rick Falkvinge - 3 november, 2017 - 22:52

Bitcoin: “Bitcoin to the Moon” has long been a common saying, but nobody knows what it really means. I propose it is time to define “bitcoin to the Moon” to mean the most literal interpretation possible.

In the bitcoin community — and I mean that in the most inclusive sense, in all communities that call themselves the bitcoin community, regardless of whether they are the Judean People’s Front or the People’s Front of Judea — there is a saying of “bitcoin to the moon”, meaning it will rise above the normally-scaled financial charts so high it will touch the moon.

With bitcoin starting out at $0.10 or so and now, with all forks included, approaching $10,000, people are starting to ask exactly what “the moon” is, seeing how bitcoin as an asset (and crypto in general) defies all previous investments and asset classes. Have we reached the Moon already? What value is it, precisely? What number value lies beyond the Moon? There is no hard definition of this.

A friend of mine on Facebook suggested in a comment on a post, half-jokingly, that the measure could be literal.

I suggest we make it so.

I suggest that we make “Bitcoin to the Moon” mean just that in the most literal sense possible. “Bitcoin to the Moon” is the point in time, when one bitcoin will buy you a return ticket to and from the moon as a tourist. Give this another ten years of SpaceX and bitcoin development in parallel, and this is not inconceivable at all.

It is exciting to live in the future, isn’t it?

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

The recent catastrophic Wi-Fi vulnerability was in plain sight for 13 years behind a corporate paywall

Rick Falkvinge - 29 oktober, 2017 - 19:00

Global: The recent Wi-Fi “KRACK” vulnerability, which allowed anyone to get onto a secure network (and which was quickly patched by reputable vendors), had been in plain sight behind a corporate-level paywall for 13 years. This raises a number of relevant, interesting, and uncomfortable questions.

When last week’s KRACK wi-fi vulnerabity hit, I saw a series of tweets from Emin Gür Sirer, who’s mostly tweeting on bitcoin topics but seemed to know something many didn’t about this particular Wi-Fi vulnerability: it had been in plain sight, but behind paywalls with corporate level fees, for thirteen years. That’s how long it took open source to catch up with the destructiveness of a paywall.

In this case, close scrutiny of the protocol would have (and in fact, did) uncovered the nonce reuse issues, but didn't happen for 13 years.

— Emin Gün Sirer (@el33th4xor) October 16, 2017

Apparently, WPA2 was based on IEEE standards, which are locked up behind subscription fees that are so steep that open source activists and coders are just locked out from looking at them. This, in turn, meant that this vulnerability was in plain sight for anybody who could afford to look at it for almost a decade and a half. There are so many issues and followup questions on this, it deserves at least two more articles on the same topic, just for headlines to cover one important point at a time (yes, that’s necessary today).

This also means that one of two things were true: one, those who could afford to look at it didn’t bother to look at it, or two, those who would bother to look at it and understand it couldn’t afford to do so. Both are problematic. (There’s also a third option, even more problematic, below – when an actor who can both afford and understand it keeps the research to themselves as a zero-day sploit.)

The first obvious point is that security doesn’t work if it’s not out in the open. If this wasn’t the final nail in the coffin for security through obscurity – where paywalls are definitely included in the obscurity concept – then I don’t know what would be.

The second point is that this isn’t the only standard we rely on for security that is based on locked-up evidence of security. As has been shown, it may be that each component of the security stack passed its unit test, but the integration tests clearly were insufficient. In other words, it doesn’t matter if all proofs of security come out right, if you’re not sure you’ve proven the whole system to be secure (as opposed to just individual pieces of it). We can expect several more severe vulnerabilities to be in plain sight behind corporate paywalls.

The third point, which is going to be expanded in the first followup article, is that while ordinary activists and coders were locked out of reviewing these documents, the NSA and the like had no shortage of budget to pay for subscriptions to these specifications. Thus, the IEEE’s paywall was lopsiding the security field toward mass surveillance, away from security.

The fourth point, which also merits expansion, is that if something as severe as this was unread for thirteen years because it was behind a paywall — what does that say about legacy media’s current infatuation with paywalls to protect their “genuine journalism”?

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!

FASIT 2016 — Alla avdrag från inkomstskatten

Christian Engström - 23 oktober, 2017 - 12:49

En stor fördel med den FASIT-körning för 2016, som jag har bloggat om tidigare, är att man har alla siffror samlade på ett ställe. Varje enskild siffra går oftast att hitta någon annanstans i officiella publikationer, som Statistiska Centralbyråns statistiksidor eller olika myndigheters årsredovisningar. Men det kräver ju att man vet vad man ska leta efter. Då är det en stor fördel att ha en sammanställning som FASIT, så att man kan se vilka poster i budgeten som är värda att undersöka närmare. Och minst lika viktigt är att man kan avgöra när man är färdig, och har fått med allting viktigt.

De avdrag och skattereduktioner från inkomstskatten som jag har bloggat om hittills är de enda som är intressanta när man funderar på hur man kan finansiera ett basinkomstsystem. Resten av avdragen är bara småpengar i sammanhanget.

Här är en sammanställning av de viktiga avdragen och skattereduktionerna. I det förslag till finansierad basinkomst som jag själv har presenterat rör jag inte något av de här avdragen. Istället löser jag finansieringen genom att dels avskaffa ett antal bidragssystem och myndigheter som inte längre behövs, dels genom att införa enhetlig moms (alltså att höja i första hand matmomsen).

I sammanställningen nämner jag för vart och ett av avdragen varför jag inte har valt att ta bort det. Men andra som vill presentera andra basinkomstförslag kan tänka annorlunda, så det är bra att ha en sammanställning som visar vilka valmöjligheter man har.

Jag har skrivit om följande skattereduktioner och avdrag från inkomstskatten:

  • Jobbskatteavdrag 105 miljarder. Att ta bort hela eller delar av jobbskatteavdraget blir en ren höjning av inkomstskatten. Det vill jag inte göra, så jag lämnar jobbskatteavdraget orört. Läs mer >>
  • Ränteavdrag 17 miljarder. Ränteavdraget borde avskaffas nu omedelbart, medan räntan är så låg som den någonsin kommer vara. Vi har inte tid att vänta med att ta bort ränteavdraget tills det kan ligga ett skarpt basinkomstförslag på riksdagens bort, så därför kan vi inte räkna med de här pengarna till finansieringen. Läs mer >>
  • ROT- och RUT-avdrag 15 miljarder. Det är visserligen sant att de här avdragen till största delen går till höginkomsttagare, men jag kan inte utesluta att de trots allt skapar en del nya vita jobb i tjänstesektorn. Därför låter jag de avdragen vara kvar. Läs mer >>
  • Reseavdrag 6 miljarder. Jag har valt att behålla avdraget för arbetsresor med bil, eftersom jag inte vill höja inkomstskatten alls. Men avdraget är minst sagt tveksamt ur miljösynpunkt, så i förslag som tänkt kombinera basinkomsten med en grön skatteväxling är ett borttagande av reseavdraget en naturlig del. Läs mer >>

Totalt blir det här 143 miljarder i uteblivna skatteintäkter för staten. Jobbskatteavdraget står för nästan tre fjärdedelar av den summan, men det skiljer sig från de andra avdragen i och med att det inte motsvarar några kostnader som den skattskyldiga har haft, utan bara är ett krångligt sätt att ändra i skatteskalorna för löntagare.

De fyra ”r-avdragen” — ränte-, ROT-, RUT- och reseavdrag — kostar tillsammans 38 miljarder per år för staten.

Övriga avdrag är bara småpengar i budgeten

Det finns ytterligare ett antal avdrag från inkomstskatten, men det rör sig inte om några stora belopp i sammanhanget. Det här avsnittet i FASIT-körningen visar hur mycket den totala beskattningsbara inkomsten minskas av övriga avdrag:

Den här tabellen visar hur mycket inkomsten sänks med, inte kostnaden för staten. För att räkna ut hur mycket staten förlorar i skatteintäkter får vi multiplicera med någon rimligt uppskattad genomsnittlig marginalskattesats, precis som vi gjorde med reseavdragen.

Räknar vi med en genomsnittlig marginalskatt på 40% kommer 4,7 miljarder i avdrag kosta 1,9 miljarder i uteblivna skatteintäkter.

Avdraget för dubbel bosättning är den största kvarvarande posten, som reducerar löneinkomsterna med 2,4 miljarder, och alltså kostar staten ca 1 miljard. Det är inte jättemycket pengar, och just det avdraget kanske är ganska sakligt motiverat. Om det nu är så att vi inte vill att folk ska arbetspendla alltför långa sträckor av miljöskäl, då kanske dubbel bosättning är ett miljömässigt bättre alternativ.

Avdragen för tjänsteresor och ”övriga kostnader” blir tillsammans 2,3 miljarder i reducerad inkomst, och 0,9 miljarder i uteblivna skatteintäkter för staten. Här gäller samma sak: det är inte särskilt mycket pengar, och det är inte omöjligt att det finns vettiga argument för att behålla avdragen, så det är inte värt besväret att försöka avskaffa dem för att kunna finansiera basinkomst.

Under avsnittet om skattereduktioner i FASIT-körningen finns det ännu mindre kvar att hämta:

Jag vet inte alls vad skattereduktionerna för sjöinkomst eller för mikroproduktion av el innebär eller om de är motiverade, men för en struntsumma som 0,06 miljarder tänker jag inte ta reda på det heller.

Kategorier: Pirates, arr!

Pirates enter another parliament: Congratulations to the Czech Pirate Party!

Rick Falkvinge - 21 oktober, 2017 - 15:51

Czech Republic: The Czech Pirate Party is entering Parliament at an estimated 9.7% with half the votes counted. The Czech pirates have fought long and hard, and overcome frustrating setbacks like missing the parliamentary threshold by just 0.2% in the last election. Congratulations to Ivan Bartoš, Mikuláš Ferjenčík, Jakub Michálek, and the entire Czech team!

The Czech Pirate Party is the fourth to reach a national or federal parliament, after Sweden, Germany, and Iceland. The party leader, Ivan Bartoš, has been hanging in there for as far back as I can remember the movement – I can’t recall if we first met at the international meeting in Friedrichshafen in 2011 or in Prague in 2012. I’ve met with numerous other passionate Czech pirates over the years, whose hard work finally paid off in the elections closing today.

This is the ninth election for the Czech Pirates, who have been doing well in some local elections earlier, and even have a Pirate Mayor in the city of Mariánské Lázně. However, this is the Czech Pirates’ first entry into legislation on a nationwide poll, and as it stands with half the votes counted, it seems Europe and the Czech Republic is about to gain just-over-fifteen new pirate legislators.

Some media will probably focus on the fact that another dark horse came out of nowhere and got about 30% of the votes in this Czech election, but make no mistake, the Pirates are in this for the long game and is the bigger difference in this election. (Disclaimer: The names I mention here are just people I happen to have met personally.) Go, go, go!

Congratulations to the entire Czech team on your hard work and huge success — and for some, your new job!

The photo is from this election campaign video.

UPDATE 1: The final score appears to be close to 10.79%, which makes the Czech Pirates the third largest party, ahead of such parties as the Social Democrats (7.27%), Christian Democratic Union (5.80%), and Greens (1.46%). It also means the Pirates are getting a full 22 seats, tentatively indicating that all fourteen districts’ list-toppers and some of the list-seconds have a new job. At this time (20:07 on Saturday), the list of new MPs is not yet presented by the Czech Election Authority.

It is noteworthy that the Czech Pirates scored a full 17.59% in Prague, the capital.

UPDATE 2 – these are the 22 elected Pirates in the Czech Parliament, in order of the applied D’Hondt election logic:

Dana Balcarová, Lukáš Bartoň, Ivan Bartoš, Lukáš Černohorský, František Elfmark, Mikuláš Ferjenčík, Radek Holomčík, Martin Jiránek, Lukáš Kolářík, František Kopřiva, Lenka Kozlová, Jan Lipavský, Tomáš Martínek, Jakub Michálek, Mikuláš Peksa, Vojtěch Pikal, Ondřej Polanský, Jan Pošvář, Ondřej Profant, Olga Richterová, Petr Třešňák, and Tomáš Vymazal. Congratulations again!

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

Kategorier: Pirates, arr!
Prenumerera på innehåll