Recent discourse around privacy and products suggests the time may be ripe for Web services that offer privacy even as commodity
What happens when Internet businesses take the ‘road less travelled’, opting to choose to honour the confidence and privacy of its consumers over handing over private user data to State surveillance programmes? An ethical stance taken by Lavabit — the encrypted email service used by Edward Snowden — which chose to “not become complicit in crimes against the American people” by shutting down its services, has not only renewed the debate on the NSA’s surveillance methods and the complicity of the nine Internet majors, but has also inspired other companies to either follow suit or step up and come up with services that offer more along the lines of Lavabit.
For, in a matter of a few hours, another encrypted products and services company Silent Circle declared that post-Lavabit it saw the “writing on the wall” and decided to pull the plug on its secure email service.
A day later, on Friday, leading Germany telecoms service provider Deutsche Telekom snubbed the U.S. by offering its users a “way out” of the U.S. surveillance programme with its “email made in Germany” initiative. The email client is touted as being secure, offering Secure Sockets Layer encryption (which is fairly basic by itself). The other offering is the company’s promise that all data processing and storage will remain on servers located within Germany. Kim Dotcom’s Mega has also announced plans to offer a highly-secure mail service, which will run on servers located outside the U.S.
Privacy as commodity?
Going by some of these announcements, it appears that perhaps the time is ripe for Web services that not only respect user privacy but also present it is an offering, even a commodity. Technology enthusiasts, advocates of Internet freedom and privacy in particular, are asking whether this will encourage users — who have been perceived as largely indifferent to where and how their personal information resides or is used — to push for policy changes among Internet corporations and their governments. Will this lead to a renewed interest in decentralising the Web and Web services, the very centralised cloud in particular? Will this force a rethink among the Internet majors, whose businesses on the cloud are far from transparent, as has become amply clear post the PRISM revelations?
Though privacy activists have for long been crying hoarse about the loose data ownership rules, products and services that offer an alternative such as Diaspora, dubbed the ‘Facebook killer’, or the free microblogging alternative Identi.ca have found few takers. Now, in the wake of this renewed debate, will privacy become a marketable commodity? Reacting to the news about Lavabit’s closure, Snowden pointed out, in an interview to The Guardian, that while the company’s stance is “inspiring”, it also exposes the claims of the Internet biggies who claim that they were compelled by laws they do not agree with. “Just one day of downtime for the coalition of their services could achieve what a hundred Lavabits could not,” he points out. Lavabit proprietor Ladar Levison’s message is equally candid and ominous, when he “strongly recommends” against anyone trusting private data with a company with “physical ties to the U.S.”
Market for alternatives
Parminder Jeet Singh, who works with Bangalore-based advocacy group IT For Change, agrees that there is a shift in the larger market for these kind of secure alternatives. However, he believes that these practices, or the enthusiasm around it, will fade out in the absence of adequate policy support. These policy interventions should address two areas: one, setting open standards and two, competition law.
Mr. Singh compares the open architecture of email to the closed and monopolistic nature of Web 2.0.
“Take, for instance, the time when the email system was set up. We had an open architecture and standards were developed in an open manner so that we had different service providers and consumers or users could talk across these services. But, by the time social media arrived, the field was dominated by the big players, and there was no question of sitting together and evolving any standards. Even the existing Internet standards making bodies are dominated by corporate nominees,” he says.
Standards in Web 2.0 technologies simply did not evolve, not because of technical challenges but because the power of the corporations was too huge. “That’s where we should have had countervailing policy interventions. But globally, the typical stance, especially among the hyper-consuming middle class, is that the government should keep its hands off the Internet, allow it to grow, But, what happened is that while the growth was good, it all happened in the lap of the big global corporates,” points out Mr. Singh. He adds that governments such as the U.S. in the case of PRISM would not have been able to exercise the kind of controlit does had there been hundreds of service providers. “This ability to exercise such a high level of State control is also a fallout of monopoly regimes.”
In a recent interview with The Hindu, Roy Singham, founder of ThoughtWorks, compares the ideological campaign around privacy to that of the medical health campaign, many decades ago, when activists had to convince citizens that washing hands was important for public health. And in the post-Snowden world, he is optimistic that for the first time people are recognising that there is something the matter with the way their governments and their service providers are acting together to control their data.
“This is significant. So, the next step of the ideological campaign is to convince people that encryption and peer-to-peer computing is like using soap. Yes it is inconvenient but not doing so is disastrous.”