I’ve long been saying that privacy need not be sacrificed for security, and it makes me delighted to see that public attitudes are aligning with this view. A Pew survey revealed that a “majority of Americans (54%) disapprove of the U.S. government’s collection of telephone and internet data as part of anti-terrorism efforts.” The anti-NSA surveillance sentiment is even stronger in other countries, as is shown in this chart below.
According to the survey, “74% said they should not give up privacy and freedom for the sake of safety, while just 22% said the opposite.”
The debate between privacy and security has been framed incorrectly, with the tradeoff between these values understood as an all-or-nothing proposition. But protecting privacy need not be fatal to security measures; it merely demands oversight and regulation.
Proponents for allowing government officials to have backdoors to encrypted communications need to read Franz Kafka. Nearly a century ago, Kafka deftly captured the irony at the heart of their argument in his short story, “The Burrow.”
After the Paris attacks, national security proponents in the US and abroad have been making even more vigorous attempts to mandate a backdoor to encryption.
“The US is developing a law of cybersecurity that is incoherent and unduly complex,” says Ed McNicholas, one of the foremost experts on cybersecurity law.
McNicholas is a partner at Sidley Austin LLP and co-editor of the newly-published treatise, Cybersecurity: A Practical Guide to the Law of Cyber Risk (with co-editor Vivek K. Mohan). The treatise is a superb guide to this rapidly-growing body of law, and it is nicely succinct as treatises go. It is an extremely useful volume that I’m delighted I have on my desk. If you practice in this field, get this book.
Next year, there will be a milestone birthday for the Electronic Communications Privacy Act (ECPA) – the primary federal law that regulates how the government and private parties can monitor people’s Internet use, wiretap their communications, peruse their email, gain access to their files, and much more.
This is no ordinary birthday for ECPA. In 2016, ECPA turns 30. Little did anyone think that in 1986, when ECPA was passed, that it would still remain largely unchanged for 30 years. In 1986, the Cloud was just something in the sky. The Web was what a spider made.
At my annual event, the Privacy+Security Forum, which was held last month, one of the sessions involved privacy and security in fiction. The panelists had some terrific readings suggestions, and I thought I’d share with you the write-up that they generated for their session. The speakers were:
Peter Winn, Assistant U.S. Attorney, U.S. DOJ and Lecturer, University of Washington School of Law
Heather West, Senior Policy Manager & Americas Principal, Mozilla
Kevin Bankston, Director, Open Technology Institute and Co-Director, Cybersecurity Initiative, New America