“In this present crisis, government is not the solution to our problem; government is the problem.” — Ronald Reagan
In December last year, I attended yet another cyber security conference at which yet another academic called for a “cyber security tsar” to battle government mass surveillance.
As per usual, the academic had a well thought out argument against government mass surveillance, referencing many issues that were highlighted by Edward Snowden and journalists in (and after) June, 2013.
I’m always hopeful when I attend these conferences; occasionally I think, “Maybe this time the academic will see his cognitive dissonance”. Alas, I spend more time at these conferences mentally slapping my palm into my forehead.
These academics never follow through their own attempts at logical thinking.
Let me explain.
Governments in the West are involved in digital privacy in two primary functions:
- Governments spy on foreign and national citizens legally and illegally. In Australia, these powers are wielded by too many government agencies to list quickly. Governments also protect the privacy and security of its internal and external communications.
- Governments regulate public & private companies, organisations, and state and federal government. In Australia, these regulations include, but are not limited to, The Privacy Act and The Notifiable Data Breach scheme.
These two functions of government inherently conflict with each other; that is, the government can’t protect our digital information, because it wants access to it all. In order words, the government is happy to regulate digital privacy in the corporate space, as long as it doesn’t stop the government from accessing our information that companies hold.
Translation: The government has no incentive to actually protect our digital information [from the government itself].
This situation is acknowledged by thought leaders in the industry such as Bruce Schneier. However, much of the industry — in my 15 years’ experience — is dominated by leftwing thought: more government, more government. (Even the academic whom I mentioned above waxed lyrical about Noam Chomsky, a man who has praised far-left governments.)
The call for more government involvement in digital privacy is nonsensical. A “cyber security tsar” cannot — and can never — effectively balance national security concerns over citizens’ privacy. More government cannot solve an issue caused by government. What’s more, Australia has even attempted this ridiculous concept through Alastair MacGibbon — former “cyber security tsar” — who famously defended the government’s right to compel companies to weaken their systems’ security for easier government access to Australian’s data.
MacGibbon’s actual title whilst in government was, “National Cyber Security Adviser”, yet he defended the government’s right to weaken cyber security in Australia. This is the irreconcilable clash of the two primary functions (listed above) of governments involved in digital privacy.
Therefore my argument will be that the only option is less government. Specifically, governments’ surveillance powers must be significantly reduced. Likewise, I will argue that governments must not be involved in regulating digital privacy at all, except to incentivise companies to protect citizens’ data (how they see fit under market conditions) and under reasonable government requests for data — approved by a judge — that don’t weaken existing security/privacy controls.
In my book, I plan to argue that governments pose a far greater risk to our — the West’s — digital privacy and hence freedom than companies do. Much has been written on the evils of governments spying on its citizens, and hence this won’t be a difficult task.
For the record, I don’t believe that a laissez faire approach to digital privacy will lead to the Digital Privacy Utopia. Rather, I will argue that this approach is necessary in order to improve digital privacy and freedom by reducing government surveillance whilst using the market to improve companies’ protection of citizens’ data.