Re: Tor--further thoughts
The following quote from Daniel Webster articulates a fundamental truth.
“Good intentions will always be pleaded for every assumption of authority. . . . . There are men in all ages who mean to govern well, but they mean to govern. They promise to be good masters, but they mean to be masters.”
With slight modification the elided reference to the US constitution can be generalized to fit the present discussion. It is hardly too strong to say that the primary purpose of any legitimate government is to guard the people against the dangers of good intentions.
Any system of government is a theoretical construct. Those who actually govern are flawed human beings, subject to all of the frailties and vices of humankind. The primary purpose of a system of government in a free society is to constrain their actions. In the case of clandestine surveillance, governments have arguably failed fairly miserably.
The assumption of power to conduct clandestine surveillance of the private thoughts and actions by those who govern poses an unprecedented threat to individual rights and freedoms. Those individual rights and freedoms, in turn, are essential to the creativity, prosperity, and happiness of societies.
The threat of wholesale surveillance would be horrific enough, if those doing it could get it right. But the ugly secret of clandestine surveillance is that they can’t when it matters—not even theoretically. Those who govern have simply been seduced by the commercial success of Google and social networking to believe that they can.
The purpose of surveillance is to detect patterns that allow the entity doing the surveillance to classify the results in useful ways. One of the fundamental measures of the “goodness” of a classification algorithm is the ratio of true “positive” to false “positive” classifications.
What is useful in the commercial world is very different from what is required as actionable intelligence in the realm of national security. For example, some months ago, someone’s data-mining algorithm erroneously classified me as a cigar smoking female athlete in the market for Cohibas and sports bras. The fact that I am a male non-smoker is a non-issue for the spammers. They just need to hit enough of their target market to turn a profit. The number of false positives is essentially irrelevant.
Actionable intelligence—involving the launch of things more substantive and potentially deadly than an e-mail—is another matter entirely. And this is where the wheels come off the wagon. Any data classification algorithm that is of practical interest follows “relative operating characteristic” or ROC curve. The behavior of classifiers has been described in very clear and readable terms by a gentleman named Tom Fawcett. A Google search of his name and ROC will get anyone interested to his papers.
The short version? There is no such thing as a free lunch. It is a matter of probabilities and statistics. I can design an algorithm that will maximize the hits on your target pattern, if you can tolerate having a majority of the “hits” be false alarms. I can minimize the false alarms (a desirable feature if I’m launching missiles rather than e-mails.) But the probability of getting the true target will be commensurately low.
Or I can just tinker with the algorithm until I get the answer I’m looking for. Therein lies the threat.
Even if we ascribe pure intent to those who govern, they cannot be counted on to discern whether or not their data mining algorithms get it right. We are all spring-loaded to accept answers that conform to our preconceived expectations.
As an avocation I have been studying trends in how those who govern govern. I foresee a day, not many years hence, when citizens in my country may be subject to criminal charges and detention in the name of Homeland Security, based on evidence gathered by automated data-mining. Seeds for this have already been planted in our laws. When that happens, as one of the other commenters on this article observed, those who govern will assert security to deny those accused information about what data was mined, the criteria whereby the actions were classified as criminal.
There will be no accuser for the accused to face. They will not have the information, access, or technical means to determine whether the search excluded data and criteria that might have exonerated them. They will never know whether other individuals who matched the same pattern were exonerated based on consideration that was not given to them. (And human nature being what it is, there is not a single government on the planet where this kind of favoritism and preferential treatment is not accorded to some privileged set of individuals.)
When that day comes, those who govern will be able to selectively prosecute whom they chose with impunity.
Those who govern are human, and history offers compelling evidence that humans are capable of acting with malicious intent. However, the threat to individuals and societies posed by government surveillance does not demand bad intentions. Good intentions will do the job splendidly.