Pixel Envy

Written by Nick Heer.

‘It’s No One’s Business but Yours’

Philip Zimmermann, creator of the PGP standard for encrypted emails, in the 1991 PGP user’s guide:

Perhaps you think your email is legitimate enough that encryption is unwarranted. If you really are a law-abiding citizen with nothing to hide, then why don’t you always send your paper mail on postcards? Why not submit to drug testing on demand? Why require a warrant for police searches of your house? Are you trying to hide something? If you hide your mail inside envelopes, does that mean you must be a subversive or a drug dealer, or maybe a paranoid nut? Do law-abiding citizens have any need to encrypt their email?

What if everyone believed that law-abiding citizens should use postcards for their mail? If a nonconformist tried to assert his privacy by using an envelope for his mail, it would draw suspicion. Perhaps the authorities would open his mail to see what he’s hiding. Fortunately, we don’t live in that kind of world, because everyone protects most of their mail with envelopes. So no one draws suspicion by asserting their privacy with an envelope. There’s safety in numbers. Analogously, it would be nice if everyone routinely used encryption for all their email, innocent or not, so that no one drew suspicion by asserting their email privacy with encryption. Think of it as a form of solidarity.

Senate Bill 266, a 1991 omnibus anticrime bill, had an unsettling measure buried in it. If this non-binding resolution had become real law, it would have forced manufacturers of secure communications equipment to insert special “trap doors” in their products, so that the government could read anyone’s encrypted messages. It reads, “It is the sense of Congress that providers of electronic communications services and manufacturers of electronic communications service equipment shall ensure that communications systems permit the government to obtain the plain text contents of voice, data, and other communications when appropriately authorized by law.” It was this bill that led me to publish PGP electronically for free that year, shortly before the measure was defeated after vigorous protest by civil libertarians and industry groups.

Measured against all email users, PGP is not a popularly-used standard. But iOS does have the kind of safety in numbers that Zimmermann describes — that’s what the FBI is so terrified of, hence this precedent-setting campaign.

As Zimmermann also notes, the proposed requirement of law enforcement back doors into tech products is what helped spurn the introduction of PGP. As this threat ramps up, it’s no surprise that Apple is seeking to tighten their own security. Expect more of the same every time an intelligence agency tries to weasel their way into your tech products.