Category Archives: Policy

Security Measures against Terrorism: Costs v. Benefits

Note: This article is also available in Portuguese, translated by Anders Bateva.

Plasterk in Tweede KamerA few days ago, the Dutch Home Office Minister Ronald Plasterk said in a debate in parliament that he’s apparently OK with the American intelligence community, the NSA among others, to spy on the Netherlands. His reasoning is flawed from the get-go, and went somewhat like this (paraphrased): “I don’t want to say that Dutch citizens may never be spied upon. Because that Dutch citizen can also be a stone-cold terrorist. And it’s good if that terrorist can be found.” Here’s the full quote (in Dutch):

“Ik wil dan ook wel oppassen om in het woordgebruik bijvoorbeeld te zeggen: ja maar, er mag nooit naar Nederlandse burgers worden gekeken. Want die Nederlandse burger kan natuurlijk een keiharde terrorist zijn, en dan zijn we toch blij dat die op een gegeven moment ergens op de rader verschijnt, en dat moet natuurlijk volgens de wetten gebeuren, maar dat die op de radar verschijnt, en dat er vervolgens actie kan worden ondernomen.”

Plasterk later denied saying that, but he did in fact say this during the debate. More evidence can be found here.

Is No Price Too High For Security?

Benjamin Franklin once said something like “They who give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.” This quote has been used a lot, but it is applicable here. The question we need to answer is the following: When do security measures stop benefiting the greater good, and infringe on our privacy and liberty, which are values that used to define our very societies? When does the price we have to pay for that little extra security becomes too great? Combating terrorism certainly seems like a very noble goal, and while I do agree that there are some people out there who aim to change our societal structures through violent methods (although one has to note that one man’s terrorist is the other man’s freedom fighter; the definition of the term is a bit in the eye of the beholder), there does come a point where the price we have to pay for a little increase in security becomes too great, compared to the potential benefits.

Terrorism is Really Rare

Chances Terrorist Attack One thing we have to understand is that acts of terrorism on the scale of 9/11 or the London public transport bombings on 7/7, awful as they may be, are still very rare indeed. Extremely rare in fact. Even President Obama has said so, although he does have an interesting choice of words. The chance that you’re involved in a traffic accident tomorrow are several orders of magnitude greater than the chance that the next aircraft you are in will end up in a building instead of on the runway. This is also valid for other acts of terrorism, not just the ones involving aircraft. And even the TSA agrees now that terrorists are not plotting against aviation. So why do we still have to cope with all the draconian security measures then, if it’s clear that it didn’t help one bit? You see the same thing happening with CCTV cameras. Governments and corporations put these things up everywhere, but there isn’t the tiniest shred of evidence that these cameras actually help prevent crimes. But still the TSA and their European counterparts continue to tell people to leave their water bottles and baby food and butter knifes at the checkpoint. Bruce Schneier put a lot of thought into this problem, and he said that we currently try to protect against specific movie-like terrorist plots, instead of doing a thorough risk analysis and protect ourselves with more generic measures that may actually work against multiple types of plots. Terrorists bring down aircraft, so we increase security at airports; terrorists used box cutters, so we ban box cutters; someone brought a bomb on board hidden in his shoe, so we’re telling people to take their shoes off. These are all very specific actions taken against these types of movie-like plots. The security measures taken here are way too specific to work against anything other than the movie plot attack. As soon as terrorists modify their plan just one tiny bit, the entire strategy to combat them becomes ineffective. Humans are unfortunately excruciatingly bad at evaluating risks, and if you give them a very specific, movie-like terrorist plot, they will rate the risk from that much higher than it is in reality, because of the specificity of the plot. We humans have evolutionary been conditioned to consider specific threats a greater risk than a more general threat. On Wired, Schneier states:

If you’re a higher-order primate living in the jungle and you’re attacked by a lion, it makes sense that you develop a lifelong fear of lions, or at least fear lions more than another animal you haven’t personally been attacked by.

We are conditioned to think: it happened once, so it’s likely that it’ll happen again. And you see politicians using that knowledge to their advantage. It is insightful to consider that most measures we’ve currently taken against terrorism, would never even be considered had the events of 9/11 not happened.

Moving On..

With regard to the comments made by Mr. Plasterk: I think a lot of politicians still think that the United States is one of the ‘good guys’, when there’s more and more evidence coming out that politically speaking, it is not our ally, and certainly not our friend. They serve their own self-interests, just like any other nation on earth, and it’s important to never forget that. I even heard some politicians say that we should demand that Dutch citizens shall be treated the same as Americans under US law. It is laughable to think that the Americans across the pond will say: “Oh no! We angered the Dutch! Quickly change our laws to treat them the same as we treat Americans before they start re-colonizing New York!” At most, what these politicians will get is a nice letter from the US Embassy in which they solemnly promise that it will never happen again, meanwhile not changing their laws or practices in the US. And the NSA happily continues to trample upon their NATO allies’ rights. And our politicians are apparently very happy to accept that. We have to reconsider our position and alliances after the numerous disclosures of classified documents by whistle-blower Edward Snowden. For what good is a friend who spies on you behind your back? President Roussef of Brazil has taken decisive action by severing ties with the United States and even building new fibre optic cable connections that circumvent United States territory. Where is the outrage in Dutch society? Here, AMS-IX (the Amsterdam Internet Exchange, the second-largest Internet exchange in the world), sets up shop in the US, making it subject to the PATRIOT Act. Have these people been living under a rock these past months? Or are there other, commercial interests at play here? We need to start demanding answers while at the same time strengthening our own privacy protections. Privacy is a human right, nothing more, nothing less. We need to start using it, or risk losing it.

Speaking Truth to Power: Integrity in the Mainstream Media

RT Front page

Yesterday I watched a public discussion (last link in Dutch) on Sargasso between Jeroen Wollaars, NOS reporter, and Arjen Kamphuis, futurist, writer, and co-founder and CTO at Gendo. During his talk at OHM2013 (titled: Futureshock), someone asked Arjen a question that went somewhat like this: “If we cannot trust the mainstream media anymore to supply us with the information we need to act as informed citizens, what is the alternative?” To which Arjen replied that, if you want to be better informed about what happens in the Western world, RT (Russia Today) is pretty good.

Now it is important to be very nuanced here. You probably shouldn’t believe the RT reporting done on stuff that is happening in Russia, as RT is, just like any media organization, selective in the information they broadcast, and probably won’t be objective when it comes to Russia, just like the Western media aren’t objective on Western subjects. But on Western issues, and informing us about all the stuff the Western governments are doing, the RT reporting is very good because unlike the Western mainstream media, the Russians dare to ask the questions that need to be asked. Questions that you won’t hear from the Western mainstream media, and the Dutch media in particular.

So many questions..Collateral Murder

Why are the people who committed war crimes and crimes against humanity in an attack helicopter during the Iraq War under the Bush Administration still allowed to walk free, whereas Chelsea Manning was sentenced to 35 years for simply exposing those very same war crimes? How come Manning was sentenced to 35 years, while Anders Breivik was sentenced to just 21? Isn’t that a bit off? A man who ruthlessly and pointlessly murdered 77 people gets less years in prison than someone who exposed the dirty laundry of the powers that be?

When exactly did Dutch Prime Minister Jan Peter Balkenende know about the contents of the Downing Street Memos? Remember, these were the memos that proved definitively that “facts were being fixed around the policy” and that Governor Bush was set in his ways on provoking a war with Saddam Hussein’s Iraq. His administration claimed that Saddam had WMDs (which was a blatant lie, even then), and they even tried to connect Saddam to Al-Qaeda.

AIVDWhere is the coverage about our own intelligence agencies, like the AIVD, MIVD etc. in relation to the revelations on PRISM? Do they have the same capabilities, do they request data on Dutch citizens from their UK and US partners? What kind of data sharing is done with these inter-agency cooperations? We know the Americans spy on Dutch citizens as well (just like they do on every person on the planet connected to the Internet or phone networks), but where are the critical questions from the media? Where are the tough talk shows and debates that really question a few high-ranking politicians about these very important issues? The Germans have at least asked these questions to their politicians.

What is the underlying reason for the massive nation-wide push for the RFID OV-chipkaart public transport ticket (at the expense of normal paper tickets), the ANPR (automatic number plate recognition) cameras above the nation’s highways (which are also used by police), or the fingerprints on the RFID chip on our passports? The government seems intent on tracking our every move.

And these are just a handful of questions the Dutch media didn’t bother to ask and issues they didn’t bother to cover.

The problem with the Dutch mainstream media

The Dutch mainstream media are unfortunately excruciatingly bad at journalism. For instance, the whole Manning case is barely on the news here, but whenever the American presidential elections draw near, the whole Dutch mainstream media press corps gets their knickers in a twist in trying to report on the American ‘elections’ in excruciating and nitty-gritty detail.

There are more important things going on in the world than reporting on an election that is principally undemocratic to begin with. After the 2000 presidential election, Governor Bush squatted the White House for 8 years, while Al Gore won the popular vote. It sure was convenient that Bush’s brother Jeb happened to be Governor of Florida when the electoral votes for that state were the deciding factor in who would win the presidency. And there’s stuff like voter suppression and gerrymandering going on in the US as well, which can influence elections quite substantially. But this fixation the Dutch media has with the US elections has always surprised me, given the fact that the coverage is almost on par with our own elections!

The Dutch media stopped asking the critical questions, and are now almost exclusively broadcasting propaganda from Washington. No questions asked, no background stories, no critical analyses, no audi alteram partem. They now mostly copy-paste the press releases from PR departments, and I really miss the critical tone. Most articles are less than 3 paragraphs long.

I will gladly watch the NOS and other Dutch media again (online, for free, not behind a paywall, and using open standards to provide streaming video) when they start being critical of the government which decides on their budget, and start speaking truth to power.

And this is the main reason why I use RT (among others) to keep me updated on the stuff our Western governments are doing. Unlike the Western mainstream media, RT is asking the questions, they currently speak truth to (Western) power. And again, nuance is important: you shouldn’t believe RT too much when it comes to Russia, just like you shouldn’t believe the Western media too much when it comes to the West. It’s both propaganda, one way or the other. The Russians are at least open and frank about where RT gets their money from; in the West they are much more indirect and subtle about these matters. It’s always best to get your news from as many sources as possible, and make your own decisions on who is more likely to tell you the truth.

At the Crossroads: Surveillance State or Freedom?

OHM2013

When I went to OHM2013 last week, it was great to see such increased political activism from the hackers and geeks at the festival. I truly believe we are currently at a very important crossroads: either let governments the world over get away with crimes against the people’s interests, with programs like PRISM, ECHELON, TEMPORA and countless other authoritarian global surveillance schemes, or enter the path towards more freedom, transparency and accountability.

A good example of what not to do is Google Glass. A few weeks ago I came across the story of a hacker who modded Google Glass as to allow instant facial recognition and the covert recording of video.  Normally you need to tap your temple or use voice commands to start recording with Glass, all of which are pretty obvious gestures. But now people can record video and do automatic facial recognition covertly when they wear Glass. I even saw that there’s an app developed for Glass, called MedRef. MedRef also uses facial recognition technology. This basically allows medical professionals to view and update patient records using Glass. Of course having medical records available on Glass isn’t really in the interests of the patient either, as it’s a totally superfluous technology, and it’s unnecessary to store patient records on a device like that, over which you have no control. It’s Google who is calling the shots. Do we really want that?

Image above © ZABOU.

Image above © ZABOU.

As hackers, I think it’s important to remember the implications and possible privacy consequences of the things we are doing. By enabling the covert recording of video with Google Glass, and also adding on top of that, instant and automatic facial recognition, you are basically creating walking CCTV cameras. Also given the fact that these devices are controlled by Google, who knows where these video’s will end up. These devices are interesting from a technical and societal standpoint, sure, but after PRISM, we should be focusing on regaining what little we have left of our privacy and other human rights. As geeks and hackers we can no longer idly stand by and just be content hacking some technical thing that doesn’t have political implications.

I truly and with all my heart know that geeks and hackers are key to stopping the encroaching global surveillance state. It has been said that geeks shall inherit the earth. Not literally of course, but unlike any other population group out there, I think geeks have the skills and technical know-how to have a fighting chance against the NSA. We use strong encryption, we know what’s possible and what is not, and we can work one bit at a time at restoring humanity, freedom, transparency and accountability.

These values were won by our parents and grandparents after very hard bloody struggles for a reason. They very well saw what will happen with an out-of-control government. Why government of the people, for the people, and by the people, is a very good idea. The Germans have had plenty of hands-on experience with the consequences as well, first with the Nazis who took control and were responsible for murdering entire population groups, not only Jews but also people who didn’t think along similar lines: communists, activists, gay people, lesbians, transgenders, etc. Later the Germans got another taste of what can happen if you live in a surveillance state, with the Stasi in the former East-Germany, who encouraged people to spy on one another, exactly what the US government is currently also encouraging. Dangerous parallels there.

But you have to remember that the capabilities of the Stasi and Gestapo were only limited, and peanuts to what the NSA can do. Just to give a comparison: the Stasi at the height of its power, could only tap 40 telephone lines concurrently, so at any one time, there were at most 40 people under Stasi surveillance. Weird isn’t it? We all have this image in our minds that the prime example of a surveillance state would be East-Germany under the Stasi, while they could only spy on 40 people at a time. Of course, they had files on almost anybody, but they could only spy on this very limited number of people concurrently. Nowadays, the NSA gets to spy continuously on all the people in the world who are connected to the internet. Billions of people. Which begs the question: if we saw East-Germany as the prime example of the surveillance state, what do we make of the United States of America?

The Next Step?

I think the next step in defeating this technocratic nightmare of the surveillance state and regain our freedom is to educate others. Hold cryptoparties, explain the reasons and need and workings of encryption methods. Make sure that people leave with their laptops all configured to use strong encryption. If we can educate the general population one person at the time, using our technological skill and know-how, and explain why this is necessary, then eventually the NSA will have no-one to spy on, as almost all communication will flow across the internet in encrypted form. It’s sad that it is necessary, really, but I see no other option to stop intelligence agencies’ excess data-hunger. The NSA has a bad case of data addiction, and they urgently need rehab. They claim more data is necessary to catch terrorists, but let’s face it: we don’t find the needle in the haystack by making the haystack bigger.

Asymmetric Rendition: Why Robert Lady’s Plane Won’t be Grounded

CIA Seal on FloorRobert Seldon Lady, a convicted kidnapper who also happens to be a CIA spook, got on an airplane yesterday bound for the United States. He was convicted (along with 22 other CIA agents) of kidnapping in Italy in 2009, and was to receive a nine-year prison sentence for the kidnapping of Hassan Mustafa Osama Nasr aka Abu Omar, in what the Italians are calling the Imam Rapito (Kidnapped Imam) affair. Nasr was whisked away to Egypt, where he was submitted to torture.

Robert Lady, a genuine fugitive from the law, gets to board an airplane back to the United States after the US government put pressure on the Panamanian govenment, who arrested him 2 days ago. Italy filed a request for the extradition of Lady, but he is safely sipping his coffee in the US now I suspect.

I wondered whether Lady’s plane would be denied access to the airspace of Central American countries, but I am afraid I already know the answer. Unlike the democratically-elected President of Bolivia Evo Morales, whose airplane was grounded for 14 hours in Vienna when flying home from a summit in Moscow on the mere suspicion that Edward Snowden might be on board (due to pressure put on European countries by the United States), a convicted felon like Lady gets a free ride back to his homeland.

Richard_ODwyerThe problem with these extradition agreements is that they are always horribly lopsided in favour of the United States. The influence the Americans have on world politics is still enormous, and it isn’t for the better. They go about extraordinary rendering and torturing and murdering countless of hapless people, people who generally just go about their daily lives and attend wedding parties and whatnot.

So on the one hand, the United States is demanding that other countries extradite their citizens whenever the US requests it of them, like in the case of Richard O’Dwyer, who did nothing more harmful than building a website on which you could share links to video/audio content, but on the other hand, a convicted felon, responsible for the horrific, inhumane torture of Abu Omar gets to enjoy freedom from persecution in the US.

US intervention in South America and the War on Drugs

The United States still considers Latin America to be their backyard. The Latin American countries however, had to suffer many decades of US intervention, with one democratically elected leader being assassinated by the CIA after another, with one CIA-sponsored coup after another, the US has done little to secure peace in Latin America. And this isn’t just happening in Latin America, the US is doing this all over the world. They euphemistically call it “regime change.” And nowadays, with the War on Drugs in full swing, the US creates a market where South American drug cartels are more than happy to supply. After all, if there is a market somewhere, someone will step in and reap the financial benefits. This is a basic economic law.

Unfortunately, this leads to a lot of crime in these countries. The solution to this is obvious to anyone who has studied this problem in more detail: simply legalize drugs. By legalizing drugs, you can safeguard the quality of the merchandise so people using it won’t get life-threatening crap in their systems, and you immediately shut down the market for the cartels, who now have no way of competing, if the government or companies can legally supply people with guaranteed safe, relatively cheap drugs. This doesn’t only solve the crime problem we have with the cartels nowadays, but it also is of benefit to health care.

Where do we go onwards from here?

The thing is, the US government, by going through with all of their covert regime change projects, their murdering, torturing, droning, extraordinary rendering, etc, is actually damaging the credibility MQ1 Predator Droneof the United States. On the one hand we have Obama who just recently criticized the Russian President Putin on human rights, but look what we have here: Obama, a president who has the dubious distinction of being the only Nobel Peace Prize laureate who has countless of murders on his name. Every week he personally approves the so-called ‘kill list‘. Talking about out-of-control power structures! How can he sleep at night?

The only way forward is for governments to start respecting human and civil rights, and stick to that. We the people need the tools to keep government accountable, it’s the only way to stop history from repeating.

Life, Liberty and the Pursuit of Snowden

Note: This article is also available in Portuguese, translated by Anders Bateva.

US Declaration of Independence237 years ago, 56 traitors to their King and country signed a document which outlined a new philosophy, that all men are created equal, that they are endowed by their creator with certain unalienable Rights. That among these are Life, Liberty, and the Pursuit of Happiness. This gave birth to a new nation, the United States of America. Funny how your perception can change depending on your viewpoint and background, isn’t it? In 1776, these 56 signatories of the United States Declaration of Independence did something very brave indeed. They took a stand against the Empire on which the sun never sets, the British Empire, because it failed to embody and represent what they believed in: that it should be the task of the government to secure the above rights, and that governments derive their just powers from the consent of the governed. And that whenever the government becomes destructive of these ends, it is the right of the people to alter or abolish it. These men are considered patriots by many Americans, because in defying the King of Great Britain in 1776, they founded the United States of America, a nation once conceived on these noble principles. A nation that sadly no longer adheres to the philosophy laid down it its Declaration of Independence. Had history played out differently, these men could have been tried for high treason and hung, drawn and quartered. These men took a huge personal risk based on what they personally believed in. You have to remember, back in 1776, the British Empire was a superpower, quite similar to the roles the United States, Russia and China play today. But history is written by the victors, as they say.

SnowdenEdward Snowden

Now, Snowden blew the whistle because he recognized the government failed to defend the rights of the people, failed to embody the spirit in which it was founded 237 years ago. This is an incredibly brave thing to do. Just think about it: he had to leave his friends and family and his entire life behind and can probably never visit his friends and family again, because he did what he felt was right: expose the crimes committed by the US government. By many he is now branded a traitor, similar to how those 56 signatories were viewed by a portion of the British people back in the day. I sincerely hope Snowden will stay safe. One of the things that struck me when following the Snowden story, is that the media spin machine is now in full swing, trying to come up with dirt on both Edward Snowden, and the journalist who published the story in the Guardian: Glenn Greenwald. The goal of course, is to slowly make the media shift their focus away from the main story, and onto petty things instead, like the obsession with Snowden’s girlfriend, or whether Greenwald should be charged with a crime or not. The goal of those manipulators behind the scenes is to discredit the source who has been leaking this classified but vitally important information, so that eventually people will start to no longer believe him. By discrediting the whistle blower, they hope to also discredit his story. Don’t they get it? Don’t they get that transparency, and democratic oversight, checks and balances are what any government that claims to be a government of the people, by the people and for the people desperately needs? Precisely those things that it is now sorely lacking. By having informed, intelligent citizens, we increase overall safety and national security. We don’t make our nations any safer by scaring our citizens and beating them into submission. But as of late, the truncheon is used in lieu of conversation more and more…

Meanwhile in Europe…

Here in Europe, we saw politicians finally taking a stand against the NSA PRISM program, but sadly only because it was in their own self-interest to do so. It wasn’t until Snowden released documents proving that the United States had been spying on European diplomats in Washington, New York and Brussels, as was published in Der Spiegel on July 1st, that we finally got some strong language from some European leaders, with François Hollande even threatened to suspend the trade pact talks with the US. This delayed reaction by European politicians seems to send the message to the European citizens that it’s apparently perfectly OK to spy on European citizens (politicians here were awfully quiet when the story broke), as long as the Americans are not spying on our diplomats and politicians. Oh, and if you’ve heard the NSA’s stories about ‘metadata’, and you’re wondering what ‘harmless metadata’ really means, be sure to check out German Green Party Member Malte Spitz’s six months of telephone records mapped on a moving map. It’s quite a humbling experience. 🙂 Update: Since I wrote this article on July 2nd, 2013, things have changed even more dramatically, as long-established diplomatic principles in international law have been grossly violated by denying President Morales’ plane access to French, Spanish, Italian and Portuguese airspace, causing it to have to divert to Vienna when the president was on his way home from a summit in Moscow. Of course, this caused massive anger in Latin America. The real problem we now have in Europe are leaders with rubber knees. We have our brain, and our sovereignty. Let’s start using it.

Dangers of the ‘nothing to hide, nothing to fear’ mentality

Note: This article is also available in Portuguese, translated by Anders Bateva.

With regards to the whole PRISM program recently unveiled by NSA whistleblower Edward Snowden, I had a discussion with someone a few days ago who still held to the view that if you have nothing to hide, you have nothing to fear from the government. This blog post is mainly aimed at dispelling some of these myths that keep cropping up in these discussions.

Change in Government

One of the biggest problems with this argument is that the government isn’t this all-good, benevolent entity that most people think it is. They actively and purposefully violate their own laws regularly. Now governments always have claimed that they work in the best interest of the people (which is the thing they should do), but who guarantees to me that this will always stay this way? Who guarantees that the Dutch government for instance, won’t turn into a full-blown police state in 5 or 10 years time, the way the British government already has? GCHQ is even worse than the NSA, as they’re tapping over 200 fibre optic cables indiscriminately. Who guarantees to me that there won’t be a dictator in 10 years time, maybe elected in a fit of fear, who then grabs power and starts abusing it to the fullest? Many people seem to laugh at the suggestion, but the danger is still very real. We don’t know what will happen in the future so therefore we should instead be proactive, and make sure that when a malevolent government does come to power (which I hope not), it has as little influence over the lives of the people as possible. An interesting story about changing governments, and sudden abuse of power is the story of Jacob Lentz. Lentz was a Dutch civil servant who worked on setting up the national resident registration system and designed the new national ID cards during the Second World War. In the summer of 1940, Lentz was convinced that Nazi Germany would win World War II, and he worked very hard at creating a watertight system. His ID cards were notoriously difficult to forge, even better that the German variant, the Kennkarte, making the lives of the Dutch resistance members a lot harder. His system registered a lot of information about the Dutch citizens, religion among other things. This make it ridiculously easy for the Nazis, when they conquered The Netherlands in May 1940, to see who was of Jewish descent and who wasn’t. And we all know the unimaginable horrors that led to. Now, Lentz thought he had good intentions. But the road to hell is paved with good intentions, as they say. If Lentz had thought it through just a little bit, had thought of the possible consequences, he might have chosen a different path. He could have saved the lives of thousands of Jews, with little to no danger to his own personal safety, or his family’s.

ProfilingSurveillance: Nothing to hide?

Now, it’s important to remember that you as a citizen usually don’t get to decide what constitutes criminal or suspicious behavior or not. You usually have no say in this matter, and governments habitually move the goal posts during the game. The average Dutchman can be found in well over 5,000 different government databases (link in Dutch). Now, with this much data on 17 million people, the government is bound to make mistakes. Because of the vast amount of information, they have to pattern match and profile you. This often leads to mistakes. If you buy a bag of fertilizer, are you simply a gardener, growing marijuana in your attic or maybe even a potential terrorist? This seemingly innocent act can suddenly raise a lot of flags in the numerous interlinked government databases. These databases aren’t perfect, and more often than not are failing to register the critical bits of context that might explain your behavior. The danger that your actions are registered while missing a lot of context, should be reason enough why we shouldn’t want to expand the surveillance state any further.

Feature Creep

Then there’s the problem of feature creep. When the government proposes a new law that enhances the powers of the surveillance state, they are always keen to solemnly promise to the MPs that these powers will of course only be exercised under strict conditions and regulations, with proper, independent oversight, with a court order, et cetera. In the end, this is almost never the case, and even your common neighborhood cop suddenly has access to sensitive information about you. This is exactly what happened in the case of RIPA (the Regulation of Investigatory Powers Act 2000) in Britain. This was an Act that was passed at the start of the War on Terror, expanding the powers of the British spooks significantly. (It’s interesting to note that a law expanding powers of the spooks has a name that seems to suggest that it seeks to regulate said powers) When it was passed into law, it was supposed to only be used by the spooks, while nowadays, local councils can exercise these powers as well. And this is happening in a lot of places. These dangers are very real, and we need to start speaking up, and start demanding proper oversight for the spooks and the rest of the surveillance apparatus. In the meanwhile, there are a lot of things we can do to at least make their work a bit more difficult. 🙂

My Move to Switzerland

Accelerated because of the recent exposure of the NSA’s horrible PRISM program by whistleblower Edward Snowden, I’ve decided to finally take the steps I’ve contemplated about for roughly a year now: moving my online persona to Switzerland.

Why Switzerland?Swiss Flag

The reason I chose Switzerland is because of United States policy, really. In recent years, the US administration has been flexing their jurisdictional muscles and have been putting several perfectly legitimate websites out of business because their owners published things the US junta didn’t like. This happens even when your servers aren’t located in the United States, and even when you don’t market your site to Americans. Having a .com, .net or .org is apparently enough to fall under US jurisdiction.

Examples are legion: Mega (previously known as MegaUpload), ran by the New Zealand citizen Kim Dotcom, whose domains have been seized by the US government because of vague copyright infringement allegations. Their website got defaced by the American government, and you can imagine the kind of damage this may inflict if you’re running a company or non-profit, and the image put up by the US authorities says your website was taken down because of, shall we say, ‘questionable’ content.

TVShacks, the website ran by the then 23-year-old Richard O’Dwyer, a UK citizen who faced extradition to the United States in 2011 because of copyright allegations, even when he was not doing anything illegal according to UK law. His website simply aggregated links to where copyrighted content could be found on the Internet, and he complied with proper notice and take-down requests. Yes, you’ve read it correctly: here is someone who actually faced extradition to the US, even when he didn’t do anything illegal under UK law, based on what exactly? Some vague copyright claims by Hollywood.

You have to be careful about which companies you deal with, and especially in which country they are incorporated. Because if you’re dealing with a US-based company, any US company, it will be subject to the US PATRIOT Act, NSLs (National Security Letters), FISA and legally required to put in back-doors and send logs containing your traffic to the US intelligence community, the NSA in particular. And in the order by the FISC (Foreign Intelligence Surveillance Court) it explicitly says that you can’t inform your clients about the fact that you have to send all their communications to the NSA. It also stipulates hefty prison sentences for the leadership of the US companies that are found to be breaching this stipulation in the order. And they aren’t collecting just meta-data: the actual content of your communications are recorded and profiled and searched through as well. But this wasn’t really anything new: the US plus the UK and her former colonies have been running the ECHELON program for many years. Its existence was confirmed by a European Parliament investigation into the capabilities and political implications of ECHELON in 2001.

What Can You Do?

The solution to this is quite complex and involves many factors and variables you have to consider. But here are some of the things I did:

Basically you want to have nothing to do with US companies. Basically don’t have any US ties whatsoever. Because as soon as there is a US link, your service providers are subject to US legislation, have to comply with the spooks’ orders and more importantly: can’t tell you about it. So avoid US companies, US cloud providers, etc. at all costs if you want to stay really secure. So no Google, Facebook, Twitter, LinkedIn, etc. without approaching this with a clear strategy in mind. Be careful when (if at all) you’re using these services.

Be sure to install browser plugins like HTTPS Everywhere (to use secure HTTPS connections wherever possible; providing end-to-end encryption) and Ghostery to prevent letting these companies track the web pages you visit.

The hardware and software you’re using also needs to be as secure as possible. Don’t order your new computer on the Internet, but go to a physical (brick-and-mortar) store (pick one at random that has the model you fancy in store) and buy one cash over the counter. The computer should preferably be running a free software (free as in freedom, not free as in ‘free beer’) operating system like GNU/Linux (there’s an easy to use distribution of GNU/Linux called Ubuntu) or BSD, and the software running on top of that should preferably be free software as well. This is done to ensure that the hardware cannot be compromised in the transfer from the manufacturer to you (since it’s impossible to tell which computer you’re going to pick at the store), and to ensure proper review of the source code of the software you are using. Or, as Eric S. Raymond said in his book The Cathedral and the Bazaar: “Given enough eyeballs, all bugs are shallow.” You cannot trust proprietary software, since you cannot check the source code, and it’s less flexible than free software because you cannot extend or change the software to fit your needs exactly. Even if you yourself don’t have the expertise to do so, you can always hire someone to do this work for you.

With regards to domain security (to prevent the US authorities from defacing your website) you can register a domain name that doesn’t fall under US jurisdiction. I chose Switzerland (.ch) because of the way they’ve been resisting pressure by the US authorities when they clamped down on Wikileaks. The server is also physically located in Switzerland. This server is also running my email, which I access through a secure, encrypted SSL/TLS connection.

Now, e-mail is basically a plain text protocol, so people still get to read them if they sniff your packets somewhere between source and destination. The best way to prevent this from happening, is to use encryption, not just for authentication, but encrypt the content as well whenever possible. I use GnuPG, an open source implementation of PGP, together with the Enigmail plug-in for Thunderbird. This works using asymmetric encryption, with two keys, a public key and a private key, which you generate on your machine. The public key can be published and shared freely, as this is what allows other people to send encrypted mail to you. You have to keep the private key secret. You can then send encrypted email to people if you have their public key.

If you want to read up some more on some of the practical measures you can take to increase your security, please visit Gendo’s Secure Comms webpage. It contains comprehensive practical advice and lots of links to the software you need to set up secure comms.

My plan is to write more articles on this website, so I’d like to thank you for your time, and hope to see you again soon!