Bruce Schneier Is Wrong – There Is Hope For Internet Privacy

Bruce Schneier is, undoubtedly, a very smart man. He wrote a seminal book, ‘Applied Cryptography’, on one of the toughest mathematical disciplines, and he is now CTO of BT’s managed security services.

But when he gets on to more philosophical subjects, he’s often guilty of parochialism. He makes a lot of noise, and sometimes it isn’t too constructive. And his latest bluster about Internet privacy, in a piece entitled ‘Our Internet Surveillance State’, contains a number of fallacies, which attempt to lend weight to his claim that the Internet is “without privacy”. And there is no hope for getting it back.

“Maintaining privacy on the Internet is nearly impossible. If you forget even once to enable your protections, or click on the wrong link, or type the wrong thing, … you’ve permanently attached your name to whatever anonymous service you’re using,” he wrote.

Grumpy Bruce

It’s odd to see Schneier in such a downbeat mood too, considering his latest book, ‘Liars and Outliers’, ends on a far less bleak note, albeit on a slightly different topic: trust. He even closes with a quote from Martin Luther King, Jr.: “The arc of history is long, but it bends towards justice.”

Given his standing in the community, and his legendary technical ability (parodied affectionately at www.schneierfacts.com), perhaps he should be harnessing this positivity to develop more systems to hand people greater privacy, rather than saying what has been said before ad nauseam, just in a more histrionic way.

The last two times I’ve been in the congregation for one of his sermons at whatever conference will pay him, Schneier hasn’t offered any genuine solutions, only fretted about the threat of Facebook, and the gloom Google will bring. The only time I’ve interviewed him he spent the whole time disengaged, playing with his laptop, providing curt answers (not that I’m bitter… it was a self-imposed awkward 25 minutes).

If he could only engage and stand up for privacy more, instead of playing the curmudgeon. In his book, he talks about the need for “defectors”, those who go against the norm for a greater good – people like Rosa Parks. Maybe he should practice what he preaches.

He does, of course, make some good points. Ones that should resonate particularly strongly in the UK. Police can and will use all data they can get their hands on to track people. The Communications Data Bill, or Snooper’s Charter, is the Home Office’s attempt to force communications providers to store data so coppers can access it with much fewer constraints than are currently in force.

UK law enforcement has already shown its hunger for people’s Internet data. Microsoft released a report last week showing police in this country made more requests for Skype user information than any other force in the world.

And it is, as Schneier says, very easy to acquire information on people, regardless of how protected they think they are. Just today, research published in Scientific Reports claimed in 95 percent of cases individuals could be identified by gathering just four pieces of their location data, or “spatio-temporal points”. They looked at 15 months of mobility data for 1.5 million individuals, and decided the findings represented “fundamental constraints to an individual’s privacy”.

Cheer up Bruce

Internet privacy is, in many ways, in decline. Yes, there are many ways for governments, corporations and others to spy on Web denizens. But Schneier is guilty of the same apathy, the same fatalism he decries in his “essay” (it’s really a blog). “We’ve ended up here with hardly a fight,” he writes. Way to rally the troops there Bruce. Why aren’t you leading the fight? Why aren’t you fighting at all?

Ignore Bruce though. There is hope. Let’s remember the Internet is still young. We can still save it. There are ways to find privacy – use a decent VPN, send messages using PGP, take advantage of Tor. It’s not difficult to use these services. Yes, you have to, you know, turn them on, but do that and you can do things privately. It’s really that simple.

We can and should pressure vendors to take privacy seriously, and it appears the big guns really are getting the message.. or at least realising that privacy is a hot button they can use to their advantage. Look at Microsoft’s most recent marketing offensive in the US – the Scroogled campaign. It’s trying to get Gmail users to move across to Outlook by pointing to the ways in which Google uses algorithms to “read” emails to target ads.

“Market forces are at play,” Microsoft’s chief privacy officer, Brendan Lynch, recently told me. It’s hugely encouraging to see privacy used as a selling tool. This is positive capitalism. As Bruce should have noted in his blog, it’s also a sign of what Martin Luther King was talking about, – justice, just possibly, prevailing.

Let’s be honest and pragmatic about this, not shove out overwrought hyperbole that just reiterates the nature of our problems. Let’s talk about what we can do, technologically and politically.

Instead of admitting defeat to government, we should be fighting every fight, not backing down to companies and regimes that want to take control of the Internet and watch over everything we do. Let’s get progressive, and wrest our privacy back. Bruce almighty, maybe you can lead the way?

Are you a pedant on privacy? Try our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

View Comments

  • "There are ways to find privacy – use a decent VPN, send messages using PGP, take advantage of Tor. It’s not difficult to use these services. Yes, you have to, you know, turn them on, but do that and you can do things privately. It’s really that simple."

    No it's not. THE point of Bruce's article was that if Chinese military and Anonymous hackers can be caught by just one slip-up, what hope for the ordinary user?

    1984: ""There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live—did live, from habit that became instinct—in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized."

    To escape this Black Iron Cage, we would need a government to pass laws which mandated integration of strong anonymity technologies (with no backdoors).

    Instead we have UK governments (it doesn't matter which) that mandate data retention and systemic data-mining of communications metadata (CDB) and which fight every EU initiative for strong Data Protection

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago