Bruce Schneier Is Wrong – There Is Hope For Internet Privacy

Bruce Schneier is, undoubtedly, a very smart man. He wrote a seminal book, ‘Applied Cryptography’, on one of the toughest mathematical disciplines, and he is now CTO of BT’s managed security services.

But when he gets on to more philosophical subjects, he’s often guilty of parochialism. He makes a lot of noise, and sometimes it isn’t too constructive. And his latest bluster about Internet privacy, in a piece entitled ‘Our Internet Surveillance State’, contains a number of fallacies, which attempt to lend weight to his claim that the Internet is “without privacy”. And there is no hope for getting it back.

“Maintaining privacy on the Internet is nearly impossible. If you forget even once to enable your protections, or click on the wrong link, or type the wrong thing, … you’ve permanently attached your name to whatever anonymous service you’re using,” he wrote.

Grumpy Bruce

It’s odd to see Schneier in such a downbeat mood too, considering his latest book, ‘Liars and Outliers’, ends on a far less bleak note, albeit on a slightly different topic: trust. He even closes with a quote from Martin Luther King, Jr.: “The arc of history is long, but it bends towards justice.”

Given his standing in the community, and his legendary technical ability (parodied affectionately at www.schneierfacts.com), perhaps he should be harnessing this positivity to develop more systems to hand people greater privacy, rather than saying what has been said before ad nauseam, just in a more histrionic way.

The last two times I’ve been in the congregation for one of his sermons at whatever conference will pay him, Schneier hasn’t offered any genuine solutions, only fretted about the threat of Facebook, and the gloom Google will bring. The only time I’ve interviewed him he spent the whole time disengaged, playing with his laptop, providing curt answers (not that I’m bitter… it was a self-imposed awkward 25 minutes).

If he could only engage and stand up for privacy more, instead of playing the curmudgeon. In his book, he talks about the need for “defectors”, those who go against the norm for a greater good – people like Rosa Parks. Maybe he should practice what he preaches.

He does, of course, make some good points. Ones that should resonate particularly strongly in the UK. Police can and will use all data they can get their hands on to track people. The Communications Data Bill, or Snooper’s Charter, is the Home Office’s attempt to force communications providers to store data so coppers can access it with much fewer constraints than are currently in force.

UK law enforcement has already shown its hunger for people’s Internet data. Microsoft released a report last week showing police in this country made more requests for Skype user information than any other force in the world.

And it is, as Schneier says, very easy to acquire information on people, regardless of how protected they think they are. Just today, research published in Scientific Reports claimed in 95 percent of cases individuals could be identified by gathering just four pieces of their location data, or “spatio-temporal points”. They looked at 15 months of mobility data for 1.5 million individuals, and decided the findings represented “fundamental constraints to an individual’s privacy”.

Cheer up Bruce

Internet privacy is, in many ways, in decline. Yes, there are many ways for governments, corporations and others to spy on Web denizens. But Schneier is guilty of the same apathy, the same fatalism he decries in his “essay” (it’s really a blog). “We’ve ended up here with hardly a fight,” he writes. Way to rally the troops there Bruce. Why aren’t you leading the fight? Why aren’t you fighting at all?

Ignore Bruce though. There is hope. Let’s remember the Internet is still young. We can still save it. There are ways to find privacy – use a decent VPN, send messages using PGP, take advantage of Tor. It’s not difficult to use these services. Yes, you have to, you know, turn them on, but do that and you can do things privately. It’s really that simple.

We can and should pressure vendors to take privacy seriously, and it appears the big guns really are getting the message.. or at least realising that privacy is a hot button they can use to their advantage. Look at Microsoft’s most recent marketing offensive in the US – the Scroogled campaign. It’s trying to get Gmail users to move across to Outlook by pointing to the ways in which Google uses algorithms to “read” emails to target ads.

“Market forces are at play,” Microsoft’s chief privacy officer, Brendan Lynch, recently told me. It’s hugely encouraging to see privacy used as a selling tool. This is positive capitalism. As Bruce should have noted in his blog, it’s also a sign of what Martin Luther King was talking about, – justice, just possibly, prevailing.

Let’s be honest and pragmatic about this, not shove out overwrought hyperbole that just reiterates the nature of our problems. Let’s talk about what we can do, technologically and politically.

Instead of admitting defeat to government, we should be fighting every fight, not backing down to companies and regimes that want to take control of the Internet and watch over everything we do. Let’s get progressive, and wrest our privacy back. Bruce almighty, maybe you can lead the way?

Are you a pedant on privacy? Try our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

View Comments

  • "There are ways to find privacy – use a decent VPN, send messages using PGP, take advantage of Tor. It’s not difficult to use these services. Yes, you have to, you know, turn them on, but do that and you can do things privately. It’s really that simple."

    No it's not. THE point of Bruce's article was that if Chinese military and Anonymous hackers can be caught by just one slip-up, what hope for the ordinary user?

    1984: ""There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live—did live, from habit that became instinct—in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized."

    To escape this Black Iron Cage, we would need a government to pass laws which mandated integration of strong anonymity technologies (with no backdoors).

    Instead we have UK governments (it doesn't matter which) that mandate data retention and systemic data-mining of communications metadata (CDB) and which fight every EU initiative for strong Data Protection

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

14 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

17 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

18 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

19 hours ago