Cory Doctorow Profile picture
Apr 11 29 tweets 7 min read
This week on my podcast, I read my @Medium column, "When Automation Becomes Enforcement," on the debate of interoperability and end-to-end encryption in the Digital Markets Act, and the long-running battle over who's in charge: you, or your computer?

onezero.medium.com/when-automatio… 1/ Image
When I first encountered the idea of disappearing messages, I thought they were stupid, but I was wrong. I thought that the point of disappearing messages was to let you send secrets to someone you didn't trust, because the message would disappear and thus be safe. 2/
Obviously, this is stupid. If you send a secret to someone you don't trust, that untrustworthy person can take a screenshot, or use another device to photograph their screen. Or, you know, they can just *remember* the secret and blab it. 3/
Technology can't make untrustworthy people trustworthy.

But then I had the *other* use-case for disappearing messages explained to me: not *enforcing* agreements about data-handling, but rather, *automating* them. 4/
You and I might trust each other not to blab our mutual secrets, but we might also agree that the best way to keep those secrets from leaking is to delete the record of our conversation.

We understand that we're both fallible. 5/
We know that even with the best of intentions, we might forget to delete our chat logs, and that exposes them to being leaked, or coerced from us. 6/
A disappearing messages tool hands "remembering to delete files on a regular basis" - something humans are bad at doing - to a computer, which is very good at this. 7/
The reason I assumed that disappearing messages were designed for the stupid fantasy of trusting untrustworthy people is that there's a long history of this. 8/
Microsoft tried (unsuccessfully) to snuff out rivals to Microsoft Office in the mid-2000s with a product called "Information Rights Management" (IRM). 9/
IRM was DRM for Office files, whose pitch was that you could send a Word doc or an Excel sheet to someone you didn't trust, and IRM would stop them from leaking or printing or forwarding those docs. 10/
IRM could be defeated by all the same measures as disappearing messages, but Microsoft claimed it could mitigate these with Trusted Computing - which would prevent you from installing non-Microsoft operating systems and software on your computer. 11/
Microsoft used the unreliability of IRM to insist that all our computers be designed to disobey us, and take orders from Microsoft instead. If Microsoft said you couldn't install an OS, or an app, or take a screenshot, your computer would listen to Microsoft - not you. 12/
In the process, Microsoft would become tech's gatekeeper, with the power to approve or deny all new services and products. 13/
Since then, this idea has spread to other companies, especially (and ironically), Apple - the company whose interoperable Office programs (Pages, Numbers, Keynote) Microsoft wanted to extinguish with IRM and Trusted Computing.

eff.org/deeplinks/2019… 14/
Today, Apple is one of the Big Tech companies targeted by the EU's Digital Markets Act (#DMA), which will require the largest tech companies to connect their messenging platforms to small companies systems on request. 15/
This has the potential to do great good - and also great harm. On the positive side, forcing interop on tech giants will allow users who stick with them to leave for better rivals, without having to abandon their connections to customers, community and family. 16/
That will create space for co-ops, nonprofits and startups with better privacy policies and firmer commitments to user rights (for example, companies that, unlike Apple, would exit the Chinese market rather than allowing the Chinese state to backdoor its encryption). 17/
On the negative side, the additional complexity of interop could lead to errors in the end-to-end encryption (#E2EE) of instant message systems, which could expose users to terrible risks that the digital rights community has warned us about for 30+ years. 18/
The DMA requires that interop upholds E2EE, but it also sets deadlines, and it's entirely conceivable that these deadlines will arrive before a satisfactory, secure technical solution is in place. That has digital rights activists (including me) worried. 19/
But within the debate over DMA and E2EE is a latent, unarticulated disagreement about measures like disappearing messages - ambiguous security measures that some users treat as agreement automation tools and others as enforcement tools. 20/
If disappearing messages are enforcement tools, then interop is in big trouble - because that enforcement requires that every chat client treat its owner as an attacker, and override their judgment when senders demand it. 21/
That's antithetical to the mission of DMA: to allow users to decide how *their* devices operate. I want there to be disappearing messages with "override" buttons - that would let you decide to retain your boss's harassing messages, say, so you could show them to your lawyer. 22/
For many years, disappearing message vendors were able to avoid speaking clearly about their products' use-case, benefiting from the enforcement/automation ambiguity. 23/
Some users naively assumed they were getting enforcement, while others understood that automation was all they could hope for. 24/
Now, though, interop is forcing the question - and that's a good thing. The users who thought they were getting enforcement from disappearing messages were living in a fool's paradise, after all! 25/
We definitely need to ensure that the DMA doesn't weaken E2EE - but that doesn't have anything to do with ensuring that the DMA turns disappearing messages into an enforcement tool. 26/
Not only is that impossible - merely attempting it will give more market-structuring power to monopolists. 27/
Here's a link to the podcast episode:

craphound.com/news/2022/04/1…

And here's a direct link to the MP3 (hosting courtesy of the @internetarchive; they'll host your stuff for free, forever):

archive.org/download/Cory_…

And here's the RSS for my podcast:

feeds.feedburner.com/doctorow_podca… 28/
ETA - If you'd like an unrolled version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

pluralistic.net/2022/04/11/coe…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Cory Doctorow

Cory Doctorow Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @doctorow

Apr 13
Today's Twitter threads (a Twitter thread).

Inside: America's 400 top earners pay less tax than you; and more!

Archived at: pluralistic.net/2022/04/13/tax…

#Pluralistic 1/ A vintage rec-room with hob...
Tomorrow (Apr 14), I'm on a panel called "Surveillance Capitalism, Borders, and the Police" with @KhalidPalexand, @tsnvaa and @Pedroconsafos, hosted by @twcsandiego:

us02web.zoom.us/meeting/regist… 2/ Image
America's 400 top earners pay less tax than you: Propublica continues to mine the IRS Files.

3/
Read 24 tweets
Apr 13
Last June, @propublica announced that it was in possession of leaked IRS files detailing the tax affairs of America's richest people, and that #TheIRSFiles showed that taxes are - as Leona Helmsley famously quipped - for the little people:

pluralistic.net/2021/06/15/gui… 1/
If you'd like an unrolled version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

pluralistic.net/2022/04/13/tax… 2/
The initial reporting described how, for example, private equity raiders were able to debt-finance acquisitions of productive businesses, run them into the ground, pocket hundreds of millions of dollars, *and* avoid tax as they sprinted away from the wreckage. 3/
Read 37 tweets
Apr 13
Summer Night, 1890. Winslow Homer (American, 1836-1910)

The White Ball, 1903. Joseph-Marius Avy (French, 1871-1939)

Rumba. Katya Gridneva (Ukrainian, b. 1965)

Women Dancing at a Cafe, ca. 1926. Isaac Israëls (Dutch, 1865-1934)

dduane.tumblr.com/post/681420897… ImageImageImageImage
Office and Commercial Building of the Company Schuurman (c. 1960) in Alkmaar, the Netherlands, by Piet Tauber. Demolished in 2003. germanpostwarmodern.tumblr.com/post/681397880… Image
Read 9 tweets
Apr 13
Space shuttle mission control wilwheaton.tumblr.com/post/681381021… ImageImageImageImage
Space shuttle mission control wilwheaton.tumblr.com/post/681381021… ImageImageImage
Main Street USA fireworks at the Magic Kingdom, 1975 adventurelandia.tumblr.com/post/681378782… Image
Read 7 tweets
Apr 12
Effects of the Accident at Three Mile Island on Residential Property Values and Sales (library check-out card, 1981) jellobiafrasays.tumblr.com/post/681342921… Image
The incomplete megalithic statues of Kouros in Naxos island,Cyclades,Greece.(8th-6th c.BC). starrywisdomsect.tumblr.com/post/681343772… Image
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(