This week on my podcast, I read my @Medium column, "When Automation Becomes Enforcement," on the debate of interoperability and end-to-end encryption in the Digital Markets Act, and the long-running battle over who's in charge: you, or your computer?
onezero.medium.com/when-automatio… 1/
onezero.medium.com/when-automatio… 1/
When I first encountered the idea of disappearing messages, I thought they were stupid, but I was wrong. I thought that the point of disappearing messages was to let you send secrets to someone you didn't trust, because the message would disappear and thus be safe. 2/
Obviously, this is stupid. If you send a secret to someone you don't trust, that untrustworthy person can take a screenshot, or use another device to photograph their screen. Or, you know, they can just *remember* the secret and blab it. 3/
Technology can't make untrustworthy people trustworthy.
But then I had the *other* use-case for disappearing messages explained to me: not *enforcing* agreements about data-handling, but rather, *automating* them. 4/
But then I had the *other* use-case for disappearing messages explained to me: not *enforcing* agreements about data-handling, but rather, *automating* them. 4/
You and I might trust each other not to blab our mutual secrets, but we might also agree that the best way to keep those secrets from leaking is to delete the record of our conversation.
We understand that we're both fallible. 5/
We understand that we're both fallible. 5/
We know that even with the best of intentions, we might forget to delete our chat logs, and that exposes them to being leaked, or coerced from us. 6/
A disappearing messages tool hands "remembering to delete files on a regular basis" - something humans are bad at doing - to a computer, which is very good at this. 7/
The reason I assumed that disappearing messages were designed for the stupid fantasy of trusting untrustworthy people is that there's a long history of this. 8/
Microsoft tried (unsuccessfully) to snuff out rivals to Microsoft Office in the mid-2000s with a product called "Information Rights Management" (IRM). 9/
IRM was DRM for Office files, whose pitch was that you could send a Word doc or an Excel sheet to someone you didn't trust, and IRM would stop them from leaking or printing or forwarding those docs. 10/
IRM could be defeated by all the same measures as disappearing messages, but Microsoft claimed it could mitigate these with Trusted Computing - which would prevent you from installing non-Microsoft operating systems and software on your computer. 11/
Microsoft used the unreliability of IRM to insist that all our computers be designed to disobey us, and take orders from Microsoft instead. If Microsoft said you couldn't install an OS, or an app, or take a screenshot, your computer would listen to Microsoft - not you. 12/
In the process, Microsoft would become tech's gatekeeper, with the power to approve or deny all new services and products. 13/
Since then, this idea has spread to other companies, especially (and ironically), Apple - the company whose interoperable Office programs (Pages, Numbers, Keynote) Microsoft wanted to extinguish with IRM and Trusted Computing.
eff.org/deeplinks/2019… 14/
eff.org/deeplinks/2019… 14/
Today, Apple is one of the Big Tech companies targeted by the EU's Digital Markets Act (#DMA), which will require the largest tech companies to connect their messenging platforms to small companies systems on request. 15/
This has the potential to do great good - and also great harm. On the positive side, forcing interop on tech giants will allow users who stick with them to leave for better rivals, without having to abandon their connections to customers, community and family. 16/
That will create space for co-ops, nonprofits and startups with better privacy policies and firmer commitments to user rights (for example, companies that, unlike Apple, would exit the Chinese market rather than allowing the Chinese state to backdoor its encryption). 17/
On the negative side, the additional complexity of interop could lead to errors in the end-to-end encryption (#E2EE) of instant message systems, which could expose users to terrible risks that the digital rights community has warned us about for 30+ years. 18/
The DMA requires that interop upholds E2EE, but it also sets deadlines, and it's entirely conceivable that these deadlines will arrive before a satisfactory, secure technical solution is in place. That has digital rights activists (including me) worried. 19/
But within the debate over DMA and E2EE is a latent, unarticulated disagreement about measures like disappearing messages - ambiguous security measures that some users treat as agreement automation tools and others as enforcement tools. 20/
If disappearing messages are enforcement tools, then interop is in big trouble - because that enforcement requires that every chat client treat its owner as an attacker, and override their judgment when senders demand it. 21/
That's antithetical to the mission of DMA: to allow users to decide how *their* devices operate. I want there to be disappearing messages with "override" buttons - that would let you decide to retain your boss's harassing messages, say, so you could show them to your lawyer. 22/
For many years, disappearing message vendors were able to avoid speaking clearly about their products' use-case, benefiting from the enforcement/automation ambiguity. 23/
Some users naively assumed they were getting enforcement, while others understood that automation was all they could hope for. 24/
Now, though, interop is forcing the question - and that's a good thing. The users who thought they were getting enforcement from disappearing messages were living in a fool's paradise, after all! 25/
We definitely need to ensure that the DMA doesn't weaken E2EE - but that doesn't have anything to do with ensuring that the DMA turns disappearing messages into an enforcement tool. 26/
Not only is that impossible - merely attempting it will give more market-structuring power to monopolists. 27/
Here's a link to the podcast episode:
craphound.com/news/2022/04/1…
And here's a direct link to the MP3 (hosting courtesy of the @internetarchive; they'll host your stuff for free, forever):
archive.org/download/Cory_…
And here's the RSS for my podcast:
feeds.feedburner.com/doctorow_podca… 28/
craphound.com/news/2022/04/1…
And here's a direct link to the MP3 (hosting courtesy of the @internetarchive; they'll host your stuff for free, forever):
archive.org/download/Cory_…
And here's the RSS for my podcast:
feeds.feedburner.com/doctorow_podca… 28/
ETA - If you'd like an unrolled version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
pluralistic.net/2022/04/11/coe…
pluralistic.net/2022/04/11/coe…
• • •
Missing some Tweet in this thread? You can try to
force a refresh
