prohibition or abolition
- The comparison that interests me these days is not with prohibition but
abolitionism -- the RIAA conflict has all the signs of a classic moral
crusade. Check out "Hellfire Nation"(*) by James Marone if you get a
On Wednesday, Dec 17, 2003, at 13:28 America/New_York,
> NEC @ Shirky.com, a mailing list about Networks, Economics, and Culture
> Published periodically / #2.12 / December 17, 2003
> Subscribe at http://shirky.com/nec.html
> Archived at http://shirky.com
> Social Software weblog at http://corante.com/many/
> In this issue:
> - Introduction
> - Essay: The RIAA Succeeds Where the Cypherpunks Failed
> Also at http://www.shirky.com/writings/riaa_encryption.html
> - Worth Reading:
> - GrokLaw: MVP of the SCO Wars
> - Tom Coates Talks With A Slashdot Troller
> * Introduction =======================================================
> The end of another year. Thank you all for reading. See you in January.
> * Essay ==============================================================
> The RIAA Succeeds Where the Cypherpunks Failed
> For years, the US Government has been terrified of losing surveillance
> powers over digital communications generally, and one of their biggest
> fears has been broad public adoption of encryption. If the average
> user were to routinely encrypt their email, files, and instant
> messages, whole swaths of public communication currently available to
> law enforcement with a simple subpoena (at most) would become either
> unreadable, or readable only at huge expense.
> The first broad attempt by the Government to deflect general adoption
> of encryption came 10 years ago, in the form of the Clipper Chip
> [http://www.epic.org/crypto/clipper/%5d. The Clipper Chip was part of a
> proposal for a secure digital phone that would only work if the
> encryption keys were held in such a way that the Government could get
> to them. With a pair of Clipper phones, users could make phone calls
> secure from everyone except the Government.
> Though opposition to Clipper by civil liberties groups was swift and
> extreme  the thing that killed it was work by Matt Blaze, a Bell
> Labs security researcher, showing that the phone's wiretap
> capabilities could be easily defeated , allowing Clipper users to
> make calls that even the Government couldn't decrypt. (Ironically, ATT
> had designed the phones originally, and had a contract to sell them
> before Blaze sunk the project.)
> The Government's failure to get the Clipper implemented came at a
> heady time for advocates of digital privacy -- the NSA was losing
> control of cryptographic products, Phil Zimmerman had launched his
> Pretty Good Privacy (PGP) email program, and the Cypherpunks, a merry
> band of crypto-loving civil libertarians, were on the cover of
> [http://www.wired.com/wired/archive/1.02/crypto.rebels.html%5d the
> second issue of Wired. The floodgates were opening, leading to...
> ...pretty much nothing. Even after the death of Clipper and the launch
> of PGP, the Government discovered that for the most part, users didn't
> _want_ to encrypt their communications. The single biggest barrier to
> the spread of encryption has turned out to be not control but apathy.
> Though business users encrypt sensitive data to hide it from one
> another, the use of encryption to hide private communications from the
> Government has been limited mainly to techno-libertarians and a small
> criminal class.
> The reason for this is the obvious one: the average user has little to
> hide, and so hides little. As a result, 10 years on, e-mail is still
> sent as plain text, files are almost universally unsecured, and so
> on. The Cypherpunk fantasy of a culture that routinely hides both
> legal and illegal activities from the state has been defeated by a
> giant distributed veto. Until now.
> It may be time to dust off that old issue of Wired, because the RIAA
> is succeeding where 10 years of hectoring by the Cypherpunks failed.
> When shutting down Napster turned out to have all the containing
> effects of stomping on a tube of toothpaste, the RIAA switched to
> suing users directly. This strategy has worked much better than
> shutting down Napster did, convincing many users to stop using public
> file sharing systems, and to delete MP3s from their hard drives.
> However, to sue users, they had to serve a subpoena, and to do that,
> they had to get their identities from the user's internet service
> Identifying those users has had a second effect, and that's to
> create a real-world version of the scenario that drove the invention
> of user-controlled encryption in the first place. Whitfield Diffie,
> inventor of public key encryption
> [http://www.webopedia.com/TERM/P/public_key_cryptography.html%5d, the
> strategy that underlies most of today's cryptographic products, saw
> the problem as a version of "Who will guard the guardians?"
> In any system where a user's identity is in the hands of a third
> party, that third party cannot be trusted. No matter who the third
> party is, there will be at least hypothetical situations where the
> user does not want his or her identity revealed, but the third party
> chooses or is forced to disclose it anyway. (The first large scale
> example of this happening was the compromise of anon.penet.fi, the
> anonymous email service, in 1995
> [http://www.mids.org/pay/mn/701/anon.html%5d.) Seeing that this problem
> was endemic to all systems where third parties had access to a user's
> identity, Diffie set out to design a system that put control of
> anonymity directly in the hands of the user.
> Diffie published theoretical work on public key encryption in 1975,
> and by the early 90s, practical implementations were being offered to
> the users. However, the scenario Diffie envisioned had little obvious
> relevance to users, who were fairly anonymous on the internet already.
> Instead of worrying now about possible future dangers, most users'
> privacy concerns centered on issues local to the PC, like hiding
> downloaded pornography, rather than on encrypting network traffic.
> However, Diffie's scenario, where legal intervention destroys the
> users' de facto privacy wherever it is in the hands of commercial
> entities, is now real. The RIAA's successful extraction of user
> identity from internet service providers makes it vividly clear that
> the veil of privacy enjoyed by the average internet user is diaphanous
> at best, and that the obstacles to piercing that veil are much much
> lower than for, say, allowing the police to search your home or read
> your (physical) mail. Diffie's hypothetical problem is today's
> reality. As a result, after years of apathy, his proposed solution is
> being adopted as well.
> In response to the RIAA's suits, users who want to share music files
> are adopting tools like WINW (WINW Is Not WASTE)
> [http://www.winw.org/%5d and BadBlue [http://www.badblue.com/%5d, that
> allow them to create encrypted spaces where they can share files and
> converse with one another. As a result, all their communications in
> these spaces, even messages with no more commercial content than
> "BRITN3Y SUX!!!1!" are hidden from prying eyes. This is not because
> such messages are sensitive, but rather because once a user starts
> encrypting messages and files, it's often easier to encrypt everything
> than to pick and choose. Note that the broadening adoption of
> encryption is not because users have become libertarians, but because
> they have become criminals; to a first approximation, every PC owner
> under the age of 35 is now a felon.
> The obvious parallel here is with Prohibition. By making it
> unconstitutional for an adult to have a drink in their own home,
> Prohibition created a cat and mouse game between law enforcement and
> millions of citizens engaged in an activity that was illegal but
> popular. As with file sharing, the essence of the game was hidden
> transactions -- you needed to be able to get into a speakeasy or buy
> bootleg without being seen.
> This requirement in turn created several long-term effects in American
> society, everything from greatly increased skepticism of Government-
> mandated morality to broad support for anyone who could arrange for
> hidden transactions, including organized crime. Reversing the cause
> did not reverse the effects; both the heightened skepticism and the
> increased power of organized crime lasted decades after Prohibition
> itself was reversed.
> As with Prohibition, so with file sharing -- the direct effects from
> the current conflict are going to be minor and over quickly, compared
> to the shifts in society as a whole. New entertainment technology goes
> from revolutionary to normal quite rapidly. There were dire
> predictions made by the silent movie orchestras' union trying to kill
> talkies, or film executives trying to kill television, or television
> executives trying to kill the VCR. Once those technologies were in
> place, however, it was hard to remember what all the fuss was
> about. Though most of the writing about file sharing concentrates on
> the effects on the music industry, whatever new bargain is struck
> between musicians and listeners will almost certainly be unremarkable
> five years from now. The long-term effects of file sharing are
> The music industry's attempts to force digital data to behave like
> physical objects has had two profound effects, neither of them about
> music. The first is the progressive development of decentralized
> network models , loosely bundled together under the rubric of
> peer-to-peer. Though there were several version of such architectures
> as early as the mid-90s such as ICQ and SETI@Home, it took Napster to
> ignite general interest in this class of solutions.
> And the second effect, of course, is the long-predicted and
> oft-delayed spread of encryption. The RIAA is succeeding where the
> Cypherpunks failed, convincing users to trade a broad but penetrable
> privacy for unbreakable anonymity under their personal control. In
> contrast to the Cypherpunks "eat your peas" approach, touting
> encryption as a first-order service users should work to embrace,
> encryption is now becoming a background feature of collaborative
> workspaces. Because encryption is becoming something that must run in
> the background, there is now an incentive to make it's adoption as
> easy and transparent to the user as possible. It's too early to say
> how widely casual encryption use will spread, but it isn't too early
> to see that the shift is both profound and irreversible.
> People will differ on the value of this change, depending on their
> feelings about privacy and their trust of the Government, but the
> effects of the increased use of encryption, and the subsequent
> difficulties for law enforcement in decrypting messages and files,
> will last far longer than the current transition to digital music
> delivery, and may in fact be the most important legacy of the current
> legal crackdown.
> * Worth Reading =======================================================
> - GrokLaw: MVP of the SCO Wars
> My colleague Elizabeth Lawley of RIT has convinced me that one of the
> most profound effects of weblogs is the communal workings of those who
> publish them, and that they contribute significant new value to
> collaboration across disciplines and boundaries.
> And now that she's convinced me, I see the pattern everywhere. The
> Dean campaign piece I posted earlier today exhibits much of that
> pattern, and so does today's Groklaw piece on SCO. By way of
> background, SCO, once a technology company, has become a company
> devoted to a single legal strategy:
> 1. Assert rights to the Unix operating system
> 2. Assert infirnging contributions of Unix source code to Linux
> 3. Sue firms that sell or use Linux, especially deep-pocketed IBM
> 4. Profit!!!1! (or at least buyout by IBM, to save them the expense of
> the suit.)
> Much of the matter is in dispute, and IANAL, but what is clear is
> this: a) many SCO employees contributed to the Linux kernel, back when
> SCO was a tech company ("oldSCO"), with the approval of their bosses,
> and b) the Groklaw is doing an astonishing, world-changing job of
> finding, documenting and publicizing these occurrences (alongside much
> other work on the case.)
> A recent GrokLaw entry reads:
> Groklaw has reported before on contributions made to the Linux
> kernel by Christoph Hellwig while he was a Caldera employee. We
> have also offered some evidence of contributions by oldSCO employees
> as well. Alex Rosten decided to do some more digging about the
> contributions of one kernel coder, Tigran Aivazian.
> This paper is a group effort. Alex's research was shared with
> others in the Groklaw community, who honed, edited, and added
> further research. Then the final draft was sent to Tigran himself,
> so he could correct and/or amplify, which he has done.
> Look at that second graf: "This paper is a group effort." Everyone
> always says that about complex work, but this is different. This is
> the end of two-party law, where plaintiff and defendant duke it out in
> an arms race of $350/hr laywers and "Take that" counter-motions.
> Instead, we have a third party, Groklaw, acting as a proxy for
> millions of Linux users, affecting the public perception of the case
> (and the outcome SCO wants has to do with its stock price, not redress
> in the courts.) Groklaw may also be affecting the case in the courts,
> by helping IBM with a distributed discovery effort that they, IBM,
> could never accomplish on their own, no matter how may lawyers they
> throw at it.
> There are two ways to change the amount of leverage you have. The
> obvious one is to put more force on the lever, and this is what SCO
> thought they were doing -- engaging IBM in a teeter-totter battle that
> would make it cheaper for IBM to simply buy SCO than to fight it out
> in the courts.
> The other way to get more leverage is to move the fulcrum. Groklaw has
> moved the fulcrum of this battle considerably closer to SCO, making it
> easier for IBM to exert leverage, and harder for SCO to. I can't
> predict how the current conflict will end, but the pattern Groklaw has
> established, of acting on behalf of the people who will be adversely
> affected by a two-party legal battle, has already been vindicated,
> even if SCO avoids bankruptcy.
> - Tom Coates talks with a Slashdot troller:
> Tom Coates, who has been talking on EverythingInModeration.org about
> his travails with a persistent troll on the Barbelith community and
> his subsequent attempts to ban that user, has elicited a response,
> which has now become a conversation, with a slashdot troller. This
> troller, posting as 20721, is arguing that any hidden moderation
> system helps stimulate an arms race:
> i believe that it takes a certain amount of hubris to assume that
> the people you want to exclude are, by their nature, not as smart as
> you. you may be right about the people you're trying to exclude; i
> defer to your judgement, i'm not a member of the communities you
> are; but where i come from, the best & the brightest are the ones
> being cast out. they're cast out from communities by the following
> chain of events:
> 1) secretive backhanded moderation tactic by the admins is discovered
> 2) someone alerts the community
> 3) the most technically apt in the community are able to reproduce
> the backhanded moderation tactic and verify its existence
> 4) these people call foul and are labelled "trolls" for doing so,
> leading to the institution of more of 1) (repeat).
> this is how i started down the road i'm on. i was one of the many
> people who discovered that the people at slashdot were secretly
> moderating the users' comments, and one day they moderated the same
> comment 800 times - and then they lied about it, and said anyone who
> told the truth about it was a "troll". hence i became what they
> called me.
> More, much more, at
> * End
> This work is licensed under the Creative Commons Attribution License.
> The licensor permits others to copy, distribute, display, and perform
> the work. In return, licensees must give the original author credit.
> To view a copy of this license, visit
> or send a letter to
> Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305,
> 2003, Clay Shirky
> NEC - Clay Shirky's distribution list on Networks, Economics & Culture