Accountability Theatre

I doubt you’ll remember reading about “Security Theatre” in my 2005 ID Card paper so I’ll repeat the passage here: I was commenting on the Home Office’s naïve concept of their ID Card as being somehow self-verifying.

It is a classic example of what Bruce Schneier calls “Security Theatre” where we make users go through the motions to make it look like we’re “doing security” but the procedures are actually meaningless “snake oil”

It’s taken me a while but I now realise that the concept is a useful template for another political/commercial deception I’ve been trying to tackle for some years. Most recently I’ve been trying to pique the interest of the only MP I know well enough to trust. Unfortunately he’s rather busy trying to manage at least two portfolios in Corbyn’s shadow cabinet. Despite which I see that he’s taken up the struggle against the Parliamentary Expenses Watchdog – IPSA – and their overweening bureaucracy.

I learned about his (so far) one man campaign from this standard mud-slinging DailyWail story  I’m sure Paul knows he’s got absolutely zero chance of succeeding with his proposal for fixed allowances. But the real issue he’s trying to address is an example of how a system designed to avoid real accountability has no idea how to create it when they’re forced to.

The normal mode of (All) Governments is to avoid disclosing any information which might be used against them while trying to appear as open and transparent as their citizens demand. The result is what I have decided, henceforward, to call “Accountability Theatre”. It can be defined thus:

ACCOUNTABILITY THEATRE

1 Setting up mechanisms, in order to pacify public demands for accountability, which are supposed to audit sundry claims and reassure the public that proper consideration and due process have been applied. But…

2  The mechanisms lack any provision for realistic forensically verifiable means of validating such claims. So…

3 The public are required to Trust the declarations of the auditor and the auditor is required to trust the limited evidence s/he is permitted access to.

4 Specifically, there is no mechanism for ensuring that the evidence accessed by the auditor is both complete and unedited.

5 In the most egregious examples, the auditor is also a member of or closely allied with the organisation they are supposed to audit.

As regular readers will know, the claims I’m most concerned about are those made by the State, such as “we only tapped this suspect’s mobile phone, to obtain call and location history because we had reliable intelligence that he was involved in a potential terrorist plot”

The Accountability Theatre in that situation consists of the fact that, at no point, can any potential auditor either see the raw data without the consent and collaboration of its custodian, nor, even if permitted to see it, to verify that it is complete and unedited. The entire process, in other words, is based purely on faith that the State can do no wrong, a ship which sailed at least a century ago.

Returning, briefly, to Paul’s complaint:

What MPs are stuck with, regarding Parliamentary Expenses is a direct result of recognising that they cannot get away with the normal Accountability charade in respect of their expense claims. i.e. following the expenses scandal  they are now forced to jump through a ludicrous set of hoops in order to retrieve sometimes trivial sums of money which are often not worth the effort. They are, in the name of “Transparency”, effectively forced to stand on the “naughty step” every time they hold out their hand to get back some of the money they spend while doing their jobs. Hence, for example, we know that both Jeremy Hunt and Amber Rudd each submitted claims of just 27 pence for two short car journeys.  This level of disclosure is considered necessary so that the public can be convinced that proper scrutiny of expenses claims is taking place.

And, frankly, it looks like they do a pretty good job. In the sense that no frivolous claims are ever likely to make it through a pretty rigorous checking system. The “Quick Guide” to what they’re allowed to claim  is a mere 11 pages. The detailed version  weighs in at 75 pages. IPSA employs about 70 civil servants, full-time, and are run by an “independent” board which includes at least one judge, at least one ex MP and an at least one real auditor. All this to manage the Pay and Expense claims of just 650 MPs, at an annual cost of around £5 million.  In a typical commercial organisation of similar size, you’d expect 2 or 3 relatively junior staff to deal with that workload. They’d report to the Company Secretary or Financial Director. Total cost, probably less than £150k.

I hasten to add, in case it’s not obvious, that what IPSA are doing is most definitely NOT Accountability Theatre. It is Political Theatre, designed to demonstrate just how thoroughly we’re now watching our elected representatives. It is also a useful distraction from the unpublished detail of much more serious matters we ought to be demanding.

Contrast the obvious overkill effort they put into scrutinising what MPs claim on the Expenses, with the trivial and meaningless scrutiny put into examining the thousands of security requests  routinely dealt with by the Home Office. At her Mansion House speech, June 2014 Theresa May proudly proclaimed that her role as Home Secretary included:

“If the Security Service wants to place a device in the property of a terrorist suspect, or the National Crime Agency wants to listen to the telephone calls of a drugs trafficker, they need my agreement first. On the basis of a detailed warrant application and advice from officials in my department I must be satisfied that the benefits justify the means and that the proposed action is necessary and proportionate.

The warrant application gives me the intelligence background, the means by which the surveillance will take place, and the degree of intrusion upon the citizen. Neither the Security Service nor other intelligence agencies, nor the police, nor other law enforcement agencies, can undertake sensitive surveillance without providing these details and gaining my approval. Ministerial oversight – which I share with the Foreign Secretary and the Secretary of State for Northern Ireland – is a crucial safeguard to make sure that the most intrusive powers are used only when they are necessary and proportionate.”

Now then, how long do you think it would – or should – take to make a thorough assessment of the validity of just one such warrant application? Checking the content of the intelligence and, if necessary, its provenance; considering whether that content, in context, justified spying on a citizen; considering the means and degree of espionage being recommended; investigating whether the individual has previously been targeted and what, if any parallels there are between the circumstances of that targeting and the one being proposed; verifying that the appropriate risk assessments have been made and properly recorded; verifying and justifying the proposed cost etc. etc.

It is impossible to answer such questions without a detailed academic study, which we will, of course, not be permitted to make, but an intelligent guess has to be between one and five days of pretty intensive study. Yet, as MP David Davis pointed out in 2015, Theresa May was required, during the previous year, to approve up to 10 warrants a day – and that was just for phone interceptions.

That speech was supposed to illustrate how seriously she takes her responsibility for “political oversight”. I have no doubt she was sincere and believed that what she was doing actually constituted meaningful oversight. It was obviously, in reality, just a box ticking exercise and classic “Accountability Theatre”. I doubt she has the faintest idea how to seriously examine the validity of those warrant applications. She’s been trained and advised to rely on her Civil Servants, who will do all the real work on her behalf. All she needs to do is feed the monkey.

Their defence against such a charge would likely be along the lines:

well of course the Home Secretary doesn’t research the applications herself, that’s what the “advice from officials in my department” is supposed to mean.

But that’s no more than one branch of the establishment giving the nod to another branch, with which it has closely entangled, even incestuous relations. Why on earth are we supposed to trust that arrangement?

Their ultimate answer to that is the Parliamentary Intelligence and Security Committee, which, ostensibly has the power to question everybody and see everything. Yet the Snowden revelations came as a surprise to this ultimate oversight body (search the page for “Snowden”)

And their subsequent investigation of the revelations regarding GCHQ “rather promptly” resulted in an absolutely clean bill of health. So “promptly” that even a former Chairman of the same committee, Lord King, was moved to comment that:

“the decision by the Rifkind-led committee to swiftly endorse the work of GCHQ was “unfortunate” because the endorsement came while new disclosures from files leaked by the whistleblower Edward Snowden were still being published by the Guardian and other newspapers around the world.

“I think their response was pretty quick,” said King, a former Northern Ireland secretary. “It came at a time when revelations were still coming out. It is very important the ISC maintains public confidence as a scrutiny committee.”

Quite so.

Not only are the committee members obviously part of the establishment that they are supposed to police, but NONE have anything like the skills or expertise required to make a thorough examination of the work of GCHQ, especially “promptly”. They don’t even know the right kind of questions to ask.

The ISC is designed to be Accountability Theatre and, on this occasion, they panicked and fluffed their lines. Normally, they would have made a big show of visiting GCHQ, interrogating its mandarins in both public and private, and, after a few months of due consideration, announced their august whitewash. But the veil slipped for a few moments and those of us who were paying attention spotted the naked Emperor.

So now let’s turn to the serious shit.

The Government Case for Watching All of Us All The Time

The chief response of the Government, to being caught with its pants down over the unregulated Bulk Surveillance of its own citizens has been to frame new powers which retrospectively justify that outrageous invasion of privacy and to pretend it hasn’t already been going on, illegally, for years. If you’ve got the stomach for it, you can read their arguments here:

It may surprise you but I am not going to take issue with any of their arguments for Surveillance. Such objections are, in my view, the weakest argument made by the Privacy/Liberty lobby and the one most easily defeated by the State. Given the right circumstances, there is NOTHING which can be definitively ruled out as a legitimate counter-measure for a State to employ in defence of its citizens. I certainly include the occasional need to assassinate one or two citizens in order to protect other citizens. Perhaps the most recent unarguable example of the legitimacy of that counter-measure being the killing of the French lorry driver who deliberately ran down 86 of his fellow citizens in Nice on Bastille Day.

But given that such circumstances obviously have arisen from time to time and will, inevitably, arise again, it must follow that less dramatic circumstances will arise which will justify all manner of lesser measures like Surveillance and other intelligence gathering activities. Here, I include, for example, the highly controversial embedding of “deep cover” agents inside hostile organisations.

But if we’re prepared to delegate such powers to the State, then it ought to be obvious to any intelligent citizen that nothing and no one should be (digitally) watched more closely than those we delegate such powers to. Then we would be in a position, after the event at least, to determine whether their action was justified and proportionate. And THAT is where we’ve dropped the ball. Or, rather, that’s where the State has chosen to run off with the ball and not allow us even to see it.

I really don’t want to start giving examples of how often and how badly the State has made indefensible and often disastrous decisions in this field and how seldom anyone has ever been held truly accountable for them. This blog and my other writings contain hundreds of examples and if you’re reading this, you’ve probably already read a few of those and many other similar analyses dotted around the web.

I’ll just touch on one area; the embedded agents. We used them to penetrate the IRA. That was necessary and justifiable; even when our agents took part in some of the killings. Anything less would have blown their cover. We’ve almost certainly got or are trying very hard to get embedded agents inside ISIS and Al Qaeda and their more serious offshoots. Those agents too will have to participate 100% like the real thing. That means they’ll take part in recruiting other Jihadis and even occasionally have to kill innocent civilians just to maintain their cover. Some of those citizens might even be British.

But if and when something goes wrong with these operations, the agents are exposed, the shit hits the fan and everything goes titsup, who are we going to trust to tell us the whole truth about how and why it happened? The people who screwed up in the field or in the back office? The politicians who authorised it?  Or should we trust the half-tamed “Independent Reviewer of Terrorism Legislation” who has just endorsed the Bulk collection of Private Data as having a “clear operational purpose” as they “play an important part in identifying, understanding and averting threats in Great Britain, Northern Ireland and further afield”?

He can’t, unfortunately, provide concrete examples but he does advocate “very considerable caution” without coming close to providing a meaningful mechanism for proving that such caution was exercised.

And if you study the government’s own case for such powers (see the link above), you’ll find 3 references to “Safeguards within the Bill” and in each case, those safeguards amount to an assurance that the powers can only be used for purposes specified (chiefly National Security related) and will be independently audited.

Real – Digitally Verifiable – Accountability

If ever a government gets serious about Accountability, here’s what it will need to do, not just for matters related to snooping on their own citizens but for ALL government decision-making processes; though the obvious starting place is “Watching the Watchers”.

The audit trail should contain digital copies of all evidence, relevant conversations, policy decisions and the operational recordings of implementation, pertaining to the events being audited. Each item should have been cryptographically fingerprinted (hashed) and the hashes lodged on a public accessible immutable database (blockchains or protected hash-chains) in real-time as the items were created.

Case folders or periodic snapshots of such data should be similarly hashed so that no item can be withdrawn after the event, without the gap in the data being obvious.

These techniques are not new. I’ve been promoting them for more than a decade myself but Bitcoin has done a much better job of waking people up to the significance of immutability.

Meanwhile, back in the real world, the government “Safeguards” contain no mention of real-time mandatory data storage on an immutable database, so there will be no way for the independent auditor to determine whether he is seeing the whole story and whether what he’s been  allowed to see is as it was when originally stored. The proposed safeguards are just routine Accountability Theatre.

In the optimally Accountable world, whenever an issue is raised regarding the validity of behaviour by the State, the audit team will include appropriate experts in the technical, legal and financial fields they are about to investigate. Their proceedings will be overseen by a Jury, not a Judge. It might be a specially vetted Jury and it may often choose to sit in Camera in order to protect genuine National Security. But Democracy requires the power to reside not in State Appointees who may have a vested interest in hiding incompetence or malfeasance but in  ad hoc representatives of the People who will, for the duration of the audit at least, have no other agenda.

The audit will have unfettered access to the data. With such a provably complete and unalterable (without detection) audit trail, the audit team and their Jury can now sift through the evidence and decide for themselves what questions need to be asked and whether the evidence fully answers them. If it doesn’t, they can establish culpability and publish the relevant facts, with due care to ensure sensitive secrets are not exposed. If all the questions are answered and the actions taken shown to be reasonable and proportionate in the circumstances, they can publish that finding and, unlike the situation today, we could safely believe them.

In such circumstances, for example, how do you suppose that process of true Accountability would have dealt with the disgusting overreach of the State in those other more famous embedding cases such as the 7 women who unwittingly had long-term relationships with undercover cops who were paid by the State to infiltrate legal political organisations like environmental groups, animal rights groups and Trade Unions? I suggest the mere knowledge that it would be impossible for the Police to hide such behaviour from the Audit would be enough to prevent that kind of abuse in the first place.

The Pitchford Inquiry  is supposed to be investigating a whole raft of other similar abuses. But many have already commented that unless the relevant Police could be compelled to tell the truth, the whole truth and nothing but the truth, it will be a waste of time. Given that none of the relevant material was immutably recorded at the time, we will never know how much, if any, of “the truth” they are telling. So the entire inquiry is bound to be just like all the other major inquiries. The Accountability Theatre Players will throw just enough meat to the baying wolves to make them think there’s been a real kill and then everything will return to normal.

The State already has vast Surveillance capabilities and total freedom to use them without any meaningful independent oversight. The crimes committed in our name in this century alone have illustrated the desperate need to eliminate Accountability Theatre with the relevant technology and the laws required to mandate its use. Yet, instead of moving in that direction, the government is intent on ramping up the extent of surveillance  to levels which make even the Police State of America’s USA PATRIOT Act look restrained.

If you’ve read this far can I suggest that if you wish to be part of the solution rather than part of the problem, you could make a useful start by demanding that your own MP explain how s/he is going to fight Accountability Theatre.

Authority V Liberty (Round 4,287,541)

Nobody would contest the desirability of knowing exactly what was in the killers’ heads and history; preferably before they managed to gun down fourteen fellow American citizens in San Bernardino in December. The FBI obviously thinks this is a poster child for their demand for American tech companies to provide back-doors into our encrypted gadgets.

If you’re remotely inclined to sympathise with the FBI, consider this.

It is not just conceivable but highly likely that within 10-20 years, we will have technology capable of ferreting that information out of anyone’s  head. And if you think I’m exaggerating, take a look at this.

or this

or this

or this

or this

or this

or this (added 2016-06-15)

I could go on. The point is that those links illustrate the amount of effort being put into digital mind-reading and the extent to which it’s already been achieved; and that some people are already fully aware of the potential threat, which makes ALL other Privacy invasions pale into insignificance. My 10-20 year time-frame is probably conservative.

I’ve been taking a close personal interest in this technology since Dr Larry Farwell had his 15 minutes back in 2003 when he  managed to get his Brain Fingerprinting evidence accepted by a court which resulted in the release of Terri Harrington, who’d, by then, served 23 years after being wrongly convicted of murder.

I wrote to Farwell at the time, suggesting that his technology could offer the “perfect bio-metric”. I postulated, for example, that it could identify me, uniquely, by observing my neural reaction to seeing a photograph of my late father.  No one else’s brain could simulate my reaction so no one else could pretend to be me. I also suggested that another obvious benefit would be to solve the most intractable problem in secure authentication; viz: access under duress. “Yes they are entering the correct password or revealing the correct retinal scan, but are they only doing that because someone is holding a gun to their head?”

I’m still waiting for a reply!

But it’s obvious that, since then, the technology (and America’s military interest in it) has been marching on. So, whether you like it or not, it’s on its way.  And the authoritarians who are funding the most meaningful research don’t share my views on the use of the technology to prevent privacy invasion. Quite the opposite. They see it as the greatest possible advance in privacy invasion and you can expect laws to change to permit it as we get closer to it. In a sense, that’s exactly what’s happening today.

Once digital mind reading is possible, it will be plausible to argue that, for example, airlines should be allowed to put every passenger through such a mind scanner, in order to ensure that no-one with evil intent against the aircraft is permitted to board.

That’s not my fevered imagination either. Comes from the man himself, almost certainly, given the date of that article, as part of his personal reaction to 9-11.

A first reaction, given my fear of flying, is that I might even think its a good idea myself. Particularly if the “duress protection” was mandated as part of the technology, so that no one could be coerced into having their mind read. And if there was a formally agreed set of questions to which our brain responses would be measured, with no recording of data, alarms raised only on appropriate warnings etc etc, I’d certainly welcome the assurance that, provably, no one sharing that flight with me, had any intention, when they boarded at least, of bringing the plane down.

But as we’ve seen, in some detail, over the past decade, that’s not the way Authority works.   Duress protection, independently citizen audited surveillance of the process and strictly limited application are never on the authoritarian agenda. Instead, they demand back doors, weak encryption, surrender of passwords etc etc.

Society is divided into two groups. The authoritarians and their followers form one group and they will argue in favour of allowing the mind-scanners and insisting that we all step through them.

Once we’ve conceded that for something as serious as air travel, it will be only a matter of time before they mandate it for (in roughly descending order) weeding out Pedophiles, Rapists, Tax dodgers, Copyright cheats,  Trolls, Recreational drug users and Dissidents. Then, depending which level of authoritarianism you live under, they’ll move on to apostates, homosexuals, marital cheats, speeding motorists and other ne’er do wells.

Those who understand Liberty and the nature of threats like the above will probably have to fight the authoritarians literally to the death in what may come to be known as Humanity’s Final War.

The current Apple battle is an early skirmish in that war.

Pick your sides now and be sure of a good seat…

Finally, if you want to hear an intelligent presentation of the current state of the relevant science, and some of the issues, check this out:

So Journos get a bit more Protection, what about the rest of us?

The Daily Mail is crowing over its small victory but, as usual, hasn’t grasped the bigger picture.

The Authoritarian Law (RIPA), whose abuse they have reported on for years, is about to be tweaked with another Law forbidding cops from prying into Journalists’ phone records without more serious oversight than the pathetic “superintendent level authority” required for the police to carry on spying on the rest of us.

First, it’s a VERY small victory. It reputedly only even attempts to improve the protection for Journalists. Not citizens. So, at most, a few hundred of our fellow, more privileged citizens, will be “protected” by the proposed new restrictions.

But second, note the quote marks around “protected”. That’s no accident. The truth is that the Law does NOTHING to protect us from abuse of surveillance powers and never has. At most it might deter those who think they are at risk of being caught snooping, which given the fact that they are not being snooped on themselves, is a very low risk.

But, as the RIPA saga amply illustrates, the vast majority of its abusers don’t even grasp the concept of “Abuse” in this context. They have routinely justified their illicit access as “proportionate and necessary” in pursuit of their aims to pursue petty criminality, littering, illegal parking, dog fouling, fly tipping, cheating to qualify for access to favoured schools and other matters of dubious relevance to our “National Security” which RIPA was deemed necessary to protect. And what we’ve suffered here in the UK is trivial compared to the institutionalised abuse and assault on civil liberties arising from the wholly illicit USAPATRIOT Act and its associated legislation in the United States.

This kind of mission creep is rampant around the world. The USA clearly does it most egregiously and most “professionally” but while they’re among the worst offenders, there is probably no government on the planet which doesn’t routinely abuse its authority to obtain illicit access to private data for reasons which no intelligent citizen would approve.

And anyone who thinks “The Law” can protect them from this kind of abuse doesn’t begin to understand the problem. The only way to prevent such abuse is to make it technically impossible to spy without audited authority. Wot that mean?

It means that it has ALWAYS been technically possible to control access to the data they want to snoop on. It means that such control can easily be made to include a form of authentication and authorisation which ensures that all the relevant data is captured to an audit trail which cannot be tampered with by those requiring the authorised access. It means that, though we can never guarantee to prevent illicit access, we can guarantee that we can always discover it and who was responsible for it.

Laws which make something illegal and threaten sanctions are, at best, only a minor deterrent, as we see in real life every day (think War on Drugs, Fraud, Burglary, Rape etc etc as well as the routine abuses by the Authorities themselves).

Conversely, the near certainty of detection is a major deterrent.

The audit trail would, itself, contain no sensitive data and could thus be entirely publicly accessible. It would serve three functions.

First, all requests for access could be technically blocked and only permitted to proceed on receipt of a key from the audit trail. That one time access key would only be issued once the audit trail has been persuaded that the requestor was a) authorised to make such requests and b) had proved deposit of the documentary evidence required to justify the reason for access.

Second, the public audit trail presents to the world an anonymised record, in real-time, of what the authorities are doing. That public record would not, for example, reveal whose phone records they had just requested access to, but would reveal that one or more such access requests had been made in the last few seconds or minutes. Nor would it reveal who had requested access. But it would reveal at least the organisation responsible for the access request. That might be as vague as “The Home Office” or “NSA” or it might be as specific as “Precinct 99” or “East Devon County Council”. That’s a matter for negotiation.

Over the course of days, weeks, months, it would reveal the extent of surveillance activity against the citizens and the patterns of what authorities were doing what kind of snooping.

The third function of the audit trail would be, in the event of any challenge to the authorities, over a specific access session, to verify (or falsify) their claims as to why they did what they did. Remember the one time access key? That only gets issued if the authority requesting access asserts that it has documentary evidence supporting its reasons for the request and that they meet the terms of any relevant laws. They have to “prove” the existence of that evidence by lodging its digital fingerprint (a “hash” for those who aren’t yet familiar with this incredibly useful crypto tool) with the audit trail.

Come the challenge, they must present that documentary evidence to the auditors and, possibly, a court. The beauty of the Hash is that, while maintaining the complete confidentiality of the evidence, it proves unequivocally whether or not the documents they present are identical to those they claimed, at the time of the request, supported their access request. If they don’t match, or if they are found to be attempting to bypass the audit trail altogether, they are automatically committing a criminal offence.

If they do match, the auditors/court can now study the documentation to make a judgement as to whether their reason for access was legitimate or not. If not, then, once again, they’ve committed a criminal offence. If they do match, then it’s a fair cop!

None of the above is rocket science. It doesn’t require any new technology. It does require some new programming and authentication procedures but nothing dramatic, even though the effects would be.

There are two roles for the Law in this area. First – what they already do – they need to define what we democratically agree to be acceptable and unacceptable practice, with a view to enabling appropriate sanctions against those we find in breach of the law. Their second, so far absent, and more important role, is to mandate the implementation of the kind of technical protection which makes the abuses we’ve forbidden impossible to hide. No more, no less.

If the media, including the Daily Mail, could understand this issue and campaign for the introduction of such legally mandated technical protections across the planet – or at least in their own backyards – then they might actually improve the human condition, and not just protect their own interests.

Now that would be something worth crowing about.

Digital Evolution – Another Step Closer

This is a key step towards our digital evolution and our migration from organic to digital lifeforms. Basically, if we can’t record the human brain in sufficient resolution, we can’t migrate. Period. No Omortality

But this research looks like we’re poking our sticks in the right ant-nests! If we get this right, then, sometime in the next 10-20 years, we’ll have the technology to record and store the information constituting a complete human brain, probably in a few 10 minute sequences, to the resolution required to preserve our entire personality, memory and neural matrix well enough to be re-animated, later, when a digital substrate exists to house us.

Unfortunately, that might be MUCH later. Like another 50-100 years. So we might, I’m afraid, still have to spend a few years technically dead. Although, interestingly, along the way, technology should reach the point where the brain maps could be interacted with as a kind of “living in the permanent present” avatar, like Henry Molaison, who we’ve been hearing about only this last week…

This isn’t a breakthrough, but it is a major step in the direction we need to travel in order to achieve the break-through.

Oh, and along the way, it’s going to have some fascinating commercial and security spinoffs:

Ferinstance, I give you: the perfect authentication device. It not only verifies, unspoofably, unique individuals, but can even detect the absence of informed consent and thus even block those attacks based on coercion. You couldn’t unlock the safe or file even if you did have a gun pointed at your head. And the attacker will know this, so they won’t even try that. It will even enable version 1 of the Mindlock I mused on back in April.

And of course, it makes possible the Perfect communication and self-surveillance device I was fantasising about in the History of Digital Telepathy

…and think of the impact this is going to have on VR. I think we can bet that “Full Immersion” will come along shortly after the first wave of smart dust adopters have begun to appreciate the benefits of receiving data direct to the sense processing parts of the brain.

And obviously, whatever we record, subject to our informed consent, can be played back. Think what that’s going to do for the sex industry. Just a thought. Though I challenge you not to think about it.

It’s happening Reg! Something’s actually happening!
Just remember, you ‘eard it ‘ere first. Righ’!

Who and What is it safe to Believe?

If we can’t even trust the Peer Review system, who or what can we trust?

A friendly banter between me and one of my Stumbling friends began as an argument about whether or not Vaccines are safe. Public confidence in Vaccination became a (serious) problem with a failure of the peer review process by the Lancet, when, in 1998, they published Andrew Wakefield’s notorious and extraordinary claims about a link between the MMR vaccine and autism. Based on case studies of just 12 patients it should never have been accepted by a reputable journal in the first place. It was finally Retracted in 2010. The shit from that ludicrous storm in a teacup is hitting the fans as we speak with the current ongoing panic as a low-level measles epidemic spreads from Swansea.

Our argument was over the validity of vaccinations as a basis of public health. When confronted with the question as to why we should trust the claims, my ultimate fallback was the peer review process. But then I realised that it was almost impossible to defend as it is still one of the “Trust Me” based social infrastructures and too many stories like the Wakefied cockup and the various examples touched on in this “Scientist Magazine” article (first link) were and are surfacing. Personally, I firmly believe that vaccines are reliable, safe and well-tested. But given the abuse of the peer review system which is little short of rampant (see also Ben Goldacre’s “Bad Science”) I have no trusted means of validating my belief for the benefit of those who remain sceptical. This is not just sad, it’s dangerous…

Mindlocks on the horizon

Wasn’t expecting this development quite so soon after my mention of mindlocks in the context of Digital Telepathy. But is precisely the sort of thing I was talking about.

I first proposed brain based authentication in an email to Dr Larry Farwell about 10 years ago when I came across an article describing his own work as the discoverer of “Brain Fingerprinting” My specific proposal was based on the conjecture that, for example, my own brain wave reaction to, say, a photograph of my own late Father, would be dramatically and reliably different to anyone else’s reaction to the same photograph and that, if measured, that reaction could be used as a form of biometric identifier for the purposes of authentication.

But actually my main hope for brain based authentication is that it offers the only conceivable solution for the “final” authentication problem; viz the one thing we can’t yet test for – is the individual whose identity we have just verified operating under duress? This is a vital authentication test in certain critical situations. For example, it would very useful to build it into the protocols which control the launch of intercontinental ballistic missiles! I’m perfectly sure that existing procedures can reasonable verify the identity of the operators arming the missiles, but can it tell whether the operator is only performing their task because they have a gun pointed at their head? Of course it can’t. But it would be very reassuring to the rest of us if we knew the system COULD make that assessment and block the launch if the operator was found be performing under duress.

But it would also be just as useful, though not quite so dramatic, if we could ALL protect our important actions the same way. If and when I ever have a million quid in the bank, for example, I would quite like to know that I couldn’t transfer the dosh to another person’s bank account without the authentication system verifying that I wasn’t conducting the transfer under duress.

And, of course, in a Trusted Surveillance system, the same tests would trap all sorts of evil, from corrupt border guards to forced sexual consent.

The mindlocks which I casually mentioned in the Digital Telepathy story are based on a related notion, not, this time, of duress but of “intentionality”. The idea being that if – as in the story – we’re all capable of digitally recording everything we’re in range of, then the first level of abuse will be the illicit publication of such recordings without the consent of the other parties present. I propose privacy locks to solve that problem. They involve the recordings being locked with shared keys and a cryptographic protocol to ensure that all parties present have agreed and implemented the locks. But that would also prevent “private” playback within even your own head which is a) too restrictive and b) blocks potentially extremely useful functionality (aides memoire, personal diaries, recording minutes, private pleasure etc).

Mindlocks based on intentionality could solve that problem. They would permit private viewing of the recordings (only within your own head) and instantly lock the recording if they detected any intention on your part to share the recordings without the required consent of the other parties.

This research brings all the above a small step closer.

The History Of Digital Telepathy

I know this won’t be the first time you’ve heard it, but on this day, of all days, we are entitled to remind ourselves, with a certain amount of mutual back slapping, that we are living in the first period in recorded history in which there has been no verifiable armed conflict between nation states anywhere on planet Earth, for more than a decade. In some quarters there are even nervous whispers that it might, at last, be safe to come out from under the bed. John Lennon’s dream may have come true. War – as “diplomacy by other means” – may finally be consigned to human history.

It is easily the most far-reaching and widely accepted benefit of the digital telepathy we now take for granted so perhaps it’s worth briefly reviewing the history of how we got where we are today.

Step 1 – The Smart-Phone
Scholars argue that the demand-driver for DT were the antique smart-phones we see proudly displayed in p-resin as antiques in many modern homes today. They were the first platform which made ubiquitous conversation possible. The ease with which they integrated into the emerging online infrastructure of social networking and video sharing made it trivial, in turn, for the ubiquitous conversation to become the universal conversation, where we could all, for the first time in our history, begin to share in real-time, events happening to ordinary citizens around the world. The appetite for this connectivity had never been anticipated, not even by the world’s most imaginative science fiction writers. Smart-phones and the early web not only generated that appetite but, given the limits of early 21st Century technology, made a pretty good stab at satisfying it. But what those prototypes really did was to illustrate the desire for something much more complete.

Historically we recognise that the transition from a global economy based on profit, to one based on utility was well under way by the early 21st century. As Sarah Klein puts it in her award-winning “From Money to Merit”:

“While we can clearly see that commercial organisations continued to dominate innovation in (capital-intensive) hardware, the clear majority of important innovations in software, even before the inception of the Web, came from the Open Source movement, which made most of their product available at no cost to the consumer. The most important, of course, being the effective cryptography, on which modern society depends” (GooLit, 2053)

Credit must be given, however grudgingly, to the late capitalist compulsion to pursue profits, if necessary even by generating new markets – with their knack for “creating the solution to no known problem”. Selfish though such motivation usually was, there can be no denying the effect it had on technological innovation. Although we now recognise software to be the more important component of our socio-economic infrastructure, that software needed the hardware to run on. Like it or not, the greedy capitalists did far more than socially focussed collectivists to make that happen. Without the combination, however, today’s prosperous, healthy, peaceful and money-free society simply wouldn’t have been possible. So despite their overall brutality, we have a lot to thank the Capitalists for. They got things done. And when their time was over, unlike the Authoritarians who depended on their support, they had the good grace to sink relatively peaceably back into society with no hard feelings between us.

Some argue that the vital step towards DT was the first smart-phone implant (remember the “Mind-Phone”? – you won’t find many of those hanging on living room walls!) and there is no denying that it had enormous consequences. On the road to DT, it was, for a start, the first time you could make contact with someone just by thinking their tag. But it was the effect it had on social control which scores much higher in my analysis.

Step 2 – Citizen Surveillance v Privacy
To begin with, even though it was now simpler than ever to communicate, privately or publicly, with any other similarly connected individual, that first generation of mind-phone users were no more likely to communicate with their fellow early adopters, than they had been as smart-phone users. What had much more dramatic impact was the routine and effortless ability to record, privately and securely, anything and everything they did or witnessed. Being able just to think “store that” rather than dig a phone out of a pocket, unlock it and press a few buttons, made recording so easy that it became the default. Combined with pre-capture and growing memory capacity, it became easier to record virtually every waking moment – and perhaps discard the mundane or unwanted – than try to anticipate what might be worth recording and run the risk of missing it. With trusted time-stamps and hash-indexing against secure auditing databases it became trivial to retrieve forensic quality evidence of any arbitrary event from your own past with verifiable accuracy – provided only that you’d bothered to store it. And it being so effortless, why wouldn’t you?

Initially no one perceived its significance. It merely expanded the opportunities for egocentric adolescents to make fools or heroes of themselves and publicise their antics on the early attempts at digital sharing (remember “Facebook” and “YouTube”? Those were the days!) Scandalous headlines arose fairly quickly, when one or two (thousand) “minders” abused the technology to record and then playback intimate sexual encounters or other sensitive private moments without the informed consent of the other parties. That kind of abuse encouraged the widespread adoption of privacy locks, so that any such recording could only be shared if it was unlocked with keys belonging to all parties present at the original recording. Indeed, until the invention of the mindlock, locked data couldn’t even be replayed internally by the record holder unless the relevant parties pooled their keys.

Then came the question of how to deal with either tragic or sinister situations. Democratic random key distribution and trusted key escrow systems took care of those issues. In the tragic scenario, the individual’s own nominated trusted key holders could recreate the missing keys if death or serious incapacity was medically certified and at least 75% of them agreed that key assembly was necessary and appropriate. In the sinister scenario, like suspected rape or murder, where a suspect perpetrator chose to with-hold their keys and their trusted key-holders also refused to co-operate, the keys were constructed so that any 750, out of a thousand randomly selected citizens could – if persuaded that there was a strong enough case – reassemble the missing keys from their own copies of the distributed key store. Today, of course, we require 900, but, for its day, that degree of democratic control was almost revolutionary.

On its own, though, it was not enough to produce the legal and social revolution which knocked away a major pillar of the Authoritarianism that still ruled humankind in the 3rd decade of this century.

Step 3 – The Legal Victories
The first few successful prosecutions of corrupt or bullying police officers and politicians – made possible by evidence gathered beyond their control and beyond reasonable dispute – didn’t have as much impact as you might have expected. Again, it seemed like only a small step from the same kind of exposures produced by the already widespread digital sharing that had kicked off “citizen journalism” at the tail-end of the previous century. But as the numbers of such incidents began to grow in the typical “successful market” exponential manner, the consciousness began to rise – simultaneously within the citizenry and the authoritarians – that, largely due to the massively improved verifiability of the stored content, it was becoming increasingly difficult for the bullies to hold sway.

What the authorities hadn’t anticipated was that the same cryptographic protections which were essential to protecting individuals from illicit access to their thoughts (which were, of course, accessible by the implants) would prove so valuable in validating any claims made by those individuals in respect of evidence gathered in the routine recording of their daily lives. The crypto protocols didn’t just protect, they forensically validated every transaction and recording that they protected. Their audit trail was bullet proof and beyond reasonable challenge.

By the time some of the more extreme authoritarians woke up to the threat and tried to outlaw the technology in a belated attempt to hold back the tide, it was already becoming almost impossible to detect that an individual even had an implant; particularly after the introduction of the first generation of biological implants genetically configured to operate within the brainstem. And it became increasingly implausible, in the light of all the obvious crime it was detecting – and thus deterring – to argue that citizens shouldn’t avail themselves of this growing benefit. Many authorities pointlessly tried shielding their own contacts with the citizens, which only affected the ability to stream data in real-time – which nobody with their head screwed on ever attempted because it immediately made the implant eminently detectable. It had no impact, however, on our ability to record, with trusted timestamps and hash-chains, at either end of a shielded session, and thus to verify our account of the session, to the rest of the world on demand.

If they knew you had an implant, the more corrupt authorities even tried to use the privacy locks to their own advantage. In the guise of offering the victim their own trusted record, they insisted that all mutual sessions be recorded but privacy locked. If the victim subsequently complained, the authority would routinely try to hide behind its own absolute right to privacy. They would, occasionally, even attempt denial that any contact had taken place. It took them a while to understand that although they do not reveal content, time-stamped and shared privacy locks can easily be used to prove that contact had taken place between the sharers, and the routine authoritarian refusal to unlock audit trails covering disputed events made it increasingly obvious they were lying or abusing their authority. Of course, once the victim was arrested and able to prove the privacy lock times and locations, such authorities then found themselves bound by the rules of disclosure and though they often managed to persuade a judge that executive privilege was justified, they also often failed. And the more often they failed, the more likely it became that some other judge or jury would see through their naive pretences. Eventually it became abnormal for their pleas to succeed.

It was very entertaining to witness the Authoritarians’ own long time mantra coming back to bite them: “If you’ve nothing to hide, you’ve nothing to fear” had been their excuse for the authoritarian surveillance they had increasingly imposed, without consent, on a pliant society. How could they possibly argue against our recording what went on when they dealt with us? And how could they defend not revealing the content of those recordings?

Step 4 – The State Found Guilty of Murder
But what really mobilised the masses was when it became widely understood that citizens with implants could not just win any “your word against mine” argument over trivial disputes with friends, colleagues and family, but could fairly easily prove themselves innocent against even the most the malicious charges of a corrupt authority, however much tax-funded effort they put in to framing their victim.

The infamous case of Wilson v the United States is the pivotal case every student learns about and which exposed the levels of corruption endemic in the so-called Justice system. The police, under the direct instructions of a political aide (Adrian White) to the then Vice President (Joanne Schwarzewild), and with the explicit knowledge of the Attorney General (Carlos Martinez), were shown conclusively to have planted evidence and commissioned witness testimony with the corrupt and direct intent to convict an innocent student – David Wilson – in order to conceal the part played by the FBI in the assassination of the wife (Carole) of a Republican Senator (Alan Liebowitz) who had inconveniently caught said Senator cheating on her in an election year. Unfortunate timing on both sides.

Not only was the student able to prove his own alibi by giving a comprehensive and indisputable record of his movements and location during a critical 14 hour period, but, following his arrest, he endured the routine “legal” blackmail session known as “plea bargaining”. They didn’t know he was implanted and he captured virtual admissions by the police interrogators and prosecutors that he was being set up as a Patsy, that he had “no chance of beating the State machine that you’re up against and your own best interests would be served by admitting guilt even though we all know you didn’t do it”.

The political clincher was the testimony provided by a White House secretary, Marion Downey, present during a conversation in which the Vice President casually made it clear to the Chief of Staff (Sydney Walden) that the suitable target had been found. The VP informed the Chief of Staff that David Wilson regularly earned a bit of extra cash tending the extensive gardens of the Senator’s New England Mansion on Saturday mornings. He could be put in the right place at the right time.

Downey didn’t take much notice at the time because she misunderstood it as a trivial domestic arrangement for the Senator’s gardening requirements. It was only when the Senator’s murdered wife popped up on all the News feeds a couple of weeks later, followed by a startled looking David Wilson being arrested for the murder that she realised she was in possession of incriminating evidence. And for reasons which have been replayed since in a dozen dramatisations of the story, she didn’t much like the VP at the time.

Downey swore testimony and offered to reveal her data to the court but both the Vice President and Chief of Staff pleaded the Fifth and refused to share their privacy-locking keys, citing grounds of “National Security” and “Executive Privilege”; which, for the first time, the entire planet understood to be an inescapable admission of guilt.

The judge (Justice Steven Warren) – clearly part of the conspiracy – tried to rule her testimony invalid and even tried to block the expert testimony of the mathematicians and forensic software consultants who could explain how and why Wilson’s alibi was incontrovertible. Famously the Jury went on strike – together with elements of the local police – who had caught the mood of the masses and refused to make any arrests. The media storm and widespread public protests eventually forced the Government to concede a retrial under the famously incorruptible Justice Mary Elizabeth Sterning.

The technical evidence demonstrated to the court how Wilson’s evidence could not have been spoofed.

The assassin hired by the FBI had killed the Senator’s wife 15 minutes before Wilson was due to report for duty on Saturday morning, expecting him to show up just before the Police snatch squad sent to arrest him with the smoking gun. But he had consumed rather too much alcohol at a Frat party the previous evening and didn’t make it to the Mansion. His ability to prove his movements sunk the prosecution case and under the judge’s direction, the jury gladly, and unanimously, found him not guilty and made their now famous declaration finding “Agents and Agencies of the Government guilty of murder in the first degree, conspiracy to pervert the course of justice and perjury to a degree amounting to Treason against the people of the United States”.

As well as the huge and inevitable political storm this provoked, overnight the American “successful prosecution” rate, always considered as infeasibly high, plummeted as it quickly became clear that a significant percentage of prosecutions were without verifiable foundation and resulted from virtual blackmail in the form of the corrupt plea bargaining system. Outside America the corruption of its judicial system was widely recognised, not least as a result of the direct inverse correlation between the wealth of the defendant and their probability of conviction. But getting Americans to see it with their own eyes was absolutely crucial. Once their authoritarian domino began to wobble, all the others realised the peril that was upon them.

Step 5 – Changing the Game and the Players
Once the chances of successful prosecution against provably innocent victims fell to near zero, the entire plea bargaining system crashed and burned. One after another, juries refused to follow the edicts of obviously corrupt judges and made it impossible to convict the innocent. Honest judges, who fortunately still formed a majority within the judicial system, began rejecting Police evidence routinely unless it was digitally recorded, with trusted time-stamps, on a protected audit trail. The crunch came when the still largely Authoritarian Congress tried to pass new laws, dramatically reducing opportunities for – and the powers reserved for – Trial By Jury. Simultaneously, they tried to mandate trust in Police evidence even when not digitally preserved. Nearly one and a quarter million American Citizens surrounded the Capitol and refused to move until the vote was taken. The Sacking of Congress, which followed the infamous vote is, of course, the day we now all celebrate as the birthdate of our real democracy.

In the famous words (*) of Supreme Court Justice Stephen Pilliakov – the only sitting Supreme to try to fight the State’s attempt at resisting the revolution (and one of the first into the Capitol on that famous Tuesday):

“Yes, it is still necessary, in some circumstances, for society to delegate Authority to public employees but on this historical day we have finally come to terms with Lord Acton’s axiom: “Power tends to corrupt, and absolute power corrupts absolutely. Great men are almost always bad men.” And at last we have found the solution…

From this day forth, the rule of Law shall be modified thus:

Citizen: Innocent until proved Guilty

Authority: Guilty until proved innocent.”

Beyond the criminals in Authority, it became effectively impossible for criminals in the wider world to know – in advance of their attack – whether or not someone was capable of recording their attacks, so once the adoption rate passed the critical mass of about 25%, it rapidly became too dangerous for most attackers to take the risk. Of course, if you actually intended to kill the target, it was still relatively simple to arrange a murder before the victim’s sensors could identify the attacker, for example using a sniper rifle at distance, but almost all other attacks became too costly to the attacker. And once the technology adoption rate achieved the 95% level, the ability to track down attackers purely by a process of elimination became feasible and crime fell to the levels it still sits at today where Murder and Rape are now so rare that each one becomes a sensation for a few weeks after it is uncovered.

Step 6 – Making Public Lies Impossible
The next major enhancement was AAI – Augmented Artificial Intelligence. Some of us are old enough to remember its humble beginnings as a simple audio-visual prompt which would remind users of the name of that acquaintance you’d bumped into in the street. You’d only met them once, and that was a few months back. It was so damn useful to have that name and bio prompt and be able to greet each other, convincingly, like old friends!

But then AAI’s language and context recognition skills began to be turned in another direction. RTFM – Real Time Fact Monitoring – was the killer app that did for Authoritarianism what that prehistoric asteroid collision did for the Dinosaurs. Their use of covert and overt violence to control the population had already been made untenable by the citizen surveillance arraigned against them. Now it became increasingly impossible for them to control any part of the political messaging system unless it genuinely fitted the facts.

At first it was a tool for the satirists. They’d replay a political speech but with the AAI analysis showing up as subtitles. We all smirked as politician after politician was shown to be misinformed, prejudiced, selective, manipulative, superstitious or lying. Bigoted journalists, exaggerating CEOs, Evangelist millionaire ministers and a host of other routine social parasites were all publicly exposed in the same way.

It quickly became obvious that the game was up. No public statement, nor even a private one – if if was based on facts in the public domain – could be made without the increasingly infallible RTFM flagging up all attempts at deceit and manipulation. Dishonest politicians, in particular, found it impossible to continue their centuries old tactics and quickly became unelectable. And although it took a full fifteen more years for the effects of RTFM to sweep the planet, and one or two regimes fought to the literal bitter death, Authoritarianism died, not so peacefully, on January 5 2058, with the public hanging of Iran’s “Guardian Council”.

And as we all know, we’ve seen massive drops in crime against the person, mirrored around the world, and despite the on-going genuine conflicts which continue to exist between citizen and citizen, between State and citizen and between State and State, since that date there hasn’t been a single day of armed conflict between any two or more member States of the United Nations. It seems that once it became impossible to lie to each other about anything which could be instantly fact-checked or, if necessary, remotely or citizen surveilled, wars become essentially impossible to create.

This year, as multiple celebrations are regularly reminding us, is the centenary of the recognised starting point of the digital age – January 1 1970. And today is specifically the 50th anniversary of that first smart-phone implant on April 1 2020 – the birthdate of Digital Telepathy.

I give you “Happy D Day”


*Pilliakov’s speech in Context:

“Yes, it is still necessary, in some circumstances, for society to delegate Authority to public employees but on this historical day we have finally come to terms with Lord Acton’s axiom: “Power tends to corrupt, and absolute power corrupts absolutely. Great men are almost always bad men.” And at last we have found the solution.

From this day forward, let it be known to anyone aspiring to the exercise of Authority in this land: if ever you are delegated powers to act on our behalf, you shall be assumed fully accountable for every second of your life while you remain in office and, if appropriate, for a number of years before and after you leave office.

What this means in practice is very simple. Should you be accused of any crime or misdemeanour, in contrast to the Citizen, whose innocence will continue to be assumed until a Jury can be persuaded otherwise, the starting point for anyone in Authority is the exact opposite. Your guilt shall be assumed unless a Jury can be persuaded otherwise.

For some years, a growing number of ordinary citizens, now constituting a large majority of the population, have, for a wide variety of their own purposes, voluntarily and routinely captured comprehensive detail about own their lives; so comprehensive, that some innocent citizens have famously defeated the infamous attempts by a corrupt State and corrupt judicial system to continue their embedded practice of widespread judicial blackmail and tens of thousands of false imprisonments.

That same technology shall, in future, be deployed to further protect the Citizen from rogue Authority. Unlike ordinary citizens, for whom the adoption and precise use of such technology will always remain optional, if you are appointed to a position of Authority, it is, hereafter, a condition of your employment in such a post, not only that you be monitored by the technology, but for that monitoring to be provably continuous.

You shall record your every move, your every conversation, your every heartbeat. They shall remain just as private and secure as the data stored voluntarily by private citizens. But unlike the private citizen, about whom there can never be certainty about what data they have captured and chosen to archive, the world will know that you are legally obliged to possess your own digital record of any disputed event.

The world will thus know that, if you are innocent, you will be able prove it, just as thousands of innocent citizens have managed to do themselves, even under direct attack by the Authorities and Rules which were supposed to exist to protect them. Under these circumstances, it is, of course, reasonable, should you be accused of anything untoward, that you are given the opportunity to prove yourself innocent. But should you choose not to present such evidence, even if you claim that the evidence has been destroyed, or that a system failure prevented storage, your guilt shall be formally confirmed.

From this day forth, the rule of Law shall be modified thus:

Citizen: Innocent until proved Guilty

Authority: Guilty until proved innocent.