Last March, I started working as a technologist for the ACLU's Speech, Privacy, and Technology project. Part of the job is helping the ACLU’s lawyers to better understand the technical details of their legal work. But I'm also taking the fight for civil liberties to obscure (to most people) standards bodies that are writing the rules for the technologies we will all use in the next few decades. These groups include the Internet Engineering Task Force and the World Wide Web Consortium, where I work on an alphabet soup of security protocols with names such as TLS, DNS, TCP, OpenPGP, HTTP, and others.
Why is a civil liberties group paying someone to work to shape the technical standards for our next generation communications technology and infrastructure? The answer is that as more and more of our lives move online, secure communications and other rights-preserving tools are a fundamental requirement for free expression, free association, privacy, and a functioning free press. The civil liberties that the ACLU has long fought to protect require strong encryption and other privacy enabling technologies to exist in a digital age.
I like to make an analogy to urban design: when you plan a street, or a building, you make a lot of choices that influence what can happen in that space for years to come. Will there be parking for cars? A bike path? Trees? One-way or two-way traffic? Speed bumps or roundabouts? Each design choice has an effect on how people will lead their lives for decades to come.
Not just the design choices, but also the quality of the implementation of these choices also has an effect. For example, curb cuts can make a street accessible for people in wheelchairs, but if the slope is wrong, or there is bad drainage, accessibility can suffer.
In the same way, as our society moves further and further online, the design choices made in the underlying communications technology infrastructure can critically shape what kinds of society are possible. These choices are governed by similar planning and implementation work. For example:
- Will it be possible to communicate confidentially with your doctor, your business partner, your mate, or your friend?
- Will you know for sure who you are talking to?
- Can you be confident that no one else is listening?
- Can you try on new identities as you grow and change, or will you have one single "face" that you must present for all your communications and that will follow you for your entire life?
- What assurances do you have that when you send someone a message, they will actually get it, and it will not be tampered with along the way?
- Who else gets to know who you communicated with?
- What authorities are you willing to trust with your data or your identity?
- Do you get a choice of authorities, or is it decided for you?
- What recourse do you have if these authorities misbehave?
These design decisions are often "baked in" to the communications tools we use, and they can shape our lives in ways we don't expect, including in ways that infringe on some of the most fundamental human rights: how we express ourselves, who we communicate with, and how we grow as people.
If your goal is to reduce speeding and noise while promoting foot traffic, you can do it through regulation and the courts—with lowered speed limits—or you can build narrow roads with broad sidewalks, speedbumps and roundabouts, which shape traffic to achieve the desired effect. Most effectively, you can do both. If your goal is to make sure that people can get from one place to another as fast as possible while staying safe, you can go the other direction and use regulation and the courts to raise speed limits and limit road access to fast vehicles, and you can build expressways with guard rails and physical safety mechanisms. Again, to be most effective, you will do both.
So while I work with ACLU lawyers and lobbyists who aim to reform the laws and their interpretation by the courts—the "speed limit" side of things—my job is also to push on the engineering side to make sure we can meet our goals as a society.
How do we shape communications infrastructure at this level? To pursue this engineering challenge of protecting civil liberties through technical protections built into our communications infrastructure, I follow two main approaches:
- Defining standards and protocols that have civil liberties and human rights capabilities "baked in."
- Writing code to implement these mechanisms and ensuring that it is easy for people to safely deploy.
To make this work on a network as sprawling and heterogeneous as the internet, our underlying tool is strong mathematics. As Ed Snowden has said, "the bottom line is that encryption does work."
The importance of protocols and standards
But strong mathematics (encryption and other cryptographic tools) aren't enough—for our machines to talk to each other over today's networks, they need to know the "rules of the road." These conventions and practices are the protocols that our machinery uses to communicate. The process of writing down and clarifying exactly how these protocols work is "standardization." One of the great advances of the internet was that people published the protocols their machines were using to communicate so that different machines could talk to each other.
The work that goes into protocol standardization is a design process: some aspects of the protocol are traded off against others to come to a design that everyone can agree on. Reaching broad agreement is important: if you are the only party who speaks a given protocol, that's not very useful!
Sometimes finding the right answers to the choices that appear in the design process are easy: if variant A of a proposed protocol is both computationally cheaper than variant B and forward secret where variant B is not, we should choose variant A. Other times, the tradeoffs can be difficult: are we willing to leak our own identities long-term to the communications partner in exchange for having a faster connection?
The work (mostly within the Internet Engineering Task Force and the World Wide Web Consortium) involves not only developing new protocols, but also finding flaws in existing widely used protocols, and figuring out fixes for those flaws that can be deployed. I also work on identifying unfixable protocols, and making sure that people stop using them.
The importance of well-designed software
In addition to protocol development work, I work on deployable free software that implements information-security and rights-preserving protocols. The best protocol designs are of no use if there aren't implementations that pay careful attention to detail and provide easy and sensible interfaces for the people and tools that use them. Most of the software packages that I contribute to are backend stuff like GnuPG, GnuTLS, and OpenSSL, which aren’t seen by end-users, but are used by many of the apps and services that we all rely on. These cryptographic software libraries provide functionality and features for secure communication that other software can make use of. Those other “higher-level” programs are the ones that users typically use directly.
By ensuring that rights-preserving tools are easily available on platforms that respect user freedoms, we're shaping the communications environment in defense of free speech, privacy, and free association. I'll be sharing more details about this work in future blog posts, and I'm happy to hear feedback and suggestions about things in this space that need attention. We can help build a society that is both more safe and more free by developing not only the laws, but also the infrastructure necessary for the task.