[tor-project] Privacy-enhancing vs Transparency-enhancing

Sun Jul 17 03:00:55 UTC 2016

On Sun, Jul 17, 2016 at 06:50:42AM +0800, Virgil Griffith wrote:
> I recently had the pleasure of receiving some
> OnionLink related phone calls from the Singapore Police Force.  They were
> very polite and had noticeably impeccable English.
> 
> I learned some things from these discussions.
> 
> In Asia, the noun-phrase "Privacy Enhancing Technologies" is viewed with
> suspicion.  But you frame the exact same thing as a "Transparency Enhancing
> Technology", and they're all about that!
> 
> E.g., whistleblowing isn't seen as privacy enhancing for the individual,
> but as transparency enhancing for the society!

The whistleblowing use-case is transparency enhancing tech built on top of
privacy enhancing technology; it does not mean that Tor itself is mainly
transparency enhancing tech.

Conversely, a "blockchain" enthusiast could promote the "transparency enhancing
technology" of paying employees of the government with some kind of
anti-privacy blockchain recording what they do with their funds to allow all
their finances to be easily inspected. Or for that matter, you could use the
"transparency enhancing technology" of putting cameras in the washrooms, to
make sure no-one was using that moment of privacy to receive bribe money. (the
first example isn't hypothetical - I actually have had to turn down clients
asking me to work on projects like that)

In Bitcoin we have many in the community vigorously portraying Bitcoin as
anything but anonymous, including to government regulators. This has lead to
serious misconceptions about the system, for instance regulators thinking that
metadata like IP addresses and even human identities are recorded on the
Bitcoin blockchain. The reality is somewhere in the middle: Bitcoin isn't
perfectly anonymous, but it's still very difficult to trace funds without a
high risk of false-postives, particularly if people are putting any effort into
hiding their tracks.

I'm personally very concerned that this deception will backfire on the Bitcoin
community: if people think you've lied to them, you'll lose your trust very
quickly, and the whole field will get a negative reputation. It also means that
you may be forced to change the reality to fit the narrative: if regulators
have been assuming Bitcoin isn't anonymous, the fact that it is may be
something we're demanded to "fix" on short notice.

I think what you're proposing has the exact same type of risk for Tor.

-- 
https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20160716/e2c0b48b/attachment.sig>