Should we really care about that ‘unbreakable’ iPhone cryptography?
In respect to the Apple vs FBI story, regarding ‘absolute’ personal cryptography, I increasingly wonder about the sanity of our technological ‘progress’, and its often self-claimed ‘intelligent’ architects. Should I really believe in the good-faithed actions of non-democratically-elected business oriented technological elites to safeguard my civil liberties in that respect?
I personally have many things I want to keep for myself in the digital world, but to what extent? Like most of us here, I’m not longing to have a blackphone or whatever military-grade unbreakable crypto-device to manage my daily digital communication or data needs, I just want to control intimate information to the extent it doesn’t undermine the quality of the society I live in.
Besides big tech companies longing to rip the banks and credit card companies of their bounty (aka the payment cards), or to create that ultimate unique virtual space for all our personal information where they could sell us related services, who does actually really care about ultimate cellular smartphone cryptography?
For them to grab that market they focus on a centralized device to carry all our personal information along, and to create the necessary trust, that bond that will make us agree on the terms and conditions, they sell us ‘ultimate’ security through unbreakable cryptography. But does that suffice, as individuals do we really need that, and aren’t there any socio-technological alternatives to enhance our lives without holding back all of these incredible modern information technologies?
In the current more-or-less natural transition of personal information from current services to cloud-and-device based schemes, it seems we are forgetting what all these data and services are meant for, how it relates to our real life. We humans obviously crave for more than simple virtuality and digital-data to enhance our lives, and it will always only be an intermediary mean to attempt in making the latter the better.
There are as many fine reasons for one to want to adopt these new cryptographic tools without restraint, than there are of not wanting their private life and intimate information easily available to any bot or human online. There is obviously a necessity for the use of decent cryptography, but there are also necessities in the real world we live in for our complex and fragile communities to defend themselves against greedy or destructive external forces that will rely on total information security to organize themselves. The fragile balance between individual liberty and communal restrictions actually makes the world we live in one we would or wouldn’t want to transmit to future generations, and this is where the increasing potential of modern information technologies, and the way we let them crystallize, is becoming increasingly crucial.
That’s why I would willingly agree to limit my use of ’stronger’ cryptography to a very minimal amount of the data I might care on porting to the digital net, if I decide to carry it on there at all. The really important information I would prefer not to be digitally ‘clonable’ and thus not be online, and rely on old-school analog methods for their safeguard. They’re not perfect, they’re quite costly, they sometimes are a bit obscure, but they have proven their efficacy to some point in making the world we live in what it is today. It is crucial I should have the choice.
If one day the practicality would outweight the risks, I should also be able to opt-in ‘hardcore’ cryptography on selected crucial information to my likings, actively limiting the scope to necessity rather than applying by default to the whole. I would also like it to be to a ‘reasonable’ extent, that would be agreed on as a community, democratically, not by one company’s desire to make it a must-have, or of any of its self-defined philosophical inclinations. And not to mention the willingness or competence of the latter to insure the encryption/storage/decryption process as a whole.
Should we care that much on having greater societal entitities being able to decrypt what we hold on our communication devices, or shall we be more interested in its accordance to our democratically defined laws, rules and values? Are these antagonsits? Why should a smartphone maker be the gatekeeper of that intimacy? This is a society and most of us are already willing to limit our individual freedom in some respects in order to allow a better life for the community as a whole. Compromise is a fundamental part of the well-being of our human societies.
This doesn’t mean I don’t care there would be a slight chance of exposing my life to the world, but I actually don’t care for most of it, and will be ready to pay that price to some extent. Is it also worth having all my personal information held on that single ‘smart’ device to the extent I would take that risk? And would we really need that much of an infaillible cryptography if we didn’t care concentrating all our data in one place?
Maybe we should rethink the model those big tech companies are selling us.
We should look at the reasons pressuring us to embrace that one-stop-shop for personal information (aka the smartphone and its related cloud-services). Does it make sense to have your whole informational life digitally stored on a smartphone, on a privately managed cloud? And I don’t mean the slightly entertaining and practical stuff, but the more intimate matter and placeholders of our identities. Is this really that practical, aren’t there sounder alternatives to enhance our daily lives, maybe to the impact of the ‘providers’ making less benefits? The debate ultimately should be about that.
At a time when we are looking at some of the ‘older’ solutions to enhance or preserve our life quality or necessities, when local currencies are making a comeback, when analog music and media is regaining some space thought minimal for the sake of sensuality and style, why would you want to store EVERYTHING on your iPhone and on the cloud? What is there with this idea of cloning our real-world lives to the digital one? Preparing the market for these new virtual reality gadgets (and I must admit I am actually looking forwards to it)?
At a time when we humans are overcrowded by the increasing influx of digital messages in our daily lives (move over undesired news, emails, whatsapp, facebook messages, advertisements, …), at a time where the only solution seems to having to rely on artificial intelligence to maintain coherence and sanity of our informational world, why the hell would we want our lives to continue providing intimate data to such a digital one-device centric solution mess?
But maybe personal-cryptography solutions should also focus on intermediary technical solutions to offer both decent individual privacy, as well as ways to respect the few necessary societal guardrails. We should maybe also limit the impact of cryptography by not making it the standard for everything we store digitally, thus making us more responsible and wiser internet citizens.
Here are also a few random ideas:
1) give us some certified by default non-encrypted smartphones (I would buy one, and that would definitely make me more responsible on how I manage my online personal information).
2) offer uniquely-printed chips with a separate analog key to open the encryption (the key could be physically stored in certified locations and for example wait for a court order before being used).
3) offer a time-limited encryption system (the encryption would automatically break after a certain rather short amount of time, based on some hardware property; that would also stimulate the economy! ;) ).
4) require users who would want to use inalterable cryptography to inform the authorities, and store the key to their encrypted information with a certified entity, in a non digital way (this is a bit scary I agree, but there might be some ways to make it less ‘1984’).
Most users don’t care about that inalterable iPhone cryptography Graal, we care about a better life. And smartphones are part of the multitude of tools modern day technology offers us to try and get it.
The ‘smart’ ones who really want to go through the effort of making their data safe already know how to do so in any case, so at times when personal information secrecy might actually endanger the past-generations’ effort and sacrifices to make the world we live in that better place for all, shouldn’t we make an effort to compromize technological perfection for philosophical wisdom?
Is that lock really where it should be?
p.s. This text is a first draft, and I will try to update it to reflect inconsistencies and/or changes of mind. ;)