Smuggling Anthologies Conference, Trieste, 7/11/2014
(1) The «Pretty Good Privacy» case and its main issues
(2) The problem of smuggling in the «Information Age»
(3) muggling and the control of information
http://smugglinganthologies.wordpress.com/2014/11/04/program-trscanskog-simpozija-trieste-symposium-program/
https://www.youtube.com/watch?v=3fxdG7TqC_M
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
"Pretty Good Privacy": smuggling in the "Information Age"
1. Smuggling Anthologies
“Pretty Good Privacy":
smuggling in the “Information Age”
“Pretty Good Privacy”:
il contrabbando nell’età dell’informazione
Federico Costantini
“Pretty Good Privacy”:
krijumčarenje u doba informacija
Università di Udine / University of Udine / Sveučilište Udine
Trieste, Auditorium Museo Revoltella Trieste, Museo Revoltella Auditorium Trst, Auditorium muzeja Revoltella
Venerdì, 7/11/2014 Friday, 7/11/2014 Petak, 7.11.2014
2. 2
<index>
<FirstPart>
The «Pretty Good Privacy» case and its main issues
</index>
</FirstPart>
<SecondPart>
The problem of smuggling in the «Information Age»
</SecondPart>
<Conclusion>
Smuggling and the control of information
</Conclusion>
3. <FirstPart> <The «Pretty Good Privacy» case and its main issues>
3
(1) PREMISES
(2) FACTS
(3) AFTERMATH
(4) LEGAL ISSUES
4. <The «Pretty Good Privacy» case and its main issues>
4
<FirstPart>
(1) PREMISES
COLD WAR: US Goverment divides export in two
main categories:
- MUNITIONS -> Department of State
- DUAL USE TECHNOLOGIES -> Department of
Commerce
1976: US Government provides a very strict regime
for arms export
AECA (Arm Export Control ACT)
-> ITAR (International Traffic in Arms Regulations)
-> USML (United States Military List)
-> «cryptographic systems»
Title 22 C.F.R. 121.1 (XIII)(b)(1) (1994)
ENIGMA MACHINE
http://it.wikipedia.org/wiki/Enigm
a_%28crittografia%29
5. <The «Pretty Good Privacy» case and its main issues>
5
<FirstPart>
(1) PREMISES
EXPORT OF CRYPTOGRAPHY = CONTRABAND OF WAR
«Any person that knowingly violates the Export Administration Act (EAA) or the
regulations of, is subject to a fine of up to five times the value of the exports
involved or $ 50,000 whichever is greater, or imprisonment of up to five years or
both» 50 U.S.C. 2410(a) (1994);
«Any person that willfully violates the EAA or the regulations of, is subject to five
times the value of the exports up to $ 1,000,000 ($ 250,000 for an individual), or
up to ten years of imprisonment, or both» 50 U.S.C. 2410(b)(1)(A)(B);
«The violation of the Arms Export Control Act (AECA) or the International Traffic in
Arms Regulation (ITAR) is punishable by a fine up to $ 1,000,000, or
imprisonment of up to ten years, or both» 22 U.S.C. 2778 (c) (1994).
6. <The «Pretty Good Privacy» case and its main issues>
6
(2) FACTS
24th of January 1991: Senate Bill 266
«Comprehensive Counter-Terrorism Act»
1991: Pretty Good Privacy version 1.0
DOS, distributed on US soil (and Internet)
4th of November 1993, arrested for
infringement of AECA and ITAR
PHILIP R. ZIMMERMANN
http://it.wikipedia.org/wiki/Phil_Zimmermann
<FirstPart>
7. <The «Pretty Good Privacy» case and its main issues>
PGP Source Code and Internals
7
<FirstPart>
(2) FACTS
1995: Zimmermann published worldwide
his book «PGP Source Code and
Internals»
http://www.amazon.com/PGP-Internals-Philip-R-Zimmermann/
dp/0262240394
«The genie of guerrilla
cryptography is out of the bottle. No
one, not even its maker, can stuff it
back in or keep it within what America
laughably calls its borders. The genie
is all over the Net. It's in your hands as
you hold this book. Summon it with a
conscience. But be prepared to
summon it if you must»
(Barlow, John Perry. 1995. Introduction to The official
PGP user's guide by Philip R. Zimmermann,
Cambridge, Mass., MIT Press).
8. <The «Pretty Good Privacy» case and its main issues>
8
(2) FACTS
11th of January 1996:
The federal investigation against Zimmermann ended with archiving the charges
PRESS STATEMENT OF ASSISTANT ATTORNEY GENERAL:
«no change in the law, no change in policy. If you're planning
on making encryption available over the Internet, or other
means, better check with the State Department first»
(…“Better check”???)
<FirstPart>
9. <The «Pretty Good Privacy» case and its main issues>
9
(3) AFTERMATH
1996:
Zimmermann yield the rights on his algorithm
to a company named Network Associates Inc.
2001:
Zimmermann was inducted into the Internet
Hall of Fame
2002:
Network Associates was acquired by PGP
Inc.
2010:
PGP Inc. was merged with Symantec
Corporation. http://www.internethalloffame.org/i
nductees/philip-zimmermann
<FirstPart>
10. <The «Pretty Good Privacy» case and its main issues>
10
(3) AFTERMATH
July 1996, the US
government signed an
international agreement,
the «Wassenaar
Arrangement on Export
Controls for Conventional
Arms and Dual-Use
Goods and Technologies»
(Encryption is contained in
Annex I, “List of dual-use
items”, Category 5 – Part 2
″Information security″).
www.wassenaar.org
-> EUROPEAN UNION
Council Regulation (EC) No 428/2009
Regulation (EU) No 599/2014
<FirstPart>
11. <The «Pretty Good Privacy» case and its main issues>
11
<FirstPart>
(4) LEGAL ISSUES
Three most important legal profiles of the case:
(1) First amendment
-> freedom of expression
(2) Fourth amendment
-> right to privacy
(3) Fifth amendment
-> privilege against self-incrimination
12. <The «Pretty Good Privacy» case and its main issues>
12
<FirstPart>
(4) LEGAL ISSUES
(1) first amendment -> freedom of expression
Two main grounding arguments for defense:
(1) Zimmermann’s software was distributed only on national soil
-> NO EXPORT -> NO INCRIMINATION
(2) Zimmermann’s book was included in «public domain», so it was a justified
conduct
-> EXCEPTION TO PROHIBITION -> NO INCRIMINATION
BUT (arguments of the US government):
(against 1) the software was uploaded on internet by Zimmermann’s friends and
activists (so he said…), and it was spread Worldwide (as Internet is)
(against 2) can a software be considered as an expression of «free thought»? It is
just an algorithm (objection: yes, but the act of spreading in itself was an
expression of freedom)
13. <The «Pretty Good Privacy» case and its main issues>
13
<FirstPart>
(4) LEGAL ISSUES
(2) Fourth amendment -> right to privacy
Zimmermann did not insist on this profile, since eavesdropping is quite
«tolerated» (Echelon, Snowden, etc…) and involves all Internet users in the
world.
SEE:
(Warren and Brandeis 1890)
Olmstead v. United States, 277 U.S. 438 (1928)
Dissenting opinion of Justice Brandeis
Katz v. United States, 389 U.S. 347 (1967)
Overruling OLMSTEAD decision.
14. <The «Pretty Good Privacy» case and its main issues>
14
<FirstPart>
(4) LEGAL ISSUES
(3) Fifth amendment -> privilege against self-incrimination
This is very actual problem also for us: can someone be (legally) compelled to
reveal the passwords of his devices?
A Virginia Court stated that this does not applies to I.D. fingerprints, because they
are like DNA samples, a feature of the body not involving moral freedom.
(… have you got an iPhone6 or a new iPad?)
15. <The «Pretty Good Privacy» case and its main issues>
15
<FirstPart>
(Question):
«YES (INTERESTING),
BUT… What is the
meaning of this case for
us, after twenty years,
here in Europe?»
16. <The «Pretty Good Privacy» case and its main issues>
(Answer)
«MAYBE there are some
reasons why this case
could be considered in a
‘Smuggling Anthology’»
16
<FirstPart>
</FirstPart>
18. <The problem of smuggling in the «Information Age»>
18
<SecondPart>
What is the meaning of the frontier?
What is the meaning of smuggling?
Why smuggling is so severely punished?
-> in ancient times (natural order)
-> in modernity (rational system)
-> in the «Information Age» (control of information)
19. <The problem of smuggling in the «Information Age»>
19
In ancient times
Frontier = medium with
divinities
(mundus/pomerium in
Rome)
Smuggling = breaking a
natural order, doing evil
Punishment = castigation of
an impious
Heinrich Füger, Prometheus bringt der
Menschheit das Feuer (circa 1817) oil on
canvas, Liechtenstein Museum
<SecondPart>
20. <The problem of smuggling in the «Information Age»>
20
In modern age
Frontier = phisical limit of
the Sovereign’s power
Smuggling =
disenchantment against
legal system
Punishment = prevention
against rebellion of other
individuals MAV Villagrasa, Sanctus Al Caponis (2010)
(t-shirt, particular)
<SecondPart>
21. <The problem of smuggling in the «Information Age»>
21
In «Information Age»?
Frontier = domain of
available resources
Smuggling = concealing
information
Punishment = exclusion from
shared information
http://internet-map.net/
<SecondPart>
22. <The problem of smuggling in the «Information Age»>
22
<SecondPart>
ANCIENT TIMES / MODERNITY
Smuggling -> Deception
(by the smuggler to the customs officer)
«Information asymmetry»: show appearance / hide reality
- Physically
(sneaking through solitary paths, concealing trafficked goods in worthless objects)
- Symbolically
(forging shipping documents, corrupting customs officers)
23. <SecondPart> <The problem of smuggling in the «Information Age»>
23
«INFORMATION AGE»
Deception -> Encryption
(prevention of access by third parties)
Encoding = hide reality / create appearance
Decoding = hide appearence / show reality
24. <The problem of smuggling in the «Information Age»>
24
PLAINTEXT
(resources
available)
Encoding
(hide reality)
CYPHERTEXT
(resources
unavailable)
How Encryption works (basically)
Decoding
(show
appearence)
<SecondPart>
25. <SecondPart> <The problem of smuggling in the «Information Age»>
25
(Question):
«YES (INTERESTING),
BUT… What is the
problem? Encryption
should be granted as a
protection for freedom!»
26. <SecondPart> <The problem of smuggling in the «Information Age»>
26
(Answer)
«(also Zimmermann was
convinced of it) but
MAYBE there are some
reasons for doubting in
some cases»
27. <SecondPart> <The problem of smuggling in the «Information Age»>
First example: «THE REASON», the first metal gun entirely 3D-printed
With 3d printers you don’t need to carry a phyisical thing through a custom (you just need to
download a file, to buy a printer and some «ink cartridges»)
27
http://gizmodo.com/the-world-just-got-its-second-all-3d-printed-metal-gun-1651348942.
28. <SecondPart> <The problem of smuggling in the «Information Age»>
First example: Deep Web and cryptocurrencies
You can buy anonymously what you want (EVERYTHING!), thanks to Zimmermann
http://www.forbes.com/sites/andygreenberg/2013/04/16/founder-of-drug-site-silk-road-says-bitcoin-
28
booms-and-busts-wont-kill-his-black-market/
29. <SecondPart> <The problem of smuggling in the «Information Age»>
The «Information Age» reveals the problems
hidden in the contrast between individual and
State, between two opposite ideologies:
libertarism and autoritarism.
29
Each part claims to have power to control
information. But this power is exclusive and
absolute.
</SecondPart>
31. <Conclusion> <Smuggling and the control of information>
31
Few final remarks:
(1) the «Information Age» has weakened past physical boundaries, but has raised
higher barriers, called «cyberborders»
(2) Internet has been Weaponized, so theoretically there is no difference between
«contraband of war», mere «smuggling» and siimple «comunication»: everything
that is out of control, it is a threath.
-> Tallin Manual
(3) there is no substantial difference between traditional «smugglers» and
«customs offices»: everyone bows to the power of information.
32. <Conclusion> <Smuggling and the control of information>
(Question):
«YES (INTERESTING),
BUT… is there still room
for smuggling in the
«Information Age»?»
32
33. <Conclusion> <Smuggling and the control of information>
(Answer)
«MAYBE YES. Perharps we
should think that smuggling
is an «art» and try to
«smuggle» ourselves, with
creativity»
33
34. <Conclusion> <Smuggling and the control of information>
34
Hugo van der Groot,
philosopher of law,
sentenced to death,
escaped from
Loevestein Castle in
the Netherlands
hiding himself in a
trunk of books
(22nd March 1621).
Hugo de Groot klimt in de boekenkist, (Hugo Grotius
climbs into the book chest) (circa 1800)
35. 35
Many #thanks for your #time,
#patience & #attention
Federico Costantini
[name].[surname]@uniud.it