You Will Have No Electronic Privacy

Recently by Mark Nestmann: Expatriation and Gold Prices

“Don’t change a winning strategy.”

Nowhere is this truism more slavishly followed than in the global campaign to eliminate financial and electronic privacy.

The strategy is simple. First, the governments that find privacy inconvenient create a purportedly independent commission, funded by a non-governmental entity, such as the Organization for Economic Cooperation and Development (OECD).

The purpose of the commission is to find a solution to a “problem.” The problem could be the disturbing tendency of individuals to take measures so as not to have their wealth confiscated. Or, their equally disturbing desire not to have their communications monitored.

The commission establishes “minimum standards” to deal with the problem. These standards often run roughshod over human rights protections established over centuries and enshrined in national constitutions. Nonetheless, influential organizations publish reports calling for the minimum standards to be adopted globally. Politicians clamor that the severity of the crisis de jour overrides any concern for human rights. Most countries make the necessary accommodations, and the standards eventually become law.

If this sequence of events sounds familiar, it should. It is precisely the way in which the OECD largely dismantled offshore bank secrecy over the past 20 years. Critics of this process have dubbed it “policy laundering,” but it persists – because it works.

Now, a similar sequence is playing out in the realm of Internet privacy. In 1994, the United States enacted the Communications Assistance for Law Enforcement Act (CALEA). This law requires that electronic communications companies construct equipment and networks to facilitate government surveillance. In what must have appeared to be a remarkable coincidence to the uninitiated, in quick succession, several other nations introduced legislation similar to CALEA.

The source of this global flurry of surveillance legislation was an FBI-funded consortium of national law enforcement and intelligence agencies called the International Law Enforcement Telecommunications Seminar (ILETS). Among other initiatives, ILETS proposed storing Internet traffic and transactional data by commercial organizations for at least one year.

Many countries quickly came into line with this requirement. In 2006, the European Union incorporated most of the ILETS requirements into the Directive on Data Retention. This directive requires EU telephone companies, Internet Service Providers and other electronic communication services to maintain records of customer e-mails, telephone calls, Web surfing habits, etc. for at least six months and made available to police on demand.

However, not all countries meet these requirements. Embarrassingly for the FBI, one of them is the United States.

With this background in mind, I recently reviewed legislation now before Congress with the provocative name of the “Protecting Children from Internet Pornographers Act.” Among other provisions, H.B.1981 would require Internet service providers to store customer data for a year and give it to investigators without a warrant.

The association of child pornography with Internet privacy is a cynical yet brilliant strategy. Yet, it’s nothing new. The OECD and its minions did something very similar when they forced low-tax jurisdictions into signing tax information exchange agreements. To persuade taxpayers in high-tax countries to give up their financial privacy, politicians convinced them – with mostly contrived evidence – that wealthy taxpayers had stashed trillions of dollars of untaxed income in offshore tax havens. Public opinion quickly turned in favor of outing the errant taxpayers.

Even if H.B.-1981 doesn’t become law this year, something similar probably will. And of course, investigations won’t be restricted to child porn. That would mean the law had to be used exclusively for the purposes the fear-mongers pointed to as making it necessary. Instead, in the name of “protecting the children,” we’ll all lose our Internet privacy.

Apologists may say, “as long as the law reduces child porn, I’ll sacrifice my Internet privacy.” But, the law won’t even do that. It’s easy to use virtual private networks, encryption, and other technologies to render the record-keeping mandated by H.B.-1981 ineffective. Perhaps the next step is for the FBI to create an association of anyone who uses these technologies with child porn. And subsequently, to restrict those technologies to individuals and companies who agree to “unlock” their data stream for warrantless inspection.

This is also part of the ILETS agenda. Nearly 20 years ago, the Clinton administration proposed that anyone using encryption be required to provide the government the ability to read the contents of any encrypted message in plain text. And if child porn isn’t a potent enough threat to bring about an end to uncontrolled encryption, a data security meltdown – real or contrived – that leads to widespread disruption of everyday life just might do it.

Reprinted with permission from The Nestmann Group, Ltd.