On Tue, 13 Jun 2000, Tim May wrote:
> net present value (NPV) of buying a better safe. The merchant who has
> never been robbed and so thinks he never _will_ be robbed is not the
> guy driving the development of better safes. Analogies with crypto
> are obvious.
This reminds me of something I realized recently -- it's not
clear to me how to reason about liability for anonymous systems. Not the
normal liability everyone thinks of, in which the service is supposedly
"liable" for the actions of an anonymous user, but the liability incurred
if the service is not anonymous enough.
Hal Finney had a post on the freenet-chat list a few months back in which
he pointed out that if Freenet is used by Chinese (or whoever) dissidents,
and then is not "anonymous enough," people will die. In the U.S. and
Europe, maybe it won't go that far, but if the service fails to be
anonymous enough, odds are good that the user is harmed in a direct
fashion. Maybe for something which isn't even clearly illegal or
immoral -- think of a whistleblower whose cover is blown.
Whose fault is that, how do we tell, and what happens afterwards?
will that make two bits of difference one way or the other for anonymous
systems?
I'm **not** eager to see lawsuits against ZKS for "failure to be
anonymous." I'm wondering if we will see such lawsuits, and if we do,
whether the threat of such suits will encourage the development of better
anonymous systems in the same way that real-world threats cause insurance
companies to encourage the development of better safes.
I am a little worried that trying to build better specifications/definitions
of what kind of anonymity a system provides could be used against a
provider of anonymity services in a lawsuit. Then again, this hasn't
seemed to happen in the crypto world; when was the last time anyone was
sued for not using semantically secure crypto?
My understanding of product liability law is really fuzzy. I have this
impression that some sort of "best practices" exist for each industry, and
that manufacturers are supposed to follow them or face consequences. How
do these "best practices" come about, and is this model relevant to crypto
in general and anonymous systems in particular? or am I hopelessly
confused and should seek a law school course?
-dmolnar
