Stephen, "The state has a responsibility to provide for the security of its citizens. To the extent that surveillance supports this goal, it is potentially justified, irrespective of whether every citizen agrees with the methods."
If this is the case why dont we hand a copy of our house key to the police? This way the police can come around every evening and check what we are up to. Why not cameras on toilets as well? Because mass surveillance (for good and bad) scares the Internet user. It makes it less attractive to use the Internet. It restricts the Internet. It violates the Universal Declaration of Human Rights (to which your country is a signatory as well). It is not the targeted surveillance but the unregulated mass surveillance that is the problem. The current IETF standards do not protect against mass surveillance sufficiently. regards, Ralf On Mon, Oct 14, 2013 at 3:33 PM, Stephen Kent <[email protected]> wrote: > Alissa, > > Hi Steve, >> >> I'd like to challenge your assertions that because Gmail and Facebook >> have billions of users, the bulk of Internet users do not care about >> pervasive state surveillance of all or most of their of their Internet >> communications, and therefore the IETF's attempts at promoting strong >> security have thus far been sufficient. Privacy is often valued >> contextually. The fact that a user accepts the trade-offs that Gmail >> presents (accepting that a private company will scan her emails in exchange >> for a snappy interface or beneficial network effects) does not mean that >> the same user is comfortable with pervasive government surveillance that >> could allow her to be pursued (using police force) under legal standards >> that are often vague or uncertain for anything she writes in every email >> she sends. The state's ability to impinge on a wide range of individual >> freedoms surpasses by far the ability of any single private company to do >> so. The line between private and public sector data collectio >> > n has obviously blurred as more and more data is exchanged between the > two, but that does not make the two of them equivalent. > I appreciate your analysis, but I don't necessarily agree with your > conclusions. The state has a > responsibility to provide for the security of its citizens. To the extent > that surveillance supports > this goal, it is potentially justified, irrespective of whether every > citizen agrees with the > methods. Corporate collection of personal data tends to be driven by > greed, not quite so noble > a goal :-). > > I agree that the state has a more powerful capability to collect info > about Internet users, and > yes, there are no T's & C's to read and agree to (or, more likely ignore > and agree to). But > that does not mean that we, as developers of Internet standards, are in a > position to know > whether all users feel that state vs. corporate surveillance is a greater > personal concern, and > thus warrants mandatory to use (vs. implement) security features. > > For the list: much of this thread's discussion seems to presume that the >> business considerations behind individual companies' decisions about >> whether to deploy secure protocols or not are unchanged from what they were >> four months ago prior to the beginning of the revelations. Yet elsewhere >> there seems to be a whole lot of hand-wringing going on about how much >> business is being lost or how nervous various customers are in the wake of >> the revelations. Can we really assume that no IT managers in charge of >> enterprise SIP deployments or middlebox-based backwards-compatability >> solutions are even considering re-evaluating how they balance competing >> requirements? >> > I'll defer to folks with more direct experience with these businesses, but > I have seen no such > change in perception. The only change I have seen is that enterprises > makign use of cloud storage > and backup are more concerned about the confidentiality of the data stored > there, and are considering > offshore alternatives. > > > Steve > > ______________________________**_________________ > perpass mailing list > [email protected] > https://www.ietf.org/mailman/**listinfo/perpass<https://www.ietf.org/mailman/listinfo/perpass> >
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
