The Real Problem of Cyber Security

I’m in the midst of my fifth Bitcoin conference, held in Toronto, and it is amazing. I’d swear that these conferences gather the world’s smartest people. They are demographically diverse — from all over the world — but attendees and speakers are united in a love of innovation and an understanding of how radically different is the world of code from everything else. They have a vision of a future of anarchy, whether they call it that or not.

By anarchy I mean only this: the capacity of human beings to organize themselves apart from any centralized authority with a monopoly on the use of force. This is certainly a theme that is part of the intellectual template of the new generation of digital entrepreneurs and developers.

I’m sitting here in the audience on a panel on security. The people on the panel are megaminds. They have practical knowledge based on their professions. It’s crazy hard work and vast responsibility comes with it. They also have a sense of what’s coming, not just in the next year but in five and ten years. It’s awesome.

But stepping back from the high level of technological detail, there is an interesting philosophical issue here. There is no presumption on this panel that government will help with the problem of security. In fact, not one person even mentioned the possibility.

That’s a big deal. For hundreds of years, even the best of the liberal thinkers imagined that providing security was a key function of government. Some rare souls — Gustave de Molinari comes to mind — speculated that perhaps market could become substitutes.

But still, the message has not penetrated the mainstream. Ask the average person why we couldn’t just get rid of government, he or she will quickly respond that this would cause criminals to take over and destroy us all.

But at this panel, the speakers have taken that next step that sees the problem of security something that government actually stops from being solved. That realization turns the whole issue on its head.

I have no idea what ideology these speakers embrace. Sometimes they make vague allusions to libertarianism but it is only in passing. It doesn’t matter. They are here to do a job. And here’s what’s important and really striking about their perspective: much of the actual security problem concerns not only private hackers, trolls, and thieves. The really big security problem in their view is government itself. They all know this and speak openly about it.

Let’s observe what this implies. In a very short period of time, we’ve moved from presuming that government would provide security to presuming — among the smart set at least — that government is actually the most formidable threat to security.

It’s not that government is as smart as the hackers. It is not. What matters is that government can spy, hack, and steal without consequence. It’s the legality of government that is itself the problem. The problem that these security professionals face is vastly complicated by this problem alone.

Government is not only the main threat. It is also the main impediment to development. Government mandates and restrictions are inhibiting the implementation of better security systems in cyberspace simply because of the law.

This all began with the war over PGP, which was invented by Paul Zimmerman in 1991 as a method by which messages and data could be encrypted online. It was the greatest boon for internet security to date. The code found its way overseas and the inventor was prosecuted by the government since encryption had already been defined as a munition by the government.

But PGP won: MIT published the entire code in a book. The government also lost its battle to put a chip into every piece of digital equipment that would have monitored all out behavior by law. Public and industry protest stopped that. That surveillance eventually came to pass but only through surreptitious means via the NSA’s and FBI’s pressure on ISPs.

But this is just the beginning. Anti-gun laws are a way that government keeps private security at bay. I agree with Adam Kokesh here: restrictions on gun ownership are a violation of human rights. And I say that as someone who personally does not like guns, does not like to fire them, does not like to collect them.

With the invention of cryptocurrency, new security concerns become an issue. Everyone would prefer private banking and private financial channels of course. But the government forces them to be known and public, intimidating everyone who deals with money to become agents of the state police force that seeks, above all else, to collect taxes.

In the Bitcoin space, for example, “know your customer” laws are a huge barrier to security the financial lives of consumers from spying and security breaches. Without those laws, the average person would already have access to the equivalent of purely private financial and banking services. Instead, businesses and customers have to worry about being shut down for failing to report to the government all that they know and are doing.

There is also the major problem of NSA spying, an issue that only a few years ago was mostly not on the radar but which today consumes all people who develop websites, applications, and web services. This new consciousness has diverted energy from creating better things to instead just protecting people from government spying.

The old-world classical liberals imagined that the state can and should be cut down to the point that it only provided security to the population. They were not only wrong; they had the whole issue backwards. The biggest threat to human liberty is precisely the government’s monopoly of security provision. Through it, government becomes the biggest single threat to our security and the means by which the private sector is hobbled from providing this service to society.