Or listen on your favorite podcast app
When digital communication becomes digital surveillance, freedom is threatened. A Financial Times reporter and the Chief Strategy Officer of the Human Rights Foundation expose the risks we all face.
Continue below for a written version of this podcast episode. Quotes have been edited and condensed for clarity.
How much do you trust the institutions in your life? You might trust some more than others. Maybe you trust your employer or your local government quite a lot. But, like it or not, there are institutions we have to deal with, whether they’re trustworthy or not. And that… can be a problem.
Take the case of Beijing based journalist Yuan Yang. In 2017, she was getting her Chinese visa renewed when an official asked about an event she was planning for a group of fellow journalists. The official had asked the question as though Yuan had posted about this on social media… which she never had. All correspondence about her private event had happened through WeChat, the messaging, social media, and payments app that’s become ubiquitous in China. The maker of WeChat, Chinese tech giant Tencent, claimed for some time that all messages were private and encrypted and that the company didn’t keep any messages from users, and thus couldn’t share them with the notorious Chinese surveillance state.
But here was clear evidence to the contrary. Yuan’s supposedly private messages were now part of her Visa renewal interview. In her own words from her Twitter feed, “Either the encryption is broken, the server is compromised, or… their claim isn’t true.”
It’s easy to read this story and be a bit shocked or upset at surveillance in China, but it’s not unique. Surveillance is routine for virtually every major government. And whether we realize it or not, it can have a very real impact on how we live our lives.
Just ask Iyad el Baghdadi. He rose to prominence during the Arab Spring uprising, using Twitter as his primary outlet for criticizing authoritarian regimes. He’s also the founder of the Arab Tyrant Manual, an online publication and podcast covering authoritarian politics in the Middle East.
“Those in power will always try to push and prolonged their power,” says El Baghdadi. “So long as they can outsmart you, whoever they are, whether it is your own government or whether it is a foreign government, so long as they can outsmart you, they can entrench their power more and it becomes more and more difficult for you to resist… Privacy is one way for you to actually maintain your digital agency.”
El Baghdadi lives in asylum in Norway but has the rare distinction of having no citizenship anywhere. Palestinian by birth, but raised in the United Arab Emirates, he was deported in 2014 following his involvement in the Arab Spring uprising. El Baghdadi uses satire and humor to point out abuses by authoritarian regimes.
When El Baghdadi was driven out of his home in the UAE, he spent almost two weeks in prison before being sent to Malaysia. No official charges were filed and no reason given for his deportation.
“This was 2014 when I was arrested. They took all of my particulars… But then when I was leaving prison, I had to actually go and request these things from the security locker and the policeman had this really fake freakout kind of a thing. And he’s like, ‘We could find everything except your phone. We don’t know where your phone is.’ And half an hour later he comes along and he’s like, ‘We found your phone.’
“I was taken immediately to the airport to be expelled, but then I noticed that my phone was overheating all the time. The battery was running out and it was basically behaving strangely. I basically have no money in my pocket, so it’s not like it’s easy for me to actually afford to get a new phone and I’m also completely dependent on my communications with my friends, my colleagues, my family, et cetera. But maybe I was lucky in the fact that the phone actually eventually burned out and it just stopped working. And I thought let me look at the bright side because I knew that it was probably already compromised. You know, very often the only way to secure a phone really is to get a new phone.”
Clearly, Iyad el Baghdadi is no stranger to surveillance. So it wasn’t surprising when, in April 2019, Norwegian authorities arrived at his home and asked him to come with them to a secure location. They informed El Baghdadi that the Saudi government was now targeting him in Norway.
“I think one of the first things I told the Norwegian intelligence was if they don’t want to kill me, then I’m not doing my job.”
With imminent, credible threats against his life, El Baghdadi had to closely reconsider everything about his privacy.
“Of course, it did change my behavior in the sense that I started to think twice about what should or should not be shared. But to be honest, there was little I could do. Knowing the kinds of technologies that they have and the kind of commitment that they have… it was really a later incident that convinced me that I had to make some structural changes and certain security consultants who really guided me to through the process of securing my communication a more methodical way.”
Iyad el Baghdadi’s first reaction to being surveilled… was a feeling of helplessness. And who can blame him? What can be done to protect your privacy if well-funded governments are intent on targeting you?
“I like to look at two general kinds of technology – authoritarian technology and anti-authoritarian technology,” says Alex Gladstein. “So this obviously comes from my focus at looking at governance and looking at democracies and dictatorships and the different ways that people organize each other in today’s world.”
Alex Gladstein is the Chief Strategy Officer of the Human Rights Foundation. Gladstein is a friend and long-time collaborator of El Baghdadi’s, both of them advocating for civil liberties across the globe.
“You have all kinds of disruptive troublemaking individuals experimenting and tinkering with what some people call defensive technology because it’s so much cheaper to defend than to attack. Or I would prefer to call it sort of anti-authoritarian technology. And the key link between all the different anti-authoritarian technologies is that they’re very decentralizing.”
Gladstein will be the first to tell you there is no one silver bullet to stop concerted surveillance efforts. But there are several technologies that in combination can be very effective to help protect privacy. To start with, there are secure messaging apps that have proven to be truly secure and truly private, unlike Yuan Yang’s experience with WeChat.
“So we started by looking at encrypted communications. So you can think of a company or an organization like Signal, or a company like Wickr… they exist to help you send messages to other people in an encrypted safe way. That would be like one really key anti-authoritarian technology.
“I think censorship resistance storage is really important. So Cloudflare recently allows you to, instead of storing your website on a central server, you can actually store it on IPFS. So this just makes it a lot harder for let’s say a malicious government or actor to take it down because it’s encrypted across a distributed set of locations.”
I-P-F-S stands for “Inter-Planetary File System”. No, that’s not a joke. It’s a storage system built with blockchain technology that allows users to store files on a decentralized, encrypted network. Theoretically, it would make it impossible for any third party, be they governments, ISPs, big tech, or hackers, to track and open any of your files on the network.
IPFS uses blockchain technology, just like the cryptocurrency Bitcoin.
“Bitcoin is a censorship-resistant money… there are so many different interesting things about Bitcoin. But to me it’s about censorship resistant money. Never before have humans had a way to send value to someone else in the world and it be unstoppable.”
So bitcoin is censorship-resistant, but what if governments punish those who use bitcoin? Blockchain is, after all, an immutable open record. Transactions can be tracked. But Gladstein says there is a second layer network being built on top of bitcoin to address that weakness.
“So there are three or four companies working on something called Lightning Network. And it’s basically a decentralized peer-to-peer payment network that you can attach to bitcoin. So when you think about all bitcoin’s weaknesses, it’s not fast in many cases. It’s not cheap. It’s not very efficient and it doesn’t offer privacy or fungibility. When you actually think about it, Bitcoin is not really a privacy technology. The government can look at each block on the Bitcoin blockchain and, with forensics, figure out what people are doing for now. But on second-layer technologies, just like the Internet is built in layers, bitcoin is going to have things that grow on top of it that solve those things and give us speed and give us efficiency and give us privacy and fungibility. So Lightning Network is doing that, which is really exciting. It actually uses the same encryption as the TOR Browser.”
The TOR browser and network is a privacy network originally created by the US Navy but has since been adopted by privacy advocates all over the world. And just like IPFS, the acronym is a bit funny. T-O-R stands for “The Onion Router” because it’s built-in layers… like an onion. And just like IPSF makes it impossible for outside parties to see your files, using TOR makes it impossible for any outside parties to see your activity, like the sites you visit, the apps you use, and even obscures your location.
“The onion router uses this really interesting way of passing information along and the lighting network has adopted that. So again, it’s giving you like an additional layer of privacy.
“The final piece to this puzzle, and a really important one, is zero-knowledge cryptography. So this is like a new branch of mathematics, which has allowed people to basically prove that they have something without showing it to you. When you go to the bar and you give the bouncer your driver’s license to get in, it’s kind of ridiculous that you have to show him or her, your home address. In 20 years, we’re going to look back and we’re going to laugh that, right? All he or she needs to see is that you’re over 21… Zero-knowledge cryptography is actually making that possible.”
There’s one more thing that has Gladstein hopeful for the state of privacy, and it’s already being used by activists in some of the most hazardous environments: Mesh Networks.
All of these technologies, from encryption, to distributed storage, to zero-knowledge proofs and unstoppable payments… rely to some degree on internet access. Without it, all of these become useless.
Mesh networks are a way of accessing the internet, but rather than plugging directly into Internet Service Providers, which are often complicit with surveillance, mesh networks allow users to connect with each other directly. This way users can stay in communication without interruption. Then when any one of those users connects to the wider Internet, the entire mesh can access the Internet through that user. And unlike conventional networks that can be slowed or stopped by heavy traffic, mesh networks get stronger when more users join. When that data is encrypted, it’s unreadable by the ISP, and unusable for surveillance purposes.
Remember Yuan Yang from the start of the episode? As a journalist for the Financial Times in and around China, and as her experience with the Visa office proves, she’s a prime target for surveillance. But as a technology reporter, she’s also increasingly familiar with dissident technology that can preserve individual privacy. She’s seen how Mesh Networks really operate in the hands of those facing opposition from their own government.
“So I think a Mesh network is a really interesting alternative to the centralized nature of the Internet,” says Yang.
“Rather than there being one person who’s the hub broadcasting to all the other people who are the spokes. Everyone can be a hub and so everyone is relaying signals from the other participants in the mesh network to each other. So if you were to take down any one individual, the rest of the network will still be intact and would still be able to function, which makes it very flexible and also makes it much more sustainable. Chinese police in particular always think about organizing and networks in terms of who is the head, who is the leader? Because that’s analogous to the organizational model of the Communist Party, which has a head in the hierarchy. But if you are organizing it in a more sustainable nonhierarchical fashion, for example, using a mesh network, then there is no one person that you can knock out.”
Yang noted the use of mesh networks both during the Occupy Movement, and more recently, as hundreds of thousands flooded the streets in Hong Kong protesting an extradition treaty that could undermine Hong Kong’s autonomy from mainland China.
“[There were] millions of people protesting and marching in Hong Kong over the last few months and the conventional telecoms carriers simply can’t support that level of load. So having your own alternatives that are in citizen created mesh networks using Wifi, using Bluetooth, to broadcast between people, I think is already a great way to get around that.
“So mesh network can be implemented in different ways and different kinds of signal, Wifi or Bluetooth radios for example. Two examples that were used in Hong Kong are during the Occupy Protest in 2014, there was an app called Fire Chats where if you downloaded the app onto your smartphone, you could then use your Bluetooth broadcast on your smartphone to then connect other people to you and create a mesh network of activists that way. You have to be within a certain distance from the person, but if there are enough people, then you can spread out over a large area.
“And then if you’re using that in camps… that’s actually quite sustainable because you have your fixed locations. And another company is GoTenna, which is trying to create portable antennas that can be used in commercial settings, but also they are creating portable, smaller antennas that can be just put in your backpack and carry it around, and I think that’s the more modern take on the Mesh network idea.”
All of these technologies — the security of encryption, the unstoppable payments of cryptocurrency, the uncensorable storage of IPFS, the privacy and speed of the lightning network, and the flexibility and resilience of mesh networking – pose a serious threat to those who would invade the privacy of citizens and consumers. When used together, these technologies can help protect your personal data and privacy from any outside intrusion, whether that threat comes from a government, a major tech firm, or a rogue hacker.
Back to Gladstein.
“According to the Human Rights Foundation, we have determined that about 93 countries are either fully authoritarian or competitive authoritarian structures, meaning no independent judiciary, no free press, no separation of powers. So these are like highly centralized societies and that’s about 4 billion people. So this is one of the world’s biggest challenges.
“Consider this: Take the top 20 most prominent dictatorships and then the top 20 most prominent democracies. When you think about the differences in society between these two groups, everything you can imagine for humans is better in the open society, whether it’s education, equality, patent rates, innovation, science, and math literacy. No two liberal democracies have ever gone to war with each other. So, no matter what you care about, these things are better in open societies.”
El Baghdadi says, “This game of cat and mouse is going to continue for years and decades, but it’s really inspiring to know that it doesn’t take a thousand people to develop a piece of software. It’s one person or a small team really working together on this breakthrough technology. And sometimes they themselves might not be aware that this technology that we’re working on is going to be used by someone else and put into use on something that’s absolutely revolutionary.”
The word “revolutionary” might conjure a lot of different images for people. Maybe it sparks thoughts of innovative technologies that have revolutionized industries, like smartphones and the Internet. Maybe “revolutionary” brings to mind the founding of the United States, with the Revolutionary War to overthrow British rule. But as Iyad el Baghdadi uses it here, the idea of “revolution” invokes both these notions, of disruptive technology in the Silicon Valley sense, and dissident technology in the political sense.
This tech may still be early in development, being streamlined and improved, possibly years from mainstream adoption. But for those who value privacy, the tools and technologies are available and working today. And even in peaceful and prosperous countries, they may be the best bet for preserving individual autonomy from the growing threat of surveillance. In the face of pervasive government surveillance, corporate snooping, and malicious hacking, they may be the solution… hidden in plain sight.