If you’re wealthy, you have options. You can put your money in a Swiss bank, for example, and your privacy and service levels increase significantly. Switzerland has set a level of regulations around financial transactions which protect the wealthy consumer from prying foreign governments, among other interested parties.
Those of you who’ve read this site for a while know I tend to go off from time to time on the issues implied by the Database of Intentions, and the clickstreams which comprise it. One of the trickiest issues if that of privacy and security: in my “Ephemeral to Eternal” riff I get into the implications of living online, and wonder when our culture will finally grapple with the implications of same.
In short, there’s an awful lot of data about each of us available to third parties, and we have precious little knowledge of it, much less control, editing privileges, ownership, or permissions control. Want some proof points? Look to the DOJ’s massive fishing expedition earlier this year, or AOL’s huge data breach. Tip of the iceberg….
It strikes me that as our society wakes up to the potential abuses of this data, and our lack of any control over it, there will be an opportunity for the free market to respond. Root.net is one such response, but it does not solve the core issue of governance and jurisdiction – as long as the data is housed on US soil and with US corporations (or on your own computer), it will still be subject to US law, including PATRIOT and its kin. (Have you heard about the loss of habeas corpus, for example? Did you know that anyone can be classified as an “enemy combatant” by the President, and therefore lose habeas? Scary, indeed).
Anyway, one idea that’s been bumping around my head a long time, and which I hope you all can help me think through, is the concept of what I’ll call the “Data Switzerland.” The concept is simple: why can’t companies that hold massive amounts of our personally identifying information – companies like Yahoo, AOL, Google, Verizon, etc – simply warehouse that information in a country that has consumer-friendly data privacy laws? Why can’t my search history, my particular entries in the database of intentions, my clickstreams, be housed in this Data Switzerland, if I so chose?
After all, Google and Microsoft both have selectively decided to house some of its data outside of China for quite similar reasons. Why not give those of us who fear abuse by third parties in the US the same option? Is it because such a move would anger US government too much? Might it even be illegal for some reason?
Those of you who are lawyers and policy experts, please chime in on this idea. It’s certainly not new, and perhaps it’s been considered and discarded for any number of reasons. But I, for one, would be happy to pay to have this peace of mind. As an inveterate Internet user, I’m data wealthy. I’d like to have options.
Update: Readers have pointed me to HavenCo, and this article in Wired (and of course, to Cryptonomicon). Good stuff, but my goal would be for major companies that own our data, like Google, to in fact act like HavenCo.
As for the issues of geographical disbursement and latency, I am sure they could be dealt with by storing copies of our datatrails in RAM, no?
One word: HavenCo.
Wu and Goldsmith, in ‘Who Controls the Internet’, suggest that one of the reasons geographical control works on the internet is lag. In particular, they note that gogole and akamai have spent tons of money to put servers near you, whereever you are. If checking my history/preferences means a 700ms ping to Switzerland every time I hit google.com, google just won’t do it- the compromise to the user experience would be too great. So you end up with servers in the same legal regime as the relevant end users, which means subpoenas and good old fashioned physical force both end up working.
I like the idea but… here is another.
How about something like second life takes off and basically all high speed connections are direct to outbound sevices and you use vitual avatars to do your shopping, searching, (airline tickets? hmm harder).
Seems far fetched to us, but I’d just raise the issue that beyon the “myspace” the notion of avatars is growing with larger segments of population and ideas not only of adverstising but what is a good and what is consumption might be getting tweaked. Where that is a real way of going about things, when people start watching the shows on “tv” (utube?) sitting with on line avatar friends. Mayebe they’d do their search and their “real world” shopping via an interface not hosted on the users computer but on a server. (actually I think Second life and Wow still use software on the users computer but if your preferences were seperate from your computer and your ip adress you could created and destroy avatars at will that would have fresh starts or different search histories etc)
Doesn’t the packetized traffic you and I generate go over “private” lines? The carriers are going to get copies of our datarails wholesale or piecemeal anyway. It takes a semi-good computer forensics team to put it all back together.
I favor the concept a virtual point of presence, not unlike your Data Switzerland. Our identities and our browsing habits are essentially bottled up and under OUR OWN control at all times (in RAM, in bio-chips, whatever)… not subject to subponae and well outside the jurisdiction of ANY sovreign nation.
Switzerland could literally open up a VPN one day and become the new center of the online world. (They already have the bullion, art and cash… why not the bits and bytes too!?). Course, it just takes AT&T, et al a bit of lobbying to be able to say what packets they deliver and what they don’t (or can charge a premium for).
Wonder if satellite bourne mesh networks have a play in any of this? Well outside the reach of most governments. Hellacious expensive though. Precious few entities out there who could both afford to commission it and then operate it (outside the US). Brings to mind HR Hadden in “Contact”… Just flit around in a jetliner (ala Page & Brin!?) and operate your corporation from the air. Sure can’t get yourself served over the Atlantic, now can you!? We’ll that is until the laws are changed and habeas can reach out and touch you via attachment! Instead of AOL’s You got mail! it’d be You got served! 🙂
I think the governments might respond with actions to cause them to house it in the country where it originated if something like a data switzerland became problematic for them. The chaotic nature of the internet, the fact that you never know where your data is, and it is hard to track down, is what makes it hard to deal with now.
I propose a p2p network where NOONE KNOWS where the information is! Just make sure it’s encrypted and distributed in such a way that it can’t be peaced together by the wrong party…
What laws would be needed? What jurisdictions appear to be willing to do this?
Also, regarding Switzerland, from the link you provided it doesn’t seem too expensive to open a bank account there (CHF 899, which is about $800). Though the US govt seems to take a dim view of its citizens actually doing so.
And while we’re wishing, it sure would be nice to have a “Switzerland” for the not-so-wealthy.
dumbfounder is on the right track for the solution to this. I made a post titled “I Dream of bandwidth” talking about such a system where every user would “buy” them network storage by providing a part of their local storage. I titled it appropriately, since I think bandwidth is the limiting factor to such a system. Once such a system is in place than root.net becomes the solutions it’s only hinting at for now.
If we take Gmail as an example the system might look like this. I can enter into an agreement with Google that they may keep a local copy of my emails for performance reason, but that all permanent storage is in my vault, I give them a client access to a blank storage and voila. After that I do that for all the web applications I use and the root.net scenario is more and more plausible. Once I own the persistent version of the data, I can choose to revoke access and maybe transfer to Yahoo Mail or Whatnot Mail. This is root.net idea of personal data control as expressed by r0ml in http://r0ml.net/blog/2006/01/17/what-do-i-do. For other interesting idea around the control of your information listen also to a presentation by r0ml available at http://www.itconversations.com/shows/detail139.html. The basis of such a system exists already in some form like http://oceanstore.cs.berkeley.edu/ and others. So if anybody is up to it, let’s make this happen.
True, ANYONE may be classified as an enemy combatant. However, US citizens do not lose their habeas corpus rights by being deemed an enemy combatant. If you READ Military Commissions Act of 2006 (and not listen to your left wing buddies), you will discover that it only states that aliens (non-US Citizens) have no rights under habeas corpus. No where does it revoke the rights of US citizens. This is just another b.s. line of the far left wing. Correct me if I am wrong, but I do seem to recall a recent Supreme Court decision (before the enactment of the MCA of 2006) that set this precedence conerning enemy combatants. So, when you (assuming you are a US citizen) decide to take up arms against the US and are captured, designated an enemy combatant, don’t forget to scream about you habeas corpus right because you will still have them!