ANOM - Quis Custodiet Ipsos Custodes
I was listening to Darknet Diaries' episode on ANOM.
ANOM was a phone built with extreme privacy in mind and marketed as a phone for criminals, by the criminals. It was a fork of Graphene OS hardened with extreme security measures, including disabling GPS services at the OS level. The phone came with an end-to-end encrypted messaging app, touted for all its security features.
Except - the E2E encrypted chat had a backdoor, put in deliberately by the original developer. The app itself was end-to-end encrypted, but each chat had an invisible user added, and all this data went directly to authorities.
ANOM, built by someone marketing it as a phone for criminals, later joined hands with the Australian Police and FBI. At one point, the FBI ended up owning and running this “startup”. This led to a lot of arrests too. The whole story is fascinating, a crime thriller.
But it also opens up entirely new interesting legal and ethical dilemmas. The podcast implores us to have a conversation on the implications of such an unfettered invasion of privacy at scale.
Quis Custodiet Ipsos Custodes
“Who will guard the guards?" - I first read this quote in a Dan Brown novel, Digital Fortress. In hindsight, that novel was full of technical discrepancies in how cybersecurity, cryptography, heck even how programs/executables work. But this one line has always stuck with me.
To be honest, I am not really a privacy nut. I never have been. I have knowingly given away a lot of my data to exploitative, creepy apps (ahem, Truecaller). Maybe I am lazy. Maybe it’s the privilege.
But, why do we need such secure, end-to-end encrypted privacy without any backdoors? Isn’t that only for criminals who have things to hide? Your average person is not a criminal. I am not a criminal. Why hide if we don’t have anything shady to hide - why not let the guards peek in to catch the bad guys? You are not a bad guy, so we are safe, right?
This is a perfectly valid question, especially if you are like me - a cis-het man who belongs to the privileged part of his society - upper caste Hindu, with good enough social and economic capital.
My worldview is very likely to also be that of those who are privileged and in power.
What about those people who are deemed “not worthy” by the privileged? What about queer folks, who can and are harassed just for living their lives? What happens when one day, you don’t agree with the privileged and their currently accepted worldviews? Would those who are accustomed to never being challenged, be ok with that?
After all, slavery was legal and was considered “ethical” once too. Slaves were considered the “property” of the White slave owner. Slaves running away, or being emancipated in anyway was considered a violation of Slave owner’s property “rights”. Would that be an okay scenario where guards can peek into, to see what the bad guys talked? Who were the bad guys here?
But we have checks and balances in democracy. There are rules to safeguard your rights. Can’t we trust that?
Yes, but then - Quis Custodiet Ipsos Custodes?
Do we want to fallback on the goodness of humans in the loop, when historically we know that it has flaws? Who will guard the guards? It would be guards all the way down. Why not make it non lucrative enough in the first place by making it a technical impossibility?