From: Jim Ray <jmr@shopmiami.com>
Date: Wed, 6 Nov 1996 01:40:03 -0800 (PST)
To: cypherpunks@toad.com
Subject: Judge Kozinski responds to our responses
Message-ID: <199611060939.EAA118362@osceola.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

To: cypherpunks@toad.com, jmr@shopmiami.com
Date: Wed Nov 06 16:38:58 1996
Dear cypherpunks:

Judge Alex Kozinski has mercifully (unless you consider _this_ noise, too) 
given me permission to post the following message. This will be my last 
posting signed by this key. I will now attempt to implement my new one, 
hopefully without denying myself access to Pronto at the same time.
JMR
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
To start with, we should probably thank the people who helped.

Black Unicorn, Mike McNally, Declan McCullagh, Loren Rittle, Lynne L.
Harrison, Tim May, Lucky Green, Greg Broiles, A. Michael Froomkin, and E.
Allen Smith all had good thoughts to share, and I am probably leaving
someone out. Oh well. Anyway,

Judge Kozinski wrote:

> Jim:  Thanx for forwarding the various messages which I have
> found eye-opening in many respects.  It's take me a while to
> review and digest it all and I find there are certainly many
> aspects of the anonymity problem that I either was not
> aware of or had not fully appreciated.  Although I cannot
> quite say I'm entirely persuaded on this issue, I think we
> may be a lot closer.  Rather than responding to individual
> messages (several of which made related points) I will give
> you my reaction to what I thought were the most important
> points.
>
> 1.  I agree entirely that you should be able to post
> anonymously to a list-serv or discussion group.  Anonymity
> there may encourage people to express unpopular views, and
> there is no offsetting fear that this will be viewed as an
> invasion of privacy by anyone.  We have a long tradition of
> anonymous or pseudonymous political tracts (e.g. Federalist
> Papers) and there is no reason not to continue this in the
> electronic medium.  Indeed, as suggested by one of the
> messages you forwarded, there may be greater reason because
> messages posted to discussion groups do get retained and
> indexed for posterity.
>
> 2.  I also agree that it should be possible to have mutually
> agreed-upon anonymity--i.e. I write to you and you write to
> me and we both know who we are, but nobody else does.  No
> problema--it's nobody else's business.
>
> 3.  I still have some difficulty with direct mailing of
> anonymous messages to individual mailboxes.

Actually, having run a remailer and seen some abuse for a while, I do too.
Respected cypherpunks are working hard on this right now. I think what we
would all like to eventually see is a "default off" situation, with no mail
(or at least the warning message I mentioned before as a first message to
new recipients) rather than default-on. Unfortunately, e-mail is a
default-on situation and so (for now) are anonymous remailer messages for
first-time recipients, at this early stage in their evolution. I am
confident that this situation will change in the future, as more
sophisticated software is written.

> The arguments
> in favor if doing so are good but not airtight.  Here are my
> responses to the ones I thought were most compelling:
>
> a.  You have anonymous snail-mail and telephone calls--why
> not e-mail?  The truth is, anonymous snail-mail and
> telephone calls are also an invasion of privacy, but there
> is not much we can do about them.  Someone asked whether I
> objected to getting anonymous snail mail if it was not
> threatening.  The answer is YES, just like getting an
> anonymous phone call is objectionable.  When the person who
> communicates with you insists on retaining anonymity, there
> is always an implicit threat--they know who you are, but you
> don't--you feel vulnerable, you doubt their motives, you
> have difficulty knowing whether to trust their
> representations.  Anonymous complaints against co-workers
> and supervisors was a standard way to get people into big
> trouble in Communist Romania when I was growing up.

The thing is, I find many anonymous messages that I see on the list not too
valuable initially, and the anonymous or pseudonymous poster, in order to
build some "reputation-capital," has to stay around a while and post
interesting stuff, like Black Unicorn or Lucky Green. This is, IMO, as it
should be. There is an incredibly funny humorist lurking on the list, who
posts the "cypherpunk enquirer" anonymously, and I can send you a few of
those if you like. [The judge hasn't asked me to, yet. He doesn't know what
he's missing. :) ]

We certainly don't want the situation you were all-too familiar with growing
up, but as a remailer-operator I find that I must take the bitter with the
sweet, and I am fully ready to admit that about 1/3 of the messages that go
through WinSock are abusive, judging by the stuff I see in the reject bin.
That's one of the reasons Joey (the other operator, and the author of the
WinSock Remailer software) and I went to PGP-encrypted messages only, we
felt that abusers were less likely to learn and use PGP.

> Now, the fact that we can't stop anonymous snail-mail and
> telephone calls doesn't mean we shouldn't stop anonymous
> e-mail if we think it's a bad thing.  The fact that an evil
> cannot be remedied in its entirety does not mean that we
> should not remedy the part that we can.  Perhaps the answer
> is that the post office should not accept mail unless there
> is a clear indication of who the sender is on the upper left
> hand corner of the envelope.  In any event, I find the
> argument based on analogies to snail-mail and telephone not
> entirely persuasive.

I feel that the fact that an evil is this hard to remedy through traditional
legal means suggests that a very hard look at technological means is in
order. I hope that we can both agree that in many cases, technology can
adapt to situations and problems faster and cheaper than law can.

> b.  You can't really ever prevent anonymity because people
> can get e-mail accounts anonymously--paying for them in cash.
> Arguments based on futility are always suspect.  Sure, some
> people will circumvent any laws or regulations, but that's
> not a reason not to have laws.  For one thing, most people
> don't get anonymous accounts and don't know how to do so.

True.

> Even if you do get an anonymous account, you can be shut
> down if you break the rules and then you'll have to go
> somewhere else.

This point, I believe, is actually in "my" side's favor. There are time
costs to this kind of setup stuff that even the abusers may dislike, and
abusers' names and methods tend to get put on lists that ISPs look at. I am
sure that privacy providing ISPs look at these lists.

> And maybe all this suggests is that we
> ought to require e-mail providers to obtain id from their
> patrons and require payment by check or credit card.  I am
> not suggesting these measures, mind you, but insofar as
> futility is used as an argument against regulation, it can
> equally well serve as an argument for MORE regulation.

I agree that it's not our most powerful argument, but it is a consideration,
because with futility comes high cost and disrespect for the law. Witness
the failed drugwar and the lack of respect for the law it has engendered,
even among government agencies. Often, this disrespect for the law comes
with no legal or political cost to perpetrators (unless you count my ranting
as a political cost).

> c.  People can use filters.  Well, yes, maybe.  But most
> people don't know how to use filters.  I consider myself
> above-average in my e-mail sophistication, and I don't know
> how to use filters. I could probably figure it out, but
> most people who use aol or prodigy probably have no ability
> to install a filter even if they knew how they worked.  In
> any event, I find it a little troublesome to put the burden
> on the recipients to adopt a hi-tech solution. And who says
> there aren't ways around most common filters--or such
> ways won't be developed--which would put recipients in a
> technology race with anonymous mailers?

True, and the abusers already _are_ in a technology race with the
remailer-operators, as I see just about every day on the remailer-operators
list. I have serious doubts that yet-another law would either change or
improve the situation.

               *        *         *

> Anyway, thanx for a stimulating series of messages.  I do
> think we've made some progress.  And we'll keep the channels
> of communication open.

The pleasure has been all mine, Judge Kozinski.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMoEFd21lp8bpvW01AQHR1AQAib06JhpWx06H6Pr25uuMUj6fQVXZIYfc
KeUdP/QSSWQHfIwxs2SX1a++SCbnx6Ev//ninb7Q8F5kj56mk0yq0SE/ID91WgwJ
iFEr+2V1oTf+JZISh68F/a/fPBrP8GL8rjUce+WYhiY704rlsNyr5L9UhtylkzNg
GM5Ml/A7qjc=
=tVan
-----END PGP SIGNATURE-----