From: tcmay@got.net (Timothy C. May)
To: cypherpunks@toad.com
Message Hash: 62f02bde770b81c0bd136b0dd94f8987d1b6f3283d7b929615f472f557262438
Message ID: <ae657f56110210042afc@[207.167.93.63]>
Reply To: N/A
UTC Datetime: 1996-09-18 23:53:28 UTC
Raw Date: Thu, 19 Sep 1996 07:53:28 +0800
From: tcmay@got.net (Timothy C. May)
Date: Thu, 19 Sep 1996 07:53:28 +0800
To: cypherpunks@toad.com
Subject: GAK, GAP, GAY
Message-ID: <ae657f56110210042afc@[207.167.93.63]>
MIME-Version: 1.0
Content-Type: text/plain
GAK -- Government Access to Keys
GAP -- Government Access to Patients
GAY -- Government Access to You
At 3:03 PM 9/18/96, Lucky Green wrote:
>On Wed, 18 Sep 1996, Jim Ray wrote:
>> I agree, and hope so. "Key Recovery," while not as Orwellian-sounding as
>> "GAK," is a step on the path to honesty WRT the English language, though
>> it's important to continually point out, as Tim did in his post, that
>> *access* -- rather than just recovery -- is obviously what Mr. Freeh wants.
>>
>> I'd count this likely change in terminology as a "cypherpunk victory,"
>> albeit a very small and certainly a very hard-fought one.
>
>Nope. It is a Cypherpunk loss. The use of the term "key recovery" for GAK
>now fully obfuscates the distinction between accessing a
>backup copy by the legitimate owner (or his estate, employer, etc.) and
>GAK. Many PKIs will support the former type of key recovery. And for good
>reasons. Thanks to the brainwashers using the same term for GAK, it will
>now become impossible to tell from a basic description of a PKI if it
>supports GAK or not. Furthermore, those who oppose the latter type of key
Further, merely _asking_ your Designated Key Recovery Authority what its
release policies are will of course place your name on the SPL (Suspicious
Persons List). The FAA is an agency which will have nearly unlimited access
to communications, under the Safe Skies and Anti-Child-Hurting Act.
(Think about it--Clinton already signed a couple of Presidential Decision
Directives and Congress passed various anti-terrorism acts which already
give the Feds authority to wiretap and surveil more widely than before, at
least legally. The Foreign Intelligence Surveillance Act (or court) allows
widespread surveillance of suspected foreign agents, without any
notification of local courts or of the surveillance target. Won't these
many provisions allowing wide surveillance already be used almost
instantaneously to force PKIs to disclose keys of all those on the SPL? "If
it saves just one child.")
On a related note, I read an article yesterday about the proposed new
Health Data Base, with all encounters with any medical institution or any
health care provider of any sort being cross-linked and cross-referenced.
The privacy concerns are supposedly handled by having "security tickets"
for various hospital officials, researchers (!!), insurance companies, and
law enforcement. (I put the "!!" next to the "researchers" because I don't
recall releasing my medical and dietary history to any so-called
"researchers." While I have no doubt that many "data miners" would like
access to such national data bases, and that some potentially valuable
information could be gleaned, I didn't release this information for Joe
Gradstudent, Ph.D. candidate to sift through.)
[Here are some more details: "Mission: one-stop medical records," Robert S.
Boyd, San Jose Mercury News, 1996-09-17, p. 1. "Virtually unnoticed by the
public, health-care experts are preparing to create an electronic "Master
Patient Index," covering every American's medical records from cradle to
grave...."We can't eliminate privacy concerns, but we can minimize them,"
said Richard Rubin, president of the Foundation for Health Care Quality in
Seattle at a planning conference here last week....David Kilman, a computer
expert at New Mexico's Los Alamos National Laboratory, where the idea for
the master index was born....Only people with a 'security ticket'--such as
doctors, insurers, scientific researchers or police with a proper
warrant--are supposed to be able to see the clinical details....Kathy Ganz,
director of the New Mexico Health Policy Commission, said, "Rights to
privacy are genuine concerns, but they will need to be balanced against
notions of common good.""]
Pretty chilling, eh? As we all know, once such medical, dietary, and
genetic data bases are established, the likelihood of privacy-invading use
is near unity. If the NLETS data base can be routinely accessed (it's how I
got Thomas Pynchon's home address, but that's another story), imagine who
will hack this data base! The tabloids will love it, as they gain access to
"medical records of the stars." Hackers will suck down as much as they can
and then sell the records.
And such data bases will be tied to True Names, of course, thus allowing
the "freezing out" of anyone who is not a True Name, who has fallen behind
in child support payments, who is late on his income taxes, and so on.
It doesn't matter if cash is still allowed if one cannot interact with any
health care person without a proper citizen-unit data base entry. They've
got you tracked even if you pay in gold dust.
(Putting on my Duncan cap--not to be confused with dunce cap--I wonder what
will happen the first time someone dies because a hospital wouldn't treat
someone without a proper citizen-unit health care card?)
P.S. I fully understand that some doctors will treat patients for cash,
without reporting to The Authorities, just as some doctors will treat
gunshot wounds without the mandatory reporting of same to the police. This
does not mean such doctors will be easy to find. The System, if allowed to
win, will win.
P.P.S. Many of the things we talk about on the list are being made
possible--the good and the bad--by computerization. Obviously. Burnham's
"Age of Privacy" (or maybe it was "The Age of Surveillance"--my copy is not
handy) made this point many years ago. We are taking the mechanization and
systematization procedures the Germans used so efficiently in the 1930s and
modernizing them, with every movement and every transactions tracked and
recorded in data bases. Now more than ever we need "credentials without
identity" and digital cash. Chaum's article about "Transaction Systems to
Make Big Brother Obsolete" is now more urgent than ever.
--Tim May
We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
Higher Power: 2^1,257,787-1 | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."
Return to September 1996
Return to ““Vladimir Z. Nuri” <vznuri@netcom.com>”