Dear Mr. Zuckerberg,

the impulse for writing this letter came to me from watching the confrontations to which you were subjected at the U.S. Congress and the European Parliament. While many of the U.S. congressmen have displayed pitiful cluelessness the Europeans have shown a dangerous blend of arrogance and masked ignorance. I hold no bias in favor of Facebook but I do appreciate your effort of bringing the social interaction to a global scale which has never been done before and cannot be expected to run without quirks and risks. This specifically is what the European MEPs have failed to recognize and have lost my respect in the process. My sympathy goes to you for the offenses you have had to endure. As a European I would like to offer my apology for the attitudes of our elected representatives.

I am writing this to offer you a direction ahead. I do believe that social communication on a global scale is here to stay - if it can find ways to handle certain specific issues which have become threats.

One of the important threats is the abuse of Facebook accounts for spreading fake and manipulative communications. Emitting such undesirable information is almost always tied to accounts without a credible connection to real persons. By that I mean either totally fake identities, kidnapped ones or those abandoned by their original owner. With such lack of authenticity those accounts can easily be abused to overwhelm real persons by their seeming numbers and persistency. I would like to see Facebook - as well as any other online communication environment - free of these malevolent abusers. The way to arrive close to that ideal seems quite simple: Authenticate the users.

Facebook can become the global standard in voluntary user authentication and identification - a most necessary building block of a global digital culture and governance.

This can be done on a purely voluntary basis. The user submits a proof of their real identity and will be tagged online as a real person - for public perusal on multiple independent sites. I for one would be happy to provide my authenticating information (passport number etc.) and opt for not seeing any content from non-authenticated users.

Many will protest against such attempt at global census a.k.a. global registration but I am deeply convinced that it is necessary for making the global online environment a more usable and safer place. I have arrived at this opinion when working on a paper and book on Global Governance which can be found at http://www.svobodat.com/governance to which you are sincerely invited.

I sincerely hope that this letter reaches you. To that end I am both publishing it online (at Medium.com and my blog)  and sending it by mail as well.

Best Regards

Dr. Tomáš Svoboda https://www.facebook.com/svobodat , www.svobodat.com

Prague, June 1, 2018

I wonder whether Henry had used some phrase similar to “Taking Control Back” at the time...

Let us remember some of the context and consequences which include interesting similarities with the current attempt at Brexit 2.0 :

• The social media of the time spearheaded by Gutenberg’s printing presses had an important influence on propagating the ideology behind the split

• Tens of thousands judicial murders were committed during the process of taking back control ... https://history.howstuffworks.com/historical-figures/10-henry-viii-executions.htm

• including Anne Boleyn - the bride for whom the whole divorce adventure had started...
• including the classic Utopian thinker Thomas More
• Except for the individual freedom to divorce for Henry VIII the split had little practical effect - even the divorce policy of the Church of England remains almost identical with Rome up to nowadays
• I have yet to find any advantages the British people have gained from the split

After the recent terrorist attack in London it was reported that the criminal has communicated with someone shortly before using the encrypting program WhatsApp on his mobile phone.  The encryption made it impossible for the investigators to inspect the communication. Soon afterwards the British Home Secretary with the unoriginal notion that encryption on the internet should be made illegal.

Yes we all would like the police investigator to know all about what the criminal is doing. However can that be achieved without substantially destroying the worl we live in?

Is it a new idea?

It is not: In the 1990‘s Phil Zimmerman in the U.S. – on his own, without any professional backing – created the magnificent encryption software PGP enabling any PC to encrypt any content in a very strong way – and made the software available to the whole world. A discussion sprang up what is more important: the increase in freedom and privacy of decent people (some of them under oppressive regimes) or the risk of abuse by organised crime. The U.S. government tried to prosecute Phil under some guise for several years but failed. It effectively admitted that encryption and secrecy is a legitimate function and the governments can do nothing about it.

In the meantime several similar cases have transpired where investigators and spies of different sorts longed for the encryption functions used by their suspects to be somehow   penetratable but with no success.

How secure is contemporary encryption?

Today‘s encryption technologies available on most computers or phones are way more powerful that those that decided the outcomes of World War II. Any student of “Information Theory” learns that any cipher can be broken – it is only a question how much it will cost in terms of effort and expense. For good ciphers the cost should be astronomical.

It is not possible to make a cipher permeable for law enforcement and impermeable for others. Any back door prepared for the police investigator would drastically cripple the strength of the cipher as a whole.

An effective encryption is widely available and there are many creative ways of making one’s messages secret on the internet. There are even ways of hiding encrypted content somewhere where no one will be looking for it – like inside an image. And there is a multitude of such possibilities. If some ways are outlawed creative people will find new ones.

The architecture of the Internet is helpful in these efforts by providing users with multiple various methods of free communications and giving governments few ways of controlling that communication.

How widespread and important is encryption nowadays?

A politician has made an infamous remark on TV: “Have you ever used encryption? I have not”  He was certainly unaware that he was using encryption every time he turned on his mobile phone or browsed an article on Wikipedia.

(Hint: If the address field in your web browser begins with https:// where the “s” is of importance then your browsing is encrypted)

Some time ago the Putin’s regime was trying to censor the Russian Wikipedia by blocking access to some articles it considered wrong. However because Wikipedia encrypts the web communication with its readers the “censor” could not determine which article is being transmitted and whether it should be blocked.  And blocking the whole Wikipedia is something that not even Putin had the courage to do.

And the banks are very specific: They depend totally on encryption and in the best interest of their clients they tend to be very strict and picky about technology.

Can encryption be outlawed to prevent abuse by criminals and terrorists?

Should the lawmakers of some state try to forbid the usage of encryption technologies on the internet they would be starting on a path of much destruction: First of all they would have to deal with the workings of banks which are vitally dependent on cryptography and very unwilling to compromise. Next they would find themselves in opposition against the whole digital industry which would have to change the whole staus quo to comply with such a legislation.
And the terrorists? They would probably hitchhike on the work of rebelling creative individuals and soon would find new ways of hiding their communications.

So the answer is: The governments could try to regulate the encryption but will never reach their goals. Just as they could not legislate water to flow uphill.

Written as a Sunday Thought for IKDP.cz  http://new.ikdp.cz/?p=6862

Have you ever entrusted your money to a bank based on its comfortable way of handling the account from the web? And while making the decision you did not quite manage to understand their fees and interest rates? I did and it is quite normal.

The banks’ business rules are complicated and entangled so a regular person who has other things to do has no chance to fully comprehend them – hidden in plain sight in small font.

On the other hand the banks have a well visible “user interface” – not just the computerized environment but also the elegant offices, tempting commercials, shiny brochures and beuatiful credit cards – maybe even with your dog imprinted. All is done so that (and banks cannot act differently because the market commands them) to attract the customer toward conditions that are somewhat less favorable than they could be.

Against this medialized reality various internet comparison engines engage in combat that do for you the labor of comparing various offerings and lay them out before you objectively and without any glamorous facade (as long as the engine is not paid by one of the banks which might be an entirely different story). These comparisons work well of instance for offers of travel insurance. You just input the parameters of your journey and get a simple answer with the most advantageous insurance policy for you. For banking services the comparing is somewhat more complicated and difficult.

To the rescue comes a new EU directive on payment services (PSD2) due to become effective next year. It will rule for all banks to offer their clients an electronic communication through a standard interface. In plain language all the banks use the same „forms“ with the same fields on the internet. A piece of software on the side of the client will then transform these plain fields into something  more appealing to the user.

This has massive consequences in that the client will be able from their favorite software app to work with several accounts in different banks. They can then easily compare where their money gets the best treatment in terms of fees and interest rates – and naturally give preference to that bank.

They will also be able to select among different software apps the one which gives them the best experience – and perhaps pay for it a little more. With no ties to which bank their money is stored in. So the client will be choosing their app according to its bahavior and choosing their bank according to its business conditions, not vice versa.

We often frown at the EU for regulating some things in excess – and that may sometimes be true. However this regulation makes sense to me.

Written as a Sunday Thought for IKDP.cz