Permanent record

Jul 28, 1999 at 12:00 am

Lately, every flashy new media publication – and even some of the crustier news rags – has been
dialing a wake-up call about the Net’s lack of privacy. I figure it’s probably my turn to phone in.

If you haven’t heard by now, here’s the latest:

• Your e-mail is about as secure from prying eyes as a postcard glued to your forehead.

• Your Internet Service Provider probably keeps a six-month computerized record of all your visits to

• The FBI, the federal government and even Bill Clinton – being the control freaks they are – find themselves alarmed at the leniency of the situation. (Last week, the White House proposed the Federal Intrusion Detection Network – a system to monitor the Internet for suspicious activity.)

Yes, it’s all true. In fact, if you’ve read the same articles I have, you know it’s now a matter of, er, public record.

But what’s the big deal, anyway? Yes, clicking "send" bounces that creatively explicit love letter across perhaps two dozen Web routers semirandomly before it finally reaches your sweetie in Nepal (or even Wyandotte). And at each bounce, it’s possible that some wayward tech geek is scanning it as research for his upcoming tell-all book on computer-age infidelity.

It’s simply the nature of the Net: There is no regulated or centralized online clearinghouse that sorts your private mail for discreet, door-to-door delivery.

Instead, the Web functions exactly as its name hints: Like a big, sticky spider web. Your e-mail rants (and even your Web page requests) travel the Net’s myriad strands, looking for an available path to their final destination and often leaving a pretty messy trail.

With millions of messages and Web pages flying around at any given moment, however, it’s not very likely that your particular dirty bits are going to be intercepted by the international sex cops – or, for that matter, your suspicious spouse.

Unless you are being trailed by some cybersavvy private eye – or your public profile is high enough to warrant some journalist’s effort – you’re probably safe. If they really want to know the dirt on you, they’ll probably just take the easy way out and tap your phone.

Still, the idea is unsettling. Imagine a postal system where envelopes are forbidden and every letter gets photocopied before it leaves the mail truck. It sounds far-fetched, but this is a fairly accurate analogy for what’s beginning to transpire online. We may soon relinquish all claims to privacy if somebody doesn’t do something. Fast.

Thankfully, somebody is on the case. Meet the cypherpunks, a loosely connected worldwide alliance of cryptographers, hackers, programmers and privacy advocates. No, that’s not
cyber – it’s cypher, as in secret decoder ring.

The cypherpunks passionately believe that privacy is necessary for an open society, especially in an electronic age. In his Cypherpunk Mani-
festo (www. replay. com/cpunk/manifesto. html), veteran cypherpunk Eric Hughes asserts, "If I say something, I want it heard only by those for whom I intend it."

To ensure this, cypherpunks and their ilk have developed ingenious methods of cryptography, scrambling data to allow two or more people to communicate online in a completely anonymous manner. When cypherpunks communicate on the Web, their transmissions are only as public as they want them to be. In fact, an early cypherpunk trick known as remailing – a process in which e-mail is routed through several anonymous computers – was used by Kosovar dissidents during the recent Balkan conflict.

American law enforcement bodies (such as the National Security Agency) are understandably disturbed by these developments. Citing national security, they wail about the inherent danger of this encryption technology getting into the hands of enemy governments, drug dealers and terrorists.

In fact, the most popular cryptographic technique used by cypherpunks (humbly called Pretty Good Privacy, or PGP – a free download from – has already been outlawed for export outside of the United States or Canada.

It’s a futile effort. Numerous offshore Web sites already feature versions of PGP for easy download. And cypherpunks argue that laws restricting cryptography only limit its use by regular people. Terrorists will find a way to get it anyway.

More important, cypherpunks strongly believe that, unlike malicious secrecy, basic privacy is an inalienable right.

"A secret matter is something one doesn’t want anybody to know," writes Hughes. "Privacy is the power to selectively reveal oneself to the world."

I’m inclined to agree. Is it too much to expect the United States to pioneer legislation enabling private communication rather than passing laws against it? It seems almost – dare I say it – un-American not to champion the cypherpunk cause.

In our current fat and happy America, I’ve often wondered what might happen if we were forced to rethink our system of freedom. As the Internet inevitably becomes our chief method of communication, it seems we are going to have to do just that.

Perhaps we should set the example for the rest of the world. If we can’t be private citizens here, it’ll be a public shame.