I’m working my way through Bruce Schneier’s Secrets and Lies: Digital Security in a Networked World. It’s a good and interesting read so far. A couple of remarks are particularly quotable.

“More than one person has pointed out that the war on drugs seems to be the root password to the U.S. Constitution.”

This means, in its Unix geek way, that the war on drugs is used to circumvent the Consitution. How true. Another good quote concerns public key escrow and national cryptography registration.

It is poor civic hygiene to install technologies that could someday facilitate a police state.

The points are made in a chapter discussing adversaries of privacy and freedom in the digital world. Police agencies, corporations, and national intelligence agencies are the big ones to watch.

Also of interest is the discussion of individual privacy laws and the lack thereof. The EU has the Data Protection Act of 1998. This act requires that organizations collecting personal data must register with the government and take precautions against misuse of data. They are also prohibited from the collection, use, and dissemination of personal information without the consent of the person. Further responsibilities include providing people with access to the data collected about them, the ability to correct that data, and the ability to opt-out of such data collection. The U.S. has no such laws. One clause of the EU act makes dealing with lawless U.S. companies difficult. The clause states, “Data collectors have the responsibility to protect individual data to a reasonably high degree, and to not share the data with anyone who does not adhere to these rules.” Since U.S. companies do not come close to meeting these rules, they had to be allowed for under safe-harbor provisions. Oh how I wish the U.S. Congress wasn’t in the corporate pocketbook.