Take Only Data, Leave No Footprints: Cybersecurity as Speculative Paranoia

I gave this talk as a part of the panel Activist Infrastructures: Vulnerable Collections and Minimal Computing, at MLA 2018 in New York City.

Hello everyone. I’m absolutely honored to join this panel, and grateful to all those who made it through the wind and snow. In the craze of canceled flights, earthquakes off the West Coast, and lagging public transit, this week is turning into an object lesson on vulnerable infrastructures.

I want to start my talk with an informal poll. Could anyone who uses an ad blocker on their desktop or mobile web browser please raise your hand? (I can’t promise there aren’t journalists in the audience who will be very mad at us, but I think we’re among friends.)

Could I get a show of hands for anyone who uses two-factor authentication? How about tracking script blockers? An encrypted message program like Signal or WhatsApp? How about a password manager like 1Password or LastPass?

And a little more esoteric—who here regularly uses a VPN? PGP encryption? The Tor browser?

We can all put our arms down now.¹ I’ve just run through some of the more common technical answers to the question: “How do I stay secure and private on the internet?” There are, as our poll suggests, a dizzying number of them, and sorting through them is overwhelming even for those of us more technically inclined. Over the past year, in an unsurprising response to a host of new geopolitical realities, we’ve seen a cottage industry of security recommendations pop up in venues as varied as The New York Times, Vice, and even Teen Vogue. Together, these recommendations form a standard suite of answers to some of the most messy questions of our digital lives. “How do I stop advertisers from surveilling me?” “How do I protect my internet history from the highest bidder?” And “how do I protect my privacy in the face of an invasive or authoritarian government?” In this talk, I want to use these security guides as answers that help us interrogate the terms of those questions. I’m less interested in whether or not these tools are effective as such. Rather, I want to ask how these tools in particular orient us toward digital space, engage imaginaries of privacy and security, and structure relationships between users, hackers, governments, infrastructures, or machines themselves? In short: what are we asking for when we construe security as a browser plugin?

Over the next eight or so minutes, I’m going to take up the security guide as a literary genre. My aim is to ask what “how to stay safe online” articles suggest, as texts, about our contemporary relationship to digital space. The increasing popularity of these guides evinces a watchful anxiety permeating even the most benign of online interactions, a paranoia that emerges from an epistemological collapse of the categories of “private” and “public.” These guides offer a way through the wilderness, techniques by which users can harden that private/public boundary. Through the precise application of technical tools, we can regain a prelapsarian security lost to our new digital age. But, of course, this is too easy an answer. As I’ll argue, security guides recommend a range of useful techniques that shore up vulnerability, but do so with such an oppressive focus on the individual that they end up breeding a speculative paranoia antithetical to the transformative collective action we need in order to move past our insecure, surveillance-ridden internet. I suggest that instead of speculating on possible threats to our individual security, we can instead speculate collectively toward new digital infrastructures that take vulnerability as a value, as a first principle, rather than an unacceptable danger.

Since time is short, I’m going to focus on one guide in particular: the “Surveillance Self-Defense Guide” from the Electronic Frontier Foundation, a legal advocacy group that focuses on questions of digital security. Their guide has much to recommend for it, and indeed is the template upon which many non-technical organizations base their own guides. Like the Times or Teen Vogue, the EFF does recommend some standalone tools. Indeed, the EFF developed some of the gold standard tools for limiting tracking and surveillance, like Privacy Badger and HTTPS Everywhere. But the EFF is far more interested in helping readers “develop careful practices” for security rather than getting them to download a bunch of browser plugins. Security, they argue, is processual; an embodied practice of moving through both on- and offline space with a situational awareness of incoming threats. Their blanket term for the holistic process of assessing and responding to possible attacks is “threat modeling.” Cybersecurity begins from a place of pragmatism: it is, after all, definitionally impossible to protect oneself from all possible threats. (This is also a useful principle when traveling into the heart of a snow cyclone.) Nor is everyone vulnerable to the same kinds of threats. Threat modeling then engages imaginative work to anticipate the possible threats against one’s specific situation. For instance, as I live with other people, my threat model might take into account that more people than just me have physical access to my devices. But on the other hands, I don’t have to secure the same kind of valuable and irreplaceable information as, say, Robert Mueller. One’s threat model is a personalized piece of speculative fiction, reminiscent of the Cold War scenarios that Peter Galison notes structured the horizons of possibility for such unimaginable threats as thermonuclear war.² And while I’m not suggesting that our individual cybersecurity carries the same weight as mutually assured destruction, both the threat model and the wartime scenario help individuals, as Galison argues, “‘practice’ dealing with [an] endless crisis,” whether the Cold War or yet another massive hack (45).

And on every page of its guide, the EFF is insistent that security is not located in a single tool or technical paradigm, but rather an ever-evolving set of habituated practices. These practices have their own highly militarized and securitized language: we speak of threats, analyze risks, protect data as assets, and evaluate and quantify the trust we extend to other people, systems, and machines. In the internet’s decentralized infrastructure, individuals come to function as miniature states, encouraged to think of the macro work of defensive geopolitics reproduced as daily practice. Thankfully, the EFF acknowledges that this worldview breeds untenable paranoia. In their “seven steps to digital security," they write: “Computer security advice can end up sounding like you should trust absolutely no one but yourself. In the real world, you almost certainly trust plenty of people with at least some of your information . . . What’s tricky in the digital space is understanding who you are trusting, and with what.” But by the end of this paragraph, the guide doubles back around to the individual: “Online or offline, the fewer people you share a secret with, the better chance you have of keeping it secret.” I’m interested here in how easily a user’s data shades into the category of the “secret.” Is security the same thing as secret-keeping? How many secrets can we be expected to keep? What should be a secret, and to whom? The EFF’s approach to trust verges into the speculatively paranoid: we imagine the secret, once told, proliferating and multiplying. Better not to share it at all.

Moreover, the possibilities for digital security grow more complex when faced with the material reality that devices operate through an inherent insecurity. As Wendy Chun has argued, our networks work by leaking.³ While we may think that our wireless network cards, for instance, are just identifying available local networks, they are in fact constantly scanning, writing, and deleting all packets in range. We can reveal these traces through technical means, but contemporary operating systems err on the side of occlusion, rather than exposure. Many of the tools the EFF recommends attempt to shore up this leakiness. An ad blocker works precisely because every single web page we access gets downloaded from a server to our local machine. We can then force local machines to simply not download the parts of the page that would track us. But leakiness always works both ways. For instance, e’re now seeing more and more websites identifying users who block ads, and then in turn hold their own content hostage.⁴ Communication, by its very nature, demands some dimension of insecurity, some material vector for possible attack. Communication is always already a vulnerable act. The perfectly secure machine, as Chun notes, would be unusable: it would cease to be a computer at all. We can then only ever approach security asymptotically, always leaving avenues for attack, for it is precisely through those avenues that communication occurs.

To close, I’ll return to my opening question: according to the EFF’s guide, what do we desire when we practice security online? Some provisional answers: we desire mastery over our devices’ capacities to leak and communicate, such that we can personally verify the trustworthiness of all incoming signals. We desire individuated protection capable of holding our castle firm even as the world crumbles around us. And most of all, we desire a world made differently—a digital economy not reliant on surveillance, a global network not under constant threat of incursion. The EFF’s guide offers a speculative model for a new kind of internet, one undoubtedly and commendably more secure and safe for all its users. And indeed, if all users applied their recommendations, while they wouldn’t destroy the surveillance economy, they would at least deliver a sharp blow to its gut. But I still want to put gentle pressure on how individuated this model is. There is no room, or at least less room, in a world of locked-down browsers, encrypted messaging apps, and verified communication for qualities like serendipity or chance encounters. Certainly in a world chock-full with bad actors, I am not arguing for less security, particularly for those of us most vulnerable to attack online. I myself use many of the EFF’s recommendations, and have no intention of stopping anytime soon. But I have to wonder how our intensive speculative energies, so far directed toward all possibility for attack, might be put to use in imagining a digital world that sees vulnerability as a value. So maybe I can end with a beginning, with some questions for a new threat model. What worlds can we build when we imagine possible solidarities rather than attacks? If we practiced collaboration rather than individual crisis response? If suspicion was not a precondition to trust? And if we discarded the fantasy that it was ever possible to take only data, and leave no footprints?