Questioning Electronic Data as Evidence
Post from October 29, 2014 (↻ June 8, 2021), filed under Everything Else.
I wrote this six months ago. I shared it with Bruce Schneier and Felix von Leitner who were like, so-so. A perfectionist, I thought to build a better, the perfect case. But now I’m just shaking it out for one can get the point. As for weaknesses of the argument, help me to build a stronger case by commenting or spreading the word, in your words. Meanwhile, I’ve switched to a new disclaimer.
We need better defenses against assaults on our rights and privacy. In a world in which most happens electronically, one such defense gets surprisingly little attention: Everything electronic can be forged. And thus what we must insist on—must for I think we’re beyond polite wishes—is have the weight of all electronic personal data discounted, and not admitted as evidence in courts.
We need this because we know about the utter unreliability of everything electronic:
- MAC addresses can be spoofed,
- IP addresses can be spoofed,
- caller IDs can be spoofed,
- emails can be spoofed,
- connection data can be faked,
- location data can be faked,
- log files can be manipulated,
- photos can be manipulated,
- videos can be manipulated,
- real-time data streams and CCTV can be manipulated,
- people can pose as others,
- computer systems are not secure,
- the underlying physical systems are not secure,
- there’s generally no certainty in computer systems,
- &c. pp.
We also know that
- IPs don’t identify individuals, already a consequence of the above,
- big data (as through mass surveillance) are prone to statistical errors,
- authorities can’t reliably be trusted,
- electronic data don’t convey intent (mens rea), and
- people make mistakes.
All of this means that no one can be sure about anything electronic. Electronic information and interaction are only virtual. We don’t necessarily know who we’re talking to online and where and how our data is being used. We mostly trust it’s used how we intend it to be used, or that at least it isn’t used against us. We take that all with good faith. That’s always been the case, and it’s time we make that clear. Something as flimsy as electronic data mustn’t be used against us—not by corporations, not by governments, and not by courts. (We can doubt that former court cases considered that governments tap and tamper infrastructure themselves, and hence we need to challenge those rulings.)
We all, in particular the people who are most experienced with the technical and legal intricacies (clearly not me, for you see how I’m still working on this case), need to question electronic evidence in our courts, to fight for a decision that electronic data will not be accepted as evidence anymore, with a rigorous check for whether it’s even permissible as circumstantial evidence.
Justice, then, can still be served. The world doesn’t end. What this all leads to is that we fall back to a system in which people need to be caught in flagranti. Actually been seen committing the crime. Electronic data can still be used to get indications for wrong-doing. That is, if someone is about to perform a criminal act, authorities can use that to drive over and respond when the person is committing that act. But we need to take the incentive away to hoard electronic data, and by amassing them use a different form of excessive force against all of us.
Until our computer systems have been hardened and freed from means of manipulation and surveillance—if ever—, we cannot accept that anything they tracked and documented can be regarded as “true.” When you think about it, it just makes sense. Our governments themselves made computers untrustworthy. And physical reality happens here. In front of our screens. Let’s also defend our rights and privacy with that.
I’m Jens Oliver Meiert, and I’m an engineering manager and author. I’ve worked as a technical lead for Google, I’m close to the W3C and the WHATWG, and I write and review books for O’Reilly. Other than that, I love trying things, sometimes including philosophy, art, and adventure. Here on meiert.com I share some of my views and experiences.
If you have questions or suggestions about what I write, please leave a comment (if available) or a message.
Have a look at the most popular posts, possibly including:
Looking for a way to comment? Comments have been disabled, unfortunately.
Perhaps my most comprehensive book: The Web Development Glossary (2020). With explanations and definitions for literally thousands of terms from Web Development and related fields, building on Wikipedia as well as the MDN Web Docs. Available at Apple Books, Kobo, Google Play Books, and Leanpub.