Questioning Electronic Data as Evidence
Post from October 29, 2014 (↻ May 18, 2018), filed under Everything Else.
I wrote this six months ago. I shared it with Bruce Schneier and Felix von Leitner who were like, so-so. A perfectionist, I thought to build a better, the perfect case. But now I’m just shaking it out for one can get the point. As for weaknesses of the argument, help me to build a stronger case by commenting or spreading the word, in your words. Meanwhile, I’ve switched to a new disclaimer.
We need better defenses against assaults on our rights and privacy. In a world in which most happens electronically, one such defense gets surprisingly little attention: Everything electronic can be forged. And thus what we must insist on—must for I think we’re beyond polite wishes—is have the weight of all electronic personal data discounted, and not admitted as evidence in courts.
We need this because we know about the utter unreliability of everything electronic:
- MAC addresses can be spoofed,
- IP addresses can be spoofed,
- caller IDs can be spoofed,
- emails can be spoofed,
- connection data can be faked,
- location data can be faked,
- log files can be manipulated,
- photos can be manipulated,
- videos can be manipulated,
- real-time data streams and CCTV can be manipulated,
- people can pose as others,
- computer systems are not secure,
- the underlying physical systems are not secure,
- there’s generally no certainty in computer systems,
- &c. pp.
We also know that
- IPs don’t identify individuals, already a consequence of the above,
- big data (as through mass surveillance) are prone to statistical errors,
- authorities can’t reliably be trusted,
- electronic data don’t convey intent (mens rea), and
- people make mistakes.
All of this means that no one can be sure about anything electronic. Electronic information and interaction are only virtual. We don’t necessarily know who we’re talking to online and where and how our data is being used. We mostly trust it’s used how we intend it to be used, or that at least it isn’t used against us. We take that all with good faith. That’s always been the case, and it’s time we make that clear. Something as flimsy as electronic data mustn’t be used against us—not by corporations, not by governments, and not by courts. (We can doubt that former court cases considered that governments tap and tamper all infrastructure themselves, and hence we need to challenge those rulings.)
We all, in particular the people who are most experienced with the technical and legal intricacies (clearly not me, for you see how I’m still working on this case), need to question electronic evidence in our courts, to fight for a decision that electronic data will not be accepted as evidence anymore, with a rigorous check for whether it’s even permissible as circumstantial evidence.
Justice, then, can still be served. The world doesn’t end. What this all leads to is that we fall back to a system in which people need to be caught in flagranti. Actually been seen committing the crime. Electronic data can still be used to get indications for wrong-doing. That is, if someone is about to perform a criminal act, authorities can use that to drive over and respond when the person is committing that act. But we need to take the incentive away to hoard electronic data, and by amassing them use a different form of excessive force against all of us.
Until our computer systems have been hardened and freed from means of manipulation and surveillance—if ever—, we cannot accept that anything they tracked and documented can be regarded as “true.” When you think about it, it just makes sense. Our governments themselves made computers untrustworthy. And physical reality happens here. In front of our screens. Let’s also defend our rights and privacy with that.
About the Author
Jens Oliver Meiert is a technical lead and author (sum.cumo, W3C, O’Reilly). He loves trying things, including in the realms of philosophy, art, and adventure. Here on meiert.com he shares and generalizes and exaggerates some of his thoughts and experiences.
If you have any thoughts or questions (or recommendations) about what he writes, leave a comment or a message.