The town is known for its beaches, carnival and festive atmosphere, but it wasn't samba-dancing revellers who woke the banker Daniel Dantas up that morning.
In fact, he had the pleasure of seeing the Brazilian police enter his apartment to conduct a raid. Accused of financial crimes, Dantas had several hard drives seized by the police, believed to contain evidence of his financial wrongdoing.
A well-encrypted disk can even withstand the onslaught of the world's most powerful police agency, even though it only takes a few minutes to encrypt!
In the end, the authorities were unable to use the drives, and he was acquitted of all charges several years later.
This story may not seem like much, but it represents a profond disruption : until recently, a state had the assurance of having access to all documents created by one of its citizens if it so wished, after a judicial process that varied in length depending on the country's democratic credentials.
So, to gain access to the documents of someone arrested by the police, the forces of law and order armed with a judge's search warrant simply had to search the defendant's home, and any places where documents might have been stored by him.
The only way for an individual to protect himself against this was to physically conceal these documents, in a cache for example, which was possible but difficult.
By the same token, this state could easily gain access to the telephone conversations of anyone suspected of a crime, and sometimes even of people suspected of nothing2.
On this point, the balance of power between the State and individuals was unequivocal: the State won by a wide margin.
Thanks for reading Disruptive Horizons! Subscribe for free to receive new posts about how Nation-States are disrupted by the Internet and Globalization, and how to transform from a Mono-Country to a Netizen Without Borders :
How cryptography disrupts this foundation
As soon as computer encryption became sufficiently robust that even governments couldn't crack them - in other words, when encryption was democratized in the 90s3 - this balance of power was completely reversed: an individual who was sufficiently well educated in how to encrypt his digital devices could be arrested, without law enforcement agencies being able to access his documents, even with all the warrants in the world.
The right to use encryption strong enough to not be easily defeated by the state was a significant battle between activists called cypherpunks and the US government in the 90s, which the cypherpunks won. More on this later in the book and in future articles.
To understand how cryptography works, it's useful to think of it as a series of padlocks and keys.
Imagine you have a document or message you want to secure. Cryptography transforms this document into something incomprehensible using a process called "encryption".
It's like putting your document in a box and locking the box with a padlock. The padlock, in this case, is an algorithm - a series of instructions used to shuffle the information in the document in a very specific way.
But here's the trick: this padlock can only be opened with a specific key. This key is a string of numbers and letters generated by the algorithm when you encrypt the document.
Without this key, the document is essentially gibberish - impossible to read or understand.
There are different kinds of padlocks, or algorithms, which vary in complexity and security. Some are so strong that it would take a supercomputer - costing tens of millions of dollars - millions or billions of years to try every possible key and decrypt the document.
Other algorithms, known as public-key cryptography, use a pair of keys: a "public key" that can be freely shared and used by anyone to encrypt the document, and a corresponding "private key", which only the recipient of the message needs to know and which is required to decrypt the document.
Encryption makes it easy to make documents inaccessible to governments with resources infinitely greater than those of an individual, with a process as simple as entering a password.
It's a profound disruption. Of course, the state remains the most powerful in this balance of power, but it is a little less powerful, and this is a constant in all the disruptions I share in this blog : each one diminishes the power of the state a little.
And it all adds up.
But a state can force an individual to reveal his password, can't it?
The Infamous Wrench Attack
It is true that theoretically, it is always possible to force the arrested individual to reveal his or her password, using appropriate methods.
But most of the most brutal and effective methods are banned in democratic countries, and many lawyers in many countries believe that it is not legally possible to force an accused person to reveal his or her password, as this would contravene the right not to incriminate oneself and/or to remain silent.
The legal situation in several countries
In France, failure to reveal a password is punishable by 3 years' imprisonment and a 45,000 euro fine (maximum)... but only for third parties: the principal accused does not have to reveal it, as the right not to incriminate oneself prevails4 .
So if no one else knows your password, you have the right not to reveal it.
It's the same in Belgium5 , Switzerland6, Canada7 or USA8.
By choosing the right encryption system and password, simple individuals can make millions of documents9inaccessible even to states with huge resources10 .
Encryption takes a few clicks and a few seconds to set up, and when used properly, is virtually impossible to crack even by the world's most powerful governments.
It's a major inversion of the balance of power between attack and defense, and as we saw in 10 Principles of History for predicting the future, such an inversion is always extremely disruptive for the powers that be.
So what happened with Daniel Dantas is far from unique, and of course it has enabled many criminals to escape justice, or at least slow it down.
But it's always the same: tools can be used by criminals or activists, and human rights defenders in authoritarian countries are very happy to have access to such tools.
And in all cases, this diminishes the power of nation-states.
Thanks for reading Disruptive Horizons! Subscribe for free to receive new posts about how Nation-States are disrupted by the Internet and Globalization, and how to transform from a Mono-Country to a Netizen Without Borders :
Even more security: hiding the fact of using encryption
Some encryption tools even allow you to hide the fact of having encrypted documents: the well-known VeraCrypt (the successor to TrueCrypt used by Daniel Dantas), for example, allows you to create a normal encrypted partition, then a hidden encrypted partition.
So, if you're forced to reveal your password, you can reveal only that of the "normal" partition, and it will then be very difficult, if not impossible, for anyone to prove that you have another partition hidden in your computer.
Similarly, while it is always possible for a state to carry out wiretaps and monitor the SMS messages exchanged by a suspect, using a secure messaging system like WhatsApp or, even better, Signal makes such surveillance impossible thanks to the end-to-end encryption offered by these applications, which is unbreakable even by the most sophisticated government agencies11.
We'll talk more about these tools and how to use them effectively in the section on IT security.
Encryption also protects against mass surveillance
Also, since the Snowden revelations, a major drive to encrypt web traffic has been undertaken by civil society: encrypted web traffic has risen from less than 50% at the start of 2014, to half in 201712, and reached 95% in early 2020, a rate that has been maintained ever since13, making the Internet much less susceptible to mass surveillance.
This is yet another blow to governments, which previously engaged in shameless mass surveillance, even in democratic countries, as we'll see in future articles.
In conclusion: a fundamental basis without which cryptocurrencies could not exist
The fact that good encryption and a good password give an individual the power to prevent an all-powerful state from accessing his or her data is already a big disruption , as we saw, but it takes on a whole new proportion when encryption is combined with crypto-currencies: it creates money elusive to states.
If you've made it this far, then you've probably enjoyed this article. If yes, feel free to subscribe for free to receive new posts about how Nation-States are disrupted by the Internet and Globalization, and how to transform from a Mono-Country to a Netizen Without Borders :
Former French president François Mitterrand's illegal wiretapping of journalists such as Edwy Plinel, lawyers such as Antoine Comte and Jacques Vergès, author Paul-Loup Sulitzer, actress Carole Bouquet, etc., between 1983 and 1986. 7 of François Mitterrand's former collaborators were found guilty in 2005, and the court declared that François Mitterrand had been "the inspiration and decision-maker for the essential part" of this affair: had he still been alive, it is likely that he would have been convicted.
"Si la police le demande, est-on obligé de donner son mot de passe ?", Eric Freyssinet, former head of the Gendarmerie Nationale's digital mission, in a 2016 Nouvel Obs article.
“The police want your phone data. Here’s what they can get — and what they can’t.” Vox - By Sara Morrison 2020.
“Does your 5th Amendment Right (self-incrimination) and 4th Amendment Right (illegal search and seizure) apply to your Smartphone’s passcodes and passwords?” Gambone Law
Some countries, like the UK, allow judges or the police to force you to reveal your password, and these laws are subject to change: always consult a lawyer if you need to.
Unless there's a security flaw in the protocol, which is unlikely. On the other hand, a state could try to penetrate your smartphone or computer using unfixed security holes, but this is a difficult attack to deploy en masse, and is generally only used on high-value targets.
#/media/File:Daniel_Dantas.jpg){kind=link}