Julian Assange: The Byline Interviews, Part One – ‘The God of Mass Surveillance’
Seung-yoon Lee, CEO and Co-founder of Byline, recently conducted a rare exclusive three-hour interview with Julian Assange in Embassy of Ecuador, London. The interview will be serialised in three parts over the next one month.
In part one of our series of interviews with Julian Assange, he talks about how we now live in surveillance society, whether Facebook and Google are spying on us, and how on earth WikiLeaks out-smarted the United States to rescue Edward Snowden from Hong Kong.
Seung-Yoon Lee ("SY"): You recently wrote in the New York Times that “not only do we live in a surveillance state but in a surveillance society”. Can you explain what you mean by this?
Julian Assange ("JA"): We’ve increasingly become accepting of the surveillance that exists at all levels of society. It’s hard to escape from that in any traditional way. But I think there are ways to escape. On one hand we are taking into ourselves the notion that there should be various form of surveillance of individuals - that we can be surveilled. At the level of national security this is still fresh. Other national intelligence agencies engage in bulk Internet monitoring. But over time there will arise an acceptance that this is simply how society is - as has already arisen with other forms of surveillance. At that point, society develops a type of self-censorship, with the knowledge that surveillance exists - a self-censorship that is even expressed when people communicate with each other privately. There are examples of this in history, when everyone believes that the person they are talking to is not trustworthy or the communications medium is not trustworthy. That was the situation in East Germany, not because of mass electronics surveillance, but because up to 10 per cent of people were at some stage of their lives informants for the state. A double language evolved where no one was saying what they really meant. And conformity was produced because of this low-level fear.
Now finally Western civilization has produced a god, the god of mass surveillance. How is it like a god? It’s a little bit Abrahamic. If you look at most definitions, a god is omnipresent, omniscient, and omnipotent. In particular, god knows when you are doing something that you shouldn’t be doing and whether you are playing according to god’s rules. The conception of national security agencies and mass surveillance is that the overwhelming majority of communications are surveilled upon. Even conversations happening in person may be recorded through an Android phone, or through other electronic gadgets that are becoming increasingly sophisticated. Maybe your friend, although you just talked to them in person, can gossip over electronic media about what you said.
That feeling of omniscience must produce similar results to what is produced by Christianity, where priests claim that there is this god who is omniscient and you must do what he says. He is in your head, watching your every move. Even when you leave this church, don’t think you can do anything different to what I say because my pal -God - is there in your head watching everything you do, so you’d better not do anything I don’t like.
Historically, the spread of the Christian church is an example of how that conception of an omniscient being that monitors any deviation from the rules, is powerful and has an effect on people’s behaviour - enough of an effect for the Church to expand and thrive. If you read about people reared as devout Christians, who were constantly terrorized as children about committing a small sin and going to hell, it really does dominate their life and it dominates their behaviour, and often in a very bad way. As a group this makes them conform to things that perhaps they shouldn’t be conforming to. I think there is an extreme danger here, it changes societal behaviour and makes people conform in an unhealthy manner.
SY: There is this question over whether firms from Silicon Valley, from Facebook to Google, are active participants of mass surveillance or mere unwilling partners. What is your view on that?
JA: I wrote a book, partly on this subject - When Google met WikiLeaks. Having researched this issue and spoken to Google’s Chairman Eric Schmidt, Google’s relationship with the US intelligence agencies is extensive, and Google is formally defined as a key member of the Defense Industrial Base of the United States. But various employees of Google disagree. They would be opposed to that kind of relationship. The leadership seems more comfortable with such a relationship than the employees. But in the end it doesn’t matter.
SY: Why not?
JA: In the end it doesn’t matter whether Google is a completely willing participant, a partly willing participant, or a not at all willing participant. All that matters is that it is Google’s business model to collect as much information about the world and people as possible, and store it and index it and compile virtual dossiers on everyone and predict their behaviour, and sell it to various organisations and advertisers and so on. For any organisation that does that and is based in the United States, the US National Security Agency and other intelligence agencies will make sure that they get hold of that information. It’s simply too easy to do so and too attractive. It is very valuable information that gives the US deep state an edge.
This sounds like what Silicon Valley investor and entrepreneur Peter Thiel said, that there is an incredible pressure put on companies to give in.
JA: It is very easy to do so - the larger the company, the more interests it has. It can be affected by regulation, or by Court hearings, or by assets that can be seized, or by social relationships. You can’t expect a big company like Google with lots of interests to be able to withstand the pressure, the formal legal interference, or being co-opted. All three have happened to Google.
SY: Yet in Korea when the government pursued the mass surveillance of KakaoTalk, 1.5 million people migrated to Telegram, an encrypted messaging system. Is there potential for the market to create encrypted messaging systems?
JA: Yes, Telegram is exploding at the moment. But even before those revelations, it was starting to explode. The rise of Telegram predates those revelations. But subsequently it has increased market demand to about 5 times in response to that. These startups are growing quickly and lots of interesting ideas are being deployed. Telegram is one of those but there are several dozen now.
SY: Is there still hope – through market demand?
JA: Yes, it’s the biggest hope there is - however, it’s not so easy. Let me explain why. Telegram has about 40 million users now, which is impressive. But let’s say it goes to 200 million. There is going to be some messaging application that is going to become number one market leader. Because the Internet globalises information markets, that means there is just one information market. And as there’s one market, there’s no anti-trust regulation in that market - and there isn’t. It means there will be a market leader. There will be a second player, and some little tiny fish catering to niches. Look at that example in Microsoft, Apple, and few little guys. Google, Yahoo, and a few little guys. So that’s what happens when you have a globalized information market. For any particular communications service there is going to be a market leader, and then some company that has about 10 per cent, and then the rest are insignificant. The National Security Agency only needs to go after and compromise the market leader and maybe the second organisation to get nearly everything it wants, and capture most of the population. In 2013 the US Security Agency spent over $300 million compromising security companies, by buying parts of them, and by bribing employees. That is not including money spent on technical attacks as well. How many people can stand up to a million dollar bribe plus threats? How many engineers can stand up to that?
SY: If the price of the stock of the company is bigger than the bribe…
JA: No, you go after the individuals. Go after some engineer or system administrator. Or you go after the libraries, the other programs that are used to build encryption programs. Can all those people stand up to million dollar bribes, threats, computer hacking of their personal machines? No, not many - that is the problem. To properly protect an organisation you need technical defences, you need human defences, political defences, legal defences, all of these. And only one of these has to go wrong and then you have a backdoor into the system. That’s the problem.
SY: Is it the simple act of mass collection of information what makes the system so dangerous, then?
JA: If you have any popular service, that popular service becomes a very attractive target. Millions or tens of millions will be spent on compromising that attractive target, and how many companies can stand up to that?
There is way to deal with it. It is tricky but possible - it is to create cryptographic standards of communication which are completely independent but which, as you perform these communications, only work if the standard is being followed. It’s a bit hard to explain… I can’t think of an easy analogy but I suppose, if you have a standard about the size of a nut and a standard about the size of a bolt, and you have different companies producing nuts and bolts, but all according to standards, then you can take one bolt from one company and one nut from another company and try them out and compare them and how they fit together. Similarly when one person is using one communication service and another uses another communication service and the two are communicating with each other, the encryption can be constructed in such a way where the communication becomes impossible if it has been back-doored in a particular way. But it is not an easy thing to do. It requires some very advanced concepts to do this - so advanced that the market is not able to tell the difference, unfortunately. Cryptographers and cryptographic engineers can tell the difference, but unfortunately the market can’t tell the difference. And because it’s of extra complexity, it has extra cost. And because of the extra cost of that engineering and development, it will not reach the market, so inferior products are likely to dominate.
SY: You have said that small organisations like WikiLeaks have an advantage, in that they don’t have the bureaucratic problems that large organisations do. Is there potential to oppose the government with micro-political organisations?
JA: In the past 10 years there has been this Orwellian rise in power of national security agencies like GCHQ and others. But it is precisely this period that has also seen the growing independence and democratization of Latin America - which is a US backyard. At the same time that the landscape gets Orwellian, with total surveillance power, in Latin America you have increasing independence away from the US. One explanation is the US has cast its eye off Latin American and focused its resources on China and the Middle East. I accept that is part of the explanation. But another part is that with the increasing adoption of the Internet people can communicate with greater speed, and come to conclusions with greater speed
SY: Wouldn’t that be detected by the mass surveillance project?
JA: Yes, but the purpose of intelligence gathering is to understand what is happening and then to create a plan in response to what is happening, and to enact it. We have two loops. In one, a country like Ecuador, its political leaders are observing their environment, thinking about their observations, and creating a plan and enacting the plan. Having enacted the plan, they observe, create a new plan and act on it. The National Security Agency and those kind of organisations are doing the same thing. They are observing what is happening in Ecuador. They have almost total observational power. But they still need to understand what is happening from these observations and then create a plan. All of this takes time. But if the time for organisations and smaller states to understand their own environments and act on it is shorter than it is for large bureaucratic states like the US, then by the time the US has worked out how to subvert the Ecuadorian electoral process, for example, the campaign decisions have already been made and the situation has moved on.
Think about this striking statistic: there are a million new Android devices registered each day. How do we know that figure? Because Eric Schmidt of Google has reported this figure. And how does he know that figure? He knows this figure because all these devices register themselves with Google. ‘Here I am - just being turned on for the first time’, etc., and of course, afterwards as well. But a million a day is more than the population of the US every year. Imagine a media organisation expanding by more than the population of the US every year. They are sources of information for Google: where they are, what they are searching for, what articles they are reading. Imagine, small and medium organisations expanding at a rate of 400 million people per year. And that information is collected by our security agencies as well. But at the same time think about a million new people interacting with each other at speed over the Internet each day. Imagine how complex that becomes - all those interactions and different ideas bubbling up and then being pushed aside; influential new startups being created; political alliances and movements, and associations. That’s a very complex, fast-moving network being created. I think that is something you can be surveilling, but can you really understand and react to it? Not as fast as it can understand and react to itself.
SY: So in summary, you have two factors. One that large bureaucracies can’t react to small…
JA: They are so large they can’t react quickly. A concrete example is when we rescued Edward Snowden from Hong Kong. It was the largest intelligence manhunt the world has ever seen. We were going head to head with the National Security Agency. The Department of Justice, the White House, the CIA were all providing support for the NSA. I was in this embassy under intense surveillance myself. Through our knowledge of cryptography we managed to elude that surveillance. It is absurd to think that such a small international publisher - WikiLeaks - specialising in publishing things about war crimes, corruption, and intelligence agencies could go into a very clearly defined head to head contest against organisations with a combined budget of over a hundred billion dollars. But we did. I guess we have some brave and intelligent staff. But I think it is really that we are able to move much faster. We already understood the environment. We understood these organisations and how they behave. We have some ability to communicate in secret.
But it was clear that we had to send one, or more than one, of our people to Hong Kong. The booking records of the flight companies was not something we could hide. We did do various things to cover our traffic - for example, booking flights under Edward Snowden’s name to Beijing and India. We put a lot of work in to make the situation confusing for those who sought to violate Mr Snowden’s asylum rights. But in the end I think it really comes down to small, fast organisations with really bright people in them, versus very large, almost Soviet-esque, secretive government organisations. Now, secrecy breeds incompetence, because where there is failure, failure is kept secret. Also, the best and the brightest don’t really want to go and work for a big bureaucratic secret organisation where their talents can’t really shine, because it has to be kept secret. If you look, for example, at TOR co-founder Roger Dingledine, a very bright computer scientist; he did a summer internship at the National Security Agency when he was young. He decided it wasn’t for him because it was so boring.
Please stay tuned for the second part of the series, coming within the next two weeks. Byline thanks Alex Nunns (@alexnunns) for his assistance in editing this interview.