Announcement: no blog post this week

Dear readers,

just to let you all know that there will be no blog post this week as I need a bit of a break. I have been working a lot recently – writing articles for various websites, exciting! – and I need a just weekend of being lazy – of sorts; I will be running a race 🙂 I will be back next week or the week after that at the latest (after watching Citizenfour 🙂 –  unless something major happens or inspiration strikes.

In the meantime, why not have a look at one of the Intercept‘s most recent stories on how New Zealand Cops Raided Home of Reporter Working on Snowden Documents.

 

The Nobel Peace Prize: well-deserved and no room for criticism

On Friday, the 2014 Nobel Peace Prize was jointly awarded to Kailash Satyarthi and Malala Yousafzai. It would be difficult to fault the Nobel committee for its decision and I have no intention of doing so. Both Satyarthi and Yousafzai are well deserving of the honours for their, as the Nobel citation reads,

struggle against the suppression of children and young people and for the right of all children to education.

And not just for that but also for their inspiring personal courage.

What is more, the decision to award the Nobel Peace Prize jointly to Malala Yousafzai – a 17-year-old Pakistani Muslim – and Kailash Satyarti – a 60-year-old Indian Hindu – very much sets a sign.

The Nobel Committee regards it as an important point for a Hindu and a Muslim, an Indian and a Pakistani, to join in a common struggle for education and against extremism,

Thorbjorn Jagland, the committee’s chairman, said upon awarding the Peace Prize in Oslo.

However – at the risk of taking an unpopular stance here – despite the unquestionable importance of Satyarthi and Yousafzai’s common cause and irrespective of their incredible courage, one cannot entirely help thinking that the Committee’s was also very much a safe choice.

It is impossible not to agree that these are worthy laureates or that their struggle deserves all the recognition they are getting and have gotten in the past. It is impossible not to agree that theirs is a cause worthy of a Nobel. Yet the impossibility of faulting the decision is so conspicuous it is in itself noteworthy.

This year’s choice of laureates will not, as other choices might have, call into question “the independence of the parliament-appointed Norwegian Nobel Committee, which selects the winner.” Neither will it do anything to “rock US relations”, as giving the prize to Snowden and/or Manning would have. So as room for criticism goes, the committee has kept itself conspicuously safe from both the people who question its independence and the ones who it may not be quite independent from.

Granted, putting a strain on diplomatic relations by awarding the Nobel isn’t unprecedented – the Prize was awarded to Chinese dissident Liu Xiaobo in 2010. But the US aren’t China and Barack Obama himself is a Nobel laureate. So is the European Union. Arguably, at least one of these choices has turned out to be perhaps not the best one.

For Snowden or Manning to be awarded the Peace Prize was never likely. At the latest, this should have been obvious from the moment when Snowden was awarded the Right Livelihood Honorary Award, aka the “alternative” Nobel. Without seeking to diminish the significance of the award – which Snowden himself called a “vindication” – one could ask the question if perhaps this was just a little bit of an alibi award. And even if it wasn’t, the fact that Sweden’s foreign minister Carl Bildt kicked up a fuss about Snowden potentially travelling to Stockholm to receive it, says a lot. Bildt declared himself “personally offended”. By contrast, there is probably not going to be much offence taken by anyone at the Peace Prize being awarded to two children’s rights activists, at least not in the so-called “Western” world (and if there is, that person is a moron).

Yet, Bildt taking “personal offence” (which is also moronic) at Snowden’s honours once again beckons the question of why so many people in so many governments still aren’t talking about how offensive indiscriminate mass surveillance is to us as citizens. Instead, governments at best let down and at worst demonise the people who made any such talk possible.

Awarding the Nobel to Snowden and Manning would have been a way of acknowledging the need for discussion, both nationally and internationally. It would have set a clear sign that in a day and age where governments keep calling for more spying powers rather than less and where the threats of terror organisations like ISIS (worrying though this is) are used to justify the infringement of people’s civil rights and liberties, we need at the very least to talk about whether or not we agree to surrender some or all of these rights and liberties in favour of security. The answer of this year’s laureates – who fight for basic rights and freedoms – to that question would probably be a clear and resounding no.

The Nobel Committee rightfully recognises the need to fight for such rights, yet at the same time fails to highlight the fact that having them does not mean that we cannot lose them again. It is a sad thing that while people keep risking their lives for these rights and liberties (and sometimes get duly recognised for that), others take them so much for granted that they allow them to be eroded at every turn. Snowden’s and Manning’s service is that they have made us aware of this. Sadly, many of us have yet failed to listen.

In the UK, there is little significant protest against the plans of the Home Secretary to increase surveillance powers – that is, protest is limited to the usual suspects. In Germany, the government is trying to curb parliamentary oversight and has recently found itself in dire straits after it emerged that its foreign intelligence agency (BND) has been cooperating much too closely with the NSA. Illegal things have happened. In the USA, a lot of surveillance is conducted without any significant oversight at all under Executive Order 12333. Yet, protest remains muted, government commitment to change or even an investigation into the violation of citizen rights even more so. Awarding the Peace Prize to Snowden and Manning may have sent a signal that we all seem to need: of the magnitude of what they have revealed. It might have forced us to look at violations that aren’t so obvious or happen so far away that awarding a prize for challenging them becomes an obvious, unfaultable thing to do.

Malala Yousafzai and Kailash Satyarti are well deserving of the Nobel Peace Prize – that is out of the question. Yet while it is perfectly acceptable to acknowledge their struggle and to realise the importance of their achievements, the same cannot be done for those who highlight the shortcomings of nation states we already consider liberal, enlightened, and in possession of the rights these people are fighting for. It is a silence that resonates within the Nobel Committee’s choice.

Now, perhaps we should cut the committee some slack by assuming that all they were really thinking of was to rightly award the Peace Prize to two incredibly inspiring people who continue to fight tirelessly for an important cause. If that is the case, there is no faulting their choice of laureates. Even if it isn’t, there is no faulting the choice of laureates for the causes they stand for and the inspiring way in which they do it. Which makes it so hard to point to everything the choice isn’t saying. But ulterior motives or not, that silence is there.

Hopefully, this year’s Nobel Peace Prize can serve as a reminder that too many people still aren’t in possession of the rights and freedoms we take for granted. German Green MPs Katrin Göring-Eckardt and Anton Hofreiter called this year’s Nobel Peace Prize a “sign to us all to stand up for children’s rights worldwide”.

Let’s do that. But let’s not forget, either that we already have the rights others risk their lives for and that we must take care not to give them up without even noticing.

(Nicht weit) her mit der Rechtsstaatlichkeit! Deutschland und GroĂźbritannien im Vergleich

Spätestens seit den Veröffentlichungen in der Süddeutschen Zeitung zur Zusammenarbeit des BND mit der NSA unter „Operation Eikonal“ dürften nun auch dem Letzten ein paar Dinge klar sein:

  • Wieso die Bundesregierung, einschlieĂźlich der SPD, sich gegen eine Aussage Edward Snowdens vor dem NSA-Untersuchungsausschuss sträubt
  • Wieso Vizekanzler Gabriel seit der Wahl das Gegenteil von dem sagt, was er vor der Wahl gesagt hat.
  • Wieso „der derzeitige AuĂźenminister [Frank-Walter Steinmeier] schon seit den ersten Tagen nach Snowden so merkwĂĽrdig still war“.

Man kann sich schlecht auf das „ganz normale“ deutsche Rechtssystem berufen, wenn man jahrelang Grundrechte verletzt hat.

Man kann auch kein Interesse daran haben, den wichtigsten Zeugen aussagen zu lassen, wenn man selbst Dreck am Stecken hat.

Man kann nicht die Regierung – Teil derer man selbst ist – kritisieren für eine Operation, die man abgesegnet hat, als man noch in einer anderen Regierung war.

Und natürlich kann man nicht hergehen und die USA dadurch verärgern, dass man sich deren „Straftäter“ zur Aussage holt, wenn man jahrelang fleissig mitgemischt hat bei den Praktiken, zu denen er da aussagen soll.

Sowas Dummes aber auch!

Die Frage, weshalb das mit der Snowden-Aussage so ein Angang ist, wäre damit zureichend beantwortet: mit der deutschen Souveränität hat das offenbar weniger zu tun, als mit Rechtsstaatlichkeit und Aufrichtigkeit der deutschen Regierungen (Plural, weil es ja eben nicht nur die aktuelle Regierung ist, die da Grundrechte verletzt, sondern die vergangene rot-grüne Regierung gleichermassen).

Was Eikonal für die Rechtsstaatlichkeit bedeutet, dazu sagt Sascha Lobo im Spiegel schon alles. Besonders bemerkenswert und wahr ist, was er da über Kontrolle schreibt, besonders amüsant und zugleich treffend seine Beschreibung, mit Eikonal den Bock nicht etwa zum Gärtner zu machen, sondern ihn „aus dem Kanzleramt heraus [mit] einem Flammenwerferangriff auf den Garten zu beauftragen“.

Interessant ist an Lobos Kolumne aber noch etwas ganz anderes: nämlich die Reaktion des Regierungssprechers Steffen Seibert zu Fragen nach Eikonal bei der Bundespressekonferenz am 6. Oktober. Lobo nennt Seiberts Verhalten „verbales Reagieren“, denn „seine Einlassung “antworten” zu nennen, wäre ĂĽbertrieben“.

Sagte Seibert:

Ich glaube, Sie werden kein Beispiel dafür finden, dass ich mich hier für die Bundesregierung oder die Bundeskanzlerin schon zu streng geheimen Sachverhalten, die in Dokumenten enthalten sind, die dem Deutschen Bundestag oder seinem Untersuchungsausschuss zugeleitet worden sind, geäußert hätte. Deswegen tue ich es auch diesmal nicht.

Spannend ist das deshalb, weil die englische Regierung seit Beginn der Snowden-Enthüllungen exakt dieselbe Rhetorik anwendet: zu Sachverhalten die Geheimdienste betreffend wird sich nicht geäussert. Der einzige Unterschied ist, dass man sich in England auch sonst nicht gross äussert – und, dass keiner so richtig fragt.

Es gibt aber noch andere Parallelen: in Deutschland wurde offenbar die

G10-Kommission, die für parlamentarische Kontrolle von Abhöraktionen nach dem G10-Gesetz zuständig ist, nicht über die Kooperation [von NSA und BND] informiert.

In England trug sich ähnliches zu. Da sind die Geheimdienste offenbar auch der „Auffassung… die zuständigen Kontrollgremien ĂĽber ihre Aktionen nicht informieren zu mĂĽssen.“

Die englische Regierung reagiert darauf nicht etwa mit einer umfassenden Untersuchung, sondern viel mehr mit der Forderung, die Befugnisse zur Ăśberwachung aller Kommunikation nach der Wahl 2015 weiter auszudehnen.

In Deutschland ist derweil der SPD-Obmann im NSA-Untersuchungsausschuss, Christian Flisek, der Ansicht

dass eine effektive parlamentarische Kontrolle… frühzeitig intervenieren [können] und nicht abwarten muss, bis sich ein Untersuchungsausschuss damit beschäftigt.

Problem: die deutsche Regierung ist offenbar daran Interessiert, die parlamentarische Kontrolle zumindest teilweise einzuschränken. Mit der Datenschutzkontrolle ist es beim BND wohl auch so eine Sache, wie der NSA-Ausschuss von der Datenschutzbeauftragten Frau F. erfuhr. Die scheinbar auch nur mässig bemüht ist, den Zugriff des BND auf bis zu fünf (!) Ebenen entfernte Kontakte von Verdächtigen in Grenzen zu halten.

Wohin das fĂĽhrt, sieht man in den USA an den unter der sogenannten Executive Order 12333 genutzten Befugnisse: maximale Ăśberwachung bei minimaler Kontrolle.

Da wundert es dann wohl auch niemanden mehr, das Unionsausschussobmann Kiesewetter Verständnis hat für das Vorgehen des BND: „ Zur Terrorismusabwehr sei eine möglichst enge Kooperation mit der NSA erforderlich,“ meint er. „Güterabwegung,“ ist hier offenbar der operative Terminus: will man jetzt lieber das Gut der Sicherheit oder das Gut Grundrecht? Man solle das G10-Gestz „so gut wie möglich“ einhalten. „So gut wie möglich“ – und wenn’s nicht geht, geht’s halt nicht.

Im UK scheint der Fall für die Konservativen bereits klar. Innenministerin Teresa May erklärte beim Parteitag der Konservativen schliesslich gerade erst, dass der Terrorismus vor der Tür stünde und man zu dessen Abwehr halt die Grundrechte vielleicht ein bisschen eingrenzen sollte. Überhaupt wollen die britischen Tories ja auch gleich aus der europäischen Menschenrechtskonvention austreten und den Human Right Act abschaffen. Die Engländer kratzt das offenbar wenig: Camerons Partei liegt in Umfragen zum ersten Mal seit zweieinhalb Jahren wieder vorn und die rechtsgerichtete UKIP gewann gerade ihren ersten Sitz im Unterhaus, obwohl Parteichef Farrage der Ansicht ist, man sollte HIV-Positive Migranten an der Einreise ins Königreich hindern.

In Deutschland macht man derweil eh, was man will, ob das nun grundrechtskonform ist oder nicht.

Da wundert es in der Woche der Vergabe des Friedensnobelpreises (nicht an Snowden) dann auch niemanden, dass

sich weder der Friedensnobelpreisträger Europäische Union noch die Mitgliedsstaaten der Europäischen Union, allesamt selbsternannte Horte von Demokratie und Rechtsstaatlichkeit, bereit erklärten, sich auch nur ansatzweise für [Snowden] einzusetzen

– und das seit Beginn des ganzen Schlamassels.

Gerne legt man Snowden zur Last, dass „er Zuflucht in Russland gesucht” hat, nennt ihn Spion, Verräter, FSB-Agent. Brett M. Decker and Van D. Hipp Jr. schrieben (in einem Inbegriff der Lächerlichkeit) gerade erst vom „flotten Terrordreier“ Snowdens mit Putin und ISIS. Da will man nur noch den Kopf auf die Tischplatte legen und weinen.

Nicht nur angesichts der ausgemachten Schwachsinnigkeit von Snowdens Kritikern oder der Rückgratlosigkeit der Regierungen. Sondern auch, weil es schlicht zum Heulen ist, dass niemand einen Zeugen hören oder ihm helfen will, der

den viele Politiker auf Feier- und Gedenktagen als genau den Typus von couragiertem und mutigem Kämpfer für Freiheit und Demokratie feiern würden, wenn er denn entweder bereits verstorben wäre oder aus China oder Russland kommen würde.

Pech für Snowden – und all diejenigen unter uns, denen an wirklicher Aufklärung und unseren Grundrechten gelegen ist – das er aus dem „Rechtsstaat“ USA kommt. Den verärgert man als „Rechtsstaat“ Deutschland nicht. Vor allem nicht, weil man ja selbst fleissig mitgemischt hat bei der Verletzung der – ups! – Rechtsstaatlichkeit.

Immerhin, die deutsche Souveränität ist in der Theorie offenbar doch vorhanden. Leider wird diese von den Regierungen aber offenbar ebenso missachtet, wie die Grundrechte.

In case you hadn’t noticed: the UK government wants to take away your privacy… and some other rights and liberties as well (The Internet is Serious Business #2)

Turkey’s top court this week (miraculously) overturned a law granting tightening internet control. But this is about the only good news about what any government has done this week. I commented last week on the German government’s more or less clandestine attempt at curbing parliamentary oversight.

 

German’s foreign intelligence agency spies… on Germans

This week, German digital rights platform Netzpolitik leaked a report on what members of the German foreign intelligence agency (BND) are not allowed to say in testimony before the NSA inquiry in the German Bundestag. Basically, they aren’t allowed to say anything, not even their names. Which makes parliamentary oversight extremely difficult. Add to that what I wrote about last week – the idea of making certain testimonies by the data security commissioner subject to government approval – and exactly how much oversight can you expect to have left? Very little. Which may, in fact, be in the German government’s and the BND’s best interest. Turns out the BND “has for years passed data on German citizens to the NSA”, despite claiming that “[a]ll data on Germans was… filtered out.” More than that, Germany gave the USA access to a major fibre optic node in Frankfurt, apparently in exchange for a spy base in Bad Eibling and spying tools like xKeyscore. The programme in question is codenamed “Eikonal” some of it is quite possibly illegal and in violation of Germany’s basic law. German MPs knew about the cooperation when it started – and some of them are still MPs today. No wonder the German government is fighting tooth and nail to keep Edward Snowden out of the country.

 

The UK: TPIMs, Banning Orders, Extremism Disruption Orders…er, huh?

Meanwhile in the UK, Home Secretary Teresa May this week had a fair few things to say about national security and about how she plans to address the threat of terrorism which, apparently, is now on all our doorsteps. Now, don’t be alarmed: I have just checked and there is no threat on my doorstep. I’m sure it’s not on many of yours either. And yet, Ms May’s speech is very alarming. Not so much because of the fear-mongering but because of what the Home Secretary herself has threatened, namely to once again push for the Communications Data Bill, dubbed the Snoopers Charter by its opponents.

What this legislative gem does is it requires

Internet Service Providers and mobile phone companies to maintain records (but not the content) of each user’s internet browsing, social media activity, emails, calls, internet gaming, and mobile messaging services

– metadata, basically, which we know by now can be far more revealing than content.

The bill was, in May’s words “torpedoed by the [dangerously irresponsible] Liberal Democrats” when introduced two years ago – her comments sparked a row with Lib Dem leader and Deputy Prime Minister Nick Clegg who demanded an apology.

That’s not all either. The Home Secretary also announced that she would seek to strengthen TPIMs (Terrorism Prevention and Investigation Measures) and introduce Banning Orders and Extremism Disruption orders.

Now TPIMs are a real beauty. While they place individuals under house arrest, curtail freedom of speech without a judge or jury, and – importantly – place individuals under surveillance of their communications data (including content) they are far from effective because none of the evidence so gathered is actually admissible in court – an outdated convention prevents this.

As to Banning Orders, these are intended to ban organisations based on a “reasonable belief” by ministers that the organisation intends

to incite religious or racial hatred, to threaten democracy or if there is a pressing need to protect the public from harm, either from a risk of violence, public disorder, harassment or other criminal acts.

Yes, these could be extremist organisations like ISIS – which is what the Tories are counting on we will automatically think of, I reckon. But they could also be organisations that actually do nothing more than engage in legitimate dissent.

More importantly, note that, “[t]he police would also be given new powers to apply to a court to impose extreme disruption orders on individuals, using the same criteria.”

Now, carefully read the fine print here because immediately this should beckon the following questions:

  • What constitutes “reasonable belief”?
  • Who defines what constitutes a “threat to democracy”?
  • What exactly constitutes “public disorder”?

Given what we have learned over the past 16 months, the mass spying conducted by the NSA, GCHQ, GCSB, BND et. al. could arguably also be called a threat to democracy (it is, after all, in violation of the US and German constitutions). Could government “organisations” engaging in such activity thus be banned under the new orders? Obviously not.

But what about people protesting against the war in Iraq? What about students protesting against tuition fees? If this sounds overblown to you, bear in mind the following: the UK’s Domestic Extremism Database contains people like Green Party Politician Jenny Jones, whose movements have been tracked since 2001 including her

speaking engagements at events including police violence protests, a Stop the War rally in 2007 and a protest against the growing of genetically modified wheat crops in 2012.

Call the Greens extreme tree-huggers if you like but extremists? Surely not. However, if speaking at events like police violence protests or Stop the War rallies lands you on the Domestic Extremism Database then what is to say that the same thing could not make you subject to a Banning Order?

Banning Orders could

result in those targeted being stopped from taking part in public protests, from being present at all in certain public locations, from associating with named people, from using of conventional broadcast media and from “obtaining any position of authority in an institution where they would have influence over vulnerable individuals or children”.

So, correct me if I’m wrong but what the British Tories are proposing basically amounts to further surveillance powers under the Snoopers Charter in addition to further powers to take away people’s civil rights and liberties. At the same time, they are also proposing to withdraw from the European Convention of Human Rights and to scrap the Human Rights Act. Notice a pattern? Yes, same here.

Mind you, May accusing the Lib Dems of causing “a crisis in national security” by opposing the Snoopers Charter also follows a pattern: not too long ago, she asked those opposed to the detention of David Miranda at Heathrow Airport to “think about what they are condoning”(“what” in this utterance equals terrorism). Turns out, Snowden’s leaks have done nothing to help any terrorists – so, naturally, neither have the people involved in them. This was obvious to most reasonable people anyway but it seems that, not only in light of the Tories’ plans, stating the obvious, repeatedly, is necessary.

Bizarrely, the Tories now have the lead over Labour again for the first time in a long while. Does that mean that the majority of British people are actually happy to have their civil rights and liberties infringed? Or do we just not (as I asked in my other post) take any of this security business (internet or otherwise) seriously enough to sit down and actually think about what our politicians are promising threatening to do once elected? Just like withdrawing from the ECHR isn’t just about restoring sovereignty to British courts, ramping up surveillance isn’t just about combating terrorism. It is about control.

Our political leaders know full well that the Internet is serious business. Which could come back to haunt us if we don’t catch up very quickly and – in addition to the fun and games – realise that we need to take the internet and our own security in it much more seriously too. Clearly, trusting government or legislation to solve the problems of the internet for us will only go so far for a number of reasons. Potential government overreach is only one of them. The other is the “dark side” of the internet, if you want to call it that, the side of it that is extremely difficult, if not impossible, to control. At least not if we do not want to clamp down on its positive flipside, internet freedom, as well.

Technology, on the other hand, and encryption in particular, offers some ways of making sure that neither governments nor other evil-doers out there wreak havoc on our lives (for example by leaking our naked photos from our iClouds). It affords individuals a means of protecting themselves against whoever might want to try and grab their data at a time when every single one of us puts far too much of their data out there – inadvertently or not, it has become almost impossible not to. And this goes far beyond social media at a time when most of our electronic devices come with an in-built internet connection or free tracking software. “A phone is a tracking device that also makes calls,” Julian Assange once said. He was neither wrong nor exaggerating.

So instead of attempting the impossible or relying on the improbable, why not take the possible a little more seriously? We may just to do in time to make us all a little safer – and to ensure that the internet remains ours – serious business or not.

The Internet: Just how serious *is* this business? (The Internet is Serious Business #1)

I went to the Royal Court Theatre this weekend to see a play called Teh Internet is Serious Business – and no, I am not incapable of spelling “the” correctly; the error is in the title is intentional.

The utterance itself is of course somewhat ironic and subject of various memes but it seems to make sense to think about it in a little more depth. Or perhaps to consider the question: how seriously are we taking “the business” that is “the internet”?

The answer seems to be: not seriously enough. At least many private individuals don’t seem to. Governments, corporations and cyber criminals are of course an entirely different matter. Once again, this became very clear this week. The issue is complex enough to fill two blog posts so this is the first of two complementary ones, although each of them should make sense without the other.

This first one is going to take a look at the question of how seriously – or not – we as individuals are taking the internet. The second one looks at some developments this week and what they tell us about how seriously others are taking the internet.

So. I went to my first cryptoparty this week (prior to seeing the show at the Royal Court) where I fell in love with TrueCrypt, a wicked little tool that encrypts files and also creates – if you so desire – something called a “hidden volume” (i.e. folder that you can fill with files) that is virtually undetectable. Once again, encryption turned out to be something totally awesome: white magic against the Voldemorts of Cyberspace. But more on TrueCrypt some other time.

What I also learned at that party is that I very certainly have a record in xKeyscore. Not that I hadn’t suspected it but hearing from a crypto expert that something as innocent as signing up for a cryptoparty or googling TOR – which is an innocent thing to do because exercising your right to privacy should not get you placed under surveillance – immediately makes you look suspicious to governments, still made me shudder a little (although that may have been the aircon).

And while I was somewhat surprised by the variety of people at the event, it also confirmed my suspicion that people attending these events already know about encryption and understand its importance. Getting most other people interested in data security is extremely difficult. So essentially, this seems to mean that too many of us simply do not take it seriously enough. What this also means of course that most users do not take the internet seriously enough. Which, in many ways, its fine. We don’t all need to start constantly looking over our shoulders or taking a very strict and ascetic approach to the internet. What is more, the profusion of funny cat videos (there were some at the cryptoparty as well) and miscellaneous memes, invitations to find out your Jedi name or simply photos of people’s babies, pets or parties do not really make the internet – or at least the social media – seem like very serious places at all. And the internet is fun too. So was the Royal Court’s play and it staged the funny side of things very well – the sometimes ridiculous, all-over-the-place, anarchist side of the internet. Yet, the internet is far more than that. At its best, it is a place for sharing information, for opinions, and discussion – an environment that promotes and supports free speech, creativity and invention. That, too, was woven into the production at the Royal Court.

But the positive, light-hearted, ridiculous aspects of the internet can be deceptive. And they may somewhat obscure that fact that the internet is also a global place with no one set of rules or jurisdictions, a free and liberating space but, on the flipside of that, also dangerous: a place of trolling, abuse, viruses, botnets and hazards to free expression and privacy like mass surveillance and censorship.

Given that, as the party host said, we live much of our lives through our electronic devices – our photos, thoughts, communication, music, books are on these devices and not just on social media – our ignorance when it comes to the security of our laptops, smartphones, fondleslabs seems disproportionate. Data security or “having nothing to hide” goes so much further than just putting your photos on social media – that, in fact, may be one of the less revealing things you can do.

Any device that has ever been connected to the internet is potentially a spying tool or a bot, every email ever sent, every file ever stored to a cloud, is likely still out there, even after you’ve deleted it.

Everything you have ever done or said on the internet could come back to haunt you. So much for having nothing to hide: the control any one of us has over their data, their personal stuff and, essentially, their digital (and non-digital) lives, is quite limited. And while we wouldn’t let anyone read the private files we have stored in a folder in our home somewhere or leave our keys under the doormat for anyone to find or use the same key for every single one of our doors, most of us are happy enough to use the same password (i.e. the same key) for any doors we might want to keep locked on the internet, or leave them lying around or make our locks so weak than any half-decent burglar can crack them.

And while it may not seem so to us, the internet is – at the hazard of using a much-reviled term here, literally – “serious business” for many: corporations, governments, criminals. Corporations want our data so they can sell us stuff. Therefore, protecting our privacy isn’t really the most prominent item on their list of priorities. Which makes us vulnerable. Not just to criminals who want our data so they can steal from us but also to governments who want our data so they can always know what we do – and, in the worst case, censor us or punish us when we step out of line. This isn’t just those governments we would immediately think of as oppressive regimes either. We have seen enough evidence of our so-called Western democracies doing the same over the past 16 months: we have found out that we are being spied on on a massive scale. And it was only this week that we found out that, in the UK, the police has used powers under the Regulation of Investigatory Powers Act (RIPA) to spy on journalists and their sources. Meanwhile, in Germany Süddeutsche Zeitung has revealed a close – and in many ways quite possibly illegal – cooperation between Germany’s foreign intelligence agency and the NSA. No one in Germany is likely surprised by this: the German government’s reaction to the Snowden revelations and its obstruction of the NSA inquiry in the German Bundestag (some of which I discussed last week) had long since led to the suspicion that something was not quite right. Turns out, the BND has probably been collecting communications data within Germany (which is illegal) and passing it on to the NSA (just as illegal). We are not surprised. And again: given that our communications are collected and shared like this (illegally or not) our insouciance about securing them seems out of all proportion.

“Not surprised we are being spied on,” we say instead. “Nothing we can do about it.”

Except we can. Since Edward Snowden first leaked troves of information to journalists almost 16 months ago, there have been some positive developments. Silicon Valley corporations are ramping up security for their users. iOS 8 now comes with default encryption. Contrary to what former FBI members may tell you, this isn’t a bad thing. Trevor Timm makes it clear in the Guardian why government and law-enforcement media strategies to denounce default encryption across iOS 8 are misleading – partly because, while a great start, iOS8 encryption is only just that: a start. Apple, as Micah Lee reminds us in The Intercept, still has access to more than enough of its users’ data – iCloud users beware! Partly also because – and this goes back to the beginning of this post – governments shouldn’t demonise as illegal or dangerous perfectly legal and valid attempts at making sure that we can exercise our right to privacy, should we so wish. The fact that they are going to great lengths to do just that should give us pause. And make us reconsider just how serious it all really is.

The Royal Court production managed to make this very clear, as well: as the LulzSec group at the centre of the play hacked increasingly high-profile targets, coming under scrutiny of law-enforcement, the play, too, progressed from its initial noisy, colourful and jumbled hilarity to a much darker and bleaker set-up. Notably, the play skilfully refused to side with – or demonise – any of the groups it portrayed. Instead it managed to convey the fact that things are hardly ever as black and white as any side is trying to make us believe. Governments have a point, as do dissenters. It is logical that law enforcement needs certain powers to stop serious cyber criminality. But is should also be clear that governments have no business abusing that power to stifle legitimate dissent or sensor the internet. People standing up against that are justified (even if their means sometimes aren’t).

Legislation, it has been suggested, is not going to be the answer to the internet’s problems – be they mass surveillance and censorship or cyber criminality and trolling. While we can reasonably expect governments to provide an infrastructure that is as secure as possible, not only has it been revealed that they aren’t doing so, such a thing will also only ever be possible to a certain extent. Tim Berners-Lee seems justified in renewing his call for a magna carta of the internet. Because as it is, there are no common rules or laws governing the global space that is the internet.

Ultimately, what the play also made its audience understand is that the internet is still (and hopefully always will be) a space that cannot be controlled – which makes it a free and liberating but also a dangerous space. And we might all want to take its dangers a little more seriously. In a space where it is just as easy to hide behind anonymity as it is to be stripped of that anonymity, the play seemed to suggest, it may ultimately be up to the individual to protect themselves. Who would, in the real world, constantly rely on the goodwill of random strangers? No one would question the idea that, offline, in addition to having laws and institutions that keep us safe, it is sensible to expect each and every one of us to look after themselves as well. And behave responsibly. We often have little but contempt for people who we believe do not behave responsibly.

Yet we do not seem to have quite understood that the same is true online – and how irresponsible many of us are inadvertently being. Perhaps this because we are allowing the non-serious side of the internet to lure us into if not a false sense of security then at least into the idea that all the internet really is, is a space of perpetuous lulz.