If even Trump and Bezos can't buy a shred of digital privacy

As we were reminded in recent weeks, even the richest and most powerful individuals in the World, Bezos and Trump, can't buy a device to communicate with their closest associates that is not hackable even by mid-level hackers accessing state-grade tools on the Dark Web.

How is it possible? Is it really such a technological challenge? Anything we can do about it?

Apps can't cut it. Even the most secure messaging apps are wildly insufficient since an app is only as secure as the device it runs on.

While most experts agree with the Israeli company that hacked the "San Bernardino iPhone," it is "hands down" the best device for privacy, it is regularly hacked even by teenage hackers or by researchers.

Okay, then why don't Trump, Bezos and the World's 200,000 ultra-high-net-worth individuals, with $27 trillion in combined assets, buy "military-grade" secure phones and devices that have been sold for decades by the likes of GSMK Cryptophone, Kudelski Security, Crypto AG, etcetera?

Very few do. The market for such devices is a relatively minuscule $4 billion. Few find reasons to trust such devices, which are, therefore, not worth the inconvenience of carrying a second device. Few trust them to do a better job than Apple, which - although it has to manage colossal system complexity - has a greater budget, control of the supply chain, and reputation capital at stake. Plus, lack of transparency and adequate certification bodies do not even allow comparisons among them.

But ultimately, these technical problems could be solved if they were not "by design." In fact, few trust those devices not to share regularly hidden vulnerabilities with certain nations, enabling them to fulfill their crucial mission to prevent terrorist attacks and other grave crimes.

Therefore, every human computing device is hackable even by mid-level hackers - not because we are not technically capable enough - but because we have yet to find ways to transparently reconcile the need for individual privacy and the need for legitimate cyber-investigations.

The problem is even more significant because it is becoming increasingly clear that we cannot choose between freedom and safety.

Recent US presidential elections and Facebook manipulations show how both are needed to safeguard civil freedoms, democracy and peace; and to avoid snooping nations to break their most critical ITs.

Is there anything we can do about it?

Led by the Trustless Computing Association, a few leading nations, enterprises, financial institutions and NGOs have been leading consortium initiatives and a global event series to build new IT security paradigms, an ecosystem and certification body that aim to reliably certify that a given IT system provides radically unprecedented, ultra-high and constitutionally-meaningful levels of trustworthiness while, concurrently, ensuring legitimate offline lawful access.

After five editions - twice in Brussels, once in New York, in Iguaçu and in Berlin, the 6th edition of such event series - Free and Safe in Cyberspace - will be held next April 9-10th in Geneva, Switzerland, in partnership with the UN World Summit on the Information Society and Fusionstartup accelerator - new home to the association and its spin-off startup TRUSTLESS.AI since October 2018.

What if digital freedom and public safety were not a choice of “either-or ", a zero-sum game, but instead a solvable “both or neither” challenge? A challenge that is solvable primarily through time-proven trustless technologies and oversight mechanisms and ultra-resilient and citizen-accountable standard setting and certification governance models?

Rufo Guerreschi

I am a lifetime activist, entrepreneur, and researcher in the area of digital civil rights and leading-edge IT security and privacy – living between Zurich and Rome.

Cart (0)