The sins of the 90s: Questioning a puzzling claim about mass surveillance

Original Article ↗ Hacker News Discussion ↗

Corporate incentives, liability, and surveillance

  • Several comments argue corporations only invest in security when forced by regulation or liability; “fig leaf” crypto is common.
  • Some suggest strong liability for data leaks (e.g., unique email addresses sold to spammers) as a better motivator than tech alone.
  • Debate over whether weak crypto would have forced better privacy laws or just resulted in more exploitation by both companies and states.

Crypto wars, export controls, and technical history

  • Reminders that 90s export controls targeted export, not domestic use; strong crypto was widely used inside the US.
  • Practitioners describe chilling effects: long waits and strict redistribution rules for libraries, protocol design distorted by ITAR.
  • Others note strong crypto would likely have emerged outside the US anyway, making long-term restrictions unsustainable.

Privacy vs security, metadata, and mass surveillance

  • Strong disagreement on whether metadata is “as bad as” content:
    • One side calls metadata extremely powerful (traffic analysis, social graphs, targeted killings).
    • Another pushes back on claims that metadata can fully reconstruct message content.
  • Some see metadata retention as an acceptable compromise for law enforcement; others stress it can be lethal or politically weaponized.
  • Examples raised: browser/OS phone-home checks, pervasive TLS blocking transparent caching, and the difficulty of avoiding metadata leaks.

Law, policy, and “sins of the 90s” framing

  • Many argue the real failure was not crypto policy but lack of robust privacy rights and meaningful penalties for corporate data abuse.
  • View that technical communities focused on cryptographic security while broader privacy legislation lagged.
  • Others counter that activists and organizations did work on privacy; the problem is political and economic, not technical apathy.

Children online, COPPA, and social harms

  • Dispute over whether allowing under-13s online was socially harmful.
  • Some highlight community and belonging for kids; others focus on liability waivers, predator risks, and parents losing control over minors’ exposure.

DNA, consumer behavior, and attitudes to risk

  • Long subthread on DNA databases: some very worried about future insurance or law-enforcement misuse; others see risks as remote and overblown.
  • Illustrates broader divide: people differ sharply in how they value convenience/curiosity versus long-term, hard-to-quantify privacy risks.

Practical privacy and constrained consumer choice

  • Suggestions: avoid smartphones, smart TVs, social media.
  • Pushback: “dumb” options are scarce or impractical (e.g., smart TVs, app-only services), so “vote with your wallet” is limited.
  • General sense that most people don’t understand or don’t prioritize privacy, making market pressure weak.