From the Tor Project’s blog today come “10 Principles for User Protection.” The very first principle is “Do not rely on the law to protect systems or users.” Tor Project developer Mike Perry:

Unfortunately, it is […] likely that in the United States, current legal mechanisms, such as NSLs and secret FISA warrants, will continue to target the marginalized. This will include immigrants, Muslims, minorities, and even journalists who dare to report unfavorably about the status quo. History is full of examples of surveillance infrastructure being abused for political reasons.

[…W]e decided to enumerate some general principles that we follow to design systems that are resistant to coercion, compromise, and single points of failure of all kinds, especially adversarial failure. We hope that these principles can be used to start a wider conversation about current best practices for data management and potential areas for improvement at major tech companies.

Mike Perry’s full list of 10 principles:

  1. Do not rely on the law to protect systems or users.
  2. Prepare and test policy commentary for quick response to crisis.
  3. Only keep the user data that you currently need.
  4. Give users full control over their data.
  5. Allow pseudonymity and anonymity.
  6. Encrypt data in transit and at rest.
  7. Invest in cryptographic R&D to replace non-cryptographic systems.
  8. Eliminate single points of security failure, even against coercion.
  9. Favor open source and enable user freedom.
  10. Practice transparency: share best practices, stand for ethics, and report abuse.

It’s genuinely refreshing to see this sort of thing coming from techies. The danger, of course, is in failing to point out that this is the sort of stuff the marginalized groups Mike Perry mentions have already been saying for generations. This is not a “pat ourselves on the back” moment, white techies. This is a “seriously, what the fuck is wrong with us that it took a Trump electoral victory to get vocal about this super basic stuff. (Spoiler: the answer is white supremacist capitalist patriarchy and all that it entails.)

