Podcasting “When Automation Becomes Enforcement”
Are disappearing messages part of end-to-end encryption, or are they just DRM?
This week on my podcast, I read my recent Medium column, “When Automation Becomes Enforcement,” about the debate of interoperability and end-to-end encryption in the EU’s Digital Markets Act, and how that relates to the long-running battle over who’s in charge: you, or your computer?
When I first encountered the idea of disappearing messages, I thought they were stupid, but I was wrong. I thought that the point of disappearing messages was to let you send secrets to someone you didn’t trust, because the message would disappear and thus be safe.
Obviously, this is stupid. If you send a secret to someone you don’t trust, that untrustworthy person can take a screenshot, or use another device to photograph their screen. Or, you know, they can just remember the secret and blab it. Technology can’t make untrustworthy people trustworthy.
But then I had the other use-case for disappearing messages explained to me: not enforcing agreements about data-handling, but rather, automating them. You and I might trust each other not to blab our mutual secrets, but we might also agree that the best way to keep those secrets from leaking is to delete the record of our conversation.
We understand that we’re both fallible. We know that even with the best of intentions, we might forget to delete our chat logs, and that exposes them to being leaked, or coerced from us. A disappearing messages tool hands “remembering to delete files on a regular basis” — something humans are bad at doing — to a computer, which is very good at this.
The reason I assumed that disappearing messages were designed for the stupid fantasy of trusting untrustworthy people is that there’s a long history of this. Microsoft tried (unsuccessfully) to snuff out rivals to Microsoft Office in the mid-2000s with a product called “Information Rights Management” (IRM).
IRM was DRM for Office files, whose pitch was that you could send a Word doc or an Excel sheet to someone you didn’t trust, and IRM would stop them from…