I’m writing this immediately after procrastinating by watching the new Bo Burnham special and I gotta be honest some of those bits hit a little harder than I expected, so I apologize in advance if this piece gets a little unhinged at any point — nothing can be done. One Letterboxd review I saw said that the special, ‘Inside,’ which was written, directed, recorded, and edited by Burnham, “is like a tape you find at someone’s home after they’ve committed a terrible act of violence,” which is entirely accurate. It spirals in on itself in much the same way that Burnham describes his own deteriorating mental health until it stops being a comedy special and starts feeling more like some experimental indie film that the Ryerson student you met at Dance Cave won’t stop fucking DMing you about because he doesn't know how else to talk to women.
But that doesn’t mean it’s not good. Like any storytelling medium, a good comedy special introduces themes that are able to hold your attention through to the end, regardless of how abstract the narrative structure may be. In Inside, one of the themes that Burnham establishes early on, and returns to frequently and sometimes explicitly, is the idea that the internet is this sort of mutant parasite that feeds on society and is designed to addict children, entrench exploitative labour practices, and ultimately eliminate the need to even go outside at all, for a number of different reasons.
You didn’t click on the wrong article by the way, I’m not just publishing a review of a Bo Burnham special under a different headline and hoping nobody notices, I’m bringing it up because the perception of the internet that’s illustrated in Inside is one that I feel like is becoming more and more relatable. Horror stories about the inner-workings of digital age titans like Facebook and Amazon combine with rage against the wasted potential of what could have been the greatest populist tool since movable type to create this toxic cocktail of vitriol which manifests in post-ironic socialist memes and bitter dreams of bringing back the guillotine. Bars, by the way.
“If only,” we think to ourselves engulfed in helpless fury at the injustice of it all, “if only anyone had thought to regulate, oh I don’t know, fucking anything, maybe we wouldn’t be in this mess.” Of course, one might argue that all this negativity isn’t really helpful and that the internet we do have is still capable of facilitating incredible acts of generosity, kindness, and progress, to which I would reply “fuck off.”
Especially in the context of the current news cycle, which has been at least partially hijacked by the newest in a long line of reports from the world of the powerful to grace my nightmares. The Pegasus Project is another one of those leaks that a bunch of international news organizations work on for months together before publishing all at the same time in order to maximise the drama — think the Panama or Paradise Papers. This time, the reporting was coordinated through a Paris-based media consortium called Forbidden Stories, with technical support from Amnesty International, and it details the use of a commercially available spyware called Pegasus by multiple governments to target dissident politicians, government officials, journalists, activists, and more.
Pegasus works by infecting a target’s phone through a malicious link, one that’s often personalized to avoid algorithmic and learned spam filters in a process called ‘social engineering,’ but that’s literally it. Once you click the link, whoever is spying on you can turn on your camera and microphone remotely, read your texts, track your calls, log your keystrokes and thereby collect your passwords, and collect your location data. Think of anything you’d be uncomfortable with your hypothetical enemies knowing about you, and Pegasus can probably extract it for them. It’s something that would be scary even if it remained in the hands of spy agencies with a vested interest in controlling technology transfer to states with less deferential attitudes toward the privacy of its citizens, but when it comes to Pegasus, ‘controlled’ is not exactly the word I’d use to describe its distribution.
That’s because Pegasus doesn’t belong to any one state agency. Instead, it’s developed and marketed by a private Israeli cyber-weapons firm called NSO Group, which sells the technology to governments for use against crime and terrorism, but in multiple statements to press and in response to a 2019 lawsuit brought by Whatsapp, NSO Group has repeatedly abdicated responsibility for the things its program has reportedly been used for since its discovery in 2016. I’m not going to go into great detail on that front both because everyone else and their mom has already posted about it and because, well, it’s a spyware. It’s used for spying on people.
That said, there are a few very notable targets who were revealed in the Report that I will list quickly, just so you can get a grasp of the scope of the problem. Pegasus was allegedly used to target murdered Mexican journalist Cecilio Pineda Birto in the month before he was killed; the ex-fiancée of dismembered Saudi journalist Jamal Khashoggi days after he was killed; the daughter of Paul Rusesabagina, Don Cheadle’s character in Hotel Rwanda and government critic currently in custody and in poor health; Indian opposition leader Rahul Gandhi and many other important Indians; and over 300 people in Hungary. The Indian media has already branded the scandal “Indian Watergate,”: which to be honest is a little unfair. I feel like it should be Indian and Hungarian Watergate at the very least.
So that’s a brief rundown of what happened, but because I always have to be different, I’m done talking about the actual report. What I want to focus on is the fact that we’re now at the point where private companies can distribute seriously powerful weapons with zero oversight and basically no due diligence. That would be like if you could just walk into a WalMart and walk out with a whole ass rifle as long as you promise not to shoot anyone. Wait, bad example. That would be like if you could walk into a bomb store and walk out with an armload of hand grenades as long as you promise not to blow anyone up. Yeah that's better.
And that’s really not an exaggeration. The cancerous effects on democracy of spying on journalists and dissidents aside, as we continue to integrate services and infrastructure into the internet of things (IOT), they become more vulnerable to devastating cyber attacks. Granted, the networks governing critical infrastructure are likely to be more secure than your iPhone, but politicians fucking hate funding infrastructure spending (@Texas), and what are the odds they’ll actually listen to the poor nerd that comes into their office and tells them they need to upgrade their 2010-era cybersecurity before a random rogue state overloads all the nuclear reactors in West Virginia with some piece of code it bought to “fight terrorism.”
Commercial surveillance technology has broken into the mainstream in one industry already — policing. Private companies that sell algorithmic policing systems (APS) have already won contracts with several Canadian police services, according to CitizenLab, a Toronto-based nonprofit out of UofT which is considered one of the foremost surveillance watchdogs in the world, and which first discovered Pegasus on human rights activist Ahmed Mansoor’s phone. Calgary Police have used Palantir Gotham, a product of the controversial Palantir Technologies; Vancouver Police uses GeoDASH, which focuses on predicting the location of crime like the fucking Bat Computer; The RCMP hired Babel Street, which sells a sophisticated social media monitoring technology, to compliment the Media Sonar technology used in the terrifying Project: WIDEAWAKE; For three months, Ottawa Police used a facial recognition technology called NeoFace Reveal, which sounds like a shitty two-dimensional villain from Watchdogs; and several Canadian police services “were found to have used or tested the controversial facial recognition tool Clearview AI, which built its technology by scraping 3 billion images from the Internet, specifically people’s photos, without their consent.”
Do I need to explain why letting police departments spend tax money on technology that serves only to deter public participation is a fucking bad idea? The RCMP already spies on activists, I don’t want to know what the Toronto Police would do if they could scrape the socials of housing advocates or pull up facial identification on the homeless people they beat up kick out of parks for no fucking reason. Do you understand what I’m trying to say?
And I’m not alone in my concern for the future of this fledgling ‘industry.’ In 2019, “the United Nations Special Rapporteur on freedom of opinion and expression, David Kaye, called for an immediate moratorium on the sale, transfer and use of surveillance technology until human rights-compliant regulatory frameworks are in place.” No such frameworks have been drafted, but you’ll notice he didn’t say “let’s work on some regulations before things get out of hand,” he said “let’s not sell any more surveillance tech until we can get our shit together.”
He wasn’t hesitant in his reasoning either: “Surveillance tools can interfere with human rights, from the right to privacy and freedom of expression to rights of association and assembly, religious belief, non-discrimination, and public participation.” He went on: “And yet they are not subject to any effective global or national control. [...] States are not alone in their responsibilities. Companies appear to be operating without constraint. It is critical that companies themselves adhere to their human rights responsibilities, including by disclosing their transfers, conducting rigorous human rights impact assessments, and avoiding transfers to States unable to guarantee their compliance with their human rights obligations.”
That’s concerning language, especially from the UN. I didn’t realize these guys were allowed to have opinions this strong, so I feel like we should probably listen to him. Personally, this is the angle I’m most interested in when it comes to privacy rights — how the fuck are we supposed to move forward in an industry where profit is derived from the systematic violation of human rights in order to repress democratic participation? You can’t let a class of technology this impactful blossom in the regulatory Wild West and have it get this far without working something out. Literally anything, because at this rate I’m starting to think that the only way to maintain privacy is to revert to doing all of our important things in the analog, which is absolutely unsustainable under capitalism, or else evolve computer and internet literacy education to the point where society reorganizes around hacking skills like a bad 90s movie.
Regardless, it’s this regulatory apathy that has caused everyone to fucking despise the internet and the tech giants that use it so exploititavely in the first place. We need to end that cycle of letting new frontiers in technology develop in the wild because unfettered capitalism inevitably mutates the newest technologies into poisonous tools of repression. We need to make privacy a political priority, and value privacy in policy discussions with tech companies going forward. We need to even value it above money in those discussions, because as privacy becomes even more of a defining issue in this age, our rights could be all that stand between whatever semblance of freedom we have left and Bo Burnham’s vision of the internet as a technocratic dopamine-slot machine hellscape becoming objective reality.