Towards an Anti-Social ContractI've read the David Kaye's report, which I very much like (clarity and precision, but also happen to agree).What is missing? A clear way to measure proportionality, and a social/legal framework to implement judgement of what is a (currently on hold) proposals to replace the European Human Rights proportional way to suspend crypto rights. So for example, the UK's where decisions are made, and replace them with politicians - with a UK Bill of Rights threatened to remove judges as the place Anderson's report makes it plain this is unacceptable (not just and proportional scheme to carryout lawful intercept, the advent of ethically, given conflict of interest, but constitutionally).However, there's a very real threat that without a transparent, fair, intercept. Government agencies need to be persuaded to reduce their really good perfect forward secrecy mechanisms, and better key management in general, will basically mean there will be no feasible (child porn , terrorism organisation, money laundering etc) would mission creep (similar to commercial agencies abuse of personal data) as that would mean legitimate policing of really bad uses of the net simply go completely unchecked.
There's a secondary threat, which is that wholesale monitoring by too: If citizens feel confident that monitoring is only done for good reason, and without weakening out crypto-systems, they may not feel the need to adopt unbreakable systems. Many agencies will result in a massive breach of privacy when should never have had access to 2 Million documents - modern cloud (inevitably) one of those agencies accidentally leaks a collection of monitoring data. This is the other lesson from Snowden (the NSA's internal security procedures were incompetent, in that one person providers do not let their system administrators have such privilege.
This is the balancing act that needs to be created, in my view. and nor should a security agency, and what better way to enforce this, than only to collect necessary and sufficient data in the first place - the needle, not the whole haystack.
A sort of Anti-Social Contract c.f. always on
So maybe we need a new arbiter organisation - a distributed citizenship v. government tie-breaker - not the police, business or the press or current national judiciary - a sort of 7th estate. It should, like the Internet itself, admit of no kings, just working codes of practice. It could manage rights to be forgotten too. It might need to employ some very smart social machines to cope with ddos, edit war, troll, bot farms etc etc