The flip side to Prof. Lessig’s famous observation that “code is law” is that law can be made code as well.
Thomas Roessler brings us up to date on the JAP anonymizing proxy, which was forced by court order to compromise its users’ anonymity to track visits to a particular IP address, but has now been restored to anonymizing.
Prior to the court-ordered hack, the proxy offered mixmaster functions, passing each request through encrypted channels to intermediaries so it could not be traced back to its point of origin. While the order was in effect, it added tracking tags to specfic requests. What’s more, the criminal court had ordered the proxy operators not to disclose the investigation. Because the proxy is an open source project, however, other programmers discovered evidence that the system could be tapped and brought it up for public discussion.
Encoded law can be harder to detect than law enforced through traditional means. Depending whether you’re of a mind to call it “investigation” or “surveillance,” you may find that a good or a bad thing, but it challenges ideals of Due Process. If the public doesn’t know the law, they can’t challenge its application to them or others. They may be chilled by a fear of surveillance without knowing when or to whom it is applied. Yet this case demonstrates at least one antidote, in the form of open code. Access to source code lets people determine what coded rules are being applied (or lets them hear from others who have read the code), and thus helps to restore transparency.