The sins of the 90s

The article critiques a recent NDSS talk that claims lifting 1990s cryptographic export controls enabled today’s mass corporate surveillance. The author, a former activist against those controls, examines the talk’s key assertions: that stronger encryption spurred corporate mass‑surveillance, that the “crypto wars” traded privacy for encryption, and that preserving export restrictions would have prevented the surveillance industry. He argues the talk offers no mechanism or evidence for these claims, ignoring the long‑standing history of corporate‑government surveillance (e.g., IBM’s work with the Nazis, NSA’s early cryptanalytic investments, and 20th‑century data‑sharing programs). He shows that strong encryption has been advocated to protect privacy from both governments and criminals, and that the cypherpunk movement explicitly recognized multiple threats. The cited sources, such as a 2016 thesis, conflate corporate profit motives with privacy goals, but the author demonstrates that these were independent, long‑standing incentives. He also refutes the notion that modern platforms (e.g., Facebook) rely on encryption for dominance, noting early unencrypted connections. Ultimately, he warns that the talk’s narrative creates a false trade‑off, discouraging action against surveillance. He urges readers to focus on concrete policy, transparency, and technical efforts (e.g., anti‑surveillance mandates, funding trails, decentralization tools) and recommends Phil Rogaway’s “The moral character of cryptographic work” for further reflection.