> "The Internet was built in a surveillance-friendly way because governments and serious players in the commercial Internet wanted it that way. There were alternatives at every step of the way. They were ignored."

I find that idea hard to believe for two reasons. First, because I don't think there's any evidence the government ever foresaw the internet coming into widespread civilian use. Second, and more importantly, the structure of the internet is so easily explained by private sector programming culture. Did you know that /etc/passwd originally contained actual plain-text passwords? Is it any surprise that the core internet protocols, which arose in the same era, are based on plain text with no deep authentication, encryption, etc?

Apparently, Google didn't encrypt the traffic between its data centers until news of the NSA undersea tapping broke out. Apparently in its early days, everyone at Facebook had access to user data. The same programming culture that gave us plain-text protocols like SMTP are alive and well today, and the idea that the government had something to do with why the internet is so easy to surveil is hard to reconcile with history.

I don't think that's "culture". It's just pragmatism. Encryption has historically been extremely expensive, both in terms of CPU time and software complexity. Encrypting everything is not a no-brainer walk in the park. Even now most websites aren't using SSL and that's easy to set up.

The openness of the internet to surveillance reflects the fact that stopping governments doing it in secret is really damn hard. Not anything more complex than that.

> Apparently, Google didn't encrypt the traffic between > its data centers until news of the NSA undersea > tapping broke out.

I constantly struggle against my colleagues when it comes to internal use of encryption. These are smart people across diverse organizations/markets. I think it comes down to differing cost-benefit analyses---they think that any internal privacy threats either don't exist or already have access, so why pay the price (usually in terms of administrative overhead) to maintain a crypto layer? Compare it to always locking every door inside your house and having to successively lock/unlock doors as you move between rooms---most people (even myself) would think that the inconvenience of such a scheme would drastically outweigh any security benefits. And so it is with the implementation of strong encryption protocols (not just the right algorithms but also the right methods and practices and use cases) at every level of the computing/networking stack. Ultimately, I think this supports your thesis, that if there's a conspiracy when it comes to commsec, it's a confederacy of dunces.

It depends on what you mean by "built." Internet protocols are not designed to make surveillance easy (or hard, for that matter). So the Internet, in principle, is not built for surveillance.

But the US ISP market, data centers, backbone routers, backbone layer 2 technologies, and the "TV-izing" of the Internet are very friendly to the surveillance state.

A plot from the beginning? Probably not. But do the NSA and other agencies put their thumb on the scales to influence commercial outcomes in their favor - they admit it openly.

I think it probably crossed people's minds from time to time, with some directing their underlying intent for and some directing their underlying intent against, others neutral or ignorant. I don't know whether things like that that guide the construction significantly, or whether it's a law of perpetual averages.

In that case, it doesn't really matter whether it's an explicit plan or an implicit one. Things move with the people. That's why there is supposed to be a system of balancing and checking, at least from what I recall in elementary school.

> I admit it's going into paranoia-land, but that's healthy in moderation.

I prefer to be overly analytical. Paranoia is not my cup of tea.