New South Wales (Australia) recently enacted a new legislation to regulate gun control with the Firearms and Weapons Prohibition Legislation Amendment Bill 2015. It is the first of its kind in that it tries to control digital fabrication of firearms, it aims: "to create a new offence of possessing digital blueprints for the manufacture of firearms on 3D printers or electronic milling machines". Source (PDF)
The recently approved bill in NSW includes a section 25B that defines the "new offence to prohibit the possession of a digital blueprint for the manufacture of a prohibited weapon on a 3D printer or on an electronic milling machine. The offence is to carry a maximum penalty of 14 years’ imprisonment."
We should ask ourselves what the likely impact will be of such legislation. Arguably it may have a symbolical and therefore some deterrent effect, but would it be likely to stop anyone really serious to produce an unregistered firearm?
One first limit of the bill as proposed is the focus on digital blueprints for DIY 3D printing or CNC milling of firearms, which makes one wonder if it is just a consequence of the popularity of those specific technologies in mainstream media. It is true that those specific techniques are those that offer the greatest guarantees to be able to produce (some day) DIY firearms as effective and reliable as traditional ones, even to people without particular manufacturing skills.
However, if the goal is to prohibit the possession of information or instructions for production of DIY firearms (and regardless of one's opinion on such a a goal, in and by itself), targeting blueprints for 3D printing or CNC milling doesn't accomplish much.
Both the Internet and traditional libraries are, in fact, full of blueprints or equivalent resources to make DIY weapons. If having a blueprint to make a DIY firearm with 3D printing on one's computer is a criminal offence, then why making a digital or paper copy of the Web pages returned by a simple web search for DIY guns be any different? See e.g.:
Even if the techniques specifically mentioned in the bill, that is 3D printing and CNC milling, were the only ways to manufacture DIY really dangerous weapons as firearms are, this would not change things much.
Consider that the CNC machines to produce anything from spare parts to custom made designs, from knifes to firearms, are there to buy off-the-shelf or to build yourself, using Open Source Hardware designs and standard, readily available parts. Only the so called lower receiver would currently be the harder part to acquire, as we know that to be available on the market in the USA, but likely not so in Europe. But we can easily assume that sooner rather than later, also these parts will be available in digital formats, to be made with appropriate digital fabrication tools. These kind of machines - CNC mills or 3D printers - are general purpose machine tools and their designs are shared over the Internet through globally sharing communities, like RepRap, a poster child of the Digital DIY and Maker movement. So we can agree that 1) nobody is going to stop the sharing of design files for such general purpose machines and 2) they are evolving every day so even the making of firearms will become easier and the resulting arms better.
Now this bill doesn't target the machines itself per sé, but it targets the "digital blueprint for the manufacture of a prohibited weapon". So we should ask ourself what we can learn from past experiences with a similar purpose. Remember the War on Filesharing Part I, where the copyright industry tried to protect its old business model from people sharing films, software and music. History has shown that the filesharing didn't stop and in fact is now living side by side with commercial online music and video stores (the industry ended up adapting its business model at least partly). Remember also the cryptowars (see here
). Such legal actions have shown one important thing: they are not effective in a distributed network like the Internet.
More concretely, even if laws didn't permit such activity and worldwide campaigns to discourage sharing ("piracy") were waged even in schools (against copying and sharing, which in fact is a basic element of learning), three technical means have enabled to exchange files between peers. First we have BitTorrent, the most advanced p2p filesharing protocol, second we have end-to-end encryption and third we have anonymity services like Tor. These three parts explain why filesharing of any sort of files has not decreased despite all pressure against it, and there is no way to expect it will make files that contain "dangerous information" inaccessible. Possibly it will be a bit harder to obtain such files, but anyone seriously interested will be able to get them.
Besides the limitation to a deterring effect, the referred legislation may do harm. First it doesn't seem to do much good to enforceability and therefore is likely to have a negative impact on the reputation of the police and the judicial system. But there maybe more chilling side effects. This law is still rather specific that it refers to a "prohibited weapon", however the question remains: who gets to decide what information is considered dangerous? When we're dealing with easily recognisable firearm blueprints, then things are clear and undisputed, but what when the components are shared individually? Or when is something considered sufficiently dangerous and illegal? At some point one might be inclined to consider a knife dangerous and thus prohibit designs of such practical tool as well. Generic components can be innocent until they're put together to form a dangerous weapon.
Maybe the bigger problem with that part of that bill is that it includes the concept that, in addition to actually owning, using or doing something dangerous, even the mere act of possessing information or instructions about how to build or do something dangerous is a reason to go to prison. Could a journalist, under that bill, collect documentation to write an article about the dangers of 3D printed weapons? And that isn't even the worst part.
"Information or instructions about how to build or do something dangerous" is everywhere, in all forms and for many uses, both absolutely legitimate, from fantasy novels and trekking manuals to the Unabomber manifesto or Breivik's European Declaration of Independence. Under the principle in that bill, a teacher or parent could not read those texts to figure out how to prepare their children to recognise and reject such madness. Who decides, and how, what is "information about dangerous things or objects" whose mere "possession" deserves inprisonment?
We should acknowledge here that many policymakers unfortunately have little understanding of the technical architecture of the Internet, and/or consider that people's privacy is not something important enough to be guaranteed. In this sense we can appreciate that there is already a war against encryption, since, or before even, Edward Snowden revealed the practices of massively automated spying by the National Security Agency. Since the Paris attacks this month, certain policymakers are lobbying again for the ban of strong end-to-end encryption, so they can continue to expand the surveillance state.
What happens to our right of privacy and anonymity in this ever expanding net of internet communications being constantly monitored and automatically generating profiles on any connected citizen, suspicious of no offence, but suddenly linked to criminals because s/he happened to be on the same public space at the same time?
We are living in a transition from centralised to distributed networks, which has a profound impact on our way of life. Before we were used to live in a nation state with democratically elected governments who were in control of how society works, in tandem with big companies that were in control in "their" markets. Enter the distributed networks, the age of the Internet. Now we are entering an age of uncertainty, first because we don't know yet exactly how we can best organise, and second because there is no single central entity anymore that is in control. We seek new norms to govern our community, new ethics, new rules.
UN Privacy Rapporteur
Joe Cannataci warns about the loss of privacy and the rise of cyberwar: "Cyberspace risks being ruined by Cyberwar and Cyber-surveillance but Governments and other stakeholders should work towards Cyberpeace". About privacy he remarks: "In its modern context, privacy needs to be taken as a fundamental human right, together with two other rights which are freedom of expression and freedom of access to publicly held information. These three rights together are the tripod on which rests an over-arching fundamental right recognized by some countries as the right to free, unhindered development of personality."
For resolving the complex dilemmas of our changing times (of systemic change indeed) let's make sure we think in distributed networks and not in centralised forms of control. We suggest we focus on its main ethical values of freedom and autonomy, sharing and solidarity, sustainability and human dignity (summarised from FKI's core values
). These relate to a moving away from responsibility transferred to central governments or multinational corporations; it means we have to understand the risks ourselves and take responsibility for the things we do, self-organise and work together, bottom-up instead of top-down.
Let's stress here once more that we share the worry for new threats that derive from digital fabrication of guns. But we don't think the legal initiatives such as the bill from NSW in Australia are the most appropriate way forward. If we recognise the systemic changes and the nature of the network society (as defined by Manuel Castells (The Rise of the Network Society, 1996) we are in a better position to conceive of an effective policy answer. A social code or contract based on voluntary adherence would be seem to be more in this direction than a top-down prohibition of filesharing - after all recent history has shown how unenforceable such initiatives are in practice. This could be combined with controlling the distribution of certain critical parts or materials and possible discouraging measures. But prohibiting filesharing on a decentralised network like the Internet is deemed to be ineffective or even counterproductive.