Designing Anarchist Institutions– Security oriented thinking

So my post yesterday on the grand fall of the term libertarian in the US and my own political views got me thinking… in my work, I’ve been designing and writing billing software that handles and stores credit card information.  As such, everything I write, every rewrite, always has to be done with an eye toward security in the back of my mind.  “How could an attacker use this function I’ve written to exploit some other part of the system?” That kind of thing.

Now for lack of a better term, I’m going to use the term anarchist to describe my goals.  What I mean by this is simply the distrust of concentrations of power wherever they may form, in government, in business, in social structures.  The idea that abuse of power comes hand in hand with power itself and as such it’s in our best interests to limit the amount of power we give.

What I got thinking on was how do you design a strong anarchist institution.  And I realized that it requires the same kind of thinking that goes into trying to write secure software.  In both cases you have people within and without who may try to subvert your system.  And so the system has to be designed to be difficult to subvert. In the case of an anarchist institutions, you need to look at how social dynamics work and information flows and see where power tends to pool up and concentrate, and then change the structure of the organization in order to diffuse that.  When you find power pooling up, it’s important to step back and see if there’s a more general problem you can be looking for everywhere in your organization.  It’s like when you find a new class of security vulnerability, it’s useful to go back and audit everything you’ve done so far with an eye to that class– often, perhaps even usually, you will find other cases that had not yet been discovered.

Ultimately, unanticipated concentration of power has been at the root of the collapse of many anarchist organizations*.  Overall I think that these institutional design issues should be approached with a security mindset.  Of course, the problems are the same as with security– humans aren’t very good at thinking that way.  Like rational thinking, it’s something you have to learn– gut checks don’t work as what seems intuitive to our simian brains is often wrong.

* And yes totally uncited there, and anecdotally I can think of a few cases off the top of my head… some actual research would be interesting, and surely called for first.