It’s something of a cliche among privacy researchers that “anonymity loves company“: Anonymizing mix networks (e.g. Tor) are more secure and more anonymous the more people are using them. Glossing the geekalicious details, the basic idea is lots of different encrypted communications, going to and from lots of different people, get chopped, scrambled, and sent back out again. In effect, they hide in the crowd. This makes it more difficult for a prospective eavesdropper to intercept a particular targeted communication, but it also—perhaps more importantly—deprives the aspiring snoop of crucial important metadata for traffic analysis, which is a huge but neglected component of signals intelligence.
It’s no surprise that privacy advocates tend to be big boosters of these kinds of privacy and anonymity enhancing technologies. Which may be why you seldom hear people make the following policy argument, though it seems (and I’m open to correction by those still geekier than I) at least superficially plausible to me. Adoption of these technologies is likely to be substantially correlated with the general perception that ordinary Internet communications, and perhaps even ordinary encrypted Internet communications, are insecure. Since such networks tend to be slower and somewhat more cumbersome than ordinary secure communications, they will be worth using only to the extent that people are worried about highly sophisticated adversaries capable of doing mass traffic analysis, and perhaps even breaking some commercial encryption. In most cases, that means governments.
Now suppose that both innocent privacy-conscious citizens and ordinary (i.e. non-terrorist) criminals come to believe that governments are able to easily acquire routing information or intercept communications, and that even when such acquisition occurs for intelligence or counterterrorism purposes, that information may routinely be handed over to criminal prosecutors. That is, I think it’s fair to say, increasingly true of U.S. law. One possible result, as people become more cognizant of this, is that you get a lot of innocent or low-priority criminal traffic providing cover for the Serious Bad Guys that intel investigators are primarily worried about. The point can, I think, be generalized from the specific case of mix networks to any type of surveillance that becomes less effective as the number of diverse types of people engaging in patterns of surveillance-evading behavior increases. (And in fact, one place where I have heard a similar argument made is with respect to border control—where the expansion of markets in smuggling people or relatively benign recreational drugs provides both resources and cover for more seriously dangerous contraband.) The counterintuitive result is that if you’re concerned about our ability to spy on a very tiny number of incredibly dangerous people, it may be in your interest to (publicly—but in a democracy that has to mean actually over the long run) adopt more restrictive surveillance policies in order to reassure both innocents and “ordinary” criminals that they need not employ security measures that provide positive externalities to the highest-priority targets.