Information Handling and Disclosure Guidelines

 

The Reason For This Page

What we are attempting to achieve, and the way we plan to achieve it, may potentially garner the interest of powerful adversaries. The Arca Oceanus Project deals with information every day that could prove embarrassing, and even downright dangerous, to our members should it wind up outside of our immediate control. An example of this would be if one of our members was planning an “escape” from an oppressive nation/government, knowledge of which might place him/her in peril if it was learned by the government in question. For this and similar reasons we consider it our duty to protect the information we possess to the maximum extent permitted by technology and the laws to which we are bound.

To that end, we have had to “threat model” some fairly uncommon yet all-too-possible scenarios. We’ve considered dangers that are at once plausible and preposterous, fanciful and realistic, paranoid and predictable. We have tried to take a practical and measured approach to information security without allowing rabid delusions to scrawl “there be monsters here” upon the map of our security framework, and yet we cannot deny the wide range of unlikely yet feasible “attacks” that we must prepare for.

Our concerns arise primarily from the following realizations:

  • We are openly touting our intention to “manufacture” an independent, sovereign nation, comprised of current citizens of other nations. Many if not most of those other nations may not be friendly to this proposition.
  • We are employing advanced psychological testing mechanisms which could reveal potentially compromising information about our members, including inclinations toward behavior which may be considered criminal in some jurisdictions.
  • We respect liberty and champion the cause of freedom; as such we may ultimately defend, and even promote, ideas and ways of thinking that may not always be popular or well tolerated, especially in societies/jurisdictions where freedom is regularly denied.
  • We expect to discover new ways of doing things and subsequently invent new products which could, if we are successful, constitute “trade secrets” that could be worth significant amounts of money to rivals or other outside interests.

An adversary who would take an interest in any or all of these elements will be very powerful and frighteningly difficult to deal with. These might include government agents, corporate spies, computer hackers, etc. No matter the reason for the threat, or from where it might materialize, we feel obligated to protect to the best of our ability any and all information shared with us or gleaned by us regarding our members and their activities, our partners, our projects, and every other aspect of the Arca Oceanus operational framework. We are compelled to adopt advanced methods to secure and protect all of the information to which we are entrusted or exposed.

This page outlines those measures and policies.
 

Legal Obligations Regarding Information We May Become Privy To

The Arca Oceanus Project is committed to obeying any laws to which we are subject. For instance, we are under certain legal obligations to protect our members and the general public from harm. If, by example, one of our members explicitly reveals that he/she has committed a crime which has not been tried and/or punished, or explicitly indicates intent to commit what would constitute a crime in most jurisdictions, we may be obligated to notify appropriate law enforcement authorities. We concern ourselves with this because we perform in-depth psychological testing as part of our recruitment and training regimen, the administration of which has the potential to identify thoughts or behaviors that could be considered criminal.

However, “crime” is a pretty broad word. A person may technically commit a crime if they cross the street outside of a crosswalk, or drive a car above the posted speed limit. We are not qualified to interpret the law; we are not authorized to enforce the law, or act as judge/jury regarding potential transgressions of the law; and we are not knowledgeable about the laws and regulations that may or may not exist in any particular jurisdiction. For these reasons, we will follow the letter of the law as it applies solely in our own jurisdiction, and only as it regards explicit and unambiguous statements a member makes to us regarding anything potentially criminal. We will, for instance, report to law enforcement any situation that in our judgment has or could bring grievous harm to any individual or institution.

The key phrases here are “explicit” and “grievous harm”. A member must make clear to us, in no uncertain terms, that they have done or will do something that can reasonably be assumed to cause or potentially cause “grievous harm”. Without such explicit admission, or the bona-fide potential for real harm, we feel no such obligation and will not voluntarily divulge any information we may possess.

The tests we administer are designed to identify specific psychological characteristics, which may include an inclination toward behavior that might be considered criminal in certain circumstances/jurisdictions; and some of the questions on these tests could potentially be (correctly or incorrectly) construed as admissions to potentially criminal behavior. Again, we are neither qualified to make determinations of “guilt”, nor inclined to do so. Barring a threat that in our judgement is both explicit and grievous, and that we determine to be both credible and likely/imminent, we feel no obligation to divulge any information whatsoever that our tests may ascertain.

We also, from time to time, incorporate “hypothetical” questions into our tests, which are clearly marked as such. We hereby acknowledge and affirm that all questions thusly marked are asked on a purely “what if” basis and all answers are assumed to be hypothetical as well. Under no circumstances will we feel obligated to interpret any answer to any question so marked to be anything more than hypothetical, unless the test-taker specifically and explicitly suggests that his answers are not hypothetical but rather based in reality, and and that the answers provided indicate the possibility that grievous harm has or may come to an individual or institution. In the rare case such information is shared with us, we will handle it following the guidelines established above.

We strongly encourage members to be honest when answering questions on our tests, including those which are marked “hypothetical”. We will protect any information provided by members to the utmost of our ability.
 

How We Store/Secure Information

The Arca Oceanus Project takes information security very seriously. This includes all information elicited from and provided by members, including all personal details and information (like test results and account balances) that may be associated with those details.

All members, upon joining the Project, are assigned an identification number (the AOIdent). This identification number is paired with the member’s “real” information in only one location, a file which is encrypted using the highest grade cryptography algorithms available outside of military/government operations. This file is stored offline and is only accessed via an “air-gapped” computer–one which is not connected to the internet or any other outside network. Access to this file is strictly limited to specific members of the Senior Leadership Council, and then only on an absolute as-needed basis. In this manner it is entirely possible that no one outside of the SLC member in charge of personnel (who would initially input the “real” information to be stored”) would know the actual identity of an Arca Oceanus member throughout the life of the project.

To facilitate communication, the AOIdent is assigned an anonymous email address which is administered by and only accessible to the member. All correspondence between the Project and the member takes place through this email address.

In the event of videoconference or other direct connection where a member’s “real” IP address (or other identity-specific information) could reveal one’s “true” identity or location, measures are taken to limit the visibility of those addresses between members, and no connection logs are kept other than those necessary to facilitate the activity at the time it takes place. Log files that may remain at the close of such a connection are destroyed immediately following the activity.

All account information that is displayed by Arca Oceanus is identified only by the AOIdent. This includes the balance of any Cronus that has been banked, the amount of Accommodation Advance, work assignments which are open (or those which have been completed), etc. There is no connection to a user’s “real” identity available anywhere on our website or within the workings of the Project other than the secured file as detailed above. Members are given the option of assigning a “nickname” to their AOIdent, to add personality/familiarity to things like forum participation, etc., but this is not required and it, too, is not associated with a member’s “real” details unless the member makes it so.
 

Movement of Money and Other Interaction With Banking Institutions

The Arca Oceanus Project has no capability, and no desire, to “hide” banking transactions such as those conducted through PayPal (which is the primary means by which we accept Pass-through Assignment proceeds, and how we issue cash payment for assignments when warranted). It is not in the best interest of the Project or its members to encourage or facilitate monetary shenanigans, so we make no effort to obscure the flow of money between our organization and its members. However, like all other personally identifiable information, the details of a member’s PayPal (or similar) account and all transactions that may involve it are stored encrypted, air-gapped, and apart from the member’s AOIdent. The only central repository of these transactions outside of the secure file held by Arca Oceanus is whatever records may be kept by PayPal or other banking institution, which are subject to their privacy policies and security mechanisms and beyond our control.
 

Warrants, Court Orders, and General Cooperation with Law Enforcement

Until such time as we have boarded our colony vessel, located to international waters, and declared our independence as a sovereign nation, we are bound by the laws that govern the jurisdiction in which we reside. As such we are obligated to cooperate fully with law enforcement, national security agencies, or other properly authorized officials acting on warrants and similar court orders or otherwise conducting lawful business. We will do so to the best of our abilities, as outlined here and proscribed by law.

That said, we believe fully that the right to privacy, including of one’s information and activities, should be treated as the sacred human right that it is. Privacy rights are protected, among other things, by the Constitution of the United States of America and other governing documents worldwide, and it is our opinion that these rights exist even in the absence of such governing documents and even when contradicted by regulations enacted by man against other men. Arca Oceanus respects these natural human rights and will, to the utmost of our ability by law, honor and protect the privacy of those with whom we engage.

We likewise hold that the leaders of men (governments and the agencies that represent them) are responsible for upholding these natural rights, and are quite often obligated to do so by law. Too frequently this trust has been flagrantly and callously abused, illegally and immorally, and such abuse is growing at an alarming rate. In an effort to protect the privacy and sanctity of all communications between the Arca Oceanus Project and any person or agency with whom we interact, while also fulfilling our obligation to cooperate fully as outlined above, we have created and will maintain a WARRANT CANARY, the provisions (and limitations) of which are outlined in the linked document itself. A summary of the document is as follows:

  • The canary will be updated every fifteen (15) calendar days or less, with the date and time of the update and a selection of news headlines taken from the front page of the New York Times website (https://nytimes.com) to confirm that day and time;
  • If the canary is not updated according to this schedule, it should be assumed that The Arca Oceanus Project has been ordered to turn over records or to otherwise violate the privacy of an individual, individuals, or agencies with whom we have interacted or are interacting, and that such violation may be ongoing. It should further be assumed that we may be under a “gag order” of some variety (lawful or otherwise), preventing us from directly acknowledging such an intrusion;
  • Any such assumption should conclude that the entirety of Arca Oceanus (our website, records, and any further communication emanating from anyone purporting to be affiliated with Arca Oceanus/The Arca Oceanus Project) has been compromised and is likely no longer secure.

We are ashamed, humiliated, and frankly disgusted that the failures of our own leaders have compelled us to institute this policy. The laws enshrined in and the rights protected by the Constitution of the United States should never be so callously disregarded or outright ignored as they have been by the very government agencies whose sole mission is to enforce them. Searches and seizures, wiretaps, etc. that are conducted in the absence of a warrant (or via dubiously-acquired warrants) are, we believe, criminal in their own right and should be defended against by whatever means legally and morally available. Our warrant canary is one way in which we attempt to uphold this belief.