Ever since Edward Snowden’s revelations on the NSA and GCHQ’s surveillance programs, tech companies have been scrambling to improve their encryption capabilities. Shortly after the general elections, Prime Minister David Cameron announced plans to bring encryption in the UK to a screeching halt.
Current Encryption Policies
As it stands now, in Australia and the UK you can go to jail for not telling law enforcement your password. There are cases in both countries when failure to comply to requests for passwords has resulted in six months jail time or more.
In other countries the penalty is even more stiff. India can imprison you for up to seven years, France up to three years and a $56,000 fine, and in South Africa you can face 10 years or $180,000 fine.
In the US, passwords are classified as ‘knowledge’ and as such, are protected by the Fifth Amendment.
Suggested Policies in the UK
Immediately following the general elections, David Cameron, mentioned taking a hard line against encryption through an Investigatory Powers Bill. It seems his promise is coming to fruition in the coming year.
What David Cameron wants is to “…ensure that terrorists do not have a safe space in which to communicate.”
With this statement he is pointing to applications like WhatsApp, iMessage, FaceTime, and others where end to end encryption is built into the app itself. This encryption prevents those not intended to read the messages from doing so.
This obviously bothers David Cameron on a deep level. He doesn’t like being left out of the loop.
Similar to what happens in any developed country after atrocities- the UK is using attacks to plead to its citizens to give them more surveillance powers. The rhetoric is always the same. It always sounds similar to Cameron when he says, “The question we must ask ourselves is whether, as technology develops, we are content to leave a safe space—a new means of communication—for terrorists to communicate with each other… My answer is no, we should not be, which means that we must look at all the new media being produced and ensure that, in every case, we are able, in extremis and on the signature of a warrant, to get to the bottom of what is going on.”
What it seems David Cameron is asking for is one of two things. Either he wants a back door to be created for law enforcement to be able to peer inside encrypted communications. Or he wants to abolish encryption all together.
The correct response would be, ‘Is he serious?’
The Repercussions of Encryption with Back Doors
The effects of abolishing encryption all together would be far reaching. Encryption makes everything on the internet just a little more safe. Without it, it’s like leaving the doors unlocked to all your property.
Businesses use encryption to store customer information, eCommerce would tank with the inability to encrypt, bank transactions would lose any security they currently have, and whistleblowers and activists that use encrypted apps including PGP (Pretty Good Privacy) would be left out in the open with no cover.
The other scenario that Cameron may be proposing is to create a backdoor to allow the government to monitor communications- complete with a gag order of course. The problem with this is that there is no ‘good’ back door. Any back door created would be just as likely to let people with malicious intent in as it would law enforcement. There is no semi-permeable screen door that would shield against hacker intrusion.
Cameron must know all of this, that’s why the question is- ‘Is he serious?’
What is this really about?
I believe what Cameron, and other world leaders, are failing to grasp is that terrorism is a state of mind- not a tangible thing. It is a belief system that can not be eradicated with any amount of killing or surveillance. When there is a will there is a way- and terrorism is no different. What legislation like this is doing is playing whack-a-mole and infringing on the privacy and the well-being of the whole for minimal gains.
The mistake being made is similar to the mistake the US made when entering ‘The War on Terror’ (read: the Iraq War). Simply invading a country, or citizens’ privacy, will not gain any ground.
This is evident in the themes of classic novels like Fahrenheit 451, The Giver, and 1984. As long as the human mind is able to think there will always be those that diverge from the status quo.
This might sound pessimistic but I consider myself a realist. What society has to understand, is that security is a myth. Safety is not something that is ever really attainable. As hard as we might fight and strive for safety it will always remain a mirage in the near distance, a figment of human imagination.
My question is, why are governments so set on getting into everyone’s messages? Surely encrypted messaging is not the only service that terrorist use. They also use communications that are non encrypted, public transportation, airplanes, they own cars, and have bank accounts. If encrypted messaging is the battle today, then what will it be tomorrow? Facial recognition at every hub of public transportation? Government monitoring of all bank account transactions?
The reach of governments to protect its citizens through infringement of privacy is a never-ending endeavor- much like the ‘war on terror.’
Like I said- I’m a realist. And as such, I can see the good side of things as well. The upside to Cameron’s proposal, that is slated to make an official appearance this fall, is that it’s so ridiculous and would cause such an uproar that it has little chance of passing.
Some companies have already come out and said that they would leave the UK. The aforementioned problems regarding commerce, whistleblowers and activists, as well as encryption being built into many systems today should all be conspicuous pitfalls to Cameron regarding any plans he has to go forward.
The question is- ‘Is he serious?’ Will he double down and push forward with a bill that is doomed to fail or will he cut his losses now.
feature image courtesy of Yuri Samollov via flickr
Share and share alike