The tragic events in Paris recently have quite rightly been derided by many governments of the world but, according to some people at least, the Charlie Hebdo shootings have also presented opportunity out of chaos.
In what the conspiracy-minded sections of the public may point to as a classic case of problem-reaction-solution, moves are already afoot to enhance security in some nations, albeit at the expense of liberty.
Take the UK for example: not so long ago proposals to implement a so-called ‘snoopers’ charter’ were hampered, in no small part due to the revelations of Edward Snowden and the details he leaked about how security agencies have perhaps been overstepping their surveillance remits.
In a clear case of Je ne suis pas Charlie, lawmakers have slipped amendments into the Counter Terrorism and Security Bill currently sitting in front of the House of Lords in draft format. If passed, ISPs would be forced to log ever more detail of their customer’s actions on the internet and that data would be available to law enforcement and security services with even less oversight than there is now.
Here at ExpressVPN we do not much like the sound of that but we are also aware that this latest move is only one of many bizarre and/or draconian moves by PM David Cameron and the UK government of late.
Earlier this month Cameron caused much consternation in security and privacy circles when he announced that the Conservative party will, if re-elected in next year’s general election, put an end to encrypted communications that cannot be read by the nation’s security services, even if they have a warrant in place.
In a speech on Monday 12 January he said:
“In extremis, it has been possible to read someone’s letter, to listen to someone’s call, to mobile communications. The question remains: are we going to allow a means of communications where it simply is not possible to do that? My answer to that question is: no, we must not.”
Interestingly, Cameron hasn’t fleshed his proposal out with the addition of much detail – which may explain some of the erroneous reporting that suggested Snapchat could be included in a possible list of banned, backdoored or otherwise compromised messaging apps (its own guidelines make it clear that it can, under some circumstances, retrieve messages when facing a valid demand from the spooks, despite the supposed self-destructing nature of its service).
Other popular encrypted messaging services such as Chadder, Telegram Messenger, ChatSecure, Surespot, KakaoTalk and Bleep (we’ve written about them previously) may be affected though.
Cameron’s proposed ban would apply to any service that offers true end-to-end encryption of messages including the ultra-popular trio of Whatsapp, iMessage and Facetime.
While it is possible that the bad guys use such services to engage in nefarious plotting, if the technology has been implemented as it should, the service providers will not be in a position to simply hand messages over (Apple’s recent privacy update actually makes it clear that it “doesn’t scan your communications, and we wouldn’t be able to comply with a wiretap order even if we wanted to”.) – making us wonder, therefore, if Cameron’s goal is to get his hands on the data or simply see the back of the services altogether.
But it’s not only social and chat apps that could potentially suffer should the British prime minister have his way – his ideas would likely also apply to privacy enhancing services such as The Onion Router. Tor does of course have quite legitimate uses and is often used by activists, journalists, military personnel and even religious missionaries working in areas where incumbent regimes are less than welcoming of the message they are attempting to spread.
Perhaps the British government thinks all users of the Tor network are enemies of the state whose communications need to be under constant surveillance?
We don’t of course – that’s one of the reasons why we offer our own service – but we do know that people value their privacy, especially since Snowden revealed how governments, including the British, have a penchant for wanting to know more than they need to about those who are guilty of nothing. We also know that many users of encryption and other privacy related tools have quite legitimate reasons that can range from sidestepping overzealous censorship within their countries to keeping themselves safe after falling victim to crime.
But will this new legislation will stop terrorism?
Do you really think terrorists use communication methods that the security services can tap into? No, of course not – if Britain does away with meaningful encryption then the bad guys will find other ways to communicate and only the most stupid and unprofessional of them will pick a means that can be eavesdropped upon whether the spooks have warrants or not.
Thus, the only people who will be subject to further scrutiny of their online communications are the innocent.
That may not bother everyone – London mayor and possible future leader of the Conservative party Boris Johnson said:
“I’m not particularly interested in this civil liberties stuff when it comes to these people’s emails and mobile phone conversations. If they are a threat to our society then I want them properly listened to.”
– but it will affect them, even if they believe they have nothing to hide and hence nothing to worry about.
So what about you?
Are you someone who worries that a future government may attempt to surveil more than it needs to?
And what about the terrorists this notion is supposed to affect? Do you really think they’ll carry on as normal now or will they not find other ways to communicate that the security services cannot tap into?
And what about British business? If the government forces a secret backdoor into all encryption technology then how will they protect their business data, intellectual property and your personal information in a climate that will only encourage the bad guys to find a way to prise that door open for themselves? And if a backdoored company is subsequently breached will it then be fined by the Information Commissioner’s Office (ICO)?
What about those companies that have a business model surrounding the development of encryption technology? There are several in Britain and many are worried – we’ve already heard murmurings from UK tech start-ups that are considering moving their business elsewhere, despite numerous incentives previously provided by the government, including Tech City (aka “Silicon Roundabout”).
We have so many questions but very few answers. David Cameron’s proposals are utterly ridiculous and, we would argue, totally unworkable. They help no-one, not even the security forces which themselves admitted that the Paris hackers were already known to them before the attacks (if they had even more intelligence you could imagine a scenario wherein information overload would actually do more harm than good) and they stand to hurt everyone.