In another move to intensify surveillance, the U.K. has announced the Investigatory Powers Bill which will prevent internet firms such as Apple and Google from offering encryption secure enough to keep the firms themselves from accessing users personal data files. The bill is apparently intended to make the job of law enforcement easier, but many are saying that aside from the security issues that will result from the move, it simply won’t work.
Encryption helps to protect user’s personal information, such as passwords and pin numbers, and U.K. Prime Minister, David Cameron, has been pushing to bring an end to strong encryption for a while now. In what’s been described as a “radical speech” back in January in relation to the Charlie Hebdo attack, he made the statement that there should be no “means of communications” that the U.K. “cannot read.” Even as he spoke these words, he acknowledged that his proposal was “very intrusive,” and yet his fight to weaken encryption continued.
This new bill provides a “backdoor” for obtaining information that is supposed to be secure, enabling government officials to request communications from internet firms. The problem is, as many have pointed out, there is no such thing as “good guy encryption” and “bad guy encryption,” meaning it isn’t possible to develop an encryption system with vulnerabilities that would only permit backdoor access to the “good guys.” The “bad guys” are going to be able to get in too.
The U.S. has also fought to force internet firms to build a backdoor to their products so that law enforcement can conduct more surveillance. In October of last year, FBI director, Jim Comey, expressed fears about things “going dark” because of encryption, and in March it was reported that, in a speech to Congress, Comey was pushing to ban unbreakable encryption, even revealing that the Obama administration might already be working on a law to do just that:
“One of the things that the administration is working on right now is what would a legislative response look like that would allow us… with court process to get access to that evidence.”
The fuss began with Apple’s decision to encrypt iPhones by default, which was a major advancement in cyber security, however Comey argues that since encryption sometimes makes their job harder, it should be outlawed. As those at The Guardian point out, “the idea that all of a sudden the FBI is ‘going dark’ and won’t be able to investigate criminals anymore thanks to a tiny improvement of cell phone security is patently absurd.”
And it isn’t just Cameron and Comey who are attacking encryption. NYPD Commissioner, Bill Bratton, says that encryption “does a terrible disservice to the public.” NSA General Counsel, Stewart Baker, apparently claims the reason Blackberry failed was because of “too much encryption.” Director of Europol, Rob Wainwright, says encryption is “the biggest problem for the police and the security service authorities in dealing with the threats from terrorism,” and the U.K.’s National Policing Lead for Counter-Terrorism, Assistant Commissioner Mark Rowley, says that products which offer encryption are “friendly to terrorists.” All of these arguments are, of course, ridiculous.
World-renowned security expert, Bruce Schneier noted:
“It’s simply not possible to ban strong encryption within a country and software that uses strong encryption from crossing borders. It’s simply not possible to prevent people from installing the software they want on the computing devices they own.” He continues, “It gets draconian pretty fast. U.K. citizens would be banned from using secure software, and U.K. companies be banned from producing secure software. The government would have to enforce internet censorship: people couldn’t download secure software, search engines couldn’t answer queries about secure software, and every packet [of information] would be inspected to ensure it isn’t being encrypted with secure systems… It wouldn’t work, and trying would destroy the internet.”
Many believe the U.K. and U.S. know full well the infeasibility of creating a backdoor encryption system, and are purposefully making a mountain out of a molehill in an attempt to justify a “compromise” to expand surveillance powers. Without strong encryption, the internet becomes more vulnerable and fragile leaving its future uncertain.
This Article (The War on Encryption) is a free and open source. You have permission to republish this article under a Creative Commons license with attribution to the author and AnonHQ.com.
Sources:
Hagemann, Ryan. CapX. Sep 17, 2015. (http://www.capx.co/encryption-the-internet-users-friend-and-the-governments-illusory-bogeyman/)
Moody, Glyn. Ars Technica UK. May 21, 2015. (http://arstechnica.co.uk/tech-policy/2015/05/the-new-war-on-encryption-is-based-on-a-lie/)
Timm, Trevor. The Guardian. Jan 13, 2015. (http://www.theguardian.com/commentisfree/2015/jan/13/banning-encryption-david-cameron-not-safer)
Whitehead, Tom. The Telegraph. Nov 2, 2015. (http://www.telegraph.co.uk/news/uknews/terrorism-in-the-uk/11970391/Internet-firms-to-be-banned-from-offering-out-of-reach-communications-under-new-laws.html)
It won’t work. As we proved at whatreallyhappened.com, it is trivial for anyone with basic programming skills to create new systems of encryption that even the NSA cannot crack! Real criminals and terrorists will have already done this, so banning strong encryption cannot stop them, only make law-abiding citizens’ communications open to spying by the government … and cyber-criminals!