Banning Encryption May Sound Absurd, But We Shouldn’t Laugh it Off

Addressing the House of Commons last week, UK home secretary Theresa May announced that, “We have always been clear that the police and security agencies must have the capabilities and powers they need to do their job.” The consequence of such powers being withheld from these agencies, she said, is that, “crimes will go unpunished and innocent lives will be put at risk.”

The powers and capabilities she was referring to are mechanisms and legislation, proposed by PM David Cameron, that would facilitate the legal interception of currently secure, encrypted communications between UK citizens.

In light of this, it’s unclear what the Conservative leadership perceives the “job” of police and security agencies to be. If the capability for universal surveillance is a mandatory, even essential tool, for our police forces, then their job as has taken on a sinister new dimension.

Encrypted messaging, the home secretary would have us believe, is putting innocent lives at risk. But this is another fallacy designed to poison the public perception of such technologies. By her logic, it would follow that a ban on such communications would remove the risk to life posed by those who seek to do us harm. This is clearly absurd and a manipulation of the truth.

The facility for eavesdropping via a government-deployed and sanctioned backdoor in all online communications and financial transactions far over-reaches the bounds of what can be considered democratic. If you don’t agree, then ask yourself why such ‘democratic’ tools should be limited to what you do online and not in the physical world, in your office and home.

Cameron tried to argue that, as physical letters can currently be intercepted lawfully in extreme circumstances, the same should apply to your texts and emails. But this is a moot comparison. The way online communications work is fundamentally different. Imagine, every single time you made a trip to the post box, having a government agent on standby with a legal mandate to ask you to hand that letter over before posting it. We simply wouldn’t accept that.

The people the government is claiming to attack with its proposals are criminals, ie the ones whose modus operandi is to disregard the law and go underground. Surely even Cameron cannot sincerely believe that bad guys won’t find another, surreptitious and largely undetectable means to talk beyond GCHQ’s remit in the age of Tor and Blackphone.

Instead, this announcement portraying encryption as a tool of terrorists should be viewed as just the latest step in the government’s wider anti-privacy agenda. It’s one that should come as no surprise in the post-Snowden world. More revelations emerged this week about GCHQ’s continued abuse of the controversial Regulation of Investigatory Powers Act. The spy agency, Snowden documents reveal, scooped up more than 70,000 emails including many sent by journalists. This is just the latest in a long and tiresome list. But while the general public rolls its eyes and despairs, the fact is that the government shows no signs of diminishing its anti-privacy efforts.

The government can peddle fear, uncertainty and doubt on cybersecurity issues with relatively little backlash. Yes, the tech community can call their bluff, but there is a fairly large bulk of the general public who aren’t able to voice the kind of concern this issue deserves.

Indeed, a recent BBC Radio 5 Live discussion featuring security expert Graham Cluley demonstrates the kinds of attitudes that can prevail when ignorance of the real issues at stake take hold. Cluley’s opposite number on the panel isn’t far from frothing at the mouth. If public opinion can be poisoned against encrypted technologies to the point where they are widely regarded as a tool of terrorists exclusively, then it sets a dangerous precedent for the future of privacy in the UK.

Ignorance and manipulation of the facts in high places is nothing new, but in an increasingly digitized economy and society, it becomes more critical that we have politicians and policy-makers that understand the ethical issues at stake. Tragic incidents of terrorism like those that befell Paris on 7 January must not be politically misused by those in power as an opportunity to deprive individuals and businesses of their freedom to communicate without interference. 

What’s Hot on Infosecurity Magazine?