Which Side are You On?

Written by

The Q1 issue’s cover story tracked the so-called ‘cryptowar’ between governments and technology companies, who are, once again, squaring up over encryption.

Whilst a world with no privacy will no doubt appeal to intelligence agencies and governments, the general public is much endeared with the widespread encryption it has come to expect from the web and internet-enabled communications.

The issue has hit headlines once again over the past few weeks, as Prime Minister David Cameron – in the wake of the terrorist attack on the French satirical magazine Charlie Hebdo – decried the use of encrypted communications, noting that messages that “can’t be read” by government should not be allowed.

Predictably, these comments have caused a backlash, and not just from within the infosec industry. Various experts have even gone as far as saying that the proposal is on par with authoritarian regimes such as those in Russia and China, with the potential to economically devastate the British information technology industry.  

Addressing the House of Commons, UK home secretary Theresa May declared: “We have always been clear that the police and security agencies must have the capabilities and powers they need to do their job.” The consequence of such powers being withheld, according to May, would be unpunished crimes, and innocent lives put at risk.

But just how direct is the correlation between enabling eavesdropping via a government-deployed and sanctioned backdoor in all online communications and saving lives?

Assuming that banning encrypted communications will remove the risk of terrorism is naïve at best, and absurd in reality. But if the passing of the so-called ‘Snooper’s Charter’ would minimize the risk, is it worth the sacrifice of privacy? 

But just how direct is the correlation between enabling eavesdropping via a government-deployed and sanctioned backdoor in all online communications and saving lives?Eleanor Dallaway

Personally, I think the question is a redundant one, and not only because privacy is a fundamental human right. Firstly, assuming that the very people that the Communications Data Bill is trying to obstruct will be deterred by the Bill is wishful thinking. In the age of Tor and Blackphone, they will always find another stealthy and untraceable mode of communication.

Secondly, assuming that a backdoor into encrypted communications would aid only the intelligence agencies is incredibly remiss. There is no backdoor that allows only the white hats in.

The UK government must be fully aware that encryption is vital for security, and that their own systems would be left entirely vulnerable without it. Further, their own website – www.gov.uk – recommends that citizens use encryption to protect their data. In light of this contradiction, it’s no surprise that Cameron’s speech has been ridiculed.

Let’s not forget, a great deal of what happens on the internet relies – entirely legally – on encryption, from the online banking industry to communications systems like WhatsApp and iMessage.

It's almost impossible to think of any serious part of the IT industry that doesn't use encryption in a significant way. Encryption is needed to safeguard the population from the exact people that Cameron is trying to ‘protect’ us from with the proposed ‘Snooper’s Charter’. The industry trend is very much towards more, rather than less, encryption. There’s a good reason why smartphones are moving towards default encryption, and why Apple made a great play of this in the launch of its newest iPhone.

The UK's general election is just a few months away and Cameron knows that being seen to come down tough on terrorism could be a vote winner, which is one of the things that annoys me the most about all of this. Exploiting tragic incidents of terrorism to cause a moral panic in order to win votes is highly unacceptable. Furthermore, using the terrorist attack on Charlie Hebdo to deprive individuals and businesses of their freedom to communicate without interference is, in no uncertain terms, a misuse of power.

What’s hot on Infosecurity Magazine?