The British prime minister, David Cameron, recently re-emphasized his government’s plans to leave “no safe spaces” from UK security agencies’ surveillance.
In parliamentary question time on 29 June 2015 and in the wake of the Tunisia terrorist attack, Cameron answered whether the privacy policies of Google, Facebook, Twitter, and other technology companes were “unsustainable”:
We are urging social media companies to work with us and help us deal with terrorism. Britain is not a state that is trying to search through everybody’s emails and invade their privacy. We just want to ensure that terrorists do not have a safe space in which to communicate. That is the challenge, and it is a challenge that will come in front of the House. We have always been able, on the authority of the Home Secretary, to sign a warrant and intercept a phone call, a mobile phone call or other media communications, but the question we must ask ourselves is whether, as technology develops, we are content to leave a safe space—a new means of communication—for terrorists to communicate with each other My answer is no, we should not be, which means that we must look at all the new media being produced and ensure that, in every case, we are able, in extremis and on the signature of a warrant, to get to the bottom of what is going on.
The above statement is the latest in the Cameron Government’s effort to re-introduce the Communications Data Bill or “Snooper’s Charter Bill”, which will effectively require cryptographic back-doors to be accessible by GCHQ, MI5 and other government agencies.
In response to the move to pass the “Snooper’s Charter”, some technology companies are leaving the UK because of the government’s surveillance plans.
In late May 2015, Blockchain technology firm Eris Industries responded the UK Government’s re-introduction of the “Snooper’s Charter,” by stating that the proposed bill would hurt its business, threatening to move its staff out of the UK, and calling for other technology companies to do the same.
Preston, Eris Industries’ COO and General Counsel, blogged in May:
Eris Industries’ position is that this proposed bill would impinge vital and legitimate business interests of our company. As such we will be relocating staff out of the United Kingdom until further clarity on the provisions of the bill is achieved. We would encourage anyone else who opposes this bill to join us; and another UK startup, ind.ie
In response to Cameron’s latest promise to leave no space safe from government surveillance, Preston indicated that his company had already set up premises in the United States and that Cameron’s words were evidence of the British government’s intention to break into any encrypted communications, or cryptography, on issuance of a warrant signed by a politic leader rather than a judge.
What is not being said here, but should be said, is that the UK government already has a very wide range of powers available to it, such as key disclosure laws which provide for severe custodial penalties for anyone who fails to provide decryption keys when ordered to do so.
Using existing tools, however, requires the government to conduct surveillance which has a specific target, is limited in scope, and is conducted in accordance with an unclassified, judicial warrant under the Rules of Criminal Procedure.
Why centuries-old judicial safeguards should be replaced with political control is beyond me. Why such a proposal should be put forward by the Conservative Party – recalling the occasion when Margaret Thatcher reportedly slammed a copy of Hayek’s Constitution of Liberty on a table before saying, “This is what we believe” at a Conservative Party policy meeting – I find even stranger still.
However, the Guardian’s Cory Doctorow doesn’t believe the “Snooper’s Charter” will be effective in leaving no “space” uncovered or making the UK safer.
There’s really only one kind of crypto that anyone uses: crypto with no known defects. There’s really no such thing as “strong” and “weak” crypto. In the very early days when computation was literally billions of times more expensive than it is today, programmers sometimes used shorter keys to accommodate underpowered computers – but today, the best technical practice is to use keys of sufficient length as to make it impractical for anyone to break them through brute force. “Weak crypto” is like “slightly fatal.”
Doctorow goes on:
It’s a safe assumption that any criminal who represents such an existential threat to the UK as to warrant these measures would be sufficiently motivated to seek out and install working software. Otherwise, the Snooper’s Charter is only proof against lazy and haphazard terrorists. Installing software isn’t rocket science.
There are millions of packages, sites, products and services that have good crypto. Blocking all these sinister dens of iniquity – like Github and Ubuntu and Openssl and Cyanogenmod – makes China’s Great Firewall look trivial by comparison. The Great British Firewall: the bird that catches the spider.
Cameron doesn’t really have public support for the “Snooper’s Charter”. Most Britons believe it is bad value and that the government has not made a case for additional powers of surveillance, according to a YouGov poll.
If passed, the bill would be funded by public expenditure with an estimated to cost around £1.8 billion over 10 years from 2012. YouGov found that 50 percent of the public believe that the UK Government’s draft Communications Data Bill is bad value for money. 71 percent of Britons say they do not trust that the internet usage data collected by government agencies will be kept secure.
The other obvious question is how secure the “cryptographic back-d0ors” will be from abuse by government officials or third party hackers?