Opinion: Renewed call on encryption ban
In the wake of further terrorist attacks in London this week, British Prime Minister Theresa May is calling for internet regulation including the banning of specific applications and encryption in general, which she asserts provide “safe places” for terrorists to interact.
May said: "We cannot allow this ideology the safe space it needs to breed. Yet that is precisely what the internet and the big companies provide. Culture Secretary Karen Bradley said social media companies had successfully taken action against indecent images of children. We now need to see the same response in terms of extremism and radicalisation. We know it can be done and we know the internet companies want to do it."
This approach has been labelled “intellectually lazy” and that any moves to regulate the internet and banish encryption likely to push extremists into the darkest parts of the web.
Encryption is now a base standard for any internet interaction. Messaging applications, online banking, government websites, health information, and a myriad of over services require encryption to protect the privacy of the citizen.
Banning encryption then opens the everyday citizen and web user to a host of potential attack vectors and security holes. While it may remove safe places for terrorists and criminals it also removes safe places for everyone else.
The other option that has been posited is that security services can be given the back-door keys to encryption services. This means that encryption still stands for the most part, however, signals intelligence can come and go as it pleases.
Poorly thought-out strategy
Providing an electronic skeleton key to security agencies is a recipe for disaster. Anyone who seizes that key then has access to the global stage, whether a rogue state or criminals.
The recent WannaCry ransomware debacle proved this. Allegedly, using a security agency tool, hackers modified the payload to cripple computers globally. A weapon supposedly stolen from the “good guys” arsenal was turned on the world.
None of these calls is new. In 2015 then UK prime minister David Cameron called on the US to increase pressure on American internet companies to deny safe places for terrorists to gather.
The US has put pressure on large technology companies in the past few years regardless of Mr Cameron’s call.
The “safe place for terrorists” rhetoric has been repeated ad nauseam in the past 24 months.
It shows a lack of understanding on politicians' part as to how technology works and how it underpins our current society. The politicians seem unwilling, or slow, to learn how tools like encryption support our democracy.
Leading the charge on the UK is the home secretary, Amber Rudd, who has declared that strong encryption is “completely unacceptable” and has been behind the implementation of some of the most draconian surveillance laws on earth under the Investigatory Powers Act.
She was challenged by Ars Technica UK which suggested that it might be easier and have less impact to ban cars.
The reality is that it’s a losing argument and a losing war.
Encryption companies have rocketed since the Snowden revelations and a great deal of money is to be made. It’s a “whack-a-mole” situation where even if you ban one service, another three will spring up to replace them, or, the virtual private networks kick into play.
The dark web itself is still a deeply secure and anonymous area of the web, and while it may not boast the beautiful UI of WhatsApp or iMessage, the same functions can be performed.
All of this leads me to wonder if the “shrink your way to success” and “do more with less” ethos of the 1990s has infiltrated modern signals intelligence.
Has the automation of spying been its death knell?
What we see in large countries is the rollout of data mining tools designed to capture information and patterns in an autonomous manner rather than the older signals intelligence techniques that require human context and insight.
In the 1990 Iraq War Saddam Hussein figured out relatively quickly that most of the military communications were being intercepted by the allies. His response was to revert to motorcycle messengers carrying paper to the frontline and military units.
The point is this, the enemy will always find a way around any constraints on communications.
Shutting down encryption in a modern world is akin to simply turning off the power grid or banning cars.
We need a more elegant solution.