You will probably remember the 'Snoopers Charter' that has appeared and disappeared over the last few years. However, it's now coming back with a vengeance. The new powers will allow the police to look at your browsing history. Internet Service Providers will have to hang onto that information for a full year and hand it over to the police if requested. A straightforward concern comes up here - that's a huge amount of data, and ISPs will have to invest in more computing power to do it, and they're going to pass the cost onto the consumer. The draft bill will also make it legal for the police and other ancillary bodies such as the Home Office and tax officers to hack into your computer. They will be able to pretty much look at anything they want to; the limitation of only looking at 'illegal' sites has been removed. Even more worryingly, the police will NOT require a warrant to do this.
Another point of considerable concern is the desire of the government to look at what you're doing on messaging systems such as What's App and iMessage. This means that end to end encryption will no longer be allowed, since the authorities want to be able to look at what you are saying, who you are saying it to, and when you're saying it. This means that companies would have to include back doors into their encryption software, thus crippling the idea of personal security and privacy. Because if the government can easily hack into your account, it's not going to take long before criminals can do it as well.
There are a whole host of problems with this approach. Chiefly among them is the fact that this won't work. Terrorists are not going to waste their time using popular apps in the first place; there are plenty of other tools out there which they can use to encrypt their conversations. Anyone with any sense is going to start to use resources such as the Tor browser, which means that everything is encrypted, including where you're going and what you're looking at. In order for this to work companies are going to have to agree to create backdoors in order for their software to be used in the UK. It also then leads to a two tier system where a product has to be created twice, and I honestly can't see that happening. However, let's say that it does. When we get visitors to the UK for business or pleasure, are we going to make their delete their existed, encrypted software for the duration of their visit? Or are we going to ask them to surrender their devices when they arrive?
You can't have a 'bit' of encryption. You either have it or you don't. And if you don't want people to have it, you need to go to extraordinary lengths. For example, it's perfectly easy to put software onto a memory chip or USB stick, so are the border officials going to look at every single stick, every single computer, every single smartphone?
This attack isn't just happening in the UK of course - in the United States we're seeing companies such as Apple coming under increasing pressure to provide access to data belonging to individuals. I still have trouble with the idea that otherwise seemingly intelligent people have problem with a simple concept - you either have encryption or you don't.
Comments