Why Sweden's Plan To Spy On Emails Does More Harm Than Good

from the needle-and-a-haystack dept

There’s been a lot of talk about the proposal from the Swedish government to monitor all emails crossing national borders for certain keywords that could suggest terrorist activity. It’s not surprising that such a proposal would get plenty of attention, but there are a few reasons why it’s simply a bad idea. The difference between this plan (if it’s put into place) and similar efforts in other countries is that most require court order or warrant — which adds a layer of oversight concerning whose content is open to monitoring. When it’s just open ended it’s not at all far-fetched to think that the system will be misused to spy on people who have absolutely nothing to do with terrorist activities. In a free and democratic society, you’re not supposed to spy on those people. A second issue is that the more you make it possible to access and spy on people’s emails, the more likely it is that someone with nefarious intent will also figure out a way to access those emails. Even if the government is made up of saints who will never misuse the information, by opening some sort of backdoor, someone else will figure out a way in — and that’s dangerous for everyone.


The biggest issue, however, concerns just how effective this type of monitoring really is in practice. Doing basic keyword or even contextual filtering will turn up a ton of false positives, making the haystack in which any needles need to be found pretty damn big. This actually makes it even harder to turn up the useful information, since anyone scanning the output becomes accustomed to false positives. The end result isn’t better security, it’s just a ton of excess data. Finally, those who actually are a threat have long known that their emails were open to monitoring, and have long moved on to various systems to hide their intent — whether it’s as simple as using code words or using some sort of encryption software to not using email at all — many of these people aren’t going to simply walk right into such a trap. There are much better means of tracking down and monitoring people who are dangerous to us. Setting up a broad system of monitoring and filtering emails sounds good on paper, but doesn’t do much to make people any safer.


Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Why Sweden's Plan To Spy On Emails Does More Harm Than Good”

Subscribe: RSS Leave a comment
20 Comments
Casper says:

Yeah..

“There are much better means of tracking down and monitoring people who are dangerous to us”

Yeah, but profiling is illegal. Seriously thought, that law was more like a way around warrants. Do you really think they would scan all that mail every day? The first thing they would do is levels of filtering, with key people being very closely monitored… except this way they don’t have to get a warrant.

Geoffrey Kidd says:

One myth, one major weakness

The myth is “The innocent have nothing to fear.” Actually, they have MORE to fear than the guilty because a single mistake can start an avalanche that takes out their whole life. Just ask the man the London police murdered because they were told he was a terrorist.

The major weakness: The malefactors will assume anything they send is being listened to and hide it in a pile of innocent chatter.

John: I think we need to go to the opera tonight.

Adam: Good for me. Meet for dinner and drinks at 8?

Can stand for “We need to [terrorist act] tonight.” “Good for me. [carry it out] at 8?”

Anonymous Coward says:

Why not have all computers equipped with a person that sits next to the machine to monitor all usage? Think of all the crimes and social ills that would suddenly be eliminated:

-terrorism (read all in/out emails)
-child sexual abuse (watch your MySpace usage)
-reckless driving (limit video game usage)
-Internet addiction (limit total online time)
-marital infidelity (monitor craigslist erotic services)
-prevent homosexuality (monitor craigslist casual encounters)
-etc, etc, etc…

Clearly, the computer is destroying our world faster than a Humvee with a bulldozer attachment clearing rain forest.

dorpus says:

Faustian Bargain

So should the government not monitor communications, and be surprised by anarchists who suddenly gather in cities and burn down city blocks, as happened in Copenhagen last week? How about animal rights activists who bomb the houses of scientists and intimidated them into not conducting research, as has happened before? Do we want Earth Liberation Front “activists” surrounding wealthy suburbs with coordinated arson fires, so upper class families are forced to throw babies out of their second floor windows? How about European liberals who plant bombs in McDonalds trash cans, or inject cyanide into Coca-Cola as a “statement” against America? The world is better off if these sickos are stopped before they ever do anything.

Anonymous Coward says:

RE:Faustian Bargain

“So should the government not monitor communications, and be surprised by anarchists who suddenly gather in cities and burn down city blocks, as happened in Copenhagen last week?”

how are these two things connected in any way?! first of all the ‘anarchists’ didnt suddenly gather, they were there for 20 years…

and all the other things, putting bombs in trash etc etc. I highly doubt anyone who is going to do this is going to write an email about it first, unless they are deliberately trying to tip someone off.

deacon says:

re: One myth, one major weakness

“Actually, they [the innocent] have MORE to fear than the guilty because a single mistake can start an avalanche that takes out their whole life. Just ask the man the London police murdered because they were told he was a terrorist.”

Actually, I absolutely agree with the point you’re making, but this conversation is likely to be pretty one-sided….

dorpus says:

Re: Sweden?

What is “neutrality”? Switzerland calls itself a neutral country, but all men are conscripted, and all men keep an army-issue rifle at home. Thus, Switzerland has a higher rate of gun ownership than the USA. It is the world’s premier conduit of questionable money, thanks to an ancient tradition of shady dealings with the nations surrounding it. It has one of the world’s highest heroin addiction rates, while 40% of its electricity comes from nuclear power plants and 60% come from environment-damaging hydroelectric dams. Women were not allowed to vote until 1971, making it more backward than most African countries.

Joe says:

Re: Re: Sweden?

I’d call Switzerland a pretty neutral country. Yes, there army is obligatory for men of a certain age rage, but so what? Army’s are (unfortunately) an important part of maintaining neutrality. Just a week or two ago the Swiss were laughed at when a few guards got lost in bad weather and “invaded” Lichtenstein. This was the largest action the Swiss Army has seen since probably the 17th century.

However, the Swiss also have their Onyx intelligence system which monitors civilian emails in the same way that this Swedish program has been described. So maybe it doesn’t matter so much after all?

GoblinJuice says:

Grow up.

Congrats to Sweden!

Note to the Swedish government: the left-wingers here in America scream, bitch and cry… but they, deep down in their hearts, know the Western governments of the world are – basically – good and want to protect their citizens.

Have a strong back, thick skin and push thru this program. The Left will bitch, but they know it’s for the best.

reed says:

Joe said

“The world is better off if these sickos are stopped before they ever do anything.”

The thing that is sick here is the propaganda you have been spoon fed. Yeah! Lets give all our rights to the rich so they can protect themselves from us?

I don’t agree with “extremists” but the reality is these laws don’t stop there. Soon everyone could be an crazy liberal including you.

According to a recent study by 2020 over 50% of my state (Washington) will have been involved in the prison system. Imprisoning people already accounts for over 80% of my property taxes.

Ask yourself this, do we really want to let our governments find new reasons to imprison people? New reasons to search your private transactions? More reasons to turn you into a criminal and then lock you up in your new prison state?

I will pass on it myself.

Joe says:

Re: Re:

I believe that was dorpus, not Joe.
😉

You’re absolutely right, though. The government should be regulated…I think that’s the point of democracy. But the question of “how far is too far” is quite a tricky one to answer.

You don’t have to be subjugated, though. Take some incentive and change the world! Jeez, haven’t you ever read Nietzsche? You, too, can be an ubermensch!

Anyway, I think if you let democracy run its course through next November we’ll find that you’re not alone in fearing government invasion of privacy.

|333173|3|_||3 says:

PGP

Isn’t PGP a readily available plug in for or included in all recent versions of Outlook, Thunderbird, and other modern mail clients anyway? If I was up to something, I would definitely use it, and good luck breaking it open. Actually, I I could be bothered distributing keys to people, I would use it for normal, everyday stuff, just to cause trouble.
COme to think of it, it would not be too hard to breack public key encryption by using a crib, encrypting a string of data and then testing possible private keys. ONly the first few bytes would need to be tested at first, and that would allow you to get information about possible private keys. Each attempted private key tested would increase the amount of information you have, until you have a only a small set of possible private keys which can be brute-forced. This would probably take a lot less processor cycles than a straight burte-force crack, menaing that it could be much quicker for a government to break open encypted traffic, and maybe make it practical for private criminals to break into HTTPS traffic.

Someone will probably say I should not ahve posted this idea, so I will defend myself now. Basically, the idea of using a crib and computer to provide information about the code used goes back to the the early British Bombes (or possilby even the earlier Polish Bomby), so it is hardly a new idea. Nor is using mathematicall analysis in cryptography. This ida may even be used now, since it is so obvious, but I have not come accross it written up anywhere, so I thought I would post it now.

misanthropic humanist says:

Re: PGP

Yep, this attack has been raised before. It’s a bit like the “Linux security” argument, with so few people using it there is less motive to make it a target. Of course when everybody uses encryption (which they will eventually, mark my words) the incentives change. Then you want a hetrogeneous or highly salted base, moving towards a one time pad model where there is more uniqueness between the two parties.

Interestingly, don’t assume that all governments are afraid of or against encryption. Some forces in government very wisely realise that it’s inevitable and correct. The European commission made a detailed report some time ago giving a point by point recommedation for why encryption should be encouraged and even mandated for civillian communications. It’s only the very sinister, paranoid and insecure but vocal few that want an aymetrical state of affairs. That position reveals itself for what it is without further analysis.

FRED (user link) says:

BUSINESS PROPOSAL

Attn- RE-INVESTMENT.

Dear Sir/Madam,
This may come to you as a surprise, Please know that I am writing you with utmost confidentiality and I hope you treat this email as such.

On October 15, 2001, our client Mr. Hatem Kamil Abdul Fatah who was the deputy governor in Baghdad in Iraq and also business man made a numbered fixed deposit for 12 calendar months, with a value of Four Million Five Hundred thousand pounds in a security Company in Europe
Upon maturity several notice was sent to him, even after the war late last year.
Another notification was sent and still now no response came
from him.We later find out that the Governor has been assassinated in Baghdad.
The websites below is a verification of the news about his death:
http://news.bbc.co.uk/go/pr/fr//1/hi/world/middle_east/3970619.stm
http://www.uslaboragainstwar.org/article.php?id=6979.

After further investigation it was also discovered that Mr. Hatem Kamil Abdul Fatah did not declare any next of kin in his official papers including the paper work of his bank deposit. And he also confided in me the last time he was at my office that no one except me knew of his deposit in this firm.According to the British Law, under foreign and defense affairs, at the expiration of 7(seven) years, such funds will revert to the ownership of the British Government account for financing military operations, such as purchasing of arms and ammunitions for the military.

In order to avert this development, I will like to seek for your permission as a foreigner to stand as the next of kin to Mr. Hatem Kamil Abdul Fatah so that the fruits of this old man’s labor will not be use for financing weapons which will further enhance the courses of war in the world in general.The money will be paid into your account for us to share in the ratio of 60% for me and 30% for you and 10% for Expenses Incurred in the course of the transaction.
If you are interested, please reply immediately.

On acceptance to assist us, you will be required to travel to Europe to meet with the Security Company to take delivery of the Consignment in your capacity as the Beneficiary.
We will give you further details on the take over proceedure.
There is no risk involved whatsoever as everything has been perfected to ensure a hitch free transaction.

We shall have to sign a working agreement with you in the
form of a Memorandum of Understanding (MOU) to protect both parties in this transaction.
Awaiting your urgent reply.

Thanks

Hinklemann Fred

EMAIL

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...