US Intelligence Agencies Angry At France Over Three Strikes; Worried It Will Drive Encryption Usage

from the strange-bedfellows dept

You may recall that, in the fight over the Digital Economy Act in the UK, those who were against the three strikes proposal had an unexpected ally: law enforcement. They were specifically worried that a three strikes plan would lead to more people using encryption, which would make it harder to spy on everyone.

It looks like the same thing happened in France. With Hadopi now underway and sending out its first warning letters, the news is leaking out that US intelligence agencies, like the NSA, "yelled" at the French government over the plan, for the same reason. They know that a three strikes law will only increase encryption usage, making it more difficult to spy on people. For a group that wants to wiretap the internet, that's a problem:
US intelligence agencies are concerned that it will only encourage file-sharers and others to arm themselves with the same encryption tools used by criminal networks, making their job of detecting threats and illegal activity that much harder as the use of such tools goes mainstream.

During a recent cryptography symposium in France they made their concerns known to their French counterparts, taking the time to "yell" at their French counterparts about Hadopi during a coffee break and make it clear that they are not happy.
They think it's wrong to pass legislation to fight the simple, though illegal, exchange of movies and music because it means file-sharers will simply equip themselves with strong encryption tools to avoid detection, and make both the copyright holders and the govt losers in the end.
Some are saying this is why we've never seen any real progress on three strikes laws in the US. Even as the Justice Department and the entertainment industry have a pretty cozy relationship these days, the law enforcement folks recognize that greater encryption makes it more difficult to spy on everyone.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Johnny, Oct 6th, 2010 @ 12:04pm

    Somewhat different I think

    I think it's more a case that encrypted communications, even if they can't be read can still be traced. Someone using encryption may therefore become suspect. When millions of people start to use it for mundane things like file sharing, how do you find suspicious communications? Plus it's not only encryption, a whole new range of technologies will appear to obfuscate or even hide the sources and destinations of data traffic. Spy agencies won't even know who's communicating with each other.

     

    reply to this | link to this | view in thread ]

  2.  
    icon
    Hulser (profile), Oct 6th, 2010 @ 12:05pm

    What's good for spooks is not good for the vice squad?

    So, the government knows that it's better to let stupid criminals use open forms of communication rather than driving them underground where it's harder to monitor them? Maybe the NSA should have a talk with the US attorneys general who are going after Craig's List and explain this simple concept.

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    :Lobo Santo (profile), Oct 6th, 2010 @ 12:18pm

    Re: What's good for spooks is not good for the vice squad?

    Waste of time. Politicians do not understand logic.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Yogi, Oct 6th, 2010 @ 12:19pm

    No doubt

    Human folly and politicians' stupidity and shortsightedness will carry the day.

    Encryption is not a problem,just outlaw it - anyone using encryption is a criminal, after all, if you have nothing to hide - why encrypt?

    So, problem solved.

     

    reply to this | link to this | view in thread ]

  5.  
    icon
    :Lobo Santo (profile), Oct 6th, 2010 @ 12:25pm

    Re: No doubt

    "If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him"
    -Cardinal Richelieu

    I believe you're paraphrasing a very old and debunked argument. Only a totalitarian state with reason to fear its citizens would have any need for such a machination.

    (or my sarcasm detector failed.)
    ; P

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Oct 6th, 2010 @ 12:26pm

    I'm evil

    I intend to encrypt garbage, lot's of garbage. If 9.9999% of the encrypted information is garbage, imagine the resources required to find the 0.0001% that isn't? (insert evil laugh here)

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, Oct 6th, 2010 @ 12:27pm

    Re: Re: What's good for spooks is not good for the vice squad?

    That's because they're immune to logic.

     

    reply to this | link to this | view in thread ]

  8.  
    icon
    A Dan (profile), Oct 6th, 2010 @ 12:34pm

    Re: Re: No doubt

    If your detector failed on that post, you really should get it checked. That one was almost off the end of the scale.

     

    reply to this | link to this | view in thread ]

  9.  
    icon
    A Dan (profile), Oct 6th, 2010 @ 12:35pm

    Re: I'm evil

    I assume you meant 99.9999%?

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Coward, Oct 6th, 2010 @ 12:39pm

    Re: No doubt

    Encryption is not a problem,just outlaw it

    The evil hackers would love it. A lot of today's use of encryption is explicitly to deter them. Wireless encryption, SSL/TLS/HTTPS, SSH, and many others, all created to protect against evil hackers.

    In fact, we do not use encryption enough today. Since most http traffic is not yet encrypted, some evil hackers write malware which hijacks http traffic from other machines on the same network, and injects evil browser exploits into the web pages returned.

     

    reply to this | link to this | view in thread ]

  11.  
    icon
    Jay (profile), Oct 6th, 2010 @ 12:42pm

    Re: Re: Re: What's good for spooks is not good for the vice squad?

    Well the good thing is, we get a +10 on our willsave vs rhetoric.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Oct 6th, 2010 @ 12:42pm

    Re: Re: No doubt

    You... obviously haven't seen this.

    http://www.youtube.com/watch?v=i8z7NC5sgik

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, Oct 6th, 2010 @ 12:51pm

    Re: Re: Re: No doubt

    And I... need to read more carefully. Oh well, the conference is worth it anyway, enjoy.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Michael, Oct 6th, 2010 @ 12:51pm

    Re: What's good for spooks is not good for the vice squad?

    If the politicians understood that logic, they might start using encryption and make it more difficult for the NSA to spy on them.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    yogi, Oct 6th, 2010 @ 1:05pm

    Re: Re: No doubt

    Of course I was being sarcastic. But I'll stop since this isn't the first time I've had my sarcasm completely misunderstood on Techdirt.

    P.S. - I was unfamiliar with that quote.Seems true enough.

     

    reply to this | link to this | view in thread ]

  16.  
    icon
    chris (profile), Oct 6th, 2010 @ 1:07pm

    Re: Re: I'm evil

    I assume you meant 99.9999%?

    while he probably did, even a 10% increase in traffic would mean a significant decrease in the effectiveness of monitoring.

     

    reply to this | link to this | view in thread ]

  17.  
    icon
    A Dan (profile), Oct 6th, 2010 @ 1:10pm

    Re: Re: Re: No doubt

    Nah, don't worry about it, it was obvious. I think there's some sort of internet law that, no matter how over-the-top you are, someone will think you're serious and respond as such.

     

    reply to this | link to this | view in thread ]

  18.  
    icon
    Will Sizemore (profile), Oct 6th, 2010 @ 1:21pm

    I don't think encryption will make a marked difference

    I don't know the technology that governments use to conduct these alleged taps, but I can say with a certain degree of confidence that increasing personal security on the internet by using encryption IS the way to go, but governments will ALWAYS find a way to make that happen.

    Its not exactly the same thing, but does anyone remember the capabilities of the pre-ban Steganos Security Suite? As I understand things, NSA couldn't crack it so the software is banned in the US without some sort of key that NSA can use to see exactly what's in a file.

    Consider an adaptation of Newton's Third Law; To every security measure taken, there is always an equal and opposite measure will be fabricated. Without a lock, who would have created a pick, or better yet; the bolt cutters?

     

    reply to this | link to this | view in thread ]

  19.  
    icon
    Dark Helmet (profile), Oct 6th, 2010 @ 1:25pm

    Re: Re: Re: Re: No doubt

    "I think there's some sort of internet law that, no matter how over-the-top you are, someone will think you're serious and respond as such."

    WHAT!!??? There's a fucking law of the internetz now!!?? Holy goddamn poop sandwich!!!!

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Oct 6th, 2010 @ 1:33pm

    The government easily bypasses encryption by placing keyloggers on whatever devices people use. This isn't a threat AT ALL to their surveillance.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Anonymous Coward, Oct 6th, 2010 @ 1:35pm

    Re: Re: Re: Re: No doubt

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Anonymous Coward, Oct 6th, 2010 @ 1:46pm

    A UK lad has been jailed today for not revealing his password, after sending encrypted data.
    http://news.softpedia.com/news/British-Teenager-Jailed-over-Refusal-to-Reveal-Computer-Passwo rd-159722.shtml

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Anonymous Coward, Oct 6th, 2010 @ 1:54pm

    Re:

    lol

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    out_of_the_blue, Oct 6th, 2010 @ 2:53pm

    Anyone remember back when NSA surveillance wasn't admitted?

    Now they're openly saying it's an over-riding consideration. A de facto police state spying on everything you do on the net, even positioned as *saving* you from 3-strikes rules. Whew. We keep sliding into the rabbit hole, and most now don't even remember last week's lies.

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Anonymous Coward, Oct 6th, 2010 @ 3:11pm

    key:techdirt

    -----BEGIN PGP MESSAGE-----
    Version: PGP Desktop 10.0.0 - not licensed for commercial use: www.pgp.com
    Charset: utf-8

    qANQR1DDDQQJAwL1W4e5xFItBKDSjgEvMYcFg5MwokaorYNjcYc9S8R0gNC2LJ+E
    B1t3bcxyaxjV1gsyy9/+eYOvP mdSQypCMVUAo00wyEFZ2rcsNu4b6AhxTVvk70DW
    LQAEQ+bT3Bj2Xf9xi9e7zcx6D2fZ6HhDv0s0YNVg/peTdj2hLprTAJ/EoKZ yK06T
    SQxsB1RCh13RKyTsl0+WL4R3DC4=
    =O3hP
    -----END PGP MESSAGE-----

     

    reply to this | link to this | view in thread ]

  26.  
    icon
    nasch (profile), Oct 6th, 2010 @ 3:20pm

    Re:

    Keyloggers require actually going to the place where the computer is. It's much cheaper and easier to spy on citizens remotely. Plus they're probably a lot less concerned about actually getting a warrant if they're just intercepting email, without physically trespassing.

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    Anonymous Coward, Oct 6th, 2010 @ 3:54pm

    Re: Re:

    Not necessarily, a keylogger can be deployed remotely and even some governments want to make that legal(France with LOPSI 2).

    SSL can be subverted if you have access to the authority issuer of that key which is easy for the U.S. government because almost all the big ones are in the U.S. so in theory one could send fake updates and say they are the original company.

    But that would be bad for sales if it ever got out in the public, who would buy any piece of American software knowing they could get something nasty from another government.

     

    reply to this | link to this | view in thread ]

  28.  
    identicon
    Anonymous Coward, Oct 6th, 2010 @ 4:13pm

    Re: Re:

    It's much cheaper and easier to drug you and beat the information out of you.

     

    reply to this | link to this | view in thread ]

  29.  
    icon
    BearGriz72 (profile), Oct 6th, 2010 @ 5:26pm

    Re: Re: Re: Re: Re: No doubt

    Thanks!

     

    reply to this | link to this | view in thread ]

  30.  
    identicon
    Anonymous Coward, Oct 6th, 2010 @ 7:43pm

    Re: No doubt

    There are perfectly good reasons for ordinary citizens to use encryption. Lemme see... NDAs, organizing birthday surprises and rallies, trade secrecy, anonymity, etc.

    Besides, your mobile phone calls are encrypted. You'd become an instant criminal if you do use it (with your proposed legislation).

     

    reply to this | link to this | view in thread ]

  31.  
    icon
    MadderMak (profile), Oct 6th, 2010 @ 7:51pm

    Re: key:techdirt

    Oh man - that is so hilarious! Er... on a side note you compromised your key :)

    Where can I find your luggage?

     

    reply to this | link to this | view in thread ]

  32.  
    icon
    Hephaestus (profile), Oct 7th, 2010 @ 12:19pm

    Re: Re: key:techdirt

    "... you compromised your key ..."

    More than likely thats his public key. Using asymmetric key encryption, anyone can encrypt messages using the public key, but only the holder of the paired private key can decrypt the message.

    I hope that helps ...

     

    reply to this | link to this | view in thread ]

  33.  
    icon
    A Dan (profile), Oct 7th, 2010 @ 2:14pm

    Re: Re: Re: Re: Re: No doubt

    Yep, that's the one I was thinking of. Thanks.

     

    reply to this | link to this | view in thread ]

  34.  
    icon
    Derek Kerton (profile), Oct 7th, 2010 @ 4:35pm

    So Sorry

    You can't infringe these people's civil liberties and human rights...that's OUR job!

     

    reply to this | link to this | view in thread ]

  35.  
    identicon
    Bryan Maynard, Oct 7th, 2010 @ 6:04pm

    Re: No doubt

    Please, please let this be sarcasm, if it is not, then you my dear internet user are a fucking idiot.

     

    reply to this | link to this | view in thread ]

  36.  
    icon
    Hephaestus (profile), Dec 21st, 2010 @ 7:02am

    Re: Somewhat different I think

    Welcome to the birth of the MetaNet ...

     

    reply to this | link to this | view in thread ]

  37.  
    icon
    Hephaestus (profile), Dec 21st, 2010 @ 7:15am

    Re: Re: Re:

    "SSL can be subverted if you have access to the authority issuer of that key which is easy for the U.S. government because almost all the big ones are in the U.S. so in theory one could send fake updates and say they are the original company."

    If you gen your own keys it will take a huge amount of resources to crack the encryption.

     

    reply to this | link to this | view in thread ]

  38.  
    icon
    nasch (profile), Dec 22nd, 2010 @ 7:56am

    Re: Re: Re: Re:

    That doesn't solve everything though, because the person you're communicating with is left wondering if the self-signed certificate he's presented with is legitimate. To have really secure communication in that situation requires a trusted outside channel of communication. (if I understand all this correctly)

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This