Did David Cameron Just Say He Wants To Undermine All Encryption In The UK?

from the not-thinking-it-through dept

Techdirt has recently reported on New York's top prosecutor calling for laws against strong encryption on smartphones. This is part of a larger move by the authorities on both sides of the Atlantic to demonize this technology, as we noted before. In the wake of the murders in Paris, many of the same politicians and officials have lost no time in calling for more surveillance, again in both the US and Europe. One of those doing so is David Cameron, who said that, if re-elected in the UK general election in May, he would bring in an even more intrusive version of the Snooper's Charter -- one that sought access not just to everyone's metadata, but to the content of their messages too. This is how he phrased it:
The question is are we going to allow a means of communications which it simply isn’t possible to read. My answer to that question is: no, we must not.
Leaving aside the fact that Cameron seems to be saying that he wishes to make privacy impossible and/or illegal in the UK, one key question here is: how does he intend to do this? Neither the UK government nor the Conservative party offered any clarification about this election "promise," which has inevitably led to speculation. For example, The Independent newspaper wrote as follows:
David Cameron could block WhatsApp and Snapchat if he wins the next election, as part of his plans for new surveillance powers announced in the wake of the shootings in Paris.

The Prime Minister said today that he would stop the use of methods of communication that cannot be read by the security services even if they have a warrant. But that could include popular chat and social apps that encrypt their data, such as WhatsApp.

Apple's iMessage and FaceTime also encrypt their data, and could fall under the ban along with other encrypted chat apps like Telegram.
None of those programs was mentioned by Cameron in his speech. But many other news outlets have taken that speculation and reported it as if it were certain; others have interpreted his comments to mean that Cameron aims to ban or perhaps backdoor all strong encryption. It's quite possible that Cameron and his advisers have not thought this through, and simply assume there must be some clever way to give access to the content of encrypted services without undermining them. But as Techdirt has emphasized before, there is no "golden key" that can be used by just the authorities and no one else.

UK services and users can be forced by the Regulation of Investigatory Powers Act (RIPA) to hand over whatever encryption keys they have. Most of the main online services come from US-based companies; some may choose to comply with UK warrants, but others probably won't. And then there is the extremely important class of open source encryption programs -- things like GnuPGP, OpenVPN and Tor: these don't always have companies that can be threatened with legal consequences. So what would Cameron do about those? Make their use illegal for all UK citizens? Even the increasingly-common HTTPS for general web servers is problematic: if they are located outside the UK, there is no way to force them to hand over their keys. So will Cameron forbid people from visiting millions of websites, just in case they allow some form of communication that can't be monitored?

Clearly, trying to implement this scheme will cause huge damage to the British public and to UK businesses, who will be more vulnerable to online attacks. It will also harm the UK economy, since startups with digital products or services will find users in other countries unwilling to use products that have been forced to insert backdoors for the UK intelligence services. And it will further harm the UK's already battered reputation as a civilized country, since Cameron's call to abolish all online privacy goes beyond even the worst oppressive regime (China must be delighted by his speech.)

However, there is a small consolation to be drawn from this extraordinarily stupid and dangerous call by Cameron. The fact that something so controversial is being proposed at all confirms one of the most important points made by Snowden: encryption works.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: backdoors, communications, david cameron, encryption, end-to-end encryption, mobile encryption, privacy, surveillance, uk

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. icon
    John Fenderson (profile), 13 Jan 2015 @ 12:05pm

    Re: Re: Re: Onion encryption

    Yes, this is steganography. And the smarter criminals have been doing this for many, many years since it lets you publicly distribute messages (in newspapers, websites, posters, fliers, etc.) without unwanted people noticing anything suspicious. It even predates computers.

    There are effective methods of detecting such hidden messages, of course, and methods to evade such detection. The crypto cat-and-mouse game never ends.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.