Former Head of GCHQ Warns Of 'Ethically Worse' Kinds Of Spying If Unbreakable Encryption Is Allowed
from the is-that-a-threat? dept
In their attempts to kill off strong encryption once and for all, top officials of the intelligence services are coming out with increasingly hyperbolic statements about why this should be done. Here's another, this time from a former head of GCHQ, Sir David Omand:
Sir David, who was director of GCHQ from 1996-97, said: "One of the results of Snowden is that companies are now heavily encrypting [communications] end to end.
According to The Bureau of Investigative Journalism, which reported his words from a talk he gave earlier this week, by this he meant things like physical observation, bugging rooms, and breaking into phones or computers. Omand went on:
"Intelligence agencies are not going to give up trying to get the bad guys. They will have to get closer to the bad guys. I predict we will see more close access work."
"You can say that will be more targeted but in terms of intrusion into personal privacy -- collateral intrusion into privacy -- we are likely to end up in an ethically worse position than we were before."
That's remarkable for its implied threat: if you don't let us ban or backdoor strong encryption, we're going to start breaking into your homes. And it's striking that Omand regards eavesdropping on all the Internet traffic flowing in to and out of the UK, or collecting thousands of sexually-explicit webcam pictures, as less reprehensible than a tightly-targeted operation against a few suspects. His framing also implies that he thinks those pesky civil liberties groups will protest more about the latter than the former. In fact, what defenders of privacy and liberty generally want is simply a proportionate response with judicial oversight -- something that is straightforward with targeted "close access" work, but impossible with the blanket surveillance currently employed.
The good news here is that Omand has indirectly confirmed that the current strategy of rolling out strong encryption as widely as possible is the right one. Provided it is not derailed by any government moves to weaken crypto, it will increase the cost of online surveillance, and force intelligence services to return to targeted spying -- which is what they should have done in the first place.