Patrice Riemens on Wed, 4 Feb 2015 16:06:32 +0100 (CET)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> Jonathan Zittrain: Tyrants will find the key to the


Original to: - well, forget it! ;-)
(& do yr own research on how to pilfer FT content in the age of paywalls -
applies even if you actually hold a paper copy ;-)


Tyrants will find the key to the internet?s back door
Jonathan Zittrain

Banning strong encryption is no solution to security, writes Jonathan
Zittrain

Sould the citizens of a democratic state be free to communicate over
electronic networks hardened against any government surveillance? To some
the answer will seem obvious: No. Ever since telephony was invented,
solving or preventing violent crime has often involved tapping people?s
phones. When digital networks replaced mechanical exchanges in the 1990s,
governments demanded that they should still be able to listen in.

David Cameron is among those who argue that the advent of the internet
should not upset that apparent balance between security and privacy.
Speaking in January, the British prime minister pointed out that it has
always been ?possible to read someone?s letter, to listen to someone?s
call?, and insisted that he was not ?going to allow a means of
communication where it simply is not possible to do that?. Many understood
him to be taking aim at internet communications services that use
end-to-end encryption, a now-common technology that makes it impossible to
read messages even if they are intercepted in transit.

Many people will agree with Mr Cameron. True, they will say, the state
must respect the rule of law. But they pose a reasonable question: so long
as it does, why should new technology trump its demands for information?
Here are three reasons why it should.

First, while legitimate eavesdropping could be implemented without making
telephones less useful, there is no way of guaranteeing the state
unfettered access to online communications without making the internet
vastly less useful even for lawful purposes.

Traditional telephone systems were run by large companies or governments
themselves. An entire industry was built, in effect, on a single
application: letting people speak at a distance. The experience of using a
phone in 1990 was little different from 1950. Regulating the unchanging
service of a single company can be done without creating much friction.

The internet has evolved in a wildly different way. It supports
applications written by anyone. To restrict how a coder might build an
internet application is to place an enormous weight on slender shoulders.
Every software developer would have to be a professional operation with an
army of compliance lawyers, or risk breaking the rules. In the worst case,
software development would be relegated to a handful of
government-friendly incumbents.

The best case, so far as the advocates of surveillance are concerned,
would be one where software developers avoid the lawyers but give up on
encryption entirely. But this is a nightmare, from the public?s point of
view and even the state?s: it exposes communications to anyone willing to
do a bit of hacking. Telephone eavesdropping never ran such risks. For
anyone other than the authorised agents of the state, it was comparatively
difficult to listen in to someone?s call.
More video

Second, on the internet, enabling surveillance means requiring the people
who build communications apps and services to make sure they are
breakable. But this concession to lawful snoopers would also be a gift to
states that do not embrace the rule of law. For the billions of people who
live in such countries, western technology has offered a rare glimpse of
the freedom to communicate. Authoritarian governments have had to invest
enormous effort in trying to connect with the world while still permitting
censorship and surveillance. If western governments succeed in shaping our
software so that we cannot keep secrets from authorities bearing warrants,
they will also stop people keeping secrets from regimes that do not bother
with formalities.

Third, a more practical point: it is very, very difficult to design a
communications system that allows messages to be intercepted by the
government but otherwise keeps them secure from prying eyes. The chance of
error is high. Then, sensitive information risks falling into the wrong
hands ? a worse outcome than if the communicating parties had not had
access to encryption at all.

I understand the imperative to provide security. It makes sense that the
boundary between state and citizen should be drawn by a democratic process
? not determined by a cat-and-mouse contest between programmers. I
sympathise with the alarm that law enforcers feel when communications
threaten to ?go dark?. But banning strong encryption is no solution.

The internet has been a force for modernity and openness ? exactly what
those who believe in indiscriminate violence despise. We must not build
them a more agreeable network in the name of a short-term imperative to
uncover and prevent their worst.

The writer is a professor of law and computer science at Harvard University
Related Topics


#  distributed via <nettime>: no commercial use without permission
#  <nettime>  is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: http://mx.kein.org/mailman/listinfo/nettime-l
#  archive: http://www.nettime.org contact: [email protected]