Patrice Riemens on Wed, 4 Feb 2015 16:06:32 +0100 (CET) |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
<nettime> Jonathan Zittrain: Tyrants will find the key to the |
Original to: - well, forget it! ;-) (& do yr own research on how to pilfer FT content in the age of paywalls - applies even if you actually hold a paper copy ;-) Tyrants will find the key to the internet?s back door Jonathan Zittrain Banning strong encryption is no solution to security, writes Jonathan Zittrain Sould the citizens of a democratic state be free to communicate over electronic networks hardened against any government surveillance? To some the answer will seem obvious: No. Ever since telephony was invented, solving or preventing violent crime has often involved tapping people?s phones. When digital networks replaced mechanical exchanges in the 1990s, governments demanded that they should still be able to listen in. David Cameron is among those who argue that the advent of the internet should not upset that apparent balance between security and privacy. Speaking in January, the British prime minister pointed out that it has always been ?possible to read someone?s letter, to listen to someone?s call?, and insisted that he was not ?going to allow a means of communication where it simply is not possible to do that?. Many understood him to be taking aim at internet communications services that use end-to-end encryption, a now-common technology that makes it impossible to read messages even if they are intercepted in transit. Many people will agree with Mr Cameron. True, they will say, the state must respect the rule of law. But they pose a reasonable question: so long as it does, why should new technology trump its demands for information? Here are three reasons why it should. First, while legitimate eavesdropping could be implemented without making telephones less useful, there is no way of guaranteeing the state unfettered access to online communications without making the internet vastly less useful even for lawful purposes. Traditional telephone systems were run by large companies or governments themselves. An entire industry was built, in effect, on a single application: letting people speak at a distance. The experience of using a phone in 1990 was little different from 1950. Regulating the unchanging service of a single company can be done without creating much friction. The internet has evolved in a wildly different way. It supports applications written by anyone. To restrict how a coder might build an internet application is to place an enormous weight on slender shoulders. Every software developer would have to be a professional operation with an army of compliance lawyers, or risk breaking the rules. In the worst case, software development would be relegated to a handful of government-friendly incumbents. The best case, so far as the advocates of surveillance are concerned, would be one where software developers avoid the lawyers but give up on encryption entirely. But this is a nightmare, from the public?s point of view and even the state?s: it exposes communications to anyone willing to do a bit of hacking. Telephone eavesdropping never ran such risks. For anyone other than the authorised agents of the state, it was comparatively difficult to listen in to someone?s call. More video Second, on the internet, enabling surveillance means requiring the people who build communications apps and services to make sure they are breakable. But this concession to lawful snoopers would also be a gift to states that do not embrace the rule of law. For the billions of people who live in such countries, western technology has offered a rare glimpse of the freedom to communicate. Authoritarian governments have had to invest enormous effort in trying to connect with the world while still permitting censorship and surveillance. If western governments succeed in shaping our software so that we cannot keep secrets from authorities bearing warrants, they will also stop people keeping secrets from regimes that do not bother with formalities. Third, a more practical point: it is very, very difficult to design a communications system that allows messages to be intercepted by the government but otherwise keeps them secure from prying eyes. The chance of error is high. Then, sensitive information risks falling into the wrong hands ? a worse outcome than if the communicating parties had not had access to encryption at all. I understand the imperative to provide security. It makes sense that the boundary between state and citizen should be drawn by a democratic process ? not determined by a cat-and-mouse contest between programmers. I sympathise with the alarm that law enforcers feel when communications threaten to ?go dark?. But banning strong encryption is no solution. The internet has been a force for modernity and openness ? exactly what those who believe in indiscriminate violence despise. We must not build them a more agreeable network in the name of a short-term imperative to uncover and prevent their worst. The writer is a professor of law and computer science at Harvard University Related Topics # distributed via <nettime>: no commercial use without permission # <nettime> is a moderated mailing list for net criticism, # collaborative text filtering and cultural politics of the nets # more info: http://mx.kein.org/mailman/listinfo/nettime-l # archive: http://www.nettime.org contact: [email protected]