A nation of suspects
Bad policies are like counterfeit money: they never quite go away and they ensnare the innocent
It's about a month since the coalition government admitted its plans for the Communications Capabilities Development Programme, and while most details are still unknown, it's pretty clear that it's the Interception Modernisation Programme Redux. The goal is the same: to collect and monitor the nation's communications data. What's changed since 2009 is the scope, which takes in vast quantities of data that have never been kept before and the conditions of storage, which site the data at ISPs rather than GCHQ.
The security policy analyst Susan Landau has written in various places about the fundamental threat to security created by opening a hole (aka, a back door) for law enforcement. A hole is a hole, no matter who it's for, and once it's there it can be used by people it's not intended for. You'd think this would be blatantly obvious. It's like requiring everyone to give the police a copy of the key to their house and/or car.
The justification for all this is modernization: restoring to law enforcement abilities had before the Internet came along and made a mess of everything. (How soon they forget the world of anonymous telephone booths, cash payments, postal mail, and open-air meetings.) The obvious next stage under this logic - if all our online communications are recorded for prospective future study in case we become criminals - would be to demand the same powers over our offline lives.
Yesterday, at the ninth Scrambling for Safety event, Liberty doyenne Shami Chakrabarti raised just this point, asking if the Home Office's goal is to eliminate all unwatchable spaces, online and off. (I note an amusing side effect: such a policy could effectively nationalize the pornography industry.)
CCDP, the MP David Davis said yesterday, would turn us all into "a nation of suspects". Quite so. Though how long anyone will be free to point this out is another question. In 2002, the activist John Gilmore was tossed off a British Airways plane for wearing a small button that said "Suspected Terrorist".
There are all sorts of things wrong with building a system to implement surveillance as standard; Ross Anderson liveblogged the many that were made yesterday. Paul Bernal also has three good blog pieces on the politics of privacy, the infeasibility of securing the data, and why the government keeps getting these policies so spectacularly wrong.
The net.wars back catalogue adds that dataveillance doesn't work and the chilling effect of the amounts of data already available about all of us.
Here, I'd like to pursue an analogy to drug testing in sports. The University of Aberystwyth's Mark Burnley did a good presentation last week for London Skeptics in the Pub; you can hear it at The Pod Delusion.
When it comes to drug testing, athletes are presumed guilty. They must repeatedly prove their innocence by passing drug tests that examine their urine and blood for any of a lengthy list of substances and methods that are banned under rules set down by the World Anti-Doping Agency and that cover all Olympic sports. The result is an arms race between athletes (or more properly, Burnley argues, their coaches and doctors) and the testing authorities. When steroids became detectable they were replaced with new substances and techniques: EPO, insulin, designer steroids, HGH, latterly microdosing. It's the stupid athletes who get caught
All, doping or not, submit to substantial invasions of privacy. Under the "whereabouts" rule, they must identify an hour every day where they can be found; they are held responsible for every substance found in their bodies; missed tests add up to failed tests. You may lack sympathy on the basis that a) they choose to be professional athletes, b) they are rewarded with lots of money and glamor, and c) they're all cheaters anyway.
To counter: for many their choice of specialization was made very young; many athletes who live under these rules are largely invisible and struggling to break even; and the system is failing to catch the cheaters who matter. (That said, what *is* interesting is the exercise of keeping athletes' submitted samples and testing them again years later in the light of improved technical knowledge.) Meanwhile, the huge sums of money in the sports business make it worthwhile to fund research into new, less detectable techniques and the morality plays that surround athletes who do get caught could hardly be bettered as a method for convincing kids that doping is what you need to do to become a winner.
In any event, the big point Burnley made is that the big doping cases that have been broken have been primarily through traditional policing methods. In tennis, Wayne Odesnik did not get caught by doping tests; he got caught by Australian Customs, who found syringes and eight vials of HGH in his suitcase. Similarly, despite what understandably risk-averse politicians would like to believe under the influence of the security services, unfettered data collection will make plenty of ordinary people's lives miserable - but crime will route around it.
Wendy M. Grossman responds to "loopy" statements made by Google Executive Chairman Eric Schmidt in regards to censorship and encryption.
ORGZine: the Digital Rights magazine written for and by Open Rights Group supporters and engaged experts expressing their personal views
People who have written us are: campaigners, inventors, legal professionals , artists, writers, curators and publishers, technology experts, volunteers, think tanks, MPs, journalists and ORG supporters.
Manchester Cryptoparty with FSFE