Why David Cameron’s Encryption Ban Doesn’t Make Any Sense
This post originally appeared on Internet Innovators by Rafael Laguna, CEO, Open-Xchange.
Hot on the heels of the Charlie Hebdo attack, David Cameron’s assertion that we “must not” have forms of communication that can’t be listened into or monitored caused quite a stir in the tech industry. The wholesale ban on encryption that he is hinting at will be an initiative that most other countries won’t be keen on trying to implement. The compound effect, if he was successful with such a ban would be so great that privacy and security in the UK would never be the same again.
Prohibition didn’t work in 1920s US and it will not work now; outlawing technologies simply doesn’t really work in practice. Do we really want to create a software black market, where people covertly swap apps like censored books change hands in totalitarian regimes? As for the terrorists, they will always find a way to communicate; those who wish to evade detection will simply employ other evasive techniques while the rest of us suffer from a lack of privacy.
David Cameron’s approach to cybersecurity is unnecessarily severe and points to a lack of technological nous. Attempting to ban encryption is virtually impossible to do; it’s essentially an attempt to ban maths.
Mass surveillance is far from an effective solution for catching terrorists, it’s statistically improbable. Ray Corrigan, a senior lecturer of mathematics, computing, and technology from the Open University argues that by treating everyone as a suspect it will generate so many false leads it will put more pressure on an intelligence service that we are told is already stretched. As Dr. Corrigan puts it: “terrorists are comparatively rare, so finding one is a needle-in-a-haystack problem. You don’t make it easier by throwing more needleless hay on the stack.”
What Mr. Cameron fails to understand, is that encryption with selective backdoors doesn’t exist, there isn’t a backdoor for a government that is guaranteed to stay closed for everyone else. If anything, it will work against the very people it’s trying to ‘protect’ and potentially leave a vulnerable single point of failure, attractive to all hackers.
We are in an age where the Snowden revelations have brought a growing tide of data privacy fears and concerns – a ban will not satisfy the worries of the British public. People are constantly worried about their data being collected; the idea of the government becoming an omniscient presence will undoubtedly threaten the free and open Internet as a result.
The majority of social media and messaging apps are global, it would be astonishing if they were willing to compromise their default encrypted services to comply with new UK laws. Recent research from Open-Xchange has shown people have stopped using online services and apps because the threat of their data being collected far outweighs the benefits they receive. It would be far easier for app developers to shut off service in one country than to risk losing their global users and comprising their services.
Sony being the face of one of the most high profile cyber-attacks in 2014 shows all too painfully the dangers of businesses holding unencrypted content on their servers. Could a UK encryption ban make UK based businesses prime targets for cyber-criminals wishing to extort money in return for not leaking highly sensitive data? Would any security-minded international business consider running data operations out of the UK? The financial services sector that Mr. Cameron so openly courts is unlikely to be impressed with the prospect of the government holding the keys to their data unless there is one rule for big business and one rule for the ordinary plebs.
Mass surveillance and removing privacy rights are tools of suppression unknown to us in the West as they are normally prevalent in dictatorships. A highly paradoxical approach considering Mr. Cameron’s previous insistence of ‘upholding British values’ and not using the internet as means of repression. The West has to show that it has a respectable culture and that it is the 21st-century option to medieval governmental systems – the idea of an unencrypted Internet should be revisited at all costs.
Rather than recreating George Orwell’s 1984 dystopia in an ill-conceived reactionary measure, Mr. Cameron should realize it’s not a lack of access to data that’s preventing better detection of terrorists. As an alternative approach, put more resources into analyzing the data and what to do with the already abundant access they currently have. Our privacy is already being eroded at a startling rate – let’s not let it slip any further.
The author: Rafael Laguna is co-founder and CEO of Open-Xchange, a global leader of web-based communication, collaboration and office productivity software. Sold and delivered through cloud and hosting providers, all Open-Xchange software is also available for free download, ensuring that users keep the choice to move to another provider or run the service on-premise at any time.