UK’s Cameron wants Obama to take his side in new crypto war

British Prime Minister David Cameron is reportedly set to ask President Barack Obama to apply pressure to U.S. tech firms that offer fully encrypted communications, to compel them to break the encryption to aid investigations.

Cameron said a few days ago that, if re-elected in May, he will “not allow modern forms of communication to be exempt from the ability, in extremis, with a warrant… to be exempt from being listened to.”

After people drew the logical conclusion that this meant banning communications that use strong, end-to-end encryption, Cameron’s office gave off-the-record briefings claiming he was misunderstood and would not ban encryption or encryption-using internet companies from plying their trade in the U.K., but that he was rather talking about using existing powers and getting communications providers to comply with existing laws.

Nice try. “Getting providers to comply” is in line with what British intelligence chiefs have been calling for – the backdooring of services such as [company]Facebook[/company]’s WhatsApp and devices such as [company]Apple[/company]’s iPhone, to which the companies themselves cannot currently hold the keys. If the companies are forced to do this, it still effectively amounts to banning proper strong encryption, because it would force the companies to abandon or break such technology. (And even if this happens, tools such as PGP that have no underlying company to serve with a warrant will still let people communicate in secret.)

But anyway, this much has been pointed out before — see the earlier crypto wars — and no doubt will again. So Cameron is in Washington on what was meant to be an electioneering “pose with Obama” trip, before its nature was altered by last week’s Paris attacks. According to reports in the Guardian and Wall Street Journal, Cameron wants Obama to “more publicly criticize” Facebook and the like for rendering court orders pointless.

The U.S. Department of Justice also wants backdoors, and it’s trying to use an 18th-century federal law called the All Writs Act to compel Apple to aid criminal investigations involving encrypted iPhones. At the same time, though, Obama is under pressure from the other side. Companies such as Facebook are furious that Edward Snowden’s revelations of NSA surveillance have damaged the image of U.S. tech firms in the eyes of the world and weakened internet security in general – hence the fact that WhatsApp now offers end-to-end encryption to users of its Android app.

According to the WSJ, in addition to urging Obama to pick sides, Cameron also wants companies such as Facebook to “proactively monitor their users to spot budding national security threats.”

The U.K. is already demanding that these companies store and offer up records of users’ communications metadata – a mass surveillance program covering who contacted whom and when, as opposed to the contents of communications that Cameron now wants for targeted investigations. This became part of British law (albeit only until the end of 2016) thanks to the “emergency” Data Retention and Investigatory Powers Act (DRIPA) that was rushed through in July 2014.

The Counter-Terrorism and Security Bill, which is currently going through the legislative process in Parliament, would also compel online communication service providers such as Facebook to keep data showing who used which IP address and at which point in time, so that the U.K. authorities can more accurately identify people who break the law online.

Charlie Hebdo murders are no excuse for killing online freedom

There’s been a predictable split in the reactions to Wednesday’s slaughter of the staff of French satirical newspaper Charlie Hebdo, along with others including police who were trying to protect them. On the one hand, hundreds of thousands of people have rallied in France and across Europe in defiance against those behind this attack on free speech…

… while others have taken a decidedly different tack, using the outrage as a justification for the rolling-back of online civil liberties. This approach was taken by Dan Hodges in the Telegraph, and by the Sun in an editorial arguing that “intelligence is our best defense… yet liberals still fret over the perceived assault on civil liberties of spooks analyzing emails.”

Here’s what Hodges (a well-known admirer of Tony Blair, the British prime minister who was no friend of civil liberties) wrote:

We hear a lot about freedom, and threats to our freedom. We heard about it, for example, when the government asked the Guardian to stop publishing the Snowden files because of the risk to national security. We heard about it last year, when David Cameron announced he was bringing back plans to allow the security agencies to monitor, and retain data on, our electronic communications – the so-called ‘snooper’s charter’. We heard about it in the wake of the Lee Rigby killing, where we [were] told the state would use the murder as an excuse for a further erosion of our liberties.

But those are not real assaults on our freedom. Switch on your TV. You will see and hear what an assault on freedom really looks like…

If one way of stopping obscenities like today is providing the security services a bit more access to our e-mails, we must give it to them. If it means internet providers handing over their records, the records must be handed over. If it means newspapers showing restraint the next time an Edward Snowden knocks on their door, then restraint will have to be shown. Because look who came knocking at the door today.

Hodges must be given credit for at least calling himself a “coward” in that piece, saving time for the rest of us.

I’m not going to go into the rights and wrongs of Charlie Hebdo’s content, much of which I personally found grossly offensive. That, after all, is the publication’s aim – to make points offensively (to a multitude of targets, it should be noted) and to meet calls for restraint with more proud offense. Freedom of expression is an essential civil liberty, not only in France, but across much of the democratic world. It was set out in the Declaration of the Rights of Man and of the Citizen, which emerged from the French Revolution in 1789, and it is today enshrined on an international level in the International Convention on Civil and Political Rights (ICCPR) .

The ICCPR’s signatories, including France, the U.K. and most of the world, have also pledged to ensure that “no one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence.” Yes, this is a right that needs to be balanced against others, most notably the right to security, but arguably no calculation of that balance can justifiably permit mass surveillance.

To quote last year’s report on online mass surveillance by Ben Emmerson, the U.N.’s special rapporteur on the protection and promotion of human rights while countering terrorism:

International human rights law require States to provide an articulable and evidence-based justification for any interference with the right to privacy, whether on an individual or mass scale. It is a central axiom of proportionality that the greater the interference with protected human rights, the more compelling the justification must be if it is to meet the requirements of the Covenant. The hard truth is that the use of mass surveillance technology effectively does away with the right to privacy of communications on the Internet altogether. By permitting bulk access to all digital communications traffic, this technology eradicates the possibility of any individualized proportionality analysis.

Apart from the fact that mass surveillance hasn’t been shown to work – France’s extensive surveillance regime, expanded just weeks ago, clearly failed in this case – it is no way to protect freedom of expression. It is a tool for chilling free speech, of dissuading people from speaking their minds, and the same British government that wants to introduce the “snooper’s charter” is also working to stop its citizens from seeing extremist material online, by getting ISPs to filter out such content. It is cracking down on free expression on social media, leading the police there to tweet things like this:

It forced the Guardian‘s editors to destroy computers holding copies of the Snowden cache with angle grinders, for whatever that was worth. And the Sun, so keen on Blair’s Regulation of Investigatory Powers Act (RIPA) this week, recently made an official complaint about the police using the mass surveillance law to spy on its journalists and their sources in a case that was embarrassing the government.

After a cartoon featuring Mohammed led to the firebombing of Charlie Hebdo’s offices in 2011, editor Stéphane “Charb” Charbonnier famously said: “It perhaps sounds a bit pompous, but I’d rather die standing than live on my knees.”

On Wednesday, Charb died for liberty. To suggest that the correct response is the curtailment of liberty — to effectively argue that terrorism should be met with fearful capitulation — is more offensive than anything he ever published.

Russia reportedly blocks blogs of terrorism analysts

Russia is reportedly blocking blogs that provide independent analysis of jihadi activities. On Monday the Belgian historian, researcher and writer Pieter Van Ostaeyen said his blog, which tracks Islamic State among other extremist groups, had been blocked in Russia. He told (U.S.-funded) Radio Free Europe/Radio Liberty (RFE/RL) that this followed his embedding of an IS video. RFE/RL reported that various other sites by Western analysts covering the same subject matter had met the same fate, and that Russia had even temporarily blocked the video site Vimeo due to the posting of an IS video. Russia recently started cracking down on websites that make “extremist calls” – a policy that the U.K. seems keen to emulate.

UK soldier murder report blames Facebook for not policing users

The Intelligence and Security Committee report into the murder of Lee Rigby claimed that the failure of the firm to alert authorities to the killer’s murderous desires was the “single issue” that stopped MI5 stepping up surveillance on him.

UK to stop its citizens seeing extremist material online

The move comes more than a year after the British government said it would force ISPs to filter out extremist and terrorist material. It seems the ISPs caved in after lengthy negotiations, though details remain fuzzy.

On big data, the Boston Marathon and civil liberties

The FBI has amassed terabytes of data from sources near the terrorist attack that occured during the Boston Marathon. This raises a question about the role crowdsourcing could play in solving some crimes while protecting citizens’ privacy.

An algorithm for tracking viruses (and Twitter rumors) to their source

A team of Swiss researchers thinks it has created an algorithm capable of tracking almost anything — from computer viruses to terrorist attacks to epidemics — back to the source using a minimal amount of data. The trick is focusing on time to figure out who “infected” whom.