Those who do not understand history are doomed to repeat it. And here I am, watching it repeat. This is my third post on this topic. Sorry. But it’s important.
Amber Rudd, the UK Home Secretary, suggested on Sunday that end-to-end encryption is “unacceptable”. She trotted out the usual excuses about terrorism and the need for the security services to be able to spy on everyone unfettered. Far be it from me to accuse her of trying to exploit the recent terrorist attack at Westminster – apparently the attacker may have used WhatsApp. I just want to remind everyone of a few facts:
- Cyber-crime is (at least) a $450bn global industry
- 10% of UK card-holders had to cancel their cards due to fraud last year
- Spear-phishing and whaling attacks – masquerading as a trusted individual to defraud someone – are becoming ever more prevalent
Being able to encrypt our data and communications, especially when combined with digital signatures, is one of the few defences we have against this menace. Encryption is the only thing that gives us any opportunity for trust on the internet. That little lock symbol you see in the address bar when you go to a secure site, like your bank or an internet retailer, is absolutely based on end-to-end encryption. Any backdoor created for the security services will be exploited by cyber-criminals. If you weaken the maths, everyone can crack your code. If you have secret keys, they won’t stay secret. Various politicians seem to be having trouble grasping this simple truth. Ultimately, if you weaken encryption, internet commerce will stop because no-one will be able to trust anything.
It’s also worth pointing out that more than 2.4bn people live in countries whose governments ruthlessly suppress dissident opinion. These are the places that ban encryption. One of life’s great ironies is that a lot of modern encryption technology – including for instance TOR (The Onion Router), which is the main hiding place of the “dark web” of criminality – was originally created or funded by Western security services (notably in the US) precisely to provide a means for dissidents living under oppressive regimes to communicate without fear of state surveillance.
The odd thing is that Ms Rudd read History at university. You’d think that would have given her some insight into the outcomes for states that deny their citizens privacy. You’d also think it would have helped her set the terrorist threat into context. Without in any way diminishing the importance of Wednesday’s victims, let’s try to remember that we in Europe have been living with terrorism, especially in our big cities, since the late nineteenth century. We’re still here, and based on the people I spoke to on Thursday, #wearenotafraid.
Let us once again remember that “if you have nothing to hide, you have nothing to fear” is most commonly remembered from George Orwell’s 1984, which – contrary, apparently, to current government policy – was intended as a warning, not a handbook.