The Pincer Movement Against Security
While two of the Vice journalists who were recently arrested in Turkey and charged with terror offenses have now been released, this remain a deeply concerning incident.* It is the latest episode in what is a pincer movement against our right to protect our data.
Two British journalists and their Turkey-based Iraqi translator working for VICE News were arrested last Thursday and charged with "engaging in terrorist activity". According to Turkish authorities, one member of the group had an encryption system installed on his computer that is often used by the Islamic State of Iraq and the Levant (ISIL).
The first 'Crypto War' was seemingly won a generation ago by privacy advocates. The US Government did not want the public - in the US or anywhere - to be able to encrypt data that the Government couldn't then decrypt. They rightly lost that battle, but the war does continue to this day. What has just happened in Turkey is just the latest in a recent set of salvos by Governments against encryption and user's ability to control who has access to their information. There are parallels with David Miranda's arrest in 2013 under the UK's Terrorism Act 2000. The partner of journalist Glen Greenwald, Miranda's alleged use of encryption to protect vital whistleblower revelations meant he could be arrested under terrorism legislation.
Arresting people for protecting their data is sending out a very disturbing message that people are guilty until they prove themselves innocent. Governments who are the most vociferous proponents of surveillance tend to be those those that treat everyone as a suspect. The natural conclusion of their 'if you have nothing to hide you have nothing to fear’ rhetoric is that we will all have to leave our precious data unprotected, open, insecure. That will make us vulnerable not only to Government snoopers, but any cyber criminal who wants to steal our data for their personal gain.
The movement to stifle and subvert the ability of people to use encryption and protect their personal data is not unique to Turkey. We've seen repeated statements from leading government officials about wanting so-called “back-doors” to our secure communications. FBI Director James Comey has been pushing for back-door access to secure communications, repeatedly saying that there must be a way to allow access to law enforcement, while simultaneously preventing nefarious foreign actors from gaining access to our data and communications. Director Comey is not a software engineer and has failed to rally Silicon Valley technicians behind this idea.
Encryption is often portrayed as tantamount to hiding criminality. In a recent op-ed in the New York Times, the Manhattan District Attorney, The Paris Chief Prosecutor, the Commissioner of the City of London Police and the Chief Prosecutor of the High Court of Spain together argue that encryption not only makes law enforcement harder, but that it is directly responsible for killers remaining at large.
Such strident claims do not stand up to scrutiny.
David Kaye, the UN Special Rapporteur on Freedom of Opinion and Expression argues that encryption “has posed few barriers to law enforcement, based on United States Justice Department statistics. In fact, in the digital age, law enforcement officials have all the tools of metadata collection, geo-location and traditional physical surveillance and police work to do their job well. The focus on encryption is often a canard that distracts from police and intelligence failures.”
Trying to control encryption will not stop criminals finding ways of communicating 'under the radar' but it certainly would limit everyone else's ability to protect themselves from crime and anyone with rudimentary technical capabilities and time.
Encryption is essential for everything from how we access our bank accounts online to how human rights activists can operate within repressive regimes. Using encryption is standard practice for many journalists, not to mention lawyers and others who need to work on sensitive issues with security, confidentiality and privacy. Patients need to communicate confidentially with their health care professionals to receive treatment and the prospect of such communications being available to others would inevitably prevent the disclosure of vital information.
Anyone who uses Apple's iMessage, Facetime or Facebook's WhatsApp are using promised end-to-end encryption, meaning that even those mighty companies cannot monitor our communications even if compelled to do so by any nation state. It is good and it is right that technology exists to empower us all to protect ourselves. We need more technology like this, not less.
At Privacy International, we regularly communicate with journalists, lawyers and others who will often encrypt their communications. They have a right to both safeguard their communications and to not be treated with suspicion because they do so. Such communications necessarily must cross international boundaries where, if vulnerable, any intermediate state could bestow upon themselves the ability to scrutinise.
Governments should be promoting the use of encryption, not criminalising it. Will it become a crime to protect our own data? Are we not safe to travel because we actually take measures to protect our devices?
Such brazenness from these Governments means that without pushback, the activities of the Turkish authorities could become the norm in modern democracies too. It is vital that taking rudimentary precautions to protect our privacy and security in the digital age are encouraged by governments and certainly not punished.
The case against encryption is just another example of a familiar yet very worrying doublespeak from Governments around the world. In the wake of threats to our security, they talk about upholding our freedoms. But the irony is that if we take steps to protect our own security we might be deprived of our freedom. Furthermore, the Chinese boogey man is often rolled out by many heads of state to highlight the cyber security issue. The governments of the world seem to want to have it both ways - protect everyone from the bad guys but let the good guys in. Irrespective who the good guys and bad guys are at any given instant, security does not work that way.
It is encryption that will give us security and freedom. We need to vigorously defend the empowerment that encryption provides for all of us.
* As of publication, the third member of the Vice crew, a Turkish based Iraqi translator and journalist, Mohammed Ismael Rasool, remains in custody.
CC BY-SA 4.0