25 Feb Digital surveillance: Who watches the watchers?
Photo: Mott Jordan/Shutterstock
Last year Australia passed a bill weakening security on the iPhones and software people rely on in today’s digital world. This sweeping law could force tech companies to access encrypted data.
Australia is not alone in designing a national security strategy that responds to geopolitical trends, defence needs, and outside interference but also emerging non-traditional security concerns such as climate change, cyber issues, and transnational organized crime. Since all of this is allied to global digitalization, it is no surprise that surveillance and encryption are also the focus of new policies.
In “Protecting Your Security and Rights Online” (Inter Press Service, 23 January 2019) Rebecca Ricks writes, “At a time when governments across the globe are engaging in increasingly invasive surveillance, unfettered public access to encryption protects our basic rights to privacy and freedom of expression. Users should call on their governments to promote strong encryption, not undercut efforts to protect our safety and rights.”
Encryption is supposed to ensure that information stays private by scrambling data so that no one else can see it or read it without a decryption key. In practice, security forces and corporate interests are keen to be able to crack any code. Unfettered public access to encryption is not in their interests.
There are two different types of end-to-end encryption:
- Symmetric key algorithms that use related or identical encryption keys for both encryption and decryption – “private-key cryptography”.
- Asymmetric key algorithms that use different keys for encryption and decryption – “public-key cryptography”.
Government agencies have been known to steal keys by removing computers, or by putting malware on them using physical access or phishing attacks. This undoes the protection cryptography offers. It is comparable to having a secure lock on your door, but for someone to copy it and be able to get into your house without picking the lock.
As Ricks points out, “Access to encrypted tools is critical to maintaining the safety of people who are disproportionately subjected to surveillance and scrutiny, whether victims of domestic abuse or minorities and other marginalized members of society. Political dissidents, journalists, and activists in particular are vulnerable to retaliation for expressing their views or exposing wrongdoing.”
How can we address international and national security issues and tackle serious crime such as drug and people trafficking while simultaneously guaranteeing privacy and people’s civic rights? What are your views?