The New York Times has an important story today about plans by US authorities to raid and curtail our freedoms on the Internet.
Essentially, officials want Congress to require all services that enable communications — including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct “peer to peer” messaging like Skype — to be technically capable of complying if served with a wiretap order. The mandate would include being able to intercept and unscramble encrypted messages …
James X. Dempsey, vice president of the Center for Democracy and Technology, an Internet policy group, said the proposal had “huge implications” and challenged “fundamental elements of the Internet revolution” — including its decentralized design. “They are really asking for the authority to redesign services that take advantage of the unique, and now pervasive, architecture of the Internet,” he said. “They basically want to turn back the clock and make Internet services function the way that the telephone system used to function.”
The authorities, of course, are arguing that there will be no increase in their surveillance programs. They are merely saying the industry should provide the same level of compliance currently available through telephony.
There is no public data about how often court-approved surveillance is frustrated because of a service’s technical design. But as an example, one official said, an investigation into a drug cartel earlier this year was stymied because smugglers used peer-to-peer software, which is difficult to intercept because it is not routed through a central hub. Agents eventually installed surveillance equipment in a suspect’s office, but that tactic was “risky,” the official said, and the delay “prevented the interception of pertinent communications.”
Bullshit, I say!
To counter such problems, officials are coalescing around several of the proposal’s likely requirements:
¶ Communications services that encrypt messages must have a way to unscramble them.
¶ Foreign-based providers that do business inside the United States must install a domestic office capable of performing intercepts.
¶ Developers of software that enables peer-to-peer communication must redesign their service to allow interception.
Even without the privacy and moral implications of this further extension of government intrusion into our lives, there are serious technical issues at stake:
Several privacy and technology advocates argued that requiring interception capabilities would create holes that would inevitably be exploited by hackers. Steven M. Bellovin, a Columbia University computer science professor, pointed to an episode in Greece: In 2005, it was discovered that hackers had taken advantage of a legally mandated wiretap function to spy on top officials’ phones, including the prime minister’s. “I think it’s a disaster waiting to happen,” he said. “If they start building in all these back doors, they will be exploited.”
This is clearly a movement that we need to watch carefully. Unfortunately, the Obama regime has been at least as rigidly fascistic as Bush-Cheney on these matters of surveillance and will be encouraging law enforcement. We will have to stand up for our own privacy, as usual.