Cameron’s technophobic Little Britain

You would think that a nation that prides itself on being an information, financial and technology hub would be a bit more with it when it comes to how data security works. But then if you did think such a thing, you wouldn’t be thinking of the UK, where our prime minister last week reminded people he doesn’t like encryption, doesn’t really get how it works and wants to handicap its usefulness, ASAP. For the technical specs behind David Cameron’s flawed plan, read:

What’s would it entail:

  1. Dave’s regulation would require all companies that encrypt communications through their services to give the government a backstage pass to the whole show. You’re bank, your Google account, your online shopping, are examples.
  2. It would mean products sold by Apple and other developers would have to make sure the government could always have some mechanism to bypass these products’ security.
  3. It would mean outlawing open source software ranging from Veracrypt (formerly Truecrypt) to Tor to GPG, and somehow blocking access to them in the UK.
  4. And it would mean that whatever data security was available in UK, would be highly dodgy. You can’t make a back door key that only works for the “good guys”. As soon as someone has access to it, so will others they never intended. Remember how UK’s data-sharing partnerships work with the United States, Canada, Australia and New Zealand. No, just remember how it works with the U.S., and how poor America is at stopping leaks. No, just think about how bad UK is at keeping control of its classified information. Do you really want to leave these folks in charge of your spare key? Would you leave your house key under the doormat? No? How about access to your bank account, then?
  5. The policy puts United Kingdom on a trajectory toward laws more like those in Russia, Pakistan, Ethiopia, and other such bastions of free speech and democracy. It puts the UK on a collision course with the United Nations, whose stance is unambiguously clear: encryption is a human right.

It boggles the mind how advisors have let any of this ridiculousness tumble out of Cameron’s mouth in public, and worth quoting former Pirate Party UK leader, Loz Kaye, at length on it:

“Firms like Apple for example have been very clear that they are committed to strong encryption because after all that’s what users want. So it’s very unclear what exactly it is that the British government is suggesting. They’ve talked about the cooperation with social media sites, such as Facebook and Twitter, but are they really suggesting that they are going to ban Apple products, for example, in the UK? Would people visiting the UK from overseas and have to leave their smartphones at the airport? Obviously, this is completely ill-thought-out. It’s just more bluster from David Cameron who seems actually incapable of responding to the terrorist threat in a real way that is going to make any difference. Certainly the tech companies won’t want to play ball and they will start to see that British Isles as a place which is anti-internet, anti-tech and not a place to do business.”

How to counter it:

Encryption is fundamental to the free flow of information: It’s the freedom to ensure you’re talking to the people you intend to, and just them. But a march on Westminster isn’t going to cut it. The direct action to take against policies on encryption is to encrypt more data.


UPDATE: See Keys Under the Doormat,  a report by leading cryptographers and computer scientists published on the 7th and obviously using my analogy from the image at the top of this post.

Arguing That You Don’t Care About The Right To Privacy Because You Have Nothing To Hide Is No Different Than Saying You Don’t Care About Free Speech Because You Have Nothing To Say