Jamie Bartlett: Encryption is for everyone, not just extremists

[vc_row][vc_column][vc_column_text]

Jamie Bartlett-Demos

I spend a lot of my time writing about encryption. Until recently I did this from a UK perspective. That is to say, in a country where there are pretty good citizen protections. Despite the occasional hysterical article, the police don’t snoop on you without having some probable cause and a legal warrant. UK citizens aren’t constantly under surveillance and don’t get rounded up for speaking their mind.   

From this vantage point, the public debate on encryption starts with its problems. Terrorists are using encrypted messaging apps. Drug dealers are using the Tor browser. End-to-end encryption used by the big tech firms is a headache for local police forces. All this is true. But any benefits are merely addendum, secondary points, “ands” or “buts”. Don’t forget, however, that encryption is also for activists and journalists, including those in less friendly parts of the world. Oh, and don’t forget ordinary citizens. Such benefits are mostly discussed abstractly, almost as an afterthought.

My view on encryption changed in 2016 when I was researching my book Radicals. This being a book about fringe political movements – often viewed with hostility by governments – I expected to use some degree of caution. But it was more than this. Over in Croatia, I was following Vit Jedlicka, the president of Liberland, a libertarian pseudo-nation on the Serb-Croat border. Jedlicka is trying to create a new nation on some unclaimed land that will run according to the principles of radical libertarianism, including voluntary taxation. The Croat authorities do not like him at all, even though he is non-violent and law abiding.

I arrived in Croatia, after an early Easy Jet flight, and was taken aside for questioning by the border police, who appeared to know I was coming. They told me not to attempt to visit Liberland. A little later, while I was away from my hotel, the police turned up and demanded a copy of my passport from the hotel manager. Jedlicka, meanwhile, was barred from entering Croatia, having been deemed a threat to national security.

I did not know a great deal about the Croatian police, but what little I did know made me doubt they cared too much about my right to privacy. I suddenly felt exposed. So Jedlicka and I communicated using an encrypted messaging app, Signal. I had considered Signal mostly a frustrating tool that helps violent Islamists avoid intelligence agencies. But suddenly this nuisance app was transformed. Thank God for Signal, I thought. Whoever invented Signal deserved a prize, I thought. Without Signal, Jedlicka couldn’t engage in activism. Without Signal, I couldn’t write about it.

This was in Croatia. Imagine what that might feel like as a democratic activist in Iran, Russia, Turkey or China. 

You see the debate about encryption differently once you’ve had cause to rely on it personally for morally sound purposes.  An abstract benefit to journalists or activists becomes a very tangible, almost emotional dependence. The simple existence of powerful, reliable encryption does more than just protect you from an overbearing state: it changes your mindset too. When it’s possible to communicate without your every move being traced, the citizen is emboldened. He or she is more likely to agitate, to protest and to question, rather than sullenly submit. If you believe the state is tracking you constantly, the only result is timid, self-censoring, frightened people. I felt it coming on in Croatia. Governments should be afraid of the people, not the other way around.

The debate on encryption, therefore, should change. The people who build this stuff – whether TorPGP or whatever else – are generally motivated by the desire to help people like Jedlicka, people like me. They don’t do it for the terrorists. Seen and understood in that light, the starting point for discussion is about the great benefits of encryption, followed by the frustrating and inevitable fact that bad guys will use the same networks, browsers and messaging apps.

Which is why any efforts to undermine encryption – through laws, endless criticism, weakening standards, bans, threats to ban, backdoors and international agreements – would hit someone like Jedlicka, or me, just as it would Isis. The questions then become: are we willing to prevent good guys having protection just because bad guys are using it? Once you’ve had cause to use it yourself, the answer is extremely clear.

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_basic_grid post_type=”post” max_items=”4″ element_width=”6″ grid_id=”vc_gid:1503654311600-41f8449d-cfd3-2″ taxonomies=”6914″][/vc_column][/vc_row]

Weakening encryption would harm journalists

Encrypted communication tools are used by investigative journalists and reporters under fire, as well as businesses and governments, to have safe conversations and to report on difficult and often dangerous situations.

Attempts by the UK government to create a backdoor into these services would potentially put lives at risk by making the systems far less safe. It would certainly curtail reporting from dangerous regions.

#IndexDrawtheLine: Where should governments draw the line on everyday surveillance?

draw-the-line-header

 

Former NSA contractor Edward Snowden attempted to explain mass surveillance through a conversation around dick pics during an interview with John Oliver on Last Week Tonight, a satirical current affairs show aired by American network HBO.

“Even if you sent it to somebody within the United States, your wholly domestic communication between you and your wife can go from New York to London and back and get caught up in the database,” Snowden said in the interview, conducted in his temporary residence in Russia after the United States cancelled his passport for leaking details about NSA domestic spying in June 2013.

The elimination of complicated terminology in the discussion has allowed us to understand that although emails sent between Gmail accounts are encrypted and unidentifiable to outsiders as they move from Google’s data centres in the US and across the world, in reality the racy pictures embedded in these emails can actually be stored in several data centres worldwide as a way to provide backups in case one centre fails.

These encryption techniques have been around since 1991, when hacker Philip Zimmermann uploaded a free encryption program called Pretty Good Privacy – better known today as PGP – to the internet. Using a form of cryptography developed in the 1970s known as public-key cryptography, users are given a public key that can be shared which encrypts messages that are sent to them, and another one they keep private to decrypt messages they receive.

As public-key cryptography was generally reserved for military and government use prior to the release of PGP, the availability of these advanced encryption algorithms to the general public was a significant step in the realm of free expression at the time. But while web-based communication has become part of daily life, the average citizen is only beginning to grapple with the idea of mass surveillance let alone the tools associated with it.

Should individuals accept the surveillance environment, allowing – for example – government officials to obtain personal photographs shared between two consenting adults through a corporate service, as raised by Snowden?

Just months before Snowden blew the whistle, India began implementing a Centralised Monitoring System in April 2013 to monitor all phone and internet communications in the country. Following his disclosures on mass US secret surveillance programs, other governments around the world such as Brazil and Russia began debating on how to pressure companies to store user data locally. During this period, Turkey began drafting new regulations that would make it easier to get data from internet companies following the eruption of Gezi Park protests.

To what extent is it possible to escape everyday surveillance amidst these developments and how would this affect our communications? And even if technological advancement brings us newer tools providing stronger privacy protection, where should governments draw a line in monitoring what we share with friends and family?

Join the discussion on twitter with #IndexDrawTheLine

Jamie Bartlett: The coming online privacy revolution

In his new ebook, tech expert Jamie Bartlett describes what he sees as the long-term ‘Snowden effect’: the explosion of new ways to keep online secrets and protect privacy, and the challenges that presents for state security services. In this extract, Bartlett uncovers some of the more revolutionary plans in the privacy pipeline.

Motivated by an honourable desire to protect online freedom and privacy, hundreds of computer scientists and internet specialists are working on ingenious ways of keeping online secrets, preventing censorship, and fighting against centralised control. A veritable army motivated by a desire for privacy and freedom, trying to wrestle back control for ordinary people. This is where the long-term effects will be felt.

Soon there will be a new generation of easy-to-use, auto-encryption internet services. Services such as MailPile, and Dark Mail – email services where everything is automatically encrypted. Then there’s the Blackphone – a smart phone that encrypts and hides everything you’re doing. There are dozens – hundreds, perhaps – of new bits of software and hardware like this that cover your tracks, being developed as you read this – and mainly by activists motivated not by profit, but by privacy. Within a decade or so I think they will be slick and secure, and you won’t need to be a computer specialist to work out how they work. We’ll all be using them.

And there are even more revolutionary plans in the pipeline. An alternative way of organising the internet is being built as we speak, an internet where no one is in control, where no one can find you or shut you down, where no one can manipulate your content. A decentralised world that is both private and impossible to censor.

Back in 2009, in an obscure cryptography chat forum, a mysterious man called Satoshi Nakamoto invented the crypto-currency Bitcoin.* It turns out the real genius of Bitcoin was not the currency at all, but the way that it works. Bitcoin creates an immutable, unchangeable public copy of every transaction ever made by its users, which is hosted and verified by every computer that downloads the software. This public copy is called the ‘blockchain’. Pretty soon, enthusiasts figured out that the blockchain system could be used for anything. Armed with 30,000 Bitcoins (around $12 million) of crowdfunded support, the Ethereum project is dedicated to creating a new, blockchain-operated internet. Ethereum’s developers hope the system will herald a revolution in the way we use the net – allowing us to do everything online directly with each other, not through the big companies that currently mediate our online interaction and whom we have little choice but to trust with our data.

Already others have applied this principle to all sorts of areas. One man built a permanent domain name system called Namecoin; another an untraceable email system call Bitmessage.

Perhaps the most interesting of all is a social media platform called Twister, a version of Twitter that is completely anonymous and almost impossible to censor. Miguel Freitas, the Brazilian who spent three months building it, tells me he was sparked into action when he read that David Cameron had considered shutting down Twitter after the 2011 riots. ‘The internet alone won’t help information flow,’ Freitas says, ‘if all the power is in the hands of a few people.’

This trend towards decentralised, encrypted systems has become an important aspect of the current crypto-wars.† MaidSafe is a UK start-up that, in a similar way, wants to redesign the internet infrastructure towards a peer-to-peer communications network, without centralised servers. Its developers are building a network made up of contributing computers, with each one giving up a bit of its unused hard drive. You access the network, and the network accesses the computers. Everything is encrypted, and data is stored across the entire network, which makes hacking or spying extremely difficult, if not impossible.

Nick Lambert, the Chief Operating Officer for MaidSafe, explained to me the vision. When you open a browser and surf the web it might feel like a seamless process, but there are all manner or rules and systems that clutter up the system: domain name servers, company servers, routing protocols, security protocols. This is the stuff that keeps the internet going: rules that route your request for traffic, servers that host that web page you’re after, systems that certify for your computer that the site you’re trying to access isn’t bogus. Because it all happens at the speed of light, it doesn’t feel cluttered up, of course.

But all these little stages and protocols create invisible centres of power, explains Nick – be they governments, big tech companies or invisible US-based regulators – and they are all exercising control over what happens on the net. That’s bad for security, and bad for privacy. MaidSafe strips all this out. The end result, says Nick, will be a network that is very difficult to censor and offers more privacy. ‘Even if we wanted to censor users’ content, we couldn’t – because with this system we don’t know or have access to anything the users do.

They’re in control.’ Nick accepts some people will misuse it – but that’s true of almost any technology. ‘Kitchen knives can cause harm,’ he says, ‘but you wouldn’t ban kitchen knives.’

As I see it, this powerful combination of public appetite and new technology means staying hidden online will become easier and more sophisticated. It might feel unlikely at a time when every click and swipe is being collected by someone somewhere, but in the years ahead, it will be harder for external agencies to monitor or collect what we share and see; and censorship will become far more difficult. A golden age of privacy and freedom. Perhaps.

* You’ve probably heard of this pseudonymous digital cash because it was, and still is, the currency of choice on the illegal online drugs markets.

† And increasingly, I predict, politics. Although no political parties – save the occasional fringe party – have given any thought to what crypto-currencies might mean. What does a modern centre-left party think of crypto-currency, or of blockchain decentralisation? They have no idea.

@JamieJBartlett is the director of Centre for the Analysis of Social Media, Demos and a tech blogger for @telegraph.

This extract was published on 12 February 2015 at indexoncensorship.org with the author’s permission.