UK Government's surveillance plans could put citizens, economy and entire internet at risk, argue leading computing experts

Proposals are 'unworkable in practice, raise enormous legal and ethical questions, and would undo progress on security at a time when internet vulnerabilities are causing extreme economic harm', leading experts argue

Andrew Griffin
Friday 10 July 2015 07:20 EDT
Comments
A painting of the government listening station GCHQ (L) is displayed at the 'A Year with MI6' exhibition at the Mount Street Gallery on February 14, 2011 in London, England
A painting of the government listening station GCHQ (L) is displayed at the 'A Year with MI6' exhibition at the Mount Street Gallery on February 14, 2011 in London, England (Getty Images)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The British and US Government’s plans to weaken online security are “unworkable” and contribute to “extreme economic harm”, a group of the world’s leading computer experts have said.

Authorities including David Cameron and FBI director James Comey have said that tech companies shouldn’t use end-to-end encryption, which stops messages from being snooped on. Such technology is used in apps like iMessage and WhatsApp, to ensure that messages can't be read as they pass between people.

But a new report from some of the world’s leading computing experts argues that giving intelligence agencies access “will open doors through which criminals and malicious nation states can attack the very individuals law enforcement seeks to defend”. Tech companies have long argued that opening up back doors to surveillance agencies inevitably means that other actors will exploit them, weakening security.

Proposals to give intelligence agencies exceptional access to communications are “unworkable in practice, raise enormous legal and ethical questions, and would undo progress on security at a time when Internet vulnerabilities are causing extreme economic harm”.

“If law enforcement’s keys guaranteed access to everything, an attacker who gained access to these keys would enjoy the same privilege,” the report argues. The British and US governments’ preferred approach would also make such an attack more likely to succeed, they argue, since giving the keys needed to unlock encryption over to spying organisations would make them more likely to be lost.

David Cameron and the rest of the Government have long argued that encryption is dangerous — in January, Cameron said that he didn’t want to allow any encrypted communications, and the home secretary Theresa May intends to push through legislation that will force tech companies to make their users’ data available to governments. They say that keeping communications secret helps terrorists, since they can use networks to communicate without surveillance from the authorities.

The new MIT report is named ‘Keys Under Doormats’ and is written by a group of computer scientists many of whom were part of an influential report that helped stop similar legislation being passed at the beginning of the modern internet. They argue that the new challenge is “even greater today than it would have been 20 years ago”.

“In the wake of the growing economic and social cost of the fundamental insecurity of today’s Internet environment, any proposals that alter the security dynamics online should be approached with caution,” they argue in the 26-page report. “. The complexity of today’s Internet environment, with millions of apps and globally connected services, means that new law enforcement requirements are likely to introduce unanticipated, hard to detect security flaws.

“Beyond these and other technical vulnerabilities, the prospect of globally deployed exceptional access systems raises difficult problems about how such an environment would be governed and how to ensure that such systems would respect human rights and the rule of law.”

The experts' criticisms echo the same ones made by many tech companies. Apple's Tim Cook said in June for instance that the company believes "people have a fundamental right to privacy", and Facebook said yesterday that it feels "weakening encryption presents a variety of other security issues".

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in