Skip to content

The Datagate and the Risk of Outlawing Encryption

A side-effect generated by the Datagate scandal is the privacy hysteria exploitation to sell encryption-based services. Taking apart some obvious exceptions (business transactions, health information, judiciary data) these services are useless, ineffective and dangerous for the citizen an such and for the society.

They’re useless because they made the daily use of a computer an harder task. As a consequence, after a while, the users will switch back to the “normality”, maybe cursing the day they decided to use this “security” features. Just look at the issues related to the (widely available) encrypted file systems for all the available operating system. The end of the story is that you must keep a non-encrypted copy of your data because you can’t afford the risk of losing access to it, by fault of a software incompatibility, password loss, or lack of support by new OS release.

They’re ineffective because the “security workflow” would require to boot from a live OS – CD, working in RAM only, encrypting the file before storing on a physical medium, and securing that no information last in RAM. Security is binary: either you enforce it or not. Simply put, this (or a similar) workflow is unthinkable but for a limited data subset.

Furthermore, by using closed-source products, there is no actual guarantee of security because the reality of the software market shows that much too often these “security” tools are plagued by bug and programming errors.

They’re dangerous because they feed a distorted culture of privacy that will lead – paradoxically – to its endangering.

Our daily life is grossly non-interesting for the (western) public powers, while it actually matters for corporations and serial-(marketing) profilers, i.e. the very same entities that complain about the government snooping into “their” data. In other words, it seems that these companies want to maintain for themselves only the right of intruding into users’ private life.

Finally, by spreading the use of encryption in every part of the human activity, what is going to happens when a law enforcement agency will claim (no matter if it is a fake) that it is no more possible to catch pedophiles and terrorists, charging the “security” companies for that?
Well this “security” companies will answer by signing “safe snooping” agreements while politicians and legal “scholars” – maybe to make the media stay quiet – will ask for the encryption to be outlawed.

So the pendulum between privacy and control starts swinging back to this latter side.

And the history starst again, because the datagate is just another iteration of the Echelon scandal (1988) or of the Clipper Chip controversy (1993). But above all is the direct heir of Black Chambers’ founder, Herbert Yardley, the first NSA.

When, back in twenties of last century, US president Hoover discovered what Yardley and his associates were actually doing, reacted by withdrawing the funds to this structure declaring “gentlemen don’t read each other mails”. But president Hoover and all of his successors lately changed mind – or the definition of “gentlemen”. Thus being morally justified when intruding into the private life of those that don’t fit
with the definition.

But following this line of thought one might think that, at the end of the day, NSA is right in running Prism and Prism-like activities. If those snooping facilities exist since decades and no citizen has been rendered to Alaska or “etero-suicided”, than we can trust the Power.

This would be a wrong conclusion driven by a false argument.

The governments are made by person, and person act on their moral standard – “do the right thing” – instead of the legal one. It is, thus, simply stupid to think that the Powers will stop collecting information about everybody or that some regulations will prevent those who have the power and resources to intrude into somebody else’s private life.

The only way to keep a secret is to keep it secret. As La Rochefoucauld said, back in the XVII century: how can we ask somebody to protect our secrets if we, first, are not capable to do it?

Post a Comment

Your email is never published nor shared. Required fields are marked *
*
*