This is a topic which has been quite a difficult one for me. I did not want to come out as someone who has a vendetta against anyone. At the same time I wanted to be as fair and as factual as I possibly can. So without further ado, I wanted to share with you some thoughts on where I stand as far as the whole surveillance/privacy debate goes.
Recently there were some horrible events that occurred in Paris, France. The terrorist group known as Daesh carried out multiple attacks in various parts of the city. It was a Friday night and people were out having a great time and their life was turned upside down and in some cases innocent people lost their lives. In watching these attacks I was horrified at the violence that took place at the football match in the Stade de france and the people who were hurt or killed in the Bataclan theater.
On the back of this there has been a renewed debate on surveillance. There’s a lot of misinformation out there so I wanted to write something that is clear, fair and covers as many bases as possible. I am going to be covering the points both for and against surveillance in this article and in both sides of the argument what this means for your privacy.
The idea of surveillance is that we have someone we don’t know sitting in a place like the government communications headquarters(GCHQ) here in the UK. They are basically looking at all the communications that we are doing on a daily basis. Things such as emails, phone calls(both mobile and landline telephones), internet browsing, voice chat in games and much more. So what benefits would this bring if we did have surveillance laws in place on all internet and phone traffic?
Here in the UK the government is currently looking into passing a bill into law which would allow the government to effectively have a backdoor into all encryption systems being used. The first draft of the bill was introduced in the summer, but people did not like it. However, on the back of the terrorist attacks in Paris there has been a renewed conversation in Parliament to try and get this bill passed into law. What kind of benefits would this new law bring?
Well one could argue that we don’t need to worry about these kind of attacks. For example let’s say a terrorist organisation were to plan an attack on something like Skype or voice chat in a video game on XBox or Playstation(for instance). GCHQ would have the ability to spy on that conversation, find out who these people are. They would be able to track them down and stop the attack before it happens.
Even before this there were some other revelations. The national security agency (AKA the NSA) and the GCHQ had been intercepting communications around the world without a warrant.
I for one am against surveillance. I think that having people spy on our phone calls, keeping records of what we buy or even spying on the computer games that we play with other people is just wrong. Most importantly spying on innocent people is just wrong. People like you and me have not done anything wrong. It’s the terrorists and other criminals who have done wrong.
There are a lot of you who might be saying “Adi, I am an innocent person and have done nothing wrong. I have nothing to hide and trust the government to do the right thing with my data”. Well, I think that’s wrong to say.
We have a right to privacy and we need to exercise that right to privacy. We never know when we’ll need that right. We should be able to make a phone call to someone or buy a ticket for a movie without someone looking at what we’re doing. By saying “I have nothing to hide, privacy does not matter”, you are basically giving away your right to privacy.
There is also the fact that these surveillance laws have not stopped any attacks. I am going to be blunt here and say that there has not been a single terrorist incident that I know of since 9/11, where surveillance laws allowed authorities to catch the terrorists.
To be fair the way I think that it should work is that if any government authority wants to spy on me then they should require a warrant. At least here in the UK that’s the way it should work by law. Most important of all I should say that if they require a warrant I need to see that warrant first before they doing so.
If the governments of the world pass laws to put back doors in encryption systems, so that they can oversee any transactions or communications or anything of that nature then they are asking for trouble. I am not a hacker, but by putting back doors in encryption systems you are weakening the security that encryption provides and allowing hackers to exploit those back doors. Let me explain this properly with an example that has a real world use case.
Let’s say you go to your bank’s website and want to check your most recent transactions. The connection between you and your bank is encrypted meaning that hackers should not be able to see the data going from your computer to the bank.
When you log into your internet banking with your username and password only you and the bank can see it. After you log in, you want to transfer some money to a friend to pay them back for something they bought for you. That transaction is secured. If you are on a bank’s website then it’s the responsibility of the bank to make sure that their internet banking portal is super secure and as safe as possible.
If the bank was required by law to put a back door into this security system for the government to look at all transactions then it’s only a matter of time before a hacker figures out where this back door is. The hackers can then exploit this back door and then use it to get into your bank account and transfer the thousands of pounds, euros, dollars(or other currency) that you might have into another account. Would you want that to happen? Would you want the money that you’ve worked so hard for to be gone in an instant? Personally I don’t want that to happen.
Let’s also look at the example of booking a flight to Spain. Again the connection between your computer and the airline’s website is secured with a good encryption system. That way hackers cannot see that you’re giving over your credit/debit card details to pay for your flight. At least here in the UK after paying for your flight you will be taken to a page where you have to verify that it was actually you who wanted to make this payment. This is a standard procedure for all companies.
If the airline was required by law to put a back door into the encryption system, that would weaken the security of it. Again, it would only be a matter of time before the hackers find this back door and exploit it. The hackers will then have your credit/debit card details and then use that information to basically put you into a financial mess. If it’s a debit card then they can use it to empty your bank account. If it’s a credit card then through no fault of your own, you will be left in a large pile of debt.
As you can see from these examples, putting back doors into encryption systems is not the answer. Most important of all encryption at its core is just mathematics, and the mathematics for encryption is already out there. Deal with it.
Don’t get me wrong, I am all for catching a terrorist or somebody who’s about to commit crime, but as you can see I am against surveillance. I am also against putting back doors into encryption systems for the sake of hunting down terrorists because it will do more harm to us than good.
What about you? Where do you stand on this debate of privacy and surveillance in the modern age? let me know in the comments.