[Note: This comment comes from friend David Reed. DLH]
This is starting to sound like a replay of the “Crypto Wars” back in the early Clinton years.
What’s different, however, is that instead of the very limited needs of the NSA for national security that were being argued, now we are seeing that the FBI, a police agency and not a national security agency, a crucial difference, is seeking “total” rights to surveillance and search, and since its mission is largely inside the US, in domestic matters.
My public role in the Crypto Wars was (along with others of like minds) pointing out that the entire US economy relies on safe and private communications, and that products like Lotus Notes (the first commercial product to adopt RSA’s public key encryption as an always-on *standard* for intra- and inter-enterprise communications) needed protection of a very strong sort.
The NSA, of course, has many routes to defeat encryption – its work factor is small because one can acquire keys for even the strongest encryption algorithms quite easily, if you are willing to operate in the dark and outside the rule of law that they must obey in the US. The analogy is that you can enter a doublebolt locked house quite easily if you are willing to use kinetic methods – security is no stronger than the weakest link.
But what the FBI is seeking is a widespread weakening of all communications in the US to make it trivial to break into any phone, any computer, … without detection at all, and without any ability to know either before or after that they have broken in.
This would apply to businesses, to health care providers, to psychiatrists, … and would be able to infer enormous amounts of information about people from records kept in other people’s devices.
There’s no one specific “evil” result to be a fear-monger about – there is a combinatorial explosion of such bad opportunities that the mind boggles. They can even automate the surveillance with “big data analytics” to combine such information, as we have seen. Judges routinely approve “search queries” on large databases of collected information that search on broad terms, yet the claim continues that if a “computer” does the searching, it’s not a human law enforcement officer doing the search, so it’s not covered by any precedents about unreasonable search and seizure.
Generally, our society needs a police function. But “policing” neither requires nor means “super powers”. (well, except in TV dramas like Scorpion where a call to some friend in the pentagon can rain full-dress, masked Special Forces down on any place in the US with automatic weapons and grenade launchers).
And in our normal society, we don’t have the FBI constantly rummaging around in every executive’s contact list or operating cameras inside every private company’s place of business. THey are not, by default, given access to the phone calls of doctors with patients, doctors with doctors, etc. to try to see if there is any evidence of wrongdoing.
Yet this appears to be what the FBI wants – no privacy barriers preventing their privileged recording of anything they want to, and since they are a law-enforcement agency that depends on state law-enforcement cooperation, they’d presumably urge the same powers for state and local police as well, and perhaps other Federal Law enforcement, such as the National Parks Service, etc. (at least through the Fusion Centers).
They appeal to a paranoid idea: that we the people are so untrustworthy and our natural environment so filled with “bad guys” that we must all be watchable all of the time.
Crime is going down every year – statistics back that up. But by playing with the country’s fears, it seems to me that we are in danger of confusing the police’s interests with the interest of the people.
As I opened this comment, there is something strange going on when we start seeing the police wanting to be all-powerful, and arguing that they need to be. This has me more worried than I was when the NSA was seeking to weaken or prevent commercial and private encryption.
FBI Director James Comey: ‘Going Dark: Are Technology, Privacy, and Public Safety on a Collision Course?’
Oct 16 2014