The Stack Archive

Hebdo is probably not the ‘Reichstag Fire’ that will end the privacy vs. security stalemate – but it’s coming

Fri 9 Jan 2015

[Opinion] The further away you get from a disturbing incident, the more abstract it becomes, which is why history tends to repeat itself. The personal becomes statistical and the value of the lesson is lost as subsequent generations gather enough youthful hubris to mistake technological advancement for moral evolution; the incident and the lesson are from ‘the old days’; we begin to believe that we wouldn’t make the same mistake again, and that if we did, it would be a far better mistake.

When the people become this credulous and self-deluded, it’s a useful opportunity for wiser – or more cynical – heads to exploit. So it is that state authorities in the US and UK seem to be pining in recent months for the ‘emergency mandates’ that follow a disaster – the power to ‘clamp down’, retain and augment control of the flow of information, or people, such as was possible in the wake of the World Trade Center attacks in 2001.

It’s a critical juncture for The State to take back that lost ground, because the post-Snowden populace is currently feeling more threatened by its protectors than by its enemies. The protectors have subsequently become more conciliatory, because there is no wreckage, no sadly spinning fuselage housing or poignant abandoned teddy bears adequately galvanising to turn its ‘conversation’ with the public into an edict.

When Apple built client-side encryption into last autumn’s update of its iOs mobile operating system, a drip-fed campaign of State-issued complaint about zero-knowledge storage and secure communications began, first from FBI director James Comey, who was backed up less than a week later by U.S. Attorney General Eric Holder. Less than a week after that the UK’s National Crime Agency chief Keith Bristow stepped in for a turn, and a week later President Obama’s administration let leak some extra alarmist rhetoric about hacker-apocalypse scenarios.

Yesterday MI5 chief Andrew Parker, apparently having calculated a compromise between a respectful pause for the dead and exploiting the topicality of the issue, decided that the Charlie Hebdo terrorist attack in Paris on Wednesday is suitable fodder for another excursion into the evils of excessive digital privacy. He stated that he doesn’t want “a situation where that privacy is so absolute and sacrosanct that terrorists and others who mean us harm can confidently operate from behind those walls without fear of detection,”

In order to continue to be effective, said Parker, “MI5 will continue to need to be able to penetrate their communications as we have always done. That means having the right tools, legal powers and the assistance of companies which hold relevant data.

“Currently, this picture is patchy.”

And the pitch is vague – the reference to ‘companies which hold relevant data’ seems to focus back to the autumnal laments against the rise of Zero Knowledge storage, wherein hosting companies or digital providers which hold a client’s data are themselves unable to access it, because only the client themselves has the key.

Is the revocation of the right to provide ZKS the objective of these opportunist press conferences? It certainly is the only theme that all of them share.

In practical terms this means passing laws which would force global entities such as Apple to reverse its (popular) action on ZKS, even though client-side encryption is recognised as the kind of high-security measure that would have made PR disasters such as last summer’s ‘The Fappening’ very difficult for hackers to undertake again, in addition to preventing far less ‘cosmetic’ online crimes. It would mean the dissolution or devaluing of hundreds of ZKS-based companies such as Edward Snowden’s beloved SpiderOak – it would mean, effectively, a 180-degree reversal of the direction in which the field of online security is currently heading.

Just to make that one change happen in a meaningful time-frame, The State will need an event of significantly greater impact than the attack on Charlie Hebdo – a 9/11-grade ‘Reichstag Fire’ (the 1933 communist retaliatory arson on the building of Germany’s parliament, which allowed new chancellor Adolf Hitler to suspend practically all civil rights in the country indefinitely).

Such an event seems likely, whether as part of a genuine and ongoing ideological conflict between one religion and the west, or between one nation and the west – or, if you like to wear your tinfoil hat much tighter than that, as a governmentally generated/encouraged piece of ‘world theatre’ with enough impact to unequivocally return power over information to The State.

Who will really be behind the event doesn’t matter, given how unlikely we are to be able to discern the truth of it over the terrible social and political static that will ensue. All that matters is how we resolve, now, to react to it – in the same spirit of panic-stricken self-preservation that the US and UK governments are currently seeking to ferment and exploit, or with the more experienced understanding of how deeply we will eventually repent of welcoming ‘emergency measures’ that will prove difficult, if not impossible, to reverse.


feature hacking politics security
Send us a correction about this article Send us a news tip