We will not give up our freedom (Part Two)

13 February 2015

The sadness of the European public in the wake of the terrorist attacks on our basic values is now giving way to outrage and bewilderment amongst those who care about freedom. Because the carousel of demands masked as security policy has since been spinning at a dizzying speed. In the post-2001 West, extremist threats and acts of violence have sometimes served as a welcome excuse to curtail freedom and basic human rights under the pretext of defending our democratic spirit.

To begin with, here are two studies that drastically illustrate the absurdity of heightened security regimes in Europe. In England – in what was almost a reversal of the victim-perpetrator role – readers, and consequently, supporters of the French satirical magazine Charlie Hebdo got caught in the mills of the security authorities for expressing their belief in freedom of thought by purchasing subscriptions. The “Association of Chief Police Officers’ (ACPO) has demanded that the main distributor of the magazine in the UK, John Menzies, hand over a list of sales outlets to the National Counter-Terrorism Policy HQ. As a result, special officials have visited many of these news kiosks and demanded information on buyers. The case shows dramatically how the freedom of citizens winds up in the crosshairs of the British police.

On the other hand, after Charlie Hebdo published its “Survivors’ Edition,” the cover of which cover was illustrated with another caricature of Mohammed, there was a retaliatory cyberattack on French websites by hacker groups from Arabic countries. Among the main proponents of the total of 19,000 DDoS attacks that defaced and shut down French websites were Fallaga Team from Tunisia and Cyber Caliphate, which boasted beforehand of having shut down the U.S. Central Command’s Twitter account. Threats such as these make it clear that we need comprehensive protective platforms to protect us from both terrorist-led cyberwarfare and criminal activity that can effectively fend off such things as spyware, zero day attacks, and phishing schemes. The double standards that are partly engrained in European politics can be detected in the fact that after the Paris attacks, just as widespread public opprobrium for data encryption by people and businesses was spreading, military and civilian cyber protection devices were being upgraded to the nth degree. The cyber defense chief in France, Arnaud Coustilliere, told Army Times magazine that French government sites were being monitored around the clock to protect them from attacks.

The EU economy needs secure encryption now

The subject of a “ban on encryption” raises hackles in the UK. The governing Tories led by Prime Minister David Cameron and his minister of the interior, Theresa May, who is known to be a hardliner, seem bent on the persuading voters prior to the upcoming election that encryption is a tool for evil in the hands of terrorists and enemies of the state. While there has been resistance to this perspective within Europe, what is needed now is a unified European resistance to this totalitarian security policy.

Fortunately, both the European Parliament’s Committee for Technology Assessment (STOA) and the ENISA of the European economy have recommended the exact opposite of the current notions of the European Council in their studies, namely, complete end-to-end encryption of data and the increased use of open source software. Fortunately, both the European Parliament’s Committee for Technology Assessment (STOA) and the ENISA of the European economy have recommended the exact opposite of the current notions of the European Council in their studies, namely, complete end-to-end encryption of data and the increased use of open source software. The Austrian Chair of the STOA, MoEp der EVP Paul Rübig unequivocally warned against the dangers of making compromises on encryption. We have paid a high price many times for allowing weak data privacy laws to enable European intelligence agencies to leak fiscal trade secrets to hedge fund speculators, who then were able to bet against the euro before we could enact legal measures to protect the common currency.

Advancing encryption primarily entails generating broad awareness among users of the need for the use of cryptography and establishing independent advisory platforms where businesses can obtain comprehensive information on the appropriate tools and their implementation. Supporting security tests of various products in the field of encryption technology, such as those that are available through the “Electronic Frontier Foundation” (EFF), must also be made a priority in the future.

In the field of open source, STOA urges the promotion of such important open source products as OpenSSL, TrueCrypt, GPG and TOR, and endorses a kind of “incentive scheme” to detect backdoors in encryption programs.

Because of the current raging of tempers in the European governmental offices, we will have to wait to find out whether these initiatives will succeed. Only in recent days has the concerted European state power clinched a victory on another front of conflict between security interests and claims to freedom. The European Parliament (PNR) will cease to oppose the introduction by year’s end of a European “passager name registry” that will collect PNR data on passengers on all domestic European flights.

However, the heated debate on banning encryption in the UK also brings benefits. The subject became the center of a public discussion, which brought it under critics’ scrutiny. The Liberal Deputy Prime Minister Nick Clegg inveighed: “Cameron is advocating a huge encroachment on the freedom of all British citizens.” The security researcher Graham Cluley asserted on his blog that Cameron “is living in cloud cuckoo land. Criminals will always use alternative systems that guarantee they didn’t have the police and GCHQ breathing down their necks … What’s to stop any Tom, Dick or Harry downloading an app without a government backdoor from a website hosted overseas to run on his PC? What’s to stop a terrorist or paedophile downloading the source code of a secure messaging app, and compiling it on their computer?”

Talk of prohibiting the decryption process, depositing secret keys with the authorities, technically undermining interaction platforms via backdoors and enacting laws that prohibit using various more secure messaging services, such as WhatsApp, iMessage, FaceTime, Snapchat and Skype in the UK makes little sense. It only serves to mask the speakers’ true intentions.

Companies, too, can bypass paternalistic politics via highly secure end-to-end encryption of company VPN with authorized access only over secure Internet tunnels. Businesses must now make concrete use of such technical possibilities.

Encrypted browsing must be made a habit

There is nevertheless danger that England will continue to curtail the freedoms of its citizens if Cameron is reelected. Pushed by MI5 Director General Andrew Parker, whereby intelligence agencies will lose their currently legal ability to make out “dark spots” on the Internet, conservatives will put the necessary enhancements to the “Regulation of Investigatory Powers Act” (Ripa) into place starting in 2016, so that terrorists and enemies of the state can no longer use langauge to conceal themselves - watchword: “No no-go” areas!

It will likely prove impossible to completely prevent evil from finding places to hide on the Internet. Drastically increasing the powers of security authorities will do nothing to change this. Honest businesspeople and users fall by the wayside. Governmental hindering of encryption and curbing of the use of apps does not increase citizens’ safety - it only increases the power of those who govern them,” as the journalist Ian Morris put it in his interview with Forbes. “And besides, this procedure is unconstitutional. Which, since the UK has no constitution whatsoever, is entirely fitting. Put frankly: We must defend our freedom.

That is also the view of Edward Snowden, whose claim that “the Internet is not our enemy, and encryption can protect it” at last year’s annual TED conference appealed to the world’s Internet service providers to protect users by encrypting all their content: “Every individual needs to make encrypted browsing a habit, the famous whistleblower said. And the fact that more communication is monitored in the free world than in non-democratic countries is not without irony. America outdoes Russia in that regard by far. And the claim that only metadata are retained is the stuff of legend, but not of reality. Recent leaks of surveillance methods in the U.S. and UK revealed that the contents of thousand upon thousand of emails were read, including those of many journalists who are known critics of surveillance. Coincidence?

Cause for hope

Lastly, I would like to mention two champions of Internet freedom and hence of the general freedom of our society who give cause for hope: firstly, Tim Berners-Lee, the British computer scientist and inventor of the World Wide Web, issued an “Internet Magna Carta” on the occasion of the latter’s 25th birthday. In light of how significant a role the Net plays in our lives, we are now in need of a kind of online human rights. We must protect our democratic values on the Web. In addition, Berners-Lee and his World Wide Web Foundation launched a campaign called “the web we want,” which is open to participation by the public.

Andrew Keen’s latest book, “The Internet is not the Answer”, published in January 2015 and recently reviewed in depth in the British newspaper The Guardian, provides a glimmer of hope for better days for the Internet. It sttles the score with the misanthropic view of the Internet held by Silicon Valley, according to which we are all just a form of currency to be traded and which bloats the wealth of tycoons such as Mark Zuckerberg (Facebook), Larry Page (Google) and Jeff Bezos (Amazon) to astronomical size. He very aptly describes the tech titan Google: “Google does not just own the post office - it has the right to open everyone’s letters.” We have sold our souls to the Internet. In today’s digital world, we are reliving through the inequality of the Industrial Revolution of the early 19th Century. The Internet is not a question of technology, but a question of what kind of world we want to live in. We will not give up our freedom.

Helmut Fallmann
Member of the Managing Board

Almost 30 years ago, Helmut Fallmann founded the software group Fabasoft together with Leopold Bauernfeind. Today he is a member of the Managing Board of Fabasoft AG. Fabasoft has developed into a leading European software manufacturer and Cloud provider headquartered in Linz, Austria.

Follow this blog

To prevent automated spam submissions leave this field empty.