Should we ban encryption so that terrorists can’t use it?

Short answer: No. Read on.

A pattern has been emerging in the last few years of terror attacks: An attack happens, then politicians and spying bureau chiefs call for increased powers of surveillance without oversight. They use (mostly unproven) statements about encrypted technology being used to communicate, preventing the ‘good guys’ from seeing what they are doing. This was certainly the case for the recent Paris attacks and Trevor Timm has written an excellent piece on the various political agenda that Paris is being used for – and on the incompetence of the spy agencies in failing to prevent the attack.

SMSes and phone calls that are used in normal communication are unencrypted. These can be snooped on and, despite the fact, the attackers’ SMS communications were not intercepted and the attacks happened. The simple matter is that there are too many people to monitor to effectively prevent an attack. Plenty of people who are known resent the ‘free world’ will never get around to actually kill in the name of that resentment. How does a spy agency know which communications to actually watch for when there are so many potential threats?

The other much simpler reason for not banning encryption is that encryption benefits humanity. It keeps our data safe from criminals. It allows us to log in to our Facebook, our emails, our dating apps, our bank accounts with some reassurance that people who intend to harm us in various ways are not able to do so. Banning encryption totally removes that security blanket. We are all harmed by banning encryption. To take such a drastic step is to acknowledge that the terrorists have won – that we are so terrorised that we would willingly enable criminals to view our bank accounts and our private lives.

What about the possibility of enabling backdoors (or ‘front doors’) that allow only the government to view encrypted information? To put it simply, this is not possible. If a backdoor (call it ‘front door’ if you wish) is created, criminals will find it and misuse it. Or perhaps hostile Governments. Don’t take my word for it. Take Barack Obama’s.

See my previous post: Did the Paris shooters communicate using Playstation 4?

Did the Paris shooters communicate using Playstation 4?

The news has been spreading that the Paris shooters planned their attacks using the Playstation 4. Is this true?
1. There is no reason to believe that it is.
2. The belief that they did so originated from an interview given by the Belgian interior minister, Jan Jambon, three days before the attack, talking about IS in general, and not about the particular attack which was then in the future.

The more interesting question is whether it matters if they did.

Should governments now start monitoring in-game chats in the Playstation network? OK. How about in-game chat for the Xbox? How about Words with Friends? The above are examples of communications that get ignored on account of the huge amount of noise from actual gamers. How about spoken words or a real-time drawing or video? Then there are real messaging applications, some of which are encrypted, some of which actually do a very good job of it.

Should governments start monitoring communications between every app that is built and made available to any two humans in order to ensure that terrorists do not plan something? Is this even possible? It may be interesting to think about a Person of Interest – like system that has the ability to monitor everything and alert the good guys when danger threatens someone. Thinking that the government can eavesdrop on every communication is folly. Aside from the technical hurdles for encrypted communications, there is the hurdle of the huge volume of noise to sort through.

Governments should come to the realisation that mass-surveillance is not the answer and that porn-viewing and playing video games is just perhaps a wastage of hard-earned tax money. There is pressure from the electorate to be seen doing something after any act causing terror, but doing something useless or harmful is worse than doing nothing.