The Dire State of the Second Crypto War
Encryption is finally mainstream, but legislation like the UK's "Snooper Charter" will have privacy implications worldwide.
Since the 90's, legislators have tried to limit encryption to give law-enforcement and spooks an upper hand.
Before 2016, it was a mostly esoteric battle where technologists, computer scientists and cryptographers championed digital privacy against mandated backdoors proposed by Capitol Hill.
It seems; however, that not all was quiet on the western front. In fact, a new war on cryptography has emerged. The UK's "Snooper Charter" is indicative of a global strategy designed to bypass cryptography by legislating backdoors and forcing companies to retain and share access to data.
It's very similar to techniques used by copyright lobbies. The idea is to pass a law locally, then leverage treaties to undermine cryptography globally. This is an evolution in legislative strategy after the first round of the Crypto Wars.
Below is an overview of some of the different battles that have recently taken place.
2003: Patriot Act II is Drafted
2007: Security Researchers discover NSA-backed encryption protocol has backdoors
2008: FBI briefs lawmakers on encryption as a national security threat
2011: The FBI's tells public that “going dark” is hampering operations
2012: FBI proposes legislation for a wiretap-friendly Web
2013: Snowden exposes NSA's global Internet surveillance program and NSA campaigns that break encryption
2015: U.K. PM proposes banning end-to-end encrypted apps
2015: Senate leaders announce plans for backdoor bill
2016: Judge secretly orders Apple to help police hack iPhone and the San Bernardino iPhone court battle erupts
2016: Senators unveil a bill mandating weakened encryption
2016: U.K. law-enforcement officially confirms that new spy bill would let cops force companies to decrypt data
From above, it's clear that a new phase began when the FBI launched an unprecedented legal battle attempting to compel Apple to hack the iPhone carried by the San Bernardino shooter.
If the government can simply ask for something to be re-engineered then the very notion of owning and controlling your device is no longer a possibility. It's effectively a post-facto backdoor.
For this reason, it's particularly important for US citizens to pay attention to the UK's new Investigatory Powers Act, better known as the 'Snooper Charter', even if you don't live in the UK.
It requires internet providers and app companies like Whatsapp to retain and share a year of data with the government. Additionally, the government is indemnified from hacking citizens and may force companies to re-engineer products to hack others. All without a warrant, or even being a suspected of a crime.
That means phone conversations, computers, emails, messages, images, contacts and browsing habits – whole lives in one place, instantly accessible by police and other authorities.
Let's just hope this doesn't become the new normal in an increasingly dystopian world. At least signing parties will be cool again.