Wilson's Weekend Whine: Snowden's call for online encryption is sad but necessary
It was quite a coup for HOPE (Hackers On Planet Earth). At the 2014 hacker event, Hope X, in New York City this weekend, Edward Snowden delivered a speech to those in attendance, advocating the use of encryption online. The former NSA analyst was not at the event himself -- he's still holed up in Moscow -- but he called on those present to help to protect privacy online. Speaking via a video link Snowden said: "You in this room, right now have both the means and the capability to improve the future by encoding our rights into programs and protocols by which we rely every day".
It was a great piece of work keeping the presentation a secret. There were, of course, fears that Snowden's appearance would somehow be thwarted: "We had to keep this bombshell quiet til the last minute since some of the most powerful people in the world would prefer that it never take place." There were certainly risks involved, but it was a risk worth taking. "[Snowden's] revelations of the massive NSA surveillance programs confirmed the suspicions of many and shocked those who haven’t been paying attention".
Speaking to the Guardian last week, Edward Snowden said that "Any communications that are transmitted over the internet, over any networked line, should be encrypted by default. That’s what last year showed us." Having helped to enlighten the world about online surveillance, Snowden has now expressed something of a shift in focus. The whistle has been well and truly sounded. Now is the time for something to be done. The hissing and moaning is all well and good, but now there is a call to arms. However loudly and frequently complaints are made, the chances of invasive surveillance programs coming to an end are pretty slim. But this does not mean we have to accept things lying down. Snowden is calling for the development and adoption of easy to use techniques to counter surveillance.
One of the most obvious options here is to embrace encryption. Governments "don't like the adoption of encryption. They say encryption that protects individuals' privacies, encryption that protects the public’s privacy broadly as opposed to specific individuals, encryption by default, is dangerous because they lose this midpoint communication, this midpoint collection".
Encryption. "That is what a lot of my future work is going to be involved in", Snowden promised at Hope X. There's no word on quite what form this will take, but his vocal opposition to what has been taking place made it clear that this is a man with a great deal of fight left in him. He will undoubtedly push for a system that is accessible for all, cheap and simple to implement, and difficult to circumvent.
Many people have said that internet users should expect their communication to be monitored, intercepted, violated. But why? The simple fact that surveillance is possible -- and, at the moment, relatively simple -- is not a justification. Nor is the assertion that terrorist attacks could be stopped. "Could" is the key word here. A large number of crimes could be prevented ahead of time if the government was to intercept every single letter sent through the postal system. It would be a mammoth task, for sure, but is it something people would stand for? Of course not. If it transpired that all of our phone bills, credit card statements, birthday cards, love letters, and anything else you sent or received through the mail was being read or scanned by the government there would be complete outrage. Would the fact that organized crime might be reduced soften the blow for you? Would that be enough for you to permit all of your paper-based mail to be read and stored? I sincerely hope not. I hope you all value your privacy, and indeed dignity, more than that.
But this is precisely what is happening online. It's communication in a different form, so why is the interception of electronic mail and other web traffic seen as more acceptable than intercepting regular mail? For me, there is no difference whatsoever -- aside from the fact that it is rather easier for agencies to secretly intercept electronic communications. If you learned your letters were being read, you would either stop sending them, or devise a code that you could use to communicate privately. It's heartbreakingly sad that we need to do the same online, but we do. This is not a matter of hiding your data from the government because you have something to hide, it's about protecting a basic human right: the right to privacy.
As Snowden said to the Guardian: "What last year's revelations showed us was irrefutable evidence that unencrypted communications on the internet are no longer safe and cannot be trusted. Their integrity has been compromised and we need new security programs to protect them. Any communications that are transmitted over the internet, over any networked line, should be encrypted by default. That’s what last year showed us". Snowden took unbelievable risks in making contact with the media with his initial revelations, but hopefully things will become easier for future whistleblowers. Also discussed at Hope X was SecureDrop, a system that can be used by those with information to share it with the media. Again, it is desperately sad that a system like this needed to be devised, but the need is there.
I'll leave the final word to Hope X who sums things up beautifully: "We are humbled to have [Edward Snowden] in our program, and hope the day will come when he's not confined to a video link and able to be as free as he is helping all of us to be".