Secure Communications by Mandated Design?
In Europe, the concern about the NSA and the “five eyes” countries is becoming more and more serious.
One of the more unusual proposals is to legislate against products that are insecure by design. A group loosely associated with the EU Pirate Parties and the Free Software Foundation proposes:
legislation to upgrade all communication among private citizens to provide necessary technical measures for maintaining an adequate implementation of the Secrecy of Correspondence required by most constitutions and human right charters. The law shall include ways to ensure its correct implementation and a transition path from the existing unencrypted systems
In short, they propose the EU require fairly stringent confidentiality structures from digital communications “appliances”, typically smart phones, but also tablets and computers which have a microphone or earphone included and can install voice-over-IP software.
Looking at the requirements, I know of at least two commercial smart-phones that will pass, plus one open-source one that can meet their standard, which asks that:
All appliances must at the time of acquisition be fully functional and utilize secret communication whenever in exchange with another appliance. This intends
- encrypted end-to-end;
- with perfect forward secrecy;
- with obfuscation of the identity of the involved persons;
- employing uniform sizes of data packets
The appliance must not be able or be enabled to disclose private encryption keys to anyone but its legitimate owner.
and so on, for a set of requirements that provides security over the network between the phones. That significantly limits eavesdropping, and requires court-order surveillance be done at the “end”, on one of the phones, rather than in the middle at a telco or ISP. This is all detailed at http://youbroketheinternet.org/legislation/
The interesting questions this raises aren’t about the technology. Instead, they’re about public policy.
- A dictatorship certainly would not pass such a law. But would a democratic government pass one?
- Indeed, would the EU? It does seem more open to “private members bills” than individual countries.
- How about a democratic government with commitments to the other of the “five eyes” ? Would our duties to our allies constrain us from making confidentiality the law of the land?
- And if passed, would it withstand judicial and constitutional scrutiny?
This is clearly private-member pie-in-the-sky thinking. The EU governments do lots of their own surveillance by whatever means work. It may be useful politics to be huffy about what the US and their usual allies do, but it’s not a real picture of who does what to whom.
And who demonstrates ‘secure’, to what standard? Until Snowden, people thought a lot of communications were more secure than they turned out to be. And the US/NSA is probably a more benign spy than several one might think of.
And what of technology that turns out to be less secure, or more buggy, than one thought? See the Heartbleed thread immediately before this one. Do the proposed rules make the communications illegal in some new way? So what?
Colour me sceptical (though I’m always prepared to be pleasantly surprised.)
At the technical level, it still allows for wiretapping, but you have to do at one end. This is eminently possible, but wildly less convenient for a security service than just subverting a telco (;-))
I’m a bit disappointed with the NSA, because in the process of making it easy to snoop on everyone, they massively reduced the security of their own government. Most politicians don’t have serious crypto in their phones, just off-the-shelf stuff that is good enough to keep the number of so-called “script kiddies” down.
Angela Merkel deserves something off-the-shelf that will keep ordinary-grade spies out of her phone, and out of the phones of whoever she’s talking to. Her security services will almost certainly be able to eavesdrop on her, they arguably have custody of her phone when she’s asleep.
Similarly, a court can certainly authorize a tap on any of her Canadian correspondents, given a good reason.
What I’m really looking for is the level of confidentiality I had as a kid: I wrote something down, sealed it in an envelope and could expect the police and post office to keep it secure until it reached my pen-pal.
And I think the PM and a whole bunch of other people deserve the same. I’m concerned that that may not be legally achievable, courtesy of certain governments of the day and our own binding agreements with them.