[Infowarrior] - UK bans unbreakable crypto in products/services
Richard Forno
rforno at infowarrior.org
Mon Nov 2 14:43:25 CST 2015
(This is full of so much fail I have no idea where to begin. ---rick)
Internet firms to be banned from offering unbreakable encryption under new laws
By Tom Whitehead, Security Editor 3:16PM GMT 02 Nov 2015
http://www.telegraph.co.uk/news/uknews/terrorism-in-the-uk/11970391/Internet-firms-to-be-banned-from-offering-out-of-reach-communications-under-new-laws.html
Internet and social media companies will be banned from putting customer communications beyond their own reach under new laws to be unveiled on Wednesday.
Companies such as Apple, Google and others will no longer be able to offer encryption so advanced that even they cannot decipher it when asked to, the Daily Telegraph can disclose.
Measures in the Investigatory Powers Bill will place in law a requirement on tech firms and service providers to be able to provide unencrypted communications to the police or spy agencies if requested through a warrant.
The move follows concerns that a growing number of encryption services are now completely inaccessible apart from to the users themselves.
It came as David Cameron, the Prime Minister, pleaded with the public and MPs to back his raft of new surveillance measures.
He said terrorists, paedophiles and criminals must not be allowed a “safe space” online.
Ministers have no plans to ban encryption services because they have an important role in the protection of legitimate online activity such as banking and personal data.
But there is concern over some aspects of so-called end-to-end encryption where only the sender and recipient of messages can decipher them.
Terrorists and criminals are increasingly using such technology to communicate beyond the reach of MI5 or the police.
On its website, Apple promotes the fact that it has, for example, “no way to decrypt iMessage and FaceTime data when it’s in transit between devices”.
It adds: “So unlike other companies’ messaging services, Apple doesn’t scan your communications, and we wouldn’t be able to comply with a wiretap order even if we wanted to.”
Last month, Metropolitan assistant commissioner Mark Rowley, the country’s most senior counter-terrorism officer, warned that for some firms it was “a part of their strategy - they design their products in full recognition that they will be unable to help us because of the way they have designed them”.
However, proposals to be published on Wednesday will, for the first time, place a duty on companies to be able to access their customer data in law.
A Home Office spokesman said: “The Government is clear we need to find a way to work with industry as technology develops to ensure that, with clear oversight and a robust legal framework, the police and intelligence agencies can access the content of communications of terrorists and criminals in order to resolve police investigations and prevent criminal acts.
“That means ensuring that companies themselves can access the content of communications on their networks when presented with a warrant, as many of them already do for their own business purposes, for example to target advertising. These companies’ reputations rest on their ability to protect their users’ data.”
The Investigatory Powers Bill is also expected to maintain the current responsibility for signing off requests to snoop with the Home Secretary but with extra judicial oversight – a move that is likely to anger civil liberty campaigners and some Tory backbenchers.
It will also require internet companies to retain the web browsing history of their customers for up to a year.
The bill is expected to face a tough route through parliament but Mr Cameron urged critics to back the measures.
He told ITV’s This Morning: “As Prime Minister I would just say to people 'please, let's not have a situation where we give terrorists, criminals, child abductors, safe spaces to communicate'.
"It's not a safe space for them to communicate on a fixed line telephone or a mobile phone, we shouldn't allow the internet to be a safe space for them to communicate and do bad things."
Lord Carlile, the former terrorism laws watchdog, said there had been a “lot of demonization” of the police and security services over their intentions for such information.
“I think it is absurd to suggest the police and the security services have a kind of casual desire to intrude on the privacy of the innocent,” he said.
“They have enough difficulty finding the guilty. No-one has produced any evidence of casual curiosity on part of the security services."
--
It's better to burn out than fade away.
More information about the Infowarrior
mailing list